From 1j0lkq002 at sneakemail.com  Wed Dec  1 00:06:29 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Wed, 01 Dec 2004 00:06:29 -0500
Subject: [nycphp-talk] C for PHP resources
In-Reply-To: <Pine.BSF.4.58.0411302309000.16353@emra.pair.com>
References: <8E425F56-434C-11D9-98BB-0003938BDF32@localnotion.com>
	<Pine.BSF.4.58.0411302309000.16353@emra.pair.com>
Message-ID: <16416-02880@sneakemail.com>

David Mintz dmintz-at-davidmintz.org |nyphp dev/internal group use| wrote:

>On Tue, 30 Nov 2004, Matthew Terenzio wrote:
>
>  
>
>>So what are the best resources/books for me from those who have
>>conquered this world?
>>    
>>
>
>I would get "The C Progamming Language" by Kernighan and Ritchie if I were
>in your shoes. Indeed I might be, when I decide to give it a shot myself
>(-:
>
>---
>David Mintz http://davidmintz.org/
>$world =~ s|<bush[^>]*>.+</bush>||is;
>_______________________________________________
>  
>


Yeah, you can't go wrong with 2nd edition or better (prior to that K&R 
"C" was not ANSI C).
It's a reference book, though, not a tutorial/trainer.

Do I still recall page 49 was the operands listing??

-=john andrews



From jlacey at att.net  Wed Dec  1 01:41:10 2004
From: jlacey at att.net (John Lacey)
Date: Tue, 30 Nov 2004 23:41:10 -0700
Subject: [nycphp-talk] 4 and 5 on the same development box (again)
In-Reply-To: <Pine.BSF.4.58.0411302218260.16353@emra.pair.com>
References: <Pine.BSF.4.58.0411302218260.16353@emra.pair.com>
Message-ID: <41AD6786.6000504@att.net>

David Mintz wrote:
> This came up a few months back and I can't seem to locate the thread in
> the archives (It seems that when you google "whatever
> site:lists.nyphp.org" you strike out no matter what 'whatever' is. But I
> digress...)
> 
> Suppose you don't mind restarting Apache to switch between 4 and 5. Is
> there any reason why one couldn't install php5 in something like
> /usr/local/php5 and write a second httpd.conf to work with it, then maybe
> write a shell script for restarting using the appropriate config?
> 
> I've read Adam Trachtenberg's recipes for setting up PHP 5 as a CGI and
> using it alongside PHP4. (Great book that "Upgrading to PHP 5", btw, thank
> you Adam). Makes sense. There was also another recipe proposed by G.
> Schlossnagle on this list -- one of the posts I can't seem to find -- that
> involved mod_proxy and so on, which I'd love to have another look at if
> someone could point the way. But I was wondering about the scenario
> described above.
>

Here's an August post John Coggeshall wrote with regard to mod_proxy:
http://lists.nyphp.org/pipermail/talk/2004-August/011613.html

and the link to the instructions from the above post:
http://wiki.coggeshall.org/Main/RunningPHP4AndPHP5Concurrently

HTH,
John




From codebowl at gmail.com  Wed Dec  1 08:04:15 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Wed, 1 Dec 2004 08:04:15 -0500
Subject: [nycphp-talk] C for PHP resources
In-Reply-To: <16416-02880@sneakemail.com>
References: <8E425F56-434C-11D9-98BB-0003938BDF32@localnotion.com>
	<Pine.BSF.4.58.0411302309000.16353@emra.pair.com>
	<16416-02880@sneakemail.com>
Message-ID: <8d9a4280041201050420ab52aa@mail.gmail.com>

for learning C i loved the book

C How to Program by Deitel & Deitel
it's a bit pricy but worth every penny IMO

ISBN: 0130895725

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com

For a GMail account
contact me OFF-LIST


From joshmccormack at travelersdiary.com  Wed Dec  1 08:51:18 2004
From: joshmccormack at travelersdiary.com (Josh McCormack)
Date: Wed, 01 Dec 2004 08:51:18 -0500
Subject: [nycphp-talk] C for PHP resources
In-Reply-To: <16416-02880@sneakemail.com>
References: <8E425F56-434C-11D9-98BB-0003938BDF32@localnotion.com>	<Pine.BSF.4.58.0411302309000.16353@emra.pair.com>
	<16416-02880@sneakemail.com>
Message-ID: <41ADCC56.4060200@travelersdiary.com>

I've been slowing working my way through this tutorial: 
http://computer.howstuffworks.com/c.htm
which I had a friend look over who knows C, and he said it looked good.

Josh

inforequest wrote:
> David Mintz dmintz-at-davidmintz.org |nyphp dev/internal group use| wrote:
> 
>> On Tue, 30 Nov 2004, Matthew Terenzio wrote:
>>
>>  
>>
>>> So what are the best resources/books for me from those who have
>>> conquered this world?
>>>   
>>
>>
>> I would get "The C Progamming Language" by Kernighan and Ritchie if I 
>> were
>> in your shoes. Indeed I might be, when I decide to give it a shot myself
>> (-:
>>
>> ---
>> David Mintz http://davidmintz.org/
>> $world =~ s|<bush[^>]*>.+</bush>||is;
>> _______________________________________________
>>  
>>
> 
> 
> Yeah, you can't go wrong with 2nd edition or better (prior to that K&R 
> "C" was not ANSI C).
> It's a reference book, though, not a tutorial/trainer.
> 
> Do I still recall page 49 was the operands listing??
> 
> -=john andrews
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 



From dmintz at davidmintz.org  Wed Dec  1 10:31:51 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Wed, 1 Dec 2004 10:31:51 -0500 (EST)
Subject: [nycphp-talk] 4 and 5 on the same development box (again)
In-Reply-To: <41AD6786.6000504@att.net>
References: <Pine.BSF.4.58.0411302218260.16353@emra.pair.com>
	<41AD6786.6000504@att.net>
Message-ID: <Pine.BSF.4.58.0412011020130.57897@emra.pair.com>

On Tue, 30 Nov 2004, John Lacey wrote:

>
> Here's an August post John Coggeshall wrote with regard to mod_proxy:
> http://lists.nyphp.org/pipermail/talk/2004-August/011613.html
>
> and the link to the instructions from the above post:
> http://wiki.coggeshall.org/Main/RunningPHP4AndPHP5Concurrently
>
> HTH,
> John


Ahhh, no wonder. My brain was lying to me about who had posted that.
Thanks.

Meanwhile I decided to just do it -- my thanks to csynder for the tips.
Had hideous problems with 'make' until I gave up `--with-xsl`. It said:

ext/dom/document.lo(.text+0x2914): In function
`zif_dom_document_validate':
/home/david/downloads/php-5.0.2/ext/dom/document.c:1752: undefined
reference to `xmlNewValidCtxt'
ext/dom/document.lo(.text+0x294f):/home/david/downloads/php-5.0.2/ext/dom/document.c:1764:
undefined reference to `xmlFreeValidCtxt'
ext/dom/document.lo(.text+0x2eac): In function `dom_load_html':
/home/david/downloads/php-5.0.2/ext/dom/document.c:1978: undefined
reference to `htmlCreateMemoryParserCtxt'
collect2: ld returned 1 exit status
make: *** [sapi/cli/php] Error 1

and yes I checked libxslt version, it's 1.0.27. Perhaps I'll next try
upgrading it anyway and see if that brings any joy.

Thanks,

---
David Mintz
http://davidmintz.org/

$world =~ s|<bush[^>]*>.+</bush>||is;


From adam at trachtenberg.com  Wed Dec  1 12:08:41 2004
From: adam at trachtenberg.com (Adam Maccabee Trachtenberg)
Date: Wed, 1 Dec 2004 12:08:41 -0500 (EST)
Subject: [nycphp-talk] 4 and 5 on the same development box (again)
In-Reply-To: <Pine.BSF.4.58.0412011020130.57897@emra.pair.com>
References: <Pine.BSF.4.58.0411302218260.16353@emra.pair.com>
	<41AD6786.6000504@att.net>
	<Pine.BSF.4.58.0412011020130.57897@emra.pair.com>
Message-ID: <Pine.LNX.4.58.0412011207240.11644@miranda.org>

On Wed, 1 Dec 2004, David Mintz wrote:

> ext/dom/document.lo(.text+0x2914): In function
> `zif_dom_document_validate':
> /home/david/downloads/php-5.0.2/ext/dom/document.c:1752: undefined
> reference to `xmlNewValidCtxt'
> ext/dom/document.lo(.text+0x294f):/home/david/downloads/php-5.0.2/ext/dom/document.c:1764:
> undefined reference to `xmlFreeValidCtxt'
> ext/dom/document.lo(.text+0x2eac): In function `dom_load_html':
> /home/david/downloads/php-5.0.2/ext/dom/document.c:1978: undefined
> reference to `htmlCreateMemoryParserCtxt'
> collect2: ld returned 1 exit status
> make: *** [sapi/cli/php] Error 1
>
> and yes I checked libxslt version, it's 1.0.27. Perhaps I'll next try
> upgrading it anyway and see if that brings any joy.

While you're at it, check to see what version of libxml2 you're
running. Make sure you're running a 2.6.x series, you'll be
happier. The current version is probably best.

-adam

-- 
adam at trachtenberg.com
author of o'reilly's "upgrading to php 5" and "php cookbook"
avoid the holiday rush, buy your copies today!


From tom at supertom.com  Wed Dec  1 12:09:43 2004
From: tom at supertom.com (Tom)
Date: Wed, 01 Dec 2004 12:09:43 -0500
Subject: [nycphp-talk] Wiki recommendations?
Message-ID: <1101920982.24531.11.camel@tmelendez.int.bascom.com>

Hey everyone,

I'm evaluating wikis for use in our organization, and I'd like to get
your opinions.

There aren't too many requirements:
- User Authenication
- Ability to Upload Files

Nice to haves would be:
- Wiki syntax WYSIWYG editor
- WikiPage Sidebar (pmwiki does this well)
- author information printed on the page (this can probably just be
included with a wiki variable, if it isn't there by default)

We are not married to the idea of a wiki, a good document management
server would also suffice.  We are really just looking for a way to
organize our documentation effectively.

Thanks in advance!

Tom
www.liphp.org




From wfan at VillageVoice.com  Wed Dec  1 12:20:14 2004
From: wfan at VillageVoice.com (Fan, Wellington)
Date: Wed, 1 Dec 2004 12:20:14 -0500 
Subject: [nycphp-talk] Deleting/overwriting a remote file
Message-ID: <1448FB4565D489478642386D50D3FB770551F34C@VVNTMAIL.vvny.villagevoice.com>

Hello Listies,

I am running PHP 4.3.4, and allow_url_fopen "ON"

I can use fopen( 'ftp://FILE', 'w' ) to create & write a file. I cannot
however overwrite the file if it exists.

I recieve this warning:

Warning: fopen(ftp://FILE): failed to open stream: FTP server reports
213....


213 appears to be a FTP success code -- "File Status", so it doesn't seem
like any help there. I do *NOT* have the FTP functions enabled, nor is that
an option right now.

I have tried to unlink() the file beforehand, with no success -- the docs
say that's PHP 5.0.0 and later anyway.

Suggestions?





--
Wellington



From adam at trachtenberg.com  Wed Dec  1 12:28:21 2004
From: adam at trachtenberg.com (Adam Maccabee Trachtenberg)
Date: Wed, 1 Dec 2004 12:28:21 -0500 (EST)
Subject: [nycphp-talk] Deleting/overwriting a remote file
In-Reply-To: <1448FB4565D489478642386D50D3FB770551F34C@VVNTMAIL.vvny.villagevoice.com>
References: <1448FB4565D489478642386D50D3FB770551F34C@VVNTMAIL.vvny.villagevoice.com>
Message-ID: <Pine.LNX.4.58.0412011227560.11644@miranda.org>

On Wed, 1 Dec 2004, Fan, Wellington wrote:

> I have tried to unlink() the file beforehand, with no success -- the docs
> say that's PHP 5.0.0 and later anyway.
>
> Suggestions?

Using the ftp extension? http://www.php.net/ftp

-adam

-- 
adam at trachtenberg.com
author of o'reilly's "upgrading to php 5" and "php cookbook"
avoid the holiday rush, buy your copies today!


From ajai at bitblit.net  Wed Dec  1 13:42:05 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Wed, 01 Dec 2004 13:42:05 -0500
Subject: [nycphp-talk] Wiki recommendations?
In-Reply-To: <1101920982.24531.11.camel@tmelendez.int.bascom.com>
References: <1101920982.24531.11.camel@tmelendez.int.bascom.com>
Message-ID: <41AE107D.5060402@bitblit.net>

Tom wrote:

>Hey everyone,
>
>I'm evaluating wikis for use in our organization, and I'd like to get
>your opinions.
>
>There aren't too many requirements:
>- User Authenication
>- Ability to Upload Files
>
>Nice to haves would be:
>- Wiki syntax WYSIWYG editor
>- WikiPage Sidebar (pmwiki does this well)
>- author information printed on the page (this can probably just be
>included with a wiki variable, if it isn't there by default)
>
>We are not married to the idea of a wiki, a good document management
>server would also suffice.  We are really just looking for a way to
>organize our documentation effectively.
>

I am using the latest version of phpwiki - I chose it for its simple 
interface rather than its features:
http://phpwiki.sourceforge.net/phpwiki/

If you are looking for something to do issue tracking as well as have a 
wiki you may want to look at trac (its next on my list of evaluations):
http://www.edgewall.com/trac/

Finally, there's the one used on wikipedia.org:
http://wikipedia.sourceforge.net/

-- 
Aj.
Systems Administrator / Developer



From 1j0lkq002 at sneakemail.com  Wed Dec  1 14:48:21 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Wed, 01 Dec 2004 14:48:21 -0500
Subject: [nycphp-talk] Wiki recommendations?
In-Reply-To: <41AE107D.5060402@bitblit.net>
References: <1101920982.24531.11.camel@tmelendez.int.bascom.com>
	<41AE107D.5060402@bitblit.net>
Message-ID: <29420-99996@sneakemail.com>

Ajai Khattri ajai-at-bitblit.net |nyphp dev/internal group use| wrote:

> I am using the latest version of phpwiki - I chose it for its simple 
> interface rather than its features:
> http://phpwiki.sourceforge.net/phpwiki/
>
> If you are looking for something to do issue tracking as well as have 
> a wiki you may want to look at trac (its next on my list of evaluations):
> http://www.edgewall.com/trac/
>
> Finally, there's the one used on wikipedia.org:
> http://wikipedia.sourceforge.net/



I really like mediawiki (the wikipedia one), although I can't answer 
your questions as I basically just use it for content creation/management.

-=john andrews





From wfan at VillageVoice.com  Wed Dec  1 15:06:58 2004
From: wfan at VillageVoice.com (Fan, Wellington)
Date: Wed, 1 Dec 2004 15:06:58 -0500 
Subject: [nycphp-talk] Deleting/overwriting a remote file
Message-ID: <1448FB4565D489478642386D50D3FB770551F34D@VVNTMAIL.vvny.villagevoice.com>

Adam,

I don't have the ftp extension enbaled, and I probably won't be able to.
Other suggestions?




> Using the ftp extension? http://www.php.net/ftp
> 
> -adam



From mogmios at mlug.missouri.edu  Wed Dec  1 15:49:51 2004
From: mogmios at mlug.missouri.edu (Michael)
Date: Wed, 01 Dec 2004 12:49:51 -0800
Subject: [nycphp-talk] Wiki recommendations?
In-Reply-To: <1101920982.24531.11.camel@tmelendez.int.bascom.com>
References: <1101920982.24531.11.camel@tmelendez.int.bascom.com>
Message-ID: <41AE2E6F.3080102@mlug.missouri.edu>

I've tried several wikis and MediaWiki seems to bb the most professional 
looking which I think is important. It's not to hard to extend either. 
There has been some talk of rewriting the user authentication backend so 
that it's easy to replace with alternate methods of authentication (and 
to port other popular PHP apps to the same interface) but I've yet to 
see any actual code put towards that effort. I don't know of any wiki 
software that already has such a user auth api.

--
Michael <mogmios at mlug.missouri.edu>
http://kavlon.org



From adam at trachtenberg.com  Wed Dec  1 15:50:37 2004
From: adam at trachtenberg.com (Adam Maccabee Trachtenberg)
Date: Wed, 1 Dec 2004 15:50:37 -0500 (EST)
Subject: [nycphp-talk] Deleting/overwriting a remote file
In-Reply-To: <1448FB4565D489478642386D50D3FB770551F34D@VVNTMAIL.vvny.villagevoice.com>
References: <1448FB4565D489478642386D50D3FB770551F34D@VVNTMAIL.vvny.villagevoice.com>
Message-ID: <Pine.LNX.4.58.0412011550140.11644@miranda.org>

On Wed, 1 Dec 2004, Fan, Wellington wrote:

> I don't have the ftp extension enbaled, and I probably won't be able to.
> Other suggestions?

Oops. Missed that part of your post. What about cURL?

-adam

-- 
adam at trachtenberg.com
author of o'reilly's "upgrading to php 5" and "php cookbook"
avoid the holiday rush, buy your copies today!


From dmintz at davidmintz.org  Wed Dec  1 16:59:54 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Wed, 1 Dec 2004 16:59:54 -0500 (EST)
Subject: [nycphp-talk] 4 and 5 on the same development box (again)
In-Reply-To: <Pine.LNX.4.58.0412011207240.11644@miranda.org>
References: <Pine.BSF.4.58.0411302218260.16353@emra.pair.com>
	<41AD6786.6000504@att.net>
	<Pine.BSF.4.58.0412011020130.57897@emra.pair.com>
	<Pine.LNX.4.58.0412011207240.11644@miranda.org>
Message-ID: <Pine.BSF.4.58.0412011647450.75491@emra.pair.com>

On Wed, 1 Dec 2004, Adam Maccabee Trachtenberg wrote:

> On Wed, 1 Dec 2004, David Mintz wrote:
>
> > ext/dom/document.lo(.text+0x2914): In function
> > `zif_dom_document_validate':
> > /home/david/downloads/php-5.0.2/ext/dom/document.c:1752: undefined
> > reference to `xmlNewValidCtxt'
> > <snip />
> > and yes I checked libxslt version, it's 1.0.27. Perhaps I'll next try
> > upgrading it anyway and see if that brings any joy.
>
> While you're at it, check to see what version of libxml2 you're
> running. Make sure you're running a 2.6.x series, you'll be
> happier. The current version is probably best.
>
> -adam

I did check that and upgraded from shoulda-been-new-enough to most
recent, just to please the gods. Maybe that's what worked because the damn
thing finally built and installed just fine with --with-xsl ! But I was
also mucking about with other things too.

Searching for something to kvetch about:  it works, but I'm not sure what
I did right (-: I was trying to change one thing at a time, but I guess I
should also have taken copious notes.

Thanks much,

---
David Mintz
http://davidmintz.org/



From wfan at VillageVoice.com  Wed Dec  1 17:26:34 2004
From: wfan at VillageVoice.com (Fan, Wellington)
Date: Wed, 1 Dec 2004 17:26:34 -0500 
Subject: [nycphp-talk] Deleting/overwriting a remote file
Message-ID: <1448FB4565D489478642386D50D3FB770551F351@VVNTMAIL.vvny.villagevoice.com>

> Oops. Missed that part of your post. What about cURL?

Hmmm...seemed likely, but couldn't see any CURLOPTS that would perform an
FTP DELETE. I saw CURLOPT_CUSTOMREQUEST that might allow me to build a HTTP
DELETE, but there's no webserver on my target machine.

Anyway, no big deal. My client has decided to do things differently so this
is no longer an issue. 

Thanks for your help. And BTW, the PHP Cookbook is great!

--
WF

 



From tom at supertom.com  Wed Dec  1 17:29:22 2004
From: tom at supertom.com (Tom)
Date: Wed, 01 Dec 2004 17:29:22 -0500
Subject: [nycphp-talk] Wiki recommendations?
In-Reply-To: <29420-99996@sneakemail.com>
References: <1101920982.24531.11.camel@tmelendez.int.bascom.com>
	<41AE107D.5060402@bitblit.net>  <29420-99996@sneakemail.com>
Message-ID: <1101940161.25683.10.camel@tmelendez.int.bascom.com>

Hi guys,

Thanks for the feedback.  For the last two days I've been installing and
testing out wikis and I would agree that hands down mediawiki takes the
cake.  It installed in 30 seconds, and has tons of features.

In my testing, I would say the close runners up were PMwiki and
Dokuwiki, for those of you keeping score!

Thanks again for the help!

Tom

www.liphp.org


On Wed, 2004-12-01 at 14:48, inforequest wrote:
> Ajai Khattri ajai-at-bitblit.net |nyphp dev/internal group use| wrote:
> 
> > I am using the latest version of phpwiki - I chose it for its simple 
> > interface rather than its features:
> > http://phpwiki.sourceforge.net/phpwiki/
> >
> > If you are looking for something to do issue tracking as well as have 
> > a wiki you may want to look at trac (its next on my list of evaluations):
> > http://www.edgewall.com/trac/
> >
> > Finally, there's the one used on wikipedia.org:
> > http://wikipedia.sourceforge.net/
> 
> 
> 
> I really like mediawiki (the wikipedia one), although I can't answer 
> your questions as I basically just use it for content creation/management.
> 
> -=john andrews
> 
> 
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
-- 
====
========================
Tom Melendez
Senior Software Developer        
BASCOM Global Internet Services, Inc.
Phone : 631-434-6600
Fax   : 631-434-7800
Email : tmelendez at bascom.com
Web   : http://www.bascom.com
========================



From adam at trachtenberg.com  Wed Dec  1 19:38:58 2004
From: adam at trachtenberg.com (Adam Maccabee Trachtenberg)
Date: Wed, 1 Dec 2004 19:38:58 -0500 (EST)
Subject: [nycphp-talk] Deleting/overwriting a remote file
In-Reply-To: <1448FB4565D489478642386D50D3FB770551F351@VVNTMAIL.vvny.villagevoice.com>
References: <1448FB4565D489478642386D50D3FB770551F351@VVNTMAIL.vvny.villagevoice.com>
Message-ID: <Pine.LNX.4.58.0412011937590.11644@miranda.org>

On Wed, 1 Dec 2004, Fan, Wellington wrote:

> Hmmm...seemed likely, but couldn't see any CURLOPTS that would perform an
> FTP DELETE. I saw CURLOPT_CUSTOMREQUEST that might allow me to build a HTTP
> DELETE, but there's no webserver on my target machine.

I believe the cURL default FTP behavior is to overwrite, which I think
was what you wanted.

> Anyway, no big deal. My client has decided to do things differently so this
> is no longer an issue.

Perfect. :)

> Thanks for your help. And BTW, the PHP Cookbook is great!

No problem. Glad you like the book.

-adam

-- 
adam at trachtenberg.com
author of o'reilly's "upgrading to php 5" and "php cookbook"
avoid the holiday rush, buy your copies today!


From 1j0lkq002 at sneakemail.com  Wed Dec  1 22:04:07 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Wed, 01 Dec 2004 22:04:07 -0500
Subject: [nycphp-talk] Wiki recommendations?
In-Reply-To: <1101940161.25683.10.camel@tmelendez.int.bascom.com>
References: <1101920982.24531.11.camel@tmelendez.int.bascom.com>	<41AE107D.5060402@bitblit.net>
	<29420-99996@sneakemail.com>
	<1101940161.25683.10.camel@tmelendez.int.bascom.com>
Message-ID: <10320-38760@sneakemail.com>

Tom tom-at-supertom.com |nyphp dev/internal group use| wrote:

>mediawiki ...installed in 30 seconds
>  
>
Hmmm... and I was under the impression my systems guy was really good. 
Maybe I need to rethink what I have been paying him   ;-)


-=john andrews



From amir.aavani at gmail.com  Thu Dec  2 00:01:27 2004
From: amir.aavani at gmail.com (Amir Aavani)
Date: Thu, 2 Dec 2004 08:31:27 +0330
Subject: [nycphp-talk] About XML in PHP
Message-ID: <e1ddc2b0041201210167f49871@mail.gmail.com>

dear friends
i have a question about XML support in PHP. is there any class or
function or etc that allow the program to generate an XML
file(stream).I mean that it can add new node or new element or
atrribute by its input parameters.
for example if in its input, there is a 'login' message , it can add a
node 'Login' to its output XML, and in otherwise add a node 'not
login' or something like this.
i know that there are some parser function or classes in PHP but with
none of them you can't add a new node to the output XML.
thanks
Amir


From jonbaer at jonbaer.net  Thu Dec  2 00:55:58 2004
From: jonbaer at jonbaer.net (Jon Baer)
Date: Thu, 02 Dec 2004 00:55:58 -0500
Subject: [nycphp-talk] About XML in PHP
In-Reply-To: <e1ddc2b0041201210167f49871@mail.gmail.com>
References: <e1ddc2b0041201210167f49871@mail.gmail.com>
Message-ID: <41AEAE6E.3090300@jonbaer.net>

im not sure you really want a parser function as much as you want to 
manipulate + outout the dom .. check out dom functions:

http://www.php.net/dom

example: (you can also load/modify/etc)

<?php
$doc = new DOMDocument("1.0");
$foo = $doc->createElement("foo");
$foo = $doc->appendChild($foo);
$bar = $doc->createElement("bar", "NYPHP Talk");
$bar = $foo->appendChild($bar);
echo $doc->saveXML();
?>

output:

<?xml version="1.0"?>
<foo><bar>NYPHP Talk</bar></foo>

- jon

Amir Aavani wrote:
> dear friends
> i have a question about XML support in PHP. is there any class or
> function or etc that allow the program to generate an XML
> file(stream).I mean that it can add new node or new element or
> atrribute by its input parameters.
> for example if in its input, there is a 'login' message , it can add a
> node 'Login' to its output XML, and in otherwise add a node 'not
> login' or something like this.
> i know that there are some parser function or classes in PHP but with
> none of them you can't add a new node to the output XML.
> thanks
> Amir

pgp key: http://www.jonbaer.net/jonbaer.asc
fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47


From hans at cyberxdesigns.com  Thu Dec  2 08:50:23 2004
From: hans at cyberxdesigns.com (Hans C. Kaspersetz)
Date: Thu, 02 Dec 2004 08:50:23 -0500
Subject: [nycphp-talk] Wiki recommendations?
In-Reply-To: <10320-38760@sneakemail.com>
References: <1101920982.24531.11.camel@tmelendez.int.bascom.com>	<41AE107D.5060402@bitblit.net>	<29420-99996@sneakemail.com>	<1101940161.25683.10.camel@tmelendez.int.bascom.com>
	<10320-38760@sneakemail.com>
Message-ID: <41AF1D9F.7090108@cyberxdesigns.com>

What did he do, charge you for a couple of hours?

Hans 

inforequest wrote:

> Tom tom-at-supertom.com |nyphp dev/internal group use| wrote:
>
>> mediawiki ...installed in 30 seconds
>>  
>>
> Hmmm... and I was under the impression my systems guy was really good. 
> Maybe I need to rethink what I have been paying him   ;-)
>
>
> -=john andrews
>



From jsiegel1 at optonline.net  Thu Dec  2 09:06:02 2004
From: jsiegel1 at optonline.net (Jeff Siegel)
Date: Thu, 02 Dec 2004 09:06:02 -0500
Subject: [nycphp-talk] Top 20 IT Mistakes
Message-ID: <41AF214A.3030509@optonline.net>

This is from:
http://www.infoworld.com/article/04/11/19/47FEtop20_5.html

Mistake No. 18:
"18. Underestimating PHP

IT managers who look only as far as J2EE and .Net when developing 
scalable Web apps are making a mistake by not taking a second look at 
scripting languages -- particularly PHP. This scripting language has 
been around for a decade now, and millions of Yahoo pages are served by 
PHP each day.

Discussion of PHP scalability reached a high-water mark in June, when 
the popular social-networking site Friendster finally beat nagging 
performance woes by migrating from J2EE to PHP. In a comment attached to 
a Weblog post about Friendster?s switch to PHP, Rasmus Lerdorf, inventor 
of PHP, explained the architectural secret of PHP?s capability of 
scaling: ?Scalability is gained by using a shared-nothing architecture 
where you can scale horizontally infinitely.?

The stateless ?shared-nothing? architecture of PHP means that each 
request is handled independently of all others, and simple horizontal 
scaling means adding more boxes. Any bottlenecks are limited to scaling 
a back-end database. Languages such as PHP might not be the right 
solution for everyone, but pre-emptively pushing scripting languages 
aside when there are proven scalability successes is a mistake. "

-------------
Jeff S.


From prusak at gmail.com  Thu Dec  2 09:53:27 2004
From: prusak at gmail.com (Ophir Prusak)
Date: Thu, 2 Dec 2004 09:53:27 -0500
Subject: [nycphp-talk] Wiki recommendations?
In-Reply-To: <1101920982.24531.11.camel@tmelendez.int.bascom.com>
References: <1101920982.24531.11.camel@tmelendez.int.bascom.com>
Message-ID: <f1dc81bb04120206531c7e70cb@mail.gmail.com>

A couple of year ago I was evaluating wiki's and decided to go with
twiki (perl based, flat files). I'm not familiar with today's
offerings, but at the time twiki had many features others did not.

www.twiki.org


On Wed, 01 Dec 2004 12:09:43 -0500, Tom <tom at supertom.com> wrote:
> Hey everyone,
> 
> I'm evaluating wikis for use in our organization, and I'd like to get
> your opinions.
> 
> There aren't too many requirements:
> - User Authenication
> - Ability to Upload Files
> 
> Nice to haves would be:
> - Wiki syntax WYSIWYG editor
> - WikiPage Sidebar (pmwiki does this well)
> - author information printed on the page (this can probably just be
> included with a wiki variable, if it isn't there by default)
> 
> We are not married to the idea of a wiki, a good document management
> server would also suffice.  We are really just looking for a way to
> organize our documentation effectively.
> 
> Thanks in advance!
> 
> Tom
> www.liphp.org
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
>


From 1j0lkq002 at sneakemail.com  Thu Dec  2 10:38:17 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Thu, 02 Dec 2004 10:38:17 -0500
Subject: [nycphp-talk] Wiki recommendations?
In-Reply-To: <41AF1D9F.7090108@cyberxdesigns.com>
References: <1101920982.24531.11.camel@tmelendez.int.bascom.com>	<41AE107D.5060402@bitblit.net>	<29420-99996@sneakemail.com>	<1101940161.25683.10.camel@tmelendez.int.bascom.com>	<10320-38760@sneakemail.com>
	<41AF1D9F.7090108@cyberxdesigns.com>
Message-ID: <20667-96518@sneakemail.com>

Hans C. Kaspersetz hans-at-cyberxdesigns.com |nyphp dev/internal group 
use| wrote:

> What did he do, charge you for a couple of hours?
>
> Hans
> inforequest wrote:
>
>> Tom tom-at-supertom.com |nyphp dev/internal group use| wrote:
>>
>>> mediawiki ...installed in 30 seconds
>>>  
>>>
>> Hmmm... and I was under the impression my systems guy was really 
>> good. Maybe I need to rethink what I have been paying him   ;-)
>>
>>
>> -=john andrews
>

Haha it was you, Hans, and I was only kidding  :-o








From dcech at phpwerx.net  Thu Dec  2 10:58:04 2004
From: dcech at phpwerx.net (Dan Cech)
Date: Thu, 02 Dec 2004 10:58:04 -0500
Subject: [nycphp-talk] Validating Email Addresses
Message-ID: <41AF3B8C.5000300@phpwerx.net>

Hi All,

I've come up against an interesting little problem, and wondered if 
anyone had any input for me.

I'm trying to validate email addresses like:

Joe Bloggs <joe at example.com>

Thus far the best I've come up with is:

$preg = '/^(?:("?)([^"<]+)\1 
<)?(([\w.-]+)@((?:[a-z0-9-]+\.)+[a-z0-9]{1,4}))(?:>?)$/i';

Which results in:

Array (
     [0] => Joe Bloggs <joe at example.com>
     [1] =>
     [2] => Joe Bloggs
     [3] => joe at example.com
     [4] => joe
     [5] => example.com
)

Does anyone have any input on this?

Dan Cech


From prusak at gmail.com  Thu Dec  2 11:01:32 2004
From: prusak at gmail.com (Ophir Prusak)
Date: Thu, 2 Dec 2004 11:01:32 -0500
Subject: [nycphp-talk] mysource cms
Message-ID: <f1dc81bb041202080169a2ab18@mail.gmail.com>

I just heard about this CMS on the wwwac list called MySource by squiz.net.
It's PHP/MySQL based.

I have *never* seen such a polished flash presentation for an open source cms.
http://www.squiz.net/home/monkey_movie

The product itself looks pretty impressive.
Does anyone know anything about this? Or is the a secret known only to
those down under (it seems to be an Australian company).

Ophir


From james at surgam.net  Thu Dec  2 11:19:23 2004
From: james at surgam.net (James B. Wetterau Jr.)
Date: Thu, 02 Dec 2004 11:19:23 -0500
Subject: [nycphp-talk] Validating Email Addresses 
Message-ID: <41AF408B.2070706@surgam.net>

Dan Cech says:
 > Hi All,
 >
 > I've come up against an interesting little problem, and wondered if
 > anyone had any input for me.
...

To validate any potentially valid email address (including those that
use old fashion conventions, multiple subnet parts
(e.g. joe.smith at retail.sales.east.us.example.com), or other stuff that
you don't see frequently requires a pretty daunting regular
expression.  Here's one in Perl regexp language that's supposed to be
RFC compliant: (from the Mail::RFC822::Address module)

http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html

The regexp is:

(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?:(?:(?:\r\n)?[ \t]
)+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ 
\t]))*"(?:(?:
\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?:(?:(
?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[
\t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\0
31]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\
](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\031]+
(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:
(?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z
|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ 
\t]))*"(?:(?:\r\n)
?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?:(?:(?:\
r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[
 \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?:(?:(?:\r\n)
?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t]
)*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?:(?:(?:\r\n)?[
 \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
\t])*
)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?:(?:(?:\r\n)?[ \t]
)+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
\t])*))*)
*:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+
|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ 
\t]))*"(?:(?:\r
\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?:(?:(?:
\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t
]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\031
]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](
?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?
:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?
:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)|(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?:(?
:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?
[ \t]))*"(?:(?:\r\n)?[ \t])*)*:(?:(?:\r\n)?[ 
\t])*(?:(?:(?:[^()<>@,;:\\".\[\]
\000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|
\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
\t])*(?:[^()<>
@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"
(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ 
\t])*))*@(?:(?:\r\n)?[ \t]
)*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\
".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
\t])*(?
:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[
\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] 
\000-
\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(
?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ 
\t])*(?:@(?:[^()<>@,;
:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([
^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
\t])*(?:[^()<>@,;:\\"
.\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\
]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ 
\t])*(?:[^()<>@,;:\\".\
[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\
r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
\t])*(?:[^()<>@,;:\\".\[\]
\000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]
|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ 
\t])*)?(?:[^()<>@,;:\\".\[\] \0
00-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\
.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
\t])*(?:[^()<>@,
;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?
:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ 
\t])*
(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".
\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
\t])*(?:[
^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\]
]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ 
\t])*)(?:,\s*(
?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\
".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ 
\t])*)(?:\.(?:(
?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[
\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ 
\t]))*"(?:(?:\r\n)?[ \t
])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?:(?:(?:\r\n)?[ \t
])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
\t])*)(?
:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|
\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
\t])*))*|(?:
[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".\[\
]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ 
\t])*)*\<(?:(?:\r\n)
?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["
()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
\t])*)(?:\.(?:(?:\r\n)
?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>
@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
\t])*))*(?:,@(?:(?:\r\n)?[
 \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,
;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
\t])*)(?:\.(?:(?:\r\n)?[ \t]
)*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\
".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ 
\t])*)?
(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\["()<>@,;:\\".
\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ 
\t])*)(?:\.(?:(?:
\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z|(?=[\[
"()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ 
\t]))*"(?:(?:\r\n)?[ \t])
*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
\000-\031]+(?:(?:(?:\r\n)?[ \t])
+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
\t])*)(?:\
.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
\t])+|\Z
|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
\t])*))*\>(?:(
?:\r\n)?[ \t])*))*)?;\s*)




From Cbielanski at inta.org  Thu Dec  2 11:28:29 2004
From: Cbielanski at inta.org (Chris Bielanski)
Date: Thu, 2 Dec 2004 11:28:29 -0500 
Subject: [ot] RE: [nycphp-talk] Validating Email Addresses 
Message-ID: <4DBE3775D77C744E9D1B9D06082E75D60AAAA5@intamail1.com>

That looks like a PGP key written in RE!! @_@;;


Thanks,
Chris Bielanski
Web Programmer, 
International Trademark Association,
1133 Avenue of the Americas, 33rd Floor
New York, NY 10036
+1 (212) 642-1745, f: +1 (212) 768-7796
mailto:cbielanski at inta.org, www.inta.org  
INTA -- 125 Years of Excellence



> -----Original Message-----
> From: James B. Wetterau Jr. [mailto:james at surgam.net]
> Sent: Thursday, December 02, 2004 11:19 AM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] Validating Email Addresses 
> 
> 
> Dan Cech says:
>  > Hi All,
>  >
>  > I've come up against an interesting little problem, and wondered if
>  > anyone had any input for me.
> ...
> 
> To validate any potentially valid email address (including those that
> use old fashion conventions, multiple subnet parts
> (e.g. joe.smith at retail.sales.east.us.example.com), or other stuff that
> you don't see frequently requires a pretty daunting regular
> expression.  Here's one in Perl regexp language that's supposed to be
> RFC compliant: (from the Mail::RFC822::Address module)
> 
> http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html
> 
> The regexp is:
> 
> (?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(?:\r\n)?[ \t]
> )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ 
> \t]))*"(?:(?:
> \r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(
> ?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[
> \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ 
> \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\0
> 31]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\
> ](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031]+
> (?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:
> (?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z
> |(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ 
> \t]))*"(?:(?:\r\n)
> ?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(?:\
> r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(
> ?:\r\n)?[
>  \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(?:\r\n)
> ?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(
> ?:\r\n)?[ \t]
> )*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(?:\r\n)?[
>  
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(
> ?:\r\n)?[ 
> \t])*
> )(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(?:\r\n)?[ \t]
> )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*))*)
> *:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+
> |\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ 
> \t]))*"(?:(?:\r
> \n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(?:
> \r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t
> ]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031
> ]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](
> ?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?
> :(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?
> :\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)|(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?
> :(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?
> [ \t]))*"(?:(?:\r\n)?[ \t])*)*:(?:(?:\r\n)?[ 
> \t])*(?:(?:(?:[^()<>@,;:\\".\[\]
> \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|
> \\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
> \t])*(?:[^()<>
> @,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"
> (?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ 
> \t])*))*@(?:(?:\r\n)?[ \t]
> )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\
> ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*)(?:\.(?:(?:\r\n)?[ 
> \t])*(?
> :[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[
> \]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*))*|(?:[^()<>@,;:\\".\[\] 
> \000-
> \031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(
> ?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ 
> \t])*(?:@(?:[^()<>@,;
> :\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([
> ^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
> \t])*(?:[^()<>@,;:\\"
> .\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\
> ]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ 
> \t])*(?:[^()<>@,;:\\".\
> [\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\
> r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
> \t])*(?:[^()<>@,;:\\".\[\]
> \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]
> |\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ 
> \t])*)?(?:[^()<>@,;:\\".\[\] \0
> 00-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\
> .|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
> \t])*(?:[^()<>@,
> ;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?
> :[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ 
> \t])*))*@(?:(?:\r\n)?[ 
> \t])*
> (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".
> \[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ 
> \t])*(?:[
> ^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\]
> ]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ 
> \t])*)(?:,\s*(
> ?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\
> ".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ 
> \t])*)(?:\.(?:(
> ?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[
> \["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ 
> \t]))*"(?:(?:\r\n)?[ \t
> ])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(?:\r\n)?[ \t
> ])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*)(?
> :\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|
> \Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*))*|(?:
> [^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".\[\
> ]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ 
> \t])*)*\<(?:(?:\r\n)
> ?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["
> ()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*)(?:\.(?:(?:\r\n)
> ?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>
> @,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*))*(?:,@(?:(?:\r\n)?[
>  \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,
> ;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*)(?:\.(?:(?:\r\n)?[ \t]
> )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\
> ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*))*)*:(?:(?:\r\n)?[ 
> \t])*)?
> (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\["()<>@,;:\\".
> \[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ 
> \t])*)(?:\.(?:(?:
> \r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z|(?=[\[
> "()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ 
> \t]))*"(?:(?:\r\n)?[ \t])
> *))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] 
> \000-\031]+(?:(?:(?:\r\n)?[ \t])
> +|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*)(?:\
> .(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ 
> \t])+|\Z
> |(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ 
> \t])*))*\>(?:(
> ?:\r\n)?[ \t])*))*)?;\s*)
> 
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


From 1j0lkq002 at sneakemail.com  Thu Dec  2 11:42:29 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Thu, 02 Dec 2004 11:42:29 -0500
Subject: [nycphp-talk] mysource cms
In-Reply-To: <f1dc81bb041202080169a2ab18@mail.gmail.com>
References: <f1dc81bb041202080169a2ab18@mail.gmail.com>
Message-ID: <12010-16446@sneakemail.com>

Ophir Prusak prusak-at-gmail.com |nyphp dev/internal group use| wrote:

>I just heard about this CMS on the wwwac list called MySource by squiz.net.
>It's PHP/MySQL based.
>
>I have *never* seen such a polished flash presentation for an open source cms.
>http://www.squiz.net/home/monkey_movie
>

Thanks for the link. Looks interesting.

(I think I once worked with that guy.. the one who disagrees with 
everything the lady says....)

-=john andrews



From danielc at analysisandsolutions.com  Thu Dec  2 11:45:35 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Thu, 2 Dec 2004 11:45:35 -0500
Subject: [nycphp-talk] Validating Email Addresses
In-Reply-To: <41AF408B.2070706@surgam.net>
References: <41AF408B.2070706@surgam.net>
Message-ID: <20041202164535.GA11151@panix.com>

Folks:

On Thu, Dec 02, 2004 at 11:19:23AM -0500, James B. Wetterau Jr. wrote:
> 
> http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html

I feel that regex is way overblown.  Here's my ereg pattern:

'^[a-z0-9_.=+-]+@([a-z0-9-]+\.)+([a-z]{2,6})$'

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From dcech at phpwerx.net  Thu Dec  2 12:42:55 2004
From: dcech at phpwerx.net (Dan Cech)
Date: Thu, 02 Dec 2004 12:42:55 -0500
Subject: [nycphp-talk] Validating Email Addresses
In-Reply-To: <20041202164535.GA11151@panix.com>
References: <41AF408B.2070706@surgam.net> <20041202164535.GA11151@panix.com>
Message-ID: <41AF541F.2060309@phpwerx.net>

Daniel Convissor wrote:
> Folks:
> 
> On Thu, Dec 02, 2004 at 11:19:23AM -0500, James B. Wetterau Jr. wrote:
> 
>>http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html
> 
> 
> I feel that regex is way overblown.  Here's my ereg pattern:
> 
> '^[a-z0-9_.=+-]+@([a-z0-9-]+\.)+([a-z]{2,6})$'
> 
> --Dan
> 

The problem with that is that it will reject emails of the form:

Joe Bloggs <joe at example.com>

or variants thereof.

I'm trying to accept these addresses and use them in a sensible way 
using phpmailer.

Dan


From rahmin at insite-out.com  Thu Dec  2 13:02:39 2004
From: rahmin at insite-out.com (Rahmin Pavlovic)
Date: Thu, 2 Dec 2004 13:02:39 -0500
Subject: [nycphp-talk] Validating Email Addresses
Message-ID: <200412021802.iB2I2dSJ011049@webmail2.megamailservers.com>

An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041202/f3ff0db3/attachment.ksh>

From james at surgam.net  Thu Dec  2 13:21:25 2004
From: james at surgam.net (James B. Wetterau Jr.)
Date: Thu, 02 Dec 2004 13:21:25 -0500
Subject: [nycphp-talk] Validating Email Addresses
Message-ID: <41AF5D25.9020608@surgam.net>

Dan Cech says:
 > Daniel Convissor wrote:
 > > Folks:
 > >
 > > On Thu, Dec 02, 2004 at 11:19:23AM -0500, James B. Wetterau Jr. wrote:
 > >
 > >>http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html
 > >
 > >
 > > I feel that regex is way overblown.  Here's my ereg pattern:
 > >
 > > '^[a-z0-9_.=+-]+@([a-z0-9-]+\.)+([a-z]{2,6})$'
...

I feel that that regex is way underblown.

It misses many valid email addresses.  It's perfectly legitimate to
have characters other than [a-z0-9_.=+-] in the local part of the
address.

Here's a handy guide:

http://www.remote.org/jochen/mail/info/chars.html

Note that particularly the equals sign "=" can be used.

All the characters listed as "MAYBE" are legitimate in the local part
of an email address according to the RFC's.  Thus, though this author
puts them in the "maybe" category for creating a new email address, if
you are working with other peoples' email addresses you might want to
be prepared to encounter them.

...
 > The problem with that is that it will reject emails of the form:
 >
 > Joe Bloggs <joe at example.com>
 >
 > or variants thereof.

And that, indeed, is another problem.




From krook at us.ibm.com  Thu Dec  2 13:28:06 2004
From: krook at us.ibm.com (Daniel Krook)
Date: Thu, 2 Dec 2004 13:28:06 -0500
Subject: [nycphp-talk] Validating Email Addresses
In-Reply-To: <41AF541F.2060309@phpwerx.net>
Message-ID: <OFE036CF96.82A8AAA0-ON85256F5E.00643661-85256F5E.00657285@us.ibm.com>

> Joe Bloggs <joe at example.com>

As I understand it, this format which includes the names, brackets and 
whitespace is RFC822 compliant 
[http://www.ietf.org/rfc/rfc0822.txt?number=822] .    If you want it to 
accept the format above, will need an RFC822 compliant parser like the 
Perl module, although your regex seems to work ok for the most common 
format.

I would recommend searching for a reasonable sample of RFC822 compliant 
addresses and run them through, or study examples such as PEAR Mail's 
RFC822.php [http://cvs.php.net/co.php/pear/Mail/Mail/RFC822.php?r=1.18].







Daniel Krook, Application Developer
WW Web Production Services North 2, ibm.com
1133 Westchester Avenue, White Plains, NY 10604

Personal: http://info.krook.org/
Persona: http://w3.ibm.com/eworkplace/persona_bp_finder.jsp?CNUM=9A9796897




From mitch.pirtle at gmail.com  Thu Dec  2 13:43:37 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Thu, 2 Dec 2004 13:43:37 -0500
Subject: [nycphp-talk] mysource cms
In-Reply-To: <12010-16446@sneakemail.com>
References: <f1dc81bb041202080169a2ab18@mail.gmail.com>
	<12010-16446@sneakemail.com>
Message-ID: <330532b604120210435b3df20@mail.gmail.com>

I am unimpressed at how they portray us monkeys!  I protest!

-- mitch (a.k.a. spacemonkey)


On Thu, 02 Dec 2004 11:42:29 -0500, inforequest
<1j0lkq002 at sneakemail.com> wrote:
> Ophir Prusak prusak-at-gmail.com |nyphp dev/internal group use| wrote:
> 
> >I just heard about this CMS on the wwwac list called MySource by squiz.net.
> >It's PHP/MySQL based.
> >
> >I have *never* seen such a polished flash presentation for an open source cms.
> >http://www.squiz.net/home/monkey_movie
> >
> 
> Thanks for the link. Looks interesting.
> 
> (I think I once worked with that guy.. the one who disagrees with
> everything the lady says....)
> 
> -=john andrews
> 
> 
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
>


From adam at trachtenberg.com  Thu Dec  2 13:45:13 2004
From: adam at trachtenberg.com (Adam Maccabee Trachtenberg)
Date: Thu, 2 Dec 2004 13:45:13 -0500 (EST)
Subject: [nycphp-talk] Validating Email Addresses
In-Reply-To: <OFE036CF96.82A8AAA0-ON85256F5E.00643661-85256F5E.00657285@us.ibm.com>
References: <OFE036CF96.82A8AAA0-ON85256F5E.00643661-85256F5E.00657285@us.ibm.com>
Message-ID: <Pine.LNX.4.58.0412021344230.25418@miranda.org>

On Thu, 2 Dec 2004, Daniel Krook wrote:

> > Joe Bloggs <joe at example.com>
>
> As I understand it, this format which includes the names, brackets and
> whitespace is RFC822 compliant
> [http://www.ietf.org/rfc/rfc0822.txt?number=822] .    If you want it to
> accept the format above, will need an RFC822 compliant parser like the
> Perl module, although your regex seems to work ok for the most common
> format.
>
> I would recommend searching for a reasonable sample of RFC822 compliant
> addresses and run them through, or study examples such as PEAR Mail's
> RFC822.php [http://cvs.php.net/co.php/pear/Mail/Mail/RFC822.php?r=1.18].

Comments (and nested comments) are the real bitch here. I suggest you
pretend they don't exist. :)

-adam

-- 
adam at trachtenberg.com | http://www.trachtenberg.com
author of o'reilly's "upgrading to php 5" and "php cookbook"
avoid the holiday rush, buy your copies today!


From drydell at att.net  Thu Dec  2 13:50:44 2004
From: drydell at att.net (drydell at att.net)
Date: Thu, 02 Dec 2004 18:50:44 +0000
Subject: [nycphp-talk] Validating Email Addresses
Message-ID: <120220041850.10823.41AF640400032C8300002A47216037631604040A0B979D0B@att.net>

a problem here is that a valid email address like firstname.lastname at domain.com would be rejected...

 -------------- Original message ----------------------
From: Rahmin Pavlovic <rahmin at insite-out.com>
> I wrote this a while back, as I'm somewhat illiterate when it comes to regexp's:
> 
> function is_email($str) {
> 	$str=trim($str);
> 	if($str=='') { return false; }
> 	if(strstr($str,'@')=='' || strstr($str,'.')=='') { return false; }
> 	if(strpos($str,'@') > strrpos($str,'.')) { return false; }
> 	if(strpos($str,'@') < 1) { return false; }
> 	if((strrpos($str,'.') - strpos($str,'@')) < 3) { return false; }
> 	if((strlen($str) - strrpos($str,'.')) < 3) { return false; }
> 	return true;
> }
> 
> It's slightly liberal, but does force input to x at xx.xx.  That should would work 
> for cases like Joe <joe at bob.com>.
> 
> HTH
> 
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org




From rahmin at insite-out.com  Thu Dec  2 13:58:01 2004
From: rahmin at insite-out.com (Rahmin Pavlovic)
Date: Thu, 2 Dec 2004 13:58:01 -0500
Subject: [nycphp-talk] Validating Email Addresses
Message-ID: <200412021858.iB2Iw1SJ019850@webmail2.megamailservers.com>

An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041202/56187098/attachment.ksh>

From drydell at att.net  Thu Dec  2 14:07:07 2004
From: drydell at att.net (drydell at att.net)
Date: Thu, 02 Dec 2004 19:07:07 +0000
Subject: [nycphp-talk] Validating Email Addresses
Message-ID: <120220041907.28543.41AF67DB00016D3300006F7F216037631604040A0B979D0B@att.net>

I didn't see that it was strrpos, not strpos...

 -------------- Original message ----------------------
From: Rahmin Pavlovic <rahmin at insite-out.com>
> 
> On Thu, 02 Dec 2004 18:50 , drydell at att.net sent:
> 
> >a problem here is that a valid email address like firstname.lastname at domain.com 
> would be rejected...
> 
> 
> Those are acceptable.  It simply makes sure the last occurrence of the '.' 
> exists after the @ symbol.
> 
> 
> > -------------- Original message ----------------------
> >From: Rahmin Pavlovic rahmin at insite-out.com>
> >> I wrote this a while back, as I'm somewhat illiterate when it comes to 
> regexp's:
> >> 
> >> function is_email($str) {
> >> 	$str=trim($str);
> >> 	if($str=='') { return false; }
> >> 	if(strstr($str,'@')=='' || strstr($str,'.')=='') { return false; }
> >> 	if(strpos($str,'@') > strrpos($str,'.')) { return false; }
> >> 	if(strpos($str,'@') 
> >> 	if((strrpos($str,'.') - strpos($str,'@')) 
> >> 	if((strlen($str) - strrpos($str,'.')) 
> >> 	return true;
> >> }
> >> 
> >> It's slightly liberal, but does force input to x at xx.xx.  That should would 
> work 
> >> for cases like Joe joe at bob.com>.
> >> 
> >> HTH
> >> 
> >> 
> >> _______________________________________________
> >> New York PHP Talk
> >> Supporting AMP Technology (Apache/MySQL/PHP)
> >> http://lists.nyphp.org/mailman/listinfo/talk
> >> http://www.newyorkphp.org
> >
> >
> >_______________________________________________
> >New York PHP Talk
> >Supporting AMP Technology (Apache/MySQL/PHP)
> >http://lists.nyphp.org/mailman/listinfo/talk
> >http://www.newyorkphp.org
> 
> 
> 
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org




From dcech at phpwerx.net  Thu Dec  2 14:09:53 2004
From: dcech at phpwerx.net (Dan Cech)
Date: Thu, 02 Dec 2004 14:09:53 -0500
Subject: [nycphp-talk] Validating Email Addresses
In-Reply-To: <Pine.LNX.4.58.0412021344230.25418@miranda.org>
References: <OFE036CF96.82A8AAA0-ON85256F5E.00643661-85256F5E.00657285@us.ibm.com>
	<Pine.LNX.4.58.0412021344230.25418@miranda.org>
Message-ID: <41AF6881.9090705@phpwerx.net>

Adam Maccabee Trachtenberg wrote:
> On Thu, 2 Dec 2004, Daniel Krook wrote:
> 
>>>Joe Bloggs <joe at example.com>
>>
>>As I understand it, this format which includes the names, brackets and
>>whitespace is RFC822 compliant
>>[http://www.ietf.org/rfc/rfc0822.txt?number=822] .    If you want it to
>>accept the format above, will need an RFC822 compliant parser like the
>>Perl module, although your regex seems to work ok for the most common
>>format.
>>
>>I would recommend searching for a reasonable sample of RFC822 compliant
>>addresses and run them through, or study examples such as PEAR Mail's
>>RFC822.php [http://cvs.php.net/co.php/pear/Mail/Mail/RFC822.php?r=1.18].

Yep, for my purposes I think I'll be able to get by with:

/^(?:(["]?)([^<>]+?)\1\s*)?(?:<)?(([^!"#$%()*,:;<>@\[\]\\`|]+)@((?:[\w-]+\.)+[a-z0-9]{1,4}))(?:>?)$/i

I also came across the imap_rfc822_parse_adrlist() function, which is 
obviously seldom used because of the unwieldy name ;)

> Comments (and nested comments) are the real bitch here. I suggest you
> pretend they don't exist. :)

That was the plan.

Dan

> -adam
> 



From codebowl at gmail.com  Thu Dec  2 14:15:18 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 2 Dec 2004 14:15:18 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
Message-ID: <8d9a428004120211157b4ce2f7@mail.gmail.com>

Guys,

i had a web host that was a reseller, they went under and thier
servers taken back by the company who sold them the space, there was
no warning for this happening at all.  now the new company wants to
charge me $20 to get my files back....  is this even legal to do? all
files on my account were written by me therefore they are my property.
 I mean this sounds to me the equivilence to walking into thier
datacenter taking one of thier servers then saying hah you want it you
have to pay me to get it back.

what steps should i take in this situation?  I have contacted support
and they continue to say they are going to charge me now way around
it, because thier tech has to run a tar command and email me the
files, which on a properly setup linux box could probably all be done
on one line.


-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com

For a GMail account
contact me OFF-LIST


From wwwac at summit7solutions.com  Thu Dec  2 14:18:30 2004
From: wwwac at summit7solutions.com (Jeff Wilhelm)
Date: Thu, 2 Dec 2004 14:18:30 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <8d9a428004120211157b4ce2f7@mail.gmail.com>
Message-ID: <20041202191831.A373DA85E9@virtu.nyphp.org>

Do you have any other sites with them?

If so, you could threaten to pull them. If the revenue from the other sites
exceeds $20 they'd be stupid to fight with you.

Alternatively, you could just pay them for the data (if you really need it;
you don't have a local copy?) and then never go back to that company.

I mean, the ball is in their court. They have the data. You want it. You
have to play by their rules (as dumb as they may be) or else they may --
OOPS -- drop the tape in the lake.

Jeff


----Original Message----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org] On Behalf Of Joseph
Crawford Sent: Thursday, December 02, 2004 2:15 PM To:
NYPHP Talk Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad

> Guys,
> 
> i had a web host that was a reseller, they went under and
>  thier servers taken back by the company who sold them
> the space, there was no warning for this happening at
> all.  now the new company wants to charge me $20 to get
> my files back....  is this even legal to do? all files on
> my account were written by me therefore they are my
> property. I mean this sounds to me the equivilence to
> walking into thier datacenter taking one of thier servers
> then saying hah you want it you have to pay me to get it
> back.        
> 
> what steps should i take in this situation?  I have
> contacted support and they continue to say they are going
> to charge me now way around it, because thier tech has to
> run a tar command and email me the files, which on a
> properly setup linux box could probably all be done on
> one line.     



From jlacey at att.net  Thu Dec  2 14:19:21 2004
From: jlacey at att.net (John Lacey)
Date: Thu, 02 Dec 2004 12:19:21 -0700
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <8d9a428004120211157b4ce2f7@mail.gmail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>
Message-ID: <41AF6AB9.8030909@att.net>

Joseph Crawford wrote:
> Guys,
> 
> i had a web host that was a reseller, they went under and thier
> servers taken back by the company who sold them the space, there was
> no warning for this happening at all.  now the new company wants to
> charge me $20 to get my files back....  is this even legal to do? all
> files on my account were written by me therefore they are my property.
>  I mean this sounds to me the equivilence to walking into thier
> datacenter taking one of thier servers then saying hah you want it you
> have to pay me to get it back.
> 
> what steps should i take in this situation?  I have contacted support
> and they continue to say they are going to charge me now way around
> it, because thier tech has to run a tar command and email me the
> files, which on a properly setup linux box could probably all be done
> on one line.
> 
> 

I'd pay the $20 (get a receipt, of course :) and cut my losses to avoid 
the brain damage.

John



From codebowl at gmail.com  Thu Dec  2 14:20:19 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 2 Dec 2004 14:20:19 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <20041202191831.A373DA85E9@virtu.nyphp.org>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>
	<20041202191831.A373DA85E9@virtu.nyphp.org>
Message-ID: <8d9a4280041202112079d72279@mail.gmail.com>

couldnt i get them for destructing data that doesnt belong to them or
something, i mean i would almost be willing to pay $100 to a lawyer to
send them a letter if it would get me the files, i honestly dont feel
i should have to pay the $20 and i dont know if i am going to stoop to
the level and do it.  However i dont have a local copy of the files
and i do need them.


On Thu, 2 Dec 2004 14:18:30 -0500, Jeff Wilhelm
<wwwac at summit7solutions.com> wrote:
> Do you have any other sites with them?
> 
> If so, you could threaten to pull them. If the revenue from the other sites
> exceeds $20 they'd be stupid to fight with you.
> 
> Alternatively, you could just pay them for the data (if you really need it;
> you don't have a local copy?) and then never go back to that company.
> 
> I mean, the ball is in their court. They have the data. You want it. You
> have to play by their rules (as dumb as they may be) or else they may --
> OOPS -- drop the tape in the lake.
> 
> Jeff
> 
> 
> 
> 
> ----Original Message----
> From: talk-bounces at lists.nyphp.org
> [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Joseph
> Crawford Sent: Thursday, December 02, 2004 2:15 PM To:
> NYPHP Talk Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
> 
> > Guys,
> >
> > i had a web host that was a reseller, they went under and
> >  thier servers taken back by the company who sold them
> > the space, there was no warning for this happening at
> > all.  now the new company wants to charge me $20 to get
> > my files back....  is this even legal to do? all files on
> > my account were written by me therefore they are my
> > property. I mean this sounds to me the equivilence to
> > walking into thier datacenter taking one of thier servers
> > then saying hah you want it you have to pay me to get it
> > back.
> >
> > what steps should i take in this situation?  I have
> > contacted support and they continue to say they are going
> > to charge me now way around it, because thier tech has to
> > run a tar command and email me the files, which on a
> > properly setup linux box could probably all be done on
> > one line.
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com

For a GMail account
contact me OFF-LIST


From dmintz at davidmintz.org  Thu Dec  2 14:30:44 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Thu, 2 Dec 2004 14:30:44 -0500 (EST)
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <8d9a4280041202112079d72279@mail.gmail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>
	<20041202191831.A373DA85E9@virtu.nyphp.org>
	<8d9a4280041202112079d72279@mail.gmail.com>
Message-ID: <Pine.BSF.4.58.0412021429540.56119@emra.pair.com>

On Thu, 2 Dec 2004, Joseph Crawford wrote:

> couldnt i get them for destructing data that doesnt belong to them or
> something, i mean i would almost be willing to pay $100 to a lawyer to
> send them a letter if it would get me the files, i honestly dont feel
> i should have to pay the $20 and i dont know if i am going to stoop to
> the level and do it.  However i dont have a local copy of the files
> and i do need them.


I quite agree with your position. Any chance of escalating up the food
chain and trying to talk some sense into someone with more authority?

---
David Mintz
http://davidmintz.org/



From jperkins at sneer.org  Thu Dec  2 14:30:47 2004
From: jperkins at sneer.org (Jason Perkins)
Date: Thu, 2 Dec 2004 13:30:47 -0600
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <8d9a4280041202112079d72279@mail.gmail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>
	<20041202191831.A373DA85E9@virtu.nyphp.org>
	<8d9a4280041202112079d72279@mail.gmail.com>
Message-ID: <AB0BC6EC-4498-11D9-9824-000D932DF2B4@sneer.org>


On Dec 2, 2004, at 1:20 PM, Joseph Crawford wrote:

> couldnt i get them for destructing data that doesnt belong to them or
> something, i mean i would almost be willing to pay $100 to a lawyer to
> send them a letter if it would get me the files, i honestly dont feel
> i should have to pay the $20 and i dont know if i am going to stoop to
> the level and do it.  However i dont have a local copy of the files
> and i do need them.

I've always held that "pick your battles" is not only an injunction 
against picking ones that you can win, but also ones that are worth 
your time. It sounds like your former hosting company has left you (and 
their former hosting company) in a bad position. $20 for recovery of 
files is nothing, really. Pay 'em the $20 and be done with it and count 
it as a learning experience that sometimes you really do get what you 
pay for (I'm assuming this is the "cheap" hosting company you were 
recommending a few months back - hostproservices.com, iirc).

Take that other $80 that you were going to spend (on an attorney!) 
getting in a pissing contest and give it to make a wish or something 
and move on. Life's simply too short to let this stuff get you down.

My 2 cents.

--
Jason N Perkins



From wwwac at summit7solutions.com  Thu Dec  2 14:36:34 2004
From: wwwac at summit7solutions.com (Jeff Wilhelm)
Date: Thu, 2 Dec 2004 14:36:34 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <8d9a4280041202112079d72279@mail.gmail.com>
Message-ID: <20041202193635.44E2AA85E9@virtu.nyphp.org>

----Original Message----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org] On Behalf Of Joseph
Crawford Sent: Thursday, December 02, 2004 2:20 PM To:
NYPHP Talk Subject: Re: [nycphp-talk] [ OT ] Web Hosting
Gone Bad 

> couldnt i get them for destructing data that doesnt
> belong to them or something, i mean i would almost be
> willing to pay $100 to a lawyer to send them a letter if
> it would get me the files, i honestly dont feel i should
> have to pay the $20 and i dont know if i am going to
> stoop to the level and do it.  However i dont have a
> local copy of the files and i do need them.      

Hm, I see where you're coming from. If I were you I'd go higher up. Sure,
the tech guy wants money for untarring a file, but his boss, or his bosses
boss, or a relationship manager, or a sales person, or SOMEONE should
realize the value of good customer service, or the value of repeat business.
I would be nice and civil on the phone when you call, and ask to talk to
someone else. There's got to be SOMEONE over there who can help.


> On Thu, 2 Dec 2004 14:18:30 -0500, Jeff Wilhelm
> <wwwac at summit7solutions.com> wrote: 
> > Do you have any other sites with them?
> > 
> > If so, you could threaten to pull them. If the revenue
> > from the other 
> > sites exceeds $20 they'd be stupid to fight with you.
> > 
> > Alternatively, you could just pay them for the data (if
> > you really 
> > need it; you don't have a local copy?) and then never
> > go back to that company. 
> > 
> > I mean, the ball is in their court. They have the data.
> > You want it. 
> > You have to play by their rules (as dumb as they may
> > be) or else they 
> > may -- OOPS -- drop the tape in the lake.
> > 
> > Jeff
> > 
> > 
> > 
> > 
> > ----Original Message----
> > From: talk-bounces at lists.nyphp.org
> > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of
> > Joseph Crawford 
> > Sent: Thursday, December 02, 2004 2:15 PM To:
> > NYPHP Talk Subject: [nycphp-talk] [ OT ] Web Hosting
> > Gone Bad 
> > 
> > > Guys,
> > > 
> > > i had a web host that was a reseller, they went under
> > > and  thier servers taken back by the company who sold
> > > them the space, there was no warning for this
> > > happening at all.  now the new company wants to
> > > charge me $20 to get my files back....  is this even
> > > legal to do? all files on my account were written by
> > > me therefore they are my property. I mean this sounds
> > > to me the equivilence to walking into thier
> > > datacenter taking one of thier servers then saying
> > > hah you want it you have to pay me to get it back.  
> > > 
> > > what steps should i take in this situation?  I have
> > > contacted support and they continue to say they are
> > > going to charge me now way around it, because thier
> > > tech has to run a tar command and email me the files,
> > > which on a properly setup linux box could probably
> > > all be done on one line. 
> > 
> > _______________________________________________
> > New York PHP Talk
> > Supporting AMP Technology (Apache/MySQL/PHP)
> > http://lists.nyphp.org/mailman/listinfo/talk
> > http://www.newyorkphp.org



From mitch.pirtle at gmail.com  Thu Dec  2 14:38:22 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Thu, 2 Dec 2004 14:38:22 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <8d9a4280041202112079d72279@mail.gmail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>
	<20041202191831.A373DA85E9@virtu.nyphp.org>
	<8d9a4280041202112079d72279@mail.gmail.com>
Message-ID: <330532b604120211382dd2c62@mail.gmail.com>

Forget it, you will pay $2,000 for a lawyer and have no avenues for
collection of damages.

This is a situation where although you've done nothing wrong per se,
you are going to get screwed anyway.  Best to eat the $20, and then
call the police for extortion.

-- Mitch, grinning an evil grin

On Thu, 2 Dec 2004 14:20:19 -0500, Joseph Crawford <codebowl at gmail.com> wrote:
> couldnt i get them for destructing data that doesnt belong to them or
> something, i mean i would almost be willing to pay $100 to a lawyer to
> send them a letter if it would get me the files, i honestly dont feel
> i should have to pay the $20 and i dont know if i am going to stoop to
> the level and do it.  However i dont have a local copy of the files
> and i do need them.


From codebowl at gmail.com  Thu Dec  2 14:39:53 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 2 Dec 2004 14:39:53 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <20041202193635.44E2AA85E9@virtu.nyphp.org>
References: <8d9a4280041202112079d72279@mail.gmail.com>
	<20041202193635.44E2AA85E9@virtu.nyphp.org>
Message-ID: <8d9a4280041202113913122521@mail.gmail.com>

these are not the tech guys i am talking with they are the sales and billing.

yes it is the same company i recomended and the only reason i
recommended them is i have used them for 2 years now without any
problems, until this.

i guess i need to get the real big expensive hosts for reliability.


On Thu, 2 Dec 2004 14:36:34 -0500, Jeff Wilhelm
<wwwac at summit7solutions.com> wrote:
> 
> 
> ----Original Message----
> From: talk-bounces at lists.nyphp.org
> [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Joseph
> Crawford Sent: Thursday, December 02, 2004 2:20 PM To:
> NYPHP Talk Subject: Re: [nycphp-talk] [ OT ] Web Hosting
> Gone Bad
> 
> > couldnt i get them for destructing data that doesnt
> > belong to them or something, i mean i would almost be
> > willing to pay $100 to a lawyer to send them a letter if
> > it would get me the files, i honestly dont feel i should
> > have to pay the $20 and i dont know if i am going to
> > stoop to the level and do it.  However i dont have a
> > local copy of the files and i do need them.
> 
> Hm, I see where you're coming from. If I were you I'd go higher up. Sure,
> the tech guy wants money for untarring a file, but his boss, or his bosses
> boss, or a relationship manager, or a sales person, or SOMEONE should
> realize the value of good customer service, or the value of repeat business.
> I would be nice and civil on the phone when you call, and ask to talk to
> someone else. There's got to be SOMEONE over there who can help.
> 
> 
> 
> 
> > On Thu, 2 Dec 2004 14:18:30 -0500, Jeff Wilhelm
> > <wwwac at summit7solutions.com> wrote:
> > > Do you have any other sites with them?
> > >
> > > If so, you could threaten to pull them. If the revenue
> > > from the other
> > > sites exceeds $20 they'd be stupid to fight with you.
> > >
> > > Alternatively, you could just pay them for the data (if
> > > you really
> > > need it; you don't have a local copy?) and then never
> > > go back to that company.
> > >
> > > I mean, the ball is in their court. They have the data.
> > > You want it.
> > > You have to play by their rules (as dumb as they may
> > > be) or else they
> > > may -- OOPS -- drop the tape in the lake.
> > >
> > > Jeff
> > >
> > >
> > >
> > >
> > > ----Original Message----
> > > From: talk-bounces at lists.nyphp.org
> > > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of
> > > Joseph Crawford
> > > Sent: Thursday, December 02, 2004 2:15 PM To:
> > > NYPHP Talk Subject: [nycphp-talk] [ OT ] Web Hosting
> > > Gone Bad
> > >
> > > > Guys,
> > > >
> > > > i had a web host that was a reseller, they went under
> > > > and  thier servers taken back by the company who sold
> > > > them the space, there was no warning for this
> > > > happening at all.  now the new company wants to
> > > > charge me $20 to get my files back....  is this even
> > > > legal to do? all files on my account were written by
> > > > me therefore they are my property. I mean this sounds
> > > > to me the equivilence to walking into thier
> > > > datacenter taking one of thier servers then saying
> > > > hah you want it you have to pay me to get it back.
> > > >
> > > > what steps should i take in this situation?  I have
> > > > contacted support and they continue to say they are
> > > > going to charge me now way around it, because thier
> > > > tech has to run a tar command and email me the files,
> > > > which on a properly setup linux box could probably
> > > > all be done on one line.
> > >
> > > _______________________________________________
> > > New York PHP Talk
> > > Supporting AMP Technology (Apache/MySQL/PHP)
> > > http://lists.nyphp.org/mailman/listinfo/talk
> > > http://www.newyorkphp.org
> 
> _______________________________________________
> 
> 
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com

For a GMail account
contact me OFF-LIST


From rahmin at insite-out.com  Thu Dec  2 14:44:46 2004
From: rahmin at insite-out.com (Rahmin Pavlovic)
Date: Thu, 2 Dec 2004 14:44:46 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
Message-ID: <200412021944.iB2JikSJ024346@webmail2.megamailservers.com>

An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041202/80f6c065/attachment.ksh>

From jperkins at sneer.org  Thu Dec  2 14:44:43 2004
From: jperkins at sneer.org (Jason Perkins)
Date: Thu, 2 Dec 2004 13:44:43 -0600
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <8d9a4280041202113913122521@mail.gmail.com>
References: <8d9a4280041202112079d72279@mail.gmail.com>
	<20041202193635.44E2AA85E9@virtu.nyphp.org>
	<8d9a4280041202113913122521@mail.gmail.com>
Message-ID: <9D3E387C-449A-11D9-9824-000D932DF2B4@sneer.org>


On Dec 2, 2004, at 1:39 PM, Joseph Crawford wrote:

> i guess i need to get the real big expensive hosts for reliability.

I'm sorry if my comment about cheap webhosting sounded like a 
condemnation, but hostproservices.com was advertising websites for 
$2.95/month.


--
Jason N Perkins



From codebowl at gmail.com  Thu Dec  2 14:46:19 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 2 Dec 2004 14:46:19 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <9D3E387C-449A-11D9-9824-000D932DF2B4@sneer.org>
References: <8d9a4280041202112079d72279@mail.gmail.com>
	<20041202193635.44E2AA85E9@virtu.nyphp.org>
	<8d9a4280041202113913122521@mail.gmail.com>
	<9D3E387C-449A-11D9-9824-000D932DF2B4@sneer.org>
Message-ID: <8d9a42800412021146408f00ab@mail.gmail.com>

yea if i recall they were 20mb accounts :D nonetheless i didnt take it
personally they did have some cheap accounts :D

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com

For a GMail account
contact me OFF-LIST


From yury at heavenspa.com  Thu Dec  2 14:46:34 2004
From: yury at heavenspa.com (Yury Rush)
Date: Thu, 2 Dec 2004 14:46:34 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <8d9a4280041202113913122521@mail.gmail.com>
Message-ID: <ECEKLPHECCLGFGAFEPEJCEBCDDAA.yury@heavenspa.com>

Nah -- get your own server :O)

ciao
yury

www.discounted-cosmetics.info


-----Original Message-----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org]On Behalf Of Joseph Crawford
Sent: Thursday, December 02, 2004 2:40 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] [ OT ] Web Hosting Gone Bad


these are not the tech guys i am talking with they are the sales and
billing.

yes it is the same company i recomended and the only reason i
recommended them is i have used them for 2 years now without any
problems, until this.

i guess i need to get the real big expensive hosts for reliability.


On Thu, 2 Dec 2004 14:36:34 -0500, Jeff Wilhelm
<wwwac at summit7solutions.com> wrote:
>
>
> ----Original Message----
> From: talk-bounces at lists.nyphp.org
> [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Joseph
> Crawford Sent: Thursday, December 02, 2004 2:20 PM To:
> NYPHP Talk Subject: Re: [nycphp-talk] [ OT ] Web Hosting
> Gone Bad
>
> > couldnt i get them for destructing data that doesnt
> > belong to them or something, i mean i would almost be
> > willing to pay $100 to a lawyer to send them a letter if
> > it would get me the files, i honestly dont feel i should
> > have to pay the $20 and i dont know if i am going to
> > stoop to the level and do it.  However i dont have a
> > local copy of the files and i do need them.
>
> Hm, I see where you're coming from. If I were you I'd go higher up. Sure,
> the tech guy wants money for untarring a file, but his boss, or his bosses
> boss, or a relationship manager, or a sales person, or SOMEONE should
> realize the value of good customer service, or the value of repeat
business.
> I would be nice and civil on the phone when you call, and ask to talk to
> someone else. There's got to be SOMEONE over there who can help.
>
>
>
>
> > On Thu, 2 Dec 2004 14:18:30 -0500, Jeff Wilhelm
> > <wwwac at summit7solutions.com> wrote:
> > > Do you have any other sites with them?
> > >
> > > If so, you could threaten to pull them. If the revenue
> > > from the other
> > > sites exceeds $20 they'd be stupid to fight with you.
> > >
> > > Alternatively, you could just pay them for the data (if
> > > you really
> > > need it; you don't have a local copy?) and then never
> > > go back to that company.
> > >
> > > I mean, the ball is in their court. They have the data.
> > > You want it.
> > > You have to play by their rules (as dumb as they may
> > > be) or else they
> > > may -- OOPS -- drop the tape in the lake.
> > >
> > > Jeff
> > >
> > >
> > >
> > >
> > > ----Original Message----
> > > From: talk-bounces at lists.nyphp.org
> > > [mailto:talk-bounces at lists.nyphp.org] On Behalf Of
> > > Joseph Crawford
> > > Sent: Thursday, December 02, 2004 2:15 PM To:
> > > NYPHP Talk Subject: [nycphp-talk] [ OT ] Web Hosting
> > > Gone Bad
> > >
> > > > Guys,
> > > >
> > > > i had a web host that was a reseller, they went under
> > > > and  thier servers taken back by the company who sold
> > > > them the space, there was no warning for this
> > > > happening at all.  now the new company wants to
> > > > charge me $20 to get my files back....  is this even
> > > > legal to do? all files on my account were written by
> > > > me therefore they are my property. I mean this sounds
> > > > to me the equivilence to walking into thier
> > > > datacenter taking one of thier servers then saying
> > > > hah you want it you have to pay me to get it back.
> > > >
> > > > what steps should i take in this situation?  I have
> > > > contacted support and they continue to say they are
> > > > going to charge me now way around it, because thier
> > > > tech has to run a tar command and email me the files,
> > > > which on a properly setup linux box could probably
> > > > all be done on one line.
> > >
> > > _______________________________________________
> > > New York PHP Talk
> > > Supporting AMP Technology (Apache/MySQL/PHP)
> > > http://lists.nyphp.org/mailman/listinfo/talk
> > > http://www.newyorkphp.org
>
> _______________________________________________
>
>
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
>


--
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com

For a GMail account
contact me OFF-LIST
_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org



From jperkins at sneer.org  Thu Dec  2 14:53:53 2004
From: jperkins at sneer.org (Jason Perkins)
Date: Thu, 2 Dec 2004 13:53:53 -0600
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <200412021944.iB2JikSJ024346@webmail2.megamailservers.com>
References: <200412021944.iB2JikSJ024346@webmail2.megamailservers.com>
Message-ID: <E51ABA6E-449B-11D9-9824-000D932DF2B4@sneer.org>


On Dec 2, 2004, at 1:44 PM, Rahmin Pavlovic wrote:

>
> On Thu, 2 Dec 2004 14:15 , Joseph Crawford <codebowl at gmail.com> sent:
>
>> Guys,
>>
>> i had a web host that was a reseller, they went under and thier
>> servers taken back by the company who sold them the space, there was
>> no warning for this happening at all.  now the new company wants to
>> charge me $20 to get my files back....  is this even legal to do? all
>> files on my account were written by me therefore they are my property.
>> I mean this sounds to me the equivilence to walking into thier
>> datacenter taking one of thier servers then saying hah you want it you
>> have to pay me to get it back.
>>
>
> Interesting.  Let's see - if I found myself in that boat, I'd probably 
> tell them that my agreement was with the reseller, not the parent 
> company,
> and that I am paid up.  If parent company is owed any money, that is 
> between them and the reseller - otherwise, I deserve full access to my
> paid-for files, or I'd be happy to pay the $20 to take all of my 
> business elsewhere.  And possibly blog the experience.

I don't think that this is a parent company - I think that 
hostproservices.com had a (or some) dedicated boxes that they were 
renting from gnax.com (who only does colo and dedicated, not shared 
hosting). It sounds like hostproservices.com folded with no notice and 
gnax.com is doing the hostproservices customers a favor, holding the 
boxes (or at least copied their data off of them) and charging $20 for 
recovery of their files.

And really, it's a favor given that most hosting companies would've 
kicked a fresh OS install on those boxes and put 'em right back up into 
the pool for leasing, hostproservice's customers and their data be 
damned.

--
Jason N Perkins



From shiflett at php.net  Thu Dec  2 15:03:26 2004
From: shiflett at php.net (Chris Shiflett)
Date: Thu, 2 Dec 2004 12:03:26 -0800 (PST)
Subject: [nycphp-talk] Validating Email Addresses
In-Reply-To: <41AF3B8C.5000300@phpwerx.net>
Message-ID: <20041202200326.20311.qmail@web52802.mail.yahoo.com>

--- Dan Cech <dcech at phpwerx.net> wrote:
> I've come up against an interesting little problem, and wondered
> if anyone had any input for me.
> 
> I'm trying to validate email addresses like:
> 
> Joe Bloggs <joe at example.com>

That's a valid format for the From header (not sure it can really be
called an email address, but maybe), but aren't quotes required around the
name?

You might think it's less cool than matching everything with a single
pattern, but can't you easily break this up into name and email address?
There are plenty of patterns to help make sure a string looks like an
email address (I use the one in the Cookbook), so you just need to augment
that by breaking up your string into a name and email address.

The email address is probably everything to the right of the last space,
without the angle brackets (if present). The name is everything else,
without the quotes (if present).

Hope that helps.

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly     HTTP Developer's Handbook - Sams
Coming February 2005        http://httphandbook.org/


From nyphp at enobrev.com  Thu Dec  2 16:16:40 2004
From: nyphp at enobrev.com (Mark Armendariz)
Date: Thu, 2 Dec 2004 16:16:40 -0500
Subject: [nycphp-talk] Validating Email Addresses
In-Reply-To: <20041202200326.20311.qmail@web52802.mail.yahoo.com>
Message-ID: <20041202211641.49084A85E9@virtu.nyphp.org>

Here's a pattern I've been using for a while with success.

/(?P<name>(?:(?P<name_normal>[^\[\]()<>@,;:\\".]+)|"(?P<name_quoted>[^\\"]+|
[\\.]+)*")*(?P<angle><))?(?P<user>(?!\.)(?P<user_normal>\.?[^\[\]()<>@,;:\\"
.
]+)+|"(?P<user_quoted>[^\\"]+|[\\.]+)*")@(?P<domain>(?:(?!-)(?P<sld>[a-zA-Z\
d\-]+)(?<!-)\.)+(?P<tld>[a-zA-Z]{2,})|\[(?P<ip>(?:(?(?<!\[)\.)(?:25[0-5]|2[0
-4]\d|[01]?\d?\d)){4}|(?:(?P<servername>[a-zA-Z\d\-]*[a-zA-Z\d]):(?P<port>\d
{2,5})))\])(?(4)>)/

And here's some examples:
http://dev.enobrev.com/email/

And the code for the example:
http://dev.enobrev.com/email/index.txt

Mark



From prusak at gmail.com  Thu Dec  2 16:50:33 2004
From: prusak at gmail.com (Ophir Prusak)
Date: Thu, 2 Dec 2004 16:50:33 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <8d9a428004120211157b4ce2f7@mail.gmail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>
Message-ID: <f1dc81bb04120213504832f242@mail.gmail.com>

First of all, pay the $20 so you'll have the data in hand.
THEN you can go ahead and do something else (like talk to a boss,
threaten them, etc). Maybe you could even get your money back or
something

If the files have any real value to you, the last thing you need is to
try to play hardball only to have your files "accidentally" deleted or
something like that.


On Thu, 2 Dec 2004 14:15:18 -0500, Joseph Crawford <codebowl at gmail.com> wrote:
> Guys,
> 
> i had a web host that was a reseller, they went under and thier
> servers taken back by the company who sold them the space, there was
> no warning for this happening at all.  now the new company wants to
> charge me $20 to get my files back....  is this even legal to do? all
> files on my account were written by me therefore they are my property.
> I mean this sounds to me the equivilence to walking into thier
> datacenter taking one of thier servers then saying hah you want it you
> have to pay me to get it back.
> 
> what steps should i take in this situation?  I have contacted support
> and they continue to say they are going to charge me now way around
> it, because thier tech has to run a tar command and email me the
> files, which on a properly setup linux box could probably all be done
> on one line.
> 
> --
> Joseph Crawford Jr.
> Codebowl Solutions
> codebowl at gmail.com
> 
> For a GMail account
> contact me OFF-LIST
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
>


From danielc at analysisandsolutions.com  Thu Dec  2 17:10:01 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Thu, 2 Dec 2004 17:10:01 -0500
Subject: [nycphp-talk] Validating Email Addresses
In-Reply-To: <41AF541F.2060309@phpwerx.net>
References: <41AF408B.2070706@surgam.net> <20041202164535.GA11151@panix.com>
	<41AF541F.2060309@phpwerx.net>
Message-ID: <20041202221001.GA21957@panix.com>

Hey Dan:

On Thu, Dec 02, 2004 at 12:42:55PM -0500, Dan Cech wrote:
> 
> The problem with that is that it will reject emails of the form:
> Joe Bloggs <joe at example.com>

Yes.  I figured you'd be smart enough to take care of that simple 
tweak.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From 1j0lkq002 at sneakemail.com  Thu Dec  2 17:19:52 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Thu, 02 Dec 2004 17:19:52 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <8d9a4280041202112079d72279@mail.gmail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>	<20041202191831.A373DA85E9@virtu.nyphp.org>
	<8d9a4280041202112079d72279@mail.gmail.com>
Message-ID: <317-32513@sneakemail.com>

Joseph Crawford codebowl-at-gmail.com |nyphp dev/internal group use| wrote:

>However i dont have a local copy of the files and i do need them.
>  
>

That's your bad, so pay the fine. And then if you like, blog your 
customer service experience (honestly) to make yourself feel better.

-=john andrews



From chsnyder at gmail.com  Thu Dec  2 17:30:08 2004
From: chsnyder at gmail.com (csnyder)
Date: Thu, 2 Dec 2004 17:30:08 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <317-32513@sneakemail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>
	<20041202191831.A373DA85E9@virtu.nyphp.org>
	<8d9a4280041202112079d72279@mail.gmail.com> <317-32513@sneakemail.com>
Message-ID: <b762526904120214304e5e5168@mail.gmail.com>

On Thu, 02 Dec 2004 17:19:52 -0500, inforequest
<1j0lkq002 at sneakemail.com> wrote:
> >However i dont have a local copy of the files and i do need them.
>
> That's your bad, so pay the fine. 

Or if not a mistake on your part, a life lesson worth 20 bucks -- keep
local copies of everything you put on a remote server. You never know
when the disk/server/isp/datacenter is going to take a walk.

I used to tell my hosting clients up front that I'm not responsible
for anything they put on my server.


From danielc at analysisandsolutions.com  Thu Dec  2 18:16:59 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Thu, 2 Dec 2004 18:16:59 -0500
Subject: [nycphp-talk] Validating Email Addresses
In-Reply-To: <41AF5D25.9020608@surgam.net>
References: <41AF5D25.9020608@surgam.net>
Message-ID: <20041202231659.GA12747@panix.com>

On Thu, Dec 02, 2004 at 01:21:25PM -0500, James B. Wetterau Jr. wrote:
> > Daniel Convissor wrote:
> > >
> > > '^[a-z0-9_.=+-]+@([a-z0-9-]+\.)+([a-z]{2,6})$'
> 
> I feel that that regex is way underblown.
> 
> It misses many valid email addresses.  It's perfectly legitimate to
> have characters other than [a-z0-9_.=+-] in the local part of the
> address.

Back when I did a study of RFC 822, those were the characters that the 
RFC said were valid.  Perhaps I made a mistake.  But I haven't heard 
of any problems with my expression.

But RFC 822 has been replaced by 2822.  I believe the newer RFC allows 
more characters in the local part.  Again, I haven't heard of any 
complaints with it.  None the less, looking at 
ftp://ftp.rfc-editor.org/in-notes/rfc2822.txt shows the following:

atext           =       ALPHA / DIGIT / ; Any character except controls,
                        "!" / "#" /     ;  SP, and specials.
                        "$" / "%" /     ;  Used for atoms
                        "&" / "'" /
                        "*" / "+" /
                        "-" / "/" /
                        "=" / "?" /
                        "^" / "_" /
                        "`" / "{" /
                        "|" / "}" /
                        "~"

Most of those characters are quite unusual for email addresses.  

<grumble>
 fine
</grumble>

Let's "do the right thing..."  Here's a tweaking of my ereg 
expression to include all the legit characters in the local part:

'^[-!#$%&\'*+/=?^_`{|}~a-z0-9.]+@([a-z0-9-]+\.)+([a-z]{2,6})$'

The one flaw with that is it allows the local part to be just a 
period: . at foo.com.

So, while we're at it, let's take it all the way:

$expr = '^[-!#$%&\'*+/=?^_`{|}~a-z0-9]+'
      . '(.[-!#$%&\'*+/=?^_`{|}~a-z0-9]+)*'
      . '@([a-z0-9-]+\.)+([a-z]{2,6})$';

I've needed to do this for a while.  Thanks for the excuse.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From 1j0lkq002 at sneakemail.com  Thu Dec  2 21:00:45 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Thu, 02 Dec 2004 21:00:45 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <b762526904120214304e5e5168@mail.gmail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>	<20041202191831.A373DA85E9@virtu.nyphp.org>	<8d9a4280041202112079d72279@mail.gmail.com>
	<317-32513@sneakemail.com>
	<b762526904120214304e5e5168@mail.gmail.com>
Message-ID: <30443-46926@sneakemail.com>

csnyder chsnyder-at-gmail.com |nyphp dev/internal group use| wrote:

>On Thu, 02 Dec 2004 17:19:52 -0500, inforequest
><1j0lkq002 at sneakemail.com> wrote:
>  
>
>>>However i dont have a local copy of the files and i do need them.
>>>      
>>>
>>That's your bad, so pay the fine. 
>>    
>>
>
>Or if not a mistake on your part, a life lesson worth 20 bucks -- keep
>local copies of everything you put on a remote server. You never know
>when the disk/server/isp/datacenter is going to take a walk.
>
or the server compromised. It amazes me that we know hosting servers get 
compromised, yet it certainly seems that after rebuilding the server 
they just dump the user files back onto the server ass-is from the last 
backup. If that happens, I dump my files and republish. You never know 
what you might find in there.


From preinheimer at gmail.com  Thu Dec  2 21:34:37 2004
From: preinheimer at gmail.com (Paul Reinheimer)
Date: Thu, 2 Dec 2004 21:34:37 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <30443-46926@sneakemail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>
	<20041202191831.A373DA85E9@virtu.nyphp.org>
	<8d9a4280041202112079d72279@mail.gmail.com> <317-32513@sneakemail.com>
	<b762526904120214304e5e5168@mail.gmail.com>
	<30443-46926@sneakemail.com>
Message-ID: <6ec19ec7041202183479c7b366@mail.gmail.com>

I would give up and pay them, and not bother trying to get the money
back, once you pay them the chances of them doing a CC refund are
somewhere between slim and none.

I also don't think your legal grounds are as firm as you think they
are. Just because the files belong do you doesn't obligate them to
help you get them. If someones rollerskates appeared in the middle of
my fenced in property I doubt I am breaking any laws by refusing to
get them for the owner, with or without some sort of a fee. I would
estimate your legal recourses against the incumbant host to also be
between slim and none.

The only company who owes you anything is your old host, and even that
depends on when everything went down. If it happened at the end of
your billing cycle (ie end of month) you've got nothing, your terms of
service probably explicitly allowed for this to happen. If it happened
mid billing cycle (ie you have paid for more than you received) you
might have something. You have the same rights to the property of the
new defunct host as the one that took them over, albeit just not in
the same fiscal range. You could offer your claim (were talking
pennies on the dollar here) on the defunct's host debt to you in
exchange for your files.


paul
(ianal)


On Thu, 02 Dec 2004 21:00:45 -0500, inforequest
<1j0lkq002 at sneakemail.com> wrote:
> csnyder chsnyder-at-gmail.com |nyphp dev/internal group use| wrote:
> 
> >On Thu, 02 Dec 2004 17:19:52 -0500, inforequest
> ><1j0lkq002 at sneakemail.com> wrote:
> >
> >
> >>>However i dont have a local copy of the files and i do need them.
> >>>
> >>>
> >>That's your bad, so pay the fine.
> >>
> >>
> >
> >Or if not a mistake on your part, a life lesson worth 20 bucks -- keep
> >local copies of everything you put on a remote server. You never know
> >when the disk/server/isp/datacenter is going to take a walk.
> >
> or the server compromised. It amazes me that we know hosting servers get
> compromised, yet it certainly seems that after rebuilding the server
> they just dump the user files back onto the server ass-is from the last
> backup. If that happens, I dump my files and republish. You never know
> what you might find in there.
> 
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
Paul Reinheimer
Zend Certified Engineer


From preinheimer at gmail.com  Thu Dec  2 21:45:59 2004
From: preinheimer at gmail.com (Paul Reinheimer)
Date: Thu, 2 Dec 2004 21:45:59 -0500
Subject: [nycphp-talk] About XML in PHP
In-Reply-To: <41AEAE6E.3090300@jonbaer.net>
References: <e1ddc2b0041201210167f49871@mail.gmail.com>
	<41AEAE6E.3090300@jonbaer.net>
Message-ID: <6ec19ec7041202184596bfb62@mail.gmail.com>

check out MiniXML, i discovered it while writing my book as a
SimpleXML alternative for PHP 4 users, but it has a lot of extra
functionality.

http://minixml.psychogenic.com


paul



On Thu, 02 Dec 2004 00:55:58 -0500, Jon Baer <jonbaer at jonbaer.net> wrote:
> im not sure you really want a parser function as much as you want to
> manipulate + outout the dom .. check out dom functions:
> 
> http://www.php.net/dom
> 
> example: (you can also load/modify/etc)
> 
> <?php
> $doc = new DOMDocument("1.0");
> $foo = $doc->createElement("foo");
> $foo = $doc->appendChild($foo);
> $bar = $doc->createElement("bar", "NYPHP Talk");
> $bar = $foo->appendChild($bar);
> echo $doc->saveXML();
> ?>
> 
> output:
> 
> <?xml version="1.0"?>
> <foo><bar>NYPHP Talk</bar></foo>
> 
> - jon
> 
> 
> 
> Amir Aavani wrote:
> > dear friends
> > i have a question about XML support in PHP. is there any class or
> > function or etc that allow the program to generate an XML
> > file(stream).I mean that it can add new node or new element or
> > atrribute by its input parameters.
> > for example if in its input, there is a 'login' message , it can add a
> > node 'Login' to its output XML, and in otherwise add a node 'not
> > login' or something like this.
> > i know that there are some parser function or classes in PHP but with
> > none of them you can't add a new node to the output XML.
> > thanks
> > Amir
> 
> pgp key: http://www.jonbaer.net/jonbaer.asc
> fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47
> 
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
Paul Reinheimer
Zend Certified Engineer


From codebowl at gmail.com  Thu Dec  2 21:52:45 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 2 Dec 2004 21:52:45 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <6ec19ec7041202183479c7b366@mail.gmail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>
	<20041202191831.A373DA85E9@virtu.nyphp.org>
	<8d9a4280041202112079d72279@mail.gmail.com> <317-32513@sneakemail.com>
	<b762526904120214304e5e5168@mail.gmail.com>
	<30443-46926@sneakemail.com>
	<6ec19ec7041202183479c7b366@mail.gmail.com>
Message-ID: <8d9a428004120218524bc70f3d@mail.gmail.com>

is there a public blog i could post this on?  would anyone here mind
posting this on thier blogs?


-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com

For a GMail account
contact me OFF-LIST


From kirill at svots.edu  Thu Dec  2 22:15:17 2004
From: kirill at svots.edu (Dn. Kirill Sokolov)
Date: Thu, 2 Dec 2004 22:15:17 -0500
Subject: [nycphp-talk] Integration for small non-profit
In-Reply-To: <20041129170004.40196A8775@virtu.nyphp.org>
References: <20041129170004.40196A8775@virtu.nyphp.org>
Message-ID: <p06200702bdd589271c7a@[192.168.1.102]>

Hello,

I'm trying to work out several different options for integrated 
software to administer our small (<100 students) graduaate school. 
One option is to purchase a commercial integrated system designed for 
the purpose -- very expensive, naturally.  Another option is to stick 
with our current system (poor text-based user interface - Informix 
SE).  A third option would be to try to put together various software 
components that all together are still significantly cheaper than the 
integrated system.

The components we have now include:

Accounting
Donor Management
Bookstore (POS)
Academic Records / Registrar

The glue that holds this all together in a relational database is the 
contacts table.

I think that for our needs, one of the higher end Quickbooks 
applications would do perfectly well for accounting; almost any donor 
management program would be fine (e.g., Donorperfect or even the 
nonprofitbooks program designed for Quickbooks).  POS and Academic 
programs need only to share a contacts database.

If I could get Quickbooks or an equivalent package and a donor 
management program to share an SQL database, I think I could 
straightforwardly enough implement open source / php applications for 
smaller tasks such as academic records.  Any thoughts as to whether 
this is worth further exploration?  I think I've "googled" everywhere 
I can and haven't quite been able to figure out accounting and donor 
management WITH an open/shared contacts database short of very 
expensive packages...

Thanks for pointers,
-- 
Rev. Dn. Kirill Sokolov
Director of Systems and Information Technologies
St. Vladimir's Orthodox Theological Seminary


From jlacey at att.net  Thu Dec  2 22:50:33 2004
From: jlacey at att.net (John Lacey)
Date: Thu, 02 Dec 2004 20:50:33 -0700
Subject: [nycphp-talk] Integration for small non-profit
In-Reply-To: <p06200702bdd589271c7a@[192.168.1.102]>
References: <20041129170004.40196A8775@virtu.nyphp.org>
	<p06200702bdd589271c7a@[192.168.1.102]>
Message-ID: <41AFE289.3080905@att.net>

Dn. Kirill Sokolov wrote:
> 
> Accounting
> Donor Management
> Bookstore (POS)
> Academic Records / Registrar
> 
> The glue that holds this all together in a relational database is the 
> contacts table.
> 
> I think that for our needs, one of the higher end Quickbooks 
> applications would do perfectly well for accounting; almost any donor 
> management program would be fine (e.g., Donorperfect or even the 
> nonprofitbooks program designed for Quickbooks).  POS and Academic 
> programs need only to share a contacts database.
> 

look into SQL-Ledger--it's an open source accounting system that uses 
PostgreSQL -- an Open Source database.  Postgres is a little more work 
setting up than MySQL (at least in my experience -- feel free to jump in 
listies).

link to SQL-Ledger:
http://www.sql-ledger.org/

There will probably be some other folks chiming in here with other 
suggestions for the other apps.

hope that helps,
John



From matt at jiffycomp.com  Thu Dec  2 23:46:06 2004
From: matt at jiffycomp.com (Matt Morgan)
Date: Thu, 02 Dec 2004 23:46:06 -0500
Subject: [nycphp-talk] Integration for small non-profit
In-Reply-To: <41AFE289.3080905@att.net>
References: <20041129170004.40196A8775@virtu.nyphp.org>	<p06200702bdd589271c7a@[192.168.1.102]>
	<41AFE289.3080905@att.net>
Message-ID: <41AFEF8E.3040700@jiffycomp.com>

John Lacey wrote:

> Dn. Kirill Sokolov wrote:
>
>>
>> Accounting
>> Donor Management
>> Bookstore (POS)
>> Academic Records / Registrar
>>
>> The glue that holds this all together in a relational database is the 
>> contacts table.
>>
>> I think that for our needs, one of the higher end Quickbooks 
>> applications would do perfectly well for accounting; almost any donor 
>> management program would be fine (e.g., Donorperfect or even the 
>> nonprofitbooks program designed for Quickbooks).  POS and Academic 
>> programs need only to share a contacts database.
>>
>
> look into SQL-Ledger--it's an open source accounting system that uses 
> PostgreSQL -- an Open Source database.  Postgres is a little more work 
> setting up than MySQL (at least in my experience -- feel free to jump 
> in listies).
>
> link to SQL-Ledger:
> http://www.sql-ledger.org/
>
> There will probably be some other folks chiming in here with other 
> suggestions for the other apps.
>
I second the recommendation about SQL-Ledger. Postgres is indeed a bit 
harder to set up then MySQL, although there are packages for all the big 
Linux distributions. It just seems like I always end up having to 
compile it for some reason, or at least edit something manually. But it 
is still better than MySQL in some ways, so it can be worth it.

I suggest a look at dotLRN (http://dotlrn.org/) for open-source academic 
management. It doesn't do everything you need out of the box, but it's 
based on OpenACS (http://www.openacs.org), which is very, very powerful.

--Matt


From kirill at svots.edu  Fri Dec  3 06:38:05 2004
From: kirill at svots.edu (Dn. Kirill Sokolov)
Date: Fri, 3 Dec 2004 06:38:05 -0500
Subject: [nycphp-talk] Integration for small non-profit
In-Reply-To: <41AFEF8E.3040700@jiffycomp.com>
References: <20041129170004.40196A8775@virtu.nyphp.org>
	<p06200702bdd589271c7a@[192.168.1.102]>	<41AFE289.3080905@att.net>
	<41AFEF8E.3040700@jiffycomp.com>
Message-ID: <p06200706bdd5fbc7b421@[192.168.1.102]>

At 23:46 -0500 12/2/04, Matt Morgan wrote, referring to John Lacey's post:
>I second the recommendation about SQL-Ledger. Postgres is indeed a 
>bit harder to set up then MySQL, although there are packages for all 
>the big Linux distributions. It just seems like I always end up 
>having to compile it for some reason, or at least edit something 
>manually. But it is still better than MySQL in some ways, so it can 
>be worth it.

I don't mind using Postgres; SQL-Ledger looks like it would be 
perfect for our accounting needs (better than what we have, anyway).

However - I am a little unclear as to how I could integrate 
SQL-Ledger with donor management?  Does anyone know of a non-profit 
which has successfully modified SQL-Ledger for basic donor management 
or integrated SQL-Ledger with a CRM or something similar?

Thanks for the suggestions..

>I suggest a look at dotLRN (http://dotlrn.org/) for open-source 
>academic management. It doesn't do everything you need out of the 
>box, but it's based on OpenACS (http://www.openacs.org), which is 
>very, very powerful.

This seems promising, at least in the long term.. I might be wrong, 
but it seems like this is (for now) mostly ready for producing 
academic web sites, rather than hosting academic administrative tasks 
(although it is a powerful framework).



From james at surgam.net  Fri Dec  3 13:32:31 2004
From: james at surgam.net (James B. Wetterau Jr.)
Date: Fri, 03 Dec 2004 13:32:31 -0500
Subject: [nycphp-talk] Validating Email Addresses 
Message-ID: <41B0B13F.7020202@surgam.net>


Daniel Convissor says:
...
 > Back when I did a study of RFC 822, those were the characters that the
 > RFC said were valid.  Perhaps I made a mistake.  But I haven't heard
 > of any problems with my expression.

I think the characters you had were the ones permitted by the RFC
*that are commonly considered supported*.  To give an obvious example:
if an email address has a / in it, and an address maps directly to a
Unix file or directory, it cannot be written on the system without
translation.

That said, it's still an RFC valid address -- it would just have to be
aliased to something else locally on the Unix system.

In practice you are probably right that almost no one uses such a
weird address.  I vaguely recall one person using an address with a %
to prove a point on one mailing list I was on.

...
 > The one flaw with that is it allows the local part to be just a
 > period: . at foo.com.

Or is it a feature?

 > I've needed to do this for a while.  Thanks for the excuse.

I sincerely appreciate your effort to do the right thing.  Good going!
Seriously, software would be better if more people tried to promptly
fix stuff like this.

While we're at it though, I should mention one other thing:

 From what I can tell, though RFC822 seems to discourage it, it
supports for backward compatibility addresses of this form:

address.example at tld

... evidently because some TLD's used to do addressing like that.

I also can't quite tell from the RFC whether it would be valid for a
TLD to grant its own email addresses, but those would also look like
that.

So you can have a valid email address that has only a TLD to the right
of the "@" with no "." in there.



From mogmios at mlug.missouri.edu  Fri Dec  3 16:58:13 2004
From: mogmios at mlug.missouri.edu (Michael)
Date: Fri, 03 Dec 2004 13:58:13 -0800
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <30443-46926@sneakemail.com>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>	<20041202191831.A373DA85E9@virtu.nyphp.org>	<8d9a4280041202112079d72279@mail.gmail.com>	<317-32513@sneakemail.com>	<b762526904120214304e5e5168@mail.gmail.com>
	<30443-46926@sneakemail.com>
Message-ID: <41B0E175.1050509@mlug.missouri.edu>


> or the server compromised. It amazes me that we know hosting servers 
> get compromised, yet it certainly seems that after rebuilding the 
> server they just dump the user files back onto the server ass-is from 
> the last backup. If that happens, I dump my files and republish. You 
> never know what you might find in there.

Most hosting companies I have worked with didn't make any real effort at 
security and didn't seem to have much expertise. You're really better 
off getting a dedicated host and managing it yourself.

-- 
Michael <mogmios at mlug.missouri.edu>
http://kavlon.org



From ajai at bitblit.net  Fri Dec  3 17:10:57 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Fri, 03 Dec 2004 17:10:57 -0500
Subject: [nycphp-talk] [ OT ] Web Hosting Gone Bad
In-Reply-To: <41B0E175.1050509@mlug.missouri.edu>
References: <8d9a428004120211157b4ce2f7@mail.gmail.com>	<20041202191831.A373DA85E9@virtu.nyphp.org>	<8d9a4280041202112079d72279@mail.gmail.com>	<317-32513@sneakemail.com>	<b762526904120214304e5e5168@mail.gmail.com>	<30443-46926@sneakemail.com>
	<41B0E175.1050509@mlug.missouri.edu>
Message-ID: <41B0E471.4010204@bitblit.net>

Michael wrote:

> Most hosting companies I have worked with didn't make any real effort 
> at security and didn't seem to have much expertise. You're really 
> better off getting a dedicated host and managing it yourself.


Well, as someone who works for an ISP, I feel that clients are their own 
worst enemy. For example, they will continue using the same old insecure 
scripts they have always been using even when it is widely known they 
represent security problems. Designers are the worst because they 
usually have no clue. If you have thousands of sites being hosted its 
hard to keep an eye on what scripts a client is running - all we can do 
is inform them of the problem and hope they take care of it and learn 
from it.

-- 
Aj.
Systems Administrator / Developer



From webmaster at localnotion.com  Fri Dec  3 18:54:51 2004
From: webmaster at localnotion.com (Matthew Terenzio)
Date: Fri, 3 Dec 2004 18:54:51 -0500
Subject: [nycphp-talk] horizontally scalable
Message-ID: <B8E374E9-4586-11D9-98BB-0003938BDF32@localnotion.com>

So would this be an example of a legit type of set up:



		            LOad Balancer
					|
					|
					|
              PHP           PHP         PHP       PHP      PHP

		|                 |		|            |             |
		\                 \                  |            /             /

					Database


This is something like  what was presented in school, but I've never 
had the need to try it out.

Matt



From chsnyder at gmail.com  Fri Dec  3 23:04:04 2004
From: chsnyder at gmail.com (csnyder)
Date: Fri, 3 Dec 2004 23:04:04 -0500
Subject: [nycphp-talk] horizontally scalable
In-Reply-To: <B8E374E9-4586-11D9-98BB-0003938BDF32@localnotion.com>
References: <B8E374E9-4586-11D9-98BB-0003938BDF32@localnotion.com>
Message-ID: <b7625269041203200451b91939@mail.gmail.com>

That diagram might be legit, or it might not -- it all depends on what
problem you're trying to solve.

If it's specifically the PHP processing that you need to parallelize
(is that a word?) -- becuase you're generating images or something --
you could use a reverse proxy instead of a load balancer.

If it's all about bandwidth rather than processing, then you might
have a number of caching reverse proxies in front of a single
PHP/MySQL master.


From hans at nyphp.com  Mon Dec  6 16:41:17 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Mon, 6 Dec 2004 13:41:17 -0800
Subject: [nycphp-talk] NYPHP Server Online
Message-ID: <41EE526EC2D3C74286415780D3BA9F87065A005C@ehost011-1.exch011.intermedia.net>


Hi everyone,

Sorry for the inconvenience of the server being down lately, but things
should be fixed now.  If anyone notices any additional issues, please
contact me directly ASAP.

Regards,


---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org




From mwithington at PLMresearch.com  Mon Dec  6 16:49:48 2004
From: mwithington at PLMresearch.com (Mark Withington)
Date: Mon, 6 Dec 2004 16:49:48 -0500 
Subject: [nycphp-talk] On line catalog pricing
Message-ID: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE358CCFD1D@network.PLMresearch.com>

Has anyone got any experiences that they would like to share regarding
online catalog pricing?  Really looking for price quotes to implement a
shopping cart system, not design the HTML presentation layer front-end.  I'd
like to ensure that I'm quoting within some sort of standardized "from
$XXXX.00 to $YYYY.00" price range.

Thanks in advance,

Mark

--------------------------
Mark L. Withington
PLMresearch
"eBusiness for the Midsize Enterprise"
PO Box 1354
Plymouth, MA  02362
o: 800-310-3992
f: 508-746-4973
v: 508-746-2383
m: 508-801-0181
http://www.PLMresearch.com
Netscape/AOL/MSN IM: PLMresearch
mwithington at plmresearch.com
Public Key: http://www.PLMresearch.com/keys/MLW_public_key.asc
Calendar: http://www.plmresearch.com/calendar.php
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 2344 bytes
Desc: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041206/48332696/attachment.bin>

From crayolalettuce at gmail.com  Mon Dec  6 13:36:25 2004
From: crayolalettuce at gmail.com (Jim Bishop)
Date: Mon, 6 Dec 2004 13:36:25 -0500
Subject: [nycphp-talk] NYPHP.ORG down?
Message-ID: <a323f1720412061036777c5248@mail.gmail.com>

I'm trying to post a job to jobs at nyphp.org.  I went to the website to
look up specs for job submissions, but I can't get to the site.

Is everyone else having this problem?

Jim Bishop


From yury at heavenspa.com  Mon Dec  6 17:16:25 2004
From: yury at heavenspa.com (Yury Rush)
Date: Mon, 6 Dec 2004 17:16:25 -0500
Subject: [nycphp-talk] NYPHP.ORG down?
In-Reply-To: <a323f1720412061036777c5248@mail.gmail.com>
Message-ID: <ECEKLPHECCLGFGAFEPEJEEFGDDAA.yury@heavenspa.com>

working for me.
yury

http://www.motionrush.com

-----Original Message-----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org]On Behalf Of Jim Bishop
Sent: Monday, December 06, 2004 1:36 PM
To: talk at lists.nyphp.org
Subject: [nycphp-talk] NYPHP.ORG down?


I'm trying to post a job to jobs at nyphp.org.  I went to the website to
look up specs for job submissions, but I can't get to the site.

Is everyone else having this problem?

Jim Bishop
_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org



From dan at danhorning.com  Mon Dec  6 17:25:49 2004
From: dan at danhorning.com (Dan Horning)
Date: Mon, 6 Dec 2004 17:25:49 -0500
Subject: [nycphp-talk] On line catalog pricing
In-Reply-To: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE358CCFD1D@network.PLMresearch.com>
Message-ID: <200412062225.iB6MPEOW018614@ms-smtp-04.nyroc.rr.com>

Mark,

	I most often price based on a few factors

1) number of items (w/o data entry)
2) number of items needing data entry
3) product imaging ($5 - $150(each) depending on size and qty.)
4) what the avg. customer would actually buy along with how many per month
would buy.
5) training / upkeep - who does the continued maintenance
6) integration of frontend design.

basically that should cover a few major factors
I end up charging anywhere from 1500 (really small company) to 150,000 for
commerce sites

7) frontend design


--
Dan Horning
dan.horning at lblogistics.com - http://www.lblogistics.com/
Chief Operations Officer / Owner - Lightning Bug Logistics, Inc.
Office - 1-800-863-3854 ext. 502
Cell   - 1-518-894-4155            Home   - 1-518-280-2119 

> -----Original Message-----
> From: talk-bounces at lists.nyphp.org 
> [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Mark Withington
> Sent: Monday, December 06, 2004 4:50 PM
> To: 'NYPHP Talk'
> Subject: [nycphp-talk] On line catalog pricing
> 
> Has anyone got any experiences that they would like to share 
> regarding online catalog pricing?  Really looking for price 
> quotes to implement a shopping cart system, not design the 
> HTML presentation layer front-end.  I'd like to ensure that 
> I'm quoting within some sort of standardized "from $XXXX.00 
> to $YYYY.00" price range.
> 
> Thanks in advance,
> 
> Mark
> 
> --------------------------
> Mark L. Withington
> PLMresearch
> "eBusiness for the Midsize Enterprise"
> PO Box 1354
> Plymouth, MA  02362
> o: 800-310-3992
> f: 508-746-4973
> v: 508-746-2383
> m: 508-801-0181
> http://www.PLMresearch.com
> Netscape/AOL/MSN IM: PLMresearch
> mwithington at plmresearch.com
> Public Key: http://www.PLMresearch.com/keys/MLW_public_key.asc
> Calendar: http://www.plmresearch.com/calendar.php
> 



From mitch.pirtle at gmail.com  Sat Dec  4 09:48:19 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Sat, 4 Dec 2004 09:48:19 -0500
Subject: [nycphp-talk] horizontally scalable
In-Reply-To: <B8E374E9-4586-11D9-98BB-0003938BDF32@localnotion.com>
References: <B8E374E9-4586-11D9-98BB-0003938BDF32@localnotion.com>
Message-ID: <330532b6041204064851b0b8a3@mail.gmail.com>

I wouldn't call that horizontally scalable though, as you would also
need to scale at the load balancer / database layer.  This is when
things get really complicated - but with smart proxies like pound
(http://www.apsis.ch/pound/) and database-driven session storage such
as what is provided by ADOdb (http://adodb.sf.net/) it is not nearly
as difficult as it was in the past.

What I have seen in the past - working on high-traffic websites at
least - was that scaling the application layer was a piece of cake;
and scaling the database was complicated enough that instead of
installing many cheap/commodity servers (like at the application
level) they always ended up getting two monster machines.

And with quad-processor opterons as affordable as they are now, I am
thinking that is just fine ;-)

I remember running a very heavy site on a single mysql box, dual
pentium 333s with the DPT controller (slowest controller on the
planet); and that was when they were getting something like 10 million
visitors daily.  Man, how different life would have looked with a quad
opteron back there!

-- Mitch

On Fri, 3 Dec 2004 18:54:51 -0500, Matthew Terenzio
<webmaster at localnotion.com> wrote:
> So would this be an example of a legit type of set up:
> 
>                             LOad Balancer
>                                         |
>                                         |
>                                         |
>               PHP           PHP         PHP       PHP      PHP
> 
>                 |                 |             |            |             |
>                 \                 \                  |            /             /
> 
>                                         Database


From nhart at musicpf.org  Tue Dec  7 09:30:27 2004
From: nhart at musicpf.org (Nicholas Hart)
Date: Tue, 7 Dec 2004 09:30:27 -0500
Subject: [nycphp-talk] RE: On line catalog pricing
In-Reply-To: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE358CCFD1D@network.PLMresearch.com>
Message-ID: <000901c4dc69$54644230$0f01a8c0@DC823JN11>

Hi,

Are you looking for a sort of 'MSRP' or do you want a quote?  Let me
know.  Thanks.

Regards,
Nicholas Hart


-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]
On Behalf Of Mark Withington
Sent: Monday, December 06, 2004 4:50 PM
To: 'NYPHP Talk'
Subject: On line catalog pricing

Has anyone got any experiences that they would like to share regarding
online catalog pricing?  Really looking for price quotes to implement a
shopping cart system, not design the HTML presentation layer front-end.
I'd like to ensure that I'm quoting within some sort of standardized
"from $XXXX.00 to $YYYY.00" price range.

Thanks in advance,

Mark

--------------------------
Mark L. Withington
PLMresearch
"eBusiness for the Midsize Enterprise"
PO Box 1354
Plymouth, MA  02362
o: 800-310-3992
f: 508-746-4973
v: 508-746-2383
m: 508-801-0181
http://www.PLMresearch.com
Netscape/AOL/MSN IM: PLMresearch
mwithington at plmresearch.com
Public Key: http://www.PLMresearch.com/keys/MLW_public_key.asc
Calendar: http://www.plmresearch.com/calendar.php





From mwithington at PLMresearch.com  Tue Dec  7 09:46:17 2004
From: mwithington at PLMresearch.com (Mark Withington)
Date: Tue, 7 Dec 2004 09:46:17 -0500 
Subject: [nycphp-talk] RE: On line catalog pricing
Message-ID: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3586A6EE0@network.PLMresearch.com>

Thanks Nicholas, I'm looking for MSRP - trying to conduct a sanity check to
ensure that I'm quoting my clients in line with the "prevailing rate"

Cheers,

Mark

--------------------------
Mark L. Withington
PLMresearch
v: 508-746-2383
m: 508-801-0181
Calendar: http://www.plmresearch.com/calendar.php



-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Nicholas Hart
Sent: Tuesday, December 07, 2004 9:30 AM
To: 'NYPHP Talk'
Subject: [nycphp-talk] RE: On line catalog pricing


Hi,

Are you looking for a sort of 'MSRP' or do you want a quote?  Let me know.
Thanks.

Regards,
Nicholas Hart


-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]
On Behalf Of Mark Withington
Sent: Monday, December 06, 2004 4:50 PM
To: 'NYPHP Talk'
Subject: On line catalog pricing

Has anyone got any experiences that they would like to share regarding
online catalog pricing?  Really looking for price quotes to implement a
shopping cart system, not design the HTML presentation layer front-end. I'd
like to ensure that I'm quoting within some sort of standardized "from
$XXXX.00 to $YYYY.00" price range.

Thanks in advance,

Mark

--------------------------
Mark L. Withington
PLMresearch
"eBusiness for the Midsize Enterprise"
PO Box 1354
Plymouth, MA  02362
o: 800-310-3992
f: 508-746-4973
v: 508-746-2383
m: 508-801-0181
http://www.PLMresearch.com
Netscape/AOL/MSN IM: PLMresearch
mwithington at plmresearch.com
Public Key: http://www.PLMresearch.com/keys/MLW_public_key.asc
Calendar: http://www.plmresearch.com/calendar.php



_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org


From psaw at pswebcode.com  Tue Dec  7 10:23:03 2004
From: psaw at pswebcode.com (Peter Sawczynec)
Date: Tue, 7 Dec 2004 10:23:03 -0500
Subject: [nycphp-talk] "It's An Opensource World..." Pointing to New Jobs
Message-ID: <000001c4dc70$a88ff0f0$68e4a144@Liz>

Cover story article in InfoWorld Dec 06, 2004 issue: 
http://www.infoworld.com/article/04/12/03/49FEopensource_1.html?s=feature
 
I'm just wondering: it may seem that right now there will be a short-lived
growth spurt in the general corp IT environment for vps, programmers,
webmasters, db admins, etc that have hands on with AMP.
 
Collectively, nyphp.org members offer I fine pret-a-porter group of future
corp IT associates. 
 
Is there any value in us [maybe me] getting together a list of IT HR
contacts to which we can regularly email/mail/promote our group as a very
valuable and viable pool of opensource talent.
 
Then maybe we have a web page with a roster of names linked to contact info
and an online resume.
 
E.g. I may have a name or two in HR at Corbis, maybe Xerox and Citibank.
Certainly we can find other info online. Maybe you have HR contact name(s)
you can throw in the pool from your own job hunting exp.
 
Does this have merit? Thoughts...
 
Warmest regards,
 
Peter Sawczynec
Munroe Creative
psawczynec at muroe.com
718.543.3240
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041207/8ee1b982/attachment.html>

From michael.southwell at nyphp.org  Tue Dec  7 16:50:10 2004
From: michael.southwell at nyphp.org (Michael Southwell)
Date: Tue, 07 Dec 2004 16:50:10 -0500
Subject: [nycphp-talk] PHP Compilers
Message-ID: <6.1.2.0.2.20041207164918.02046c80@mail.optonline.net>

Would anyone care to share recommendations (and/or bad experiences) with 
PHP Compilers?

Michael Southwell
VP, Education Department
New York PHP
michael.southwell at nyphp.org




From george at omniti.com  Tue Dec  7 17:01:47 2004
From: george at omniti.com (George Schlossnagle)
Date: Tue, 7 Dec 2004 17:01:47 -0500
Subject: [nycphp-talk] PHP Compilers
In-Reply-To: <6.1.2.0.2.20041207164918.02046c80@mail.optonline.net>
References: <6.1.2.0.2.20041207164918.02046c80@mail.optonline.net>
Message-ID: <973B03A6-489B-11D9-848A-000D93359332@omniti.com>


On Dec 7, 2004, at 4:50 PM, Michael Southwell wrote:

> Would anyone care to share recommendations (and/or bad experiences) 
> with PHP Compilers?


Compilers like roadsend or compiler caches like APC or ZPS?

George



From jaimeb82 at yahoo.com  Thu Dec  9 16:47:28 2004
From: jaimeb82 at yahoo.com (jaime bermudez)
Date: Thu, 9 Dec 2004 13:47:28 -0800 (PST)
Subject: [nycphp-talk] primary key alphanumerical
Message-ID: <20041209214728.99414.qmail@web51306.mail.yahoo.com>

Hi there,
Is there any way to make a Primary Key that is a
combination of letters and numbers. I have an
application form that collects teachers information,
then every teacher should submit their school
principal and their school supervisor, the problem is
that each (PK) is just a consecutive number.
Therefore, each application contains 3 diferent
numbers like 001 (for the teacher) 002 (for the
principal) and 003 (for the supervisor) this gets
confusing when I try to separate them to transfer from
MySQL into an Access database. It would be ideal if
they are something like that : TEA001, PRI001, SUP001,
etc...

Any ideas or paths so I can start researching...?

Thanks in advance, Jaime.
Gilder Lehrman Institute of American History



		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Easier than ever with enhanced search. Learn more.
http://info.mail.yahoo.com/mail_250


From Cbielanski at inta.org  Thu Dec  9 16:55:01 2004
From: Cbielanski at inta.org (Chris Bielanski)
Date: Thu, 9 Dec 2004 16:55:01 -0500 
Subject: [nycphp-talk] primary key alphanumerical
Message-ID: <4DBE3775D77C744E9D1B9D06082E75D60AAAB7@intamail1.com>

Sounds like I'd look first at normalizing the data.
You'd end up with three tables by this example. 

One for all members, one for all membertypes and one associating table
between them.

Unless you really want to keep it all in one table, get away from solving
problems arising from using a single BMFT! (Big Mother-Fraggin Table) :)

Thanks,
Chris Bielanski
Web Programmer, 
International Trademark Association,
1133 Avenue of the Americas, 33rd Floor
New York, NY 10036
+1 (212) 642-1745, f: +1 (212) 768-7796
mailto:cbielanski at inta.org, www.inta.org  
INTA -- 125 Years of Excellence



> -----Original Message-----
> From: jaime bermudez [mailto:jaimeb82 at yahoo.com]
> Sent: Thursday, December 09, 2004 4:47 PM
> To: talk at lists.nyphp.org
> Subject: [nycphp-talk] primary key alphanumerical
> 
> 
> Hi there,
> Is there any way to make a Primary Key that is a
> combination of letters and numbers. I have an
> application form that collects teachers information,
> then every teacher should submit their school
> principal and their school supervisor, the problem is
> that each (PK) is just a consecutive number.
> Therefore, each application contains 3 diferent
> numbers like 001 (for the teacher) 002 (for the
> principal) and 003 (for the supervisor) this gets
> confusing when I try to separate them to transfer from
> MySQL into an Access database. It would be ideal if
> they are something like that : TEA001, PRI001, SUP001,
> etc...
> 
> Any ideas or paths so I can start researching...?
> 
> Thanks in advance, Jaime.
> Gilder Lehrman Institute of American History
> 
> 
> 
> 		
> __________________________________ 
> Do you Yahoo!? 
> Yahoo! Mail - Easier than ever with enhanced search. Learn more.
> http://info.mail.yahoo.com/mail_250
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


From jlacey at att.net  Thu Dec  9 16:54:17 2004
From: jlacey at att.net (John Lacey)
Date: Thu, 09 Dec 2004 14:54:17 -0700
Subject: [nycphp-talk] primary key alphanumerical
In-Reply-To: <20041209214728.99414.qmail@web51306.mail.yahoo.com>
References: <20041209214728.99414.qmail@web51306.mail.yahoo.com>
Message-ID: <41B8C989.6000201@att.net>

jaime bermudez wrote:
> Hi there,
> Is there any way to make a Primary Key that is a
> combination of letters and numbers. I have an
> application form that collects teachers information,
> then every teacher should submit their school
> principal and their school supervisor, the problem is
> that each (PK) is just a consecutive number.
> Therefore, each application contains 3 diferent
> numbers like 001 (for the teacher) 002 (for the
> principal) and 003 (for the supervisor) this gets
> confusing when I try to separate them to transfer from
> MySQL into an Access database. It would be ideal if
> they are something like that : TEA001, PRI001, SUP001,
> etc...
> 

A primary key, or any key, can be comprised of more than one field (and 
they don't have to be contiguous).  So, you can have an auto_increment 
field (fld1) that bumps the numbers and another field (fld2) that 
contains "letters".  The primary key is then keyname (fld1, fld2).

something along those lines should work for you.

HTH,
John



From 1j0lkq002 at sneakemail.com  Thu Dec  9 17:57:13 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Thu, 09 Dec 2004 17:57:13 -0500
Subject: [nycphp-talk] primary key alphanumerical
In-Reply-To: <20041209214728.99414.qmail@web51306.mail.yahoo.com>
References: <20041209214728.99414.qmail@web51306.mail.yahoo.com>
Message-ID: <13497-83800@sneakemail.com>

jaime bermudez jaimeb82-at-yahoo.com |nyphp dev/internal group use| wrote:

>Hi there,
>Is there any way to make a Primary Key that is a
>combination of letters and numbers. I have an
>application form that collects teachers information,
>then every teacher should submit their school
>principal and their school supervisor, the problem is
>that each (PK) is just a consecutive number.
>Therefore, each application contains 3 diferent
>numbers like 001 (for the teacher) 002 (for the
>principal) and 003 (for the supervisor) this gets
>confusing when I try to separate them to transfer from
>MySQL into an Access database. It would be ideal if
>they are something like that : TEA001, PRI001, SUP001,
>etc...
>
>Any ideas or paths so I can start researching...?
>
>Thanks in advance, Jaime.
>Gilder Lehrman Institute of American History
>  
>


I echo the comments about exercising care normalizing the data. What you 
seem to be describing is a need for labels, which is best addressed with 
display features or lookup tables. When you add TEA to the data  as you 
describe, you are actually encoding the "teacher" data twice, which is 
dangerous for technical/management reasons. You are also hard-coding an 
assumption into your dataset (that 001 is "teacher") and that removes 
some of the flexibility you got when you chose to use a database in the 
first place.

I'd suggest you have a database expert look over your table design and 
maybe your queries before you advance too far. It maybe very much worth 
the minor inconvenience.

-=john andrews






From danielc at analysisandsolutions.com  Thu Dec  9 20:07:31 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Thu, 9 Dec 2004 20:07:31 -0500
Subject: [nycphp-talk] primary key alphanumerical
In-Reply-To: <20041209214728.99414.qmail@web51306.mail.yahoo.com>
References: <20041209214728.99414.qmail@web51306.mail.yahoo.com>
Message-ID: <20041210010731.GB25080@panix.com>

On Thu, Dec 09, 2004 at 01:47:28PM -0800, jaime bermudez wrote:
> Is there any way to make a Primary Key that is a
> combination of letters and numbers.

There's nothing preventing you from using a CHAR field as a primary 
key.  That would negate auto_increment, but you didn't mention needing 
that.  As someone else mentioned, you can combine a CHAR and INT 
column to make the key.  Like other pepole mentioned, it sounds like 
you're on an unusual track.  If you need some database consulting, 
drop me an email off list.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From tgales at tgaconnect.com  Fri Dec 10 07:21:38 2004
From: tgales at tgaconnect.com (Tim Gales)
Date: Fri, 10 Dec 2004 07:21:38 -0500
Subject: [nycphp-talk] primary key alphanumerical
In-Reply-To: <20041209214728.99414.qmail@web51306.mail.yahoo.com>
Message-ID: <001401c4deb2$ccb8e1f0$e98d3818@oberon1>

jaime bermudez writes

> Is there any way to make a Primary Key that is a
> combination of letters and numbers. I have an
> application form that collects teachers information,
> then every teacher should submit their school
> principal and their school supervisor, the problem is
> that each (PK) is just a consecutive number.
> Therefore, each application contains 3 diferent
> numbers like 001 (for the teacher) 002 (for the
> principal) and 003 (for the supervisor) this gets
> confusing... 

The short answer is yes.

(John Lacey already pointed out that you 
can create a segmented key.)

I would suggest that you do some reading on  
when to use a natural key versus when to use 
a surrogate key.

(Auto increment fields are, of course, generated 
surrogate keys) 
 
My feeling is that you should always look for 
a natural key first, before falling back on a 
surrogate. Generally speaking, a segmented key 
is needed when no field or column (i.e. natural 
attribute) is suitable by itself. 

But if you have to generate a key, I would say 
you should at least generate a (self-contained) 
unique key -- and not create a 'unique key if it 
is glued onto another column from the table' key.

Maybe you could just use a (universal) timestamp 
instead (as a surrogate key).

T. Gales & Associates
'Helping People Connect with Technology'

http://www.tgaconnect.com 

P.S.

It may be that: if you have more surrogate keys 
than natural keys in your database, you may have 
a bad design

Sort of like: if you have more guns than teeth, 
you may be a 'red neck' 




From jayeshsh at ceruleansky.com  Fri Dec 10 14:19:15 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Fri, 10 Dec 2004 14:19:15 -0500
Subject: [nycphp-talk] .htaccess user manager for PHP (similar to Auth Pro by
 cgi-city.com); mod_rewrite + PHP
Message-ID: <41B9F6B3.2080000@ceruleansky.com>

Hello all,

I was wondering if any of you knew of a PHP-script (either open source 
or commercially-licensed) that helps one do the following:
- Password protect all files or select files in a directory using 
.htaccess files
- The information in the .htaccess files will be written when the user 
selects the files (or directories) to be password protected, and then 
adds a username and password that correspond to those protected resources
- Some user info, such as last login date and time and email will be 
stored in a MySQL database
- When  the administrator adds a new user (thus allowing the new user to 
access a specific directory or set of files), that user's info is stored 
in the MySQL database and the username and password info is also written 
to a .htaccess file. (In this case the admin either chooses a new 
password for the user, or one is randomly created by the system.)
- At this time, the user is also emailed with a note saying something 
like: "John has added you as a member. Your username is john at aol.com, 
your password is 4rgf567u. Log-in at http://www.somewebsite.com "
- An access log should be available, showing who logged in last and when
- Users should be able to add short notes to a guestbook that is visible 
to other users

This system should also be able to work with an existing website that is 
full of static .html files. The reason .htaccess seems the best tool for 
this job is that the potential client already has a boat-load of static 
content that is to be protected.

Finally, since the potential client is on a tight budget, the only 
option seems to be to buy a PHP script that does all of this and 
customize the script as necessary for the client. This will take much 
less time than writing it from scratch, and thus fit into this person's 
budget. I don't might writing this from scratch (in which case I would 
use the htaccess class from pear.php.net ) - but the thing is writing it 
from scratch takes longer than just installing and customizing an 
existing script.

I came across the following product from cgi-city.com:

http://www.cgi-city.com/authpro/demo.shtml

It is written in Perl, though, which is a bit denser than PHP, and a bit 
harder to work with (my opinion only).
Additionally, it is simply TOO feature rich, and the potential client 
will likely not have a clue as to how to use it.

Does anyone have any suggestions on how to proceed, or can anyone 
suggest an appropriate third-party script?
I searched sourceforge for "htaccess" and came up with a few things, but 
I am not sure those scripts are good or easily customizable. If it is a 
commercial script, I could only use it if the source code is not encoded 
(i.e. is modifyable, even if I am not allowed to redistribute it.)

Another easier idea occured to me, but it involved mod_rewrite. I have 
not used mod_rewrite before, but I have read about it. If anyone can 
help me with the following mod_rewrite rule, I would be most grateful.

Here's the idea:
- Suppose the client's website is www.abc123.com
- The client has files such as www.abc123.com/one.html and 
www.abc123.com/two.html that need to be password protected
- All current .html files are moved from the root web directory to a 
sub-directory called "protected". This directory is protected by a 
single set of  .htaccess username and password that is only available to 
the administrator
- The administrator logs into the control panel and whitelists all file 
or selected files from the "protected" directory to be 
processed/included later (by mod_rewrite and a PHP script). This 
whitelist info is stored in a MySQL table
- A mod_rewrite rule is written to say the following: all .html files 
accessed from www.abc123.com are rerouted to the following file for 
processing: www.abc123.com/load.php?page=chosenpage.html
- The load.php page checks to see if the requested file exists in the 
MySQL file whitelist.
- If a user is logged-in, it includes the file. If not, it prompts the 
user to log-in.
- The log-in is performed using the PEAR Auth class. The username and 
password info (along with user email and last login info) is stored in a 
MySQL table.

The advantage of this approach is that one is not dealing with messy 
.htaccess files. Additionally, there is no duplication of username and 
password data as in the previous case - where the username and password 
were being stored both in .htaccess files and in a MySQL database. Thus 
all info is in a MySQL database, and works with existing static files.

The user can continue to use Frontpage (or whatever) to modify static 
files, and simply upload them to the "protected" directory.

Does anyone know of a mod_rewrite rule to do the rewriting described in 
step 5 above?

Maybe this second method is more complication, but I am interested in 
hearing feedback.

Thanks in advance,

- Jay


From rolanyang at gmail.com  Fri Dec 10 14:46:34 2004
From: rolanyang at gmail.com (Rolan Yang)
Date: Fri, 10 Dec 2004 14:46:34 -0500
Subject: [nycphp-talk] .htaccess user manager for PHP (similar to Auth Pro
	by cgi-city.com); mod_rewrite + PHP
In-Reply-To: <41B9F6B3.2080000@ceruleansky.com>
References: <41B9F6B3.2080000@ceruleansky.com>
Message-ID: <fe6060ae04121011465ecbb10b@mail.gmail.com>

If you want to use mysql, you might want to look into the
mod_auth_mysql for apache. That may be a cleaner approach instead of
having your scripts create the .htpasswd and .htaccess files.

ftp://ftp.kcilink.com/pub/

~Rolan


On Fri, 10 Dec 2004 14:19:15 -0500, Jayesh Sheth
<jayeshsh at ceruleansky.com> wrote:
> Hello all,
> 
> I was wondering if any of you knew of a PHP-script (either open source
> or commercially-licensed) that helps one do the following:
> - Password protect all files or select files in a directory using
> .htaccess files
> - The information in the .htaccess files will be written when the user
> selects the files (or directories) to be password protected, and then
> adds a username and password that correspond to those protected resources
> - Some user info, such as last login date and time and email will be
> stored in a MySQL database
> - When  the administrator adds a new user (thus allowing the new user to
> access a specific directory or set of files), that user's info is stored
> in the MySQL database and the username and password info is also written
> to a .htaccess file. (In this case the admin either chooses a new
> password for the user, or one is randomly created by the system.)
> - At this time, the user is also emailed with a note saying something
> like: "John has added you as a member. Your username is john at aol.com,
> your password is 4rgf567u. Log-in at http://www.somewebsite.com "
> - An access log should be available, showing who logged in last and when
> - Users should be able to add short notes to a guestbook that is visible
> to other users
> 
> This system should also be able to work with an existing website that is
> full of static .html files. The reason .htaccess seems the best tool for
> this job is that the potential client already has a boat-load of static
> content that is to be protected.
> 
> Finally, since the potential client is on a tight budget, the only
> option seems to be to buy a PHP script that does all of this and
> customize the script as necessary for the client. This will take much
> less time than writing it from scratch, and thus fit into this person's
> budget. I don't might writing this from scratch (in which case I would
> use the htaccess class from pear.php.net ) - but the thing is writing it
> from scratch takes longer than just installing and customizing an
> existing script.
> 
> I came across the following product from cgi-city.com:
> 
> http://www.cgi-city.com/authpro/demo.shtml
> 
> It is written in Perl, though, which is a bit denser than PHP, and a bit
> harder to work with (my opinion only).
> Additionally, it is simply TOO feature rich, and the potential client
> will likely not have a clue as to how to use it.
> 
> Does anyone have any suggestions on how to proceed, or can anyone
> suggest an appropriate third-party script?
> I searched sourceforge for "htaccess" and came up with a few things, but
> I am not sure those scripts are good or easily customizable. If it is a
> commercial script, I could only use it if the source code is not encoded
> (i.e. is modifyable, even if I am not allowed to redistribute it.)
> 
> Another easier idea occured to me, but it involved mod_rewrite. I have
> not used mod_rewrite before, but I have read about it. If anyone can
> help me with the following mod_rewrite rule, I would be most grateful.
> 
> Here's the idea:
> - Suppose the client's website is www.abc123.com
> - The client has files such as www.abc123.com/one.html and
> www.abc123.com/two.html that need to be password protected
> - All current .html files are moved from the root web directory to a
> sub-directory called "protected". This directory is protected by a
> single set of  .htaccess username and password that is only available to
> the administrator
> - The administrator logs into the control panel and whitelists all file
> or selected files from the "protected" directory to be
> processed/included later (by mod_rewrite and a PHP script). This
> whitelist info is stored in a MySQL table
> - A mod_rewrite rule is written to say the following: all .html files
> accessed from www.abc123.com are rerouted to the following file for
> processing: www.abc123.com/load.php?page=chosenpage.html
> - The load.php page checks to see if the requested file exists in the
> MySQL file whitelist.
> - If a user is logged-in, it includes the file. If not, it prompts the
> user to log-in.
> - The log-in is performed using the PEAR Auth class. The username and
> password info (along with user email and last login info) is stored in a
> MySQL table.
> 
> The advantage of this approach is that one is not dealing with messy
> .htaccess files. Additionally, there is no duplication of username and
> password data as in the previous case - where the username and password
> were being stored both in .htaccess files and in a MySQL database. Thus
> all info is in a MySQL database, and works with existing static files.
> 
> The user can continue to use Frontpage (or whatever) to modify static
> files, and simply upload them to the "protected" directory.
> 
> Does anyone know of a mod_rewrite rule to do the rewriting described in
> step 5 above?
> 
> Maybe this second method is more complication, but I am interested in
> hearing feedback.
> 
> Thanks in advance,
> 
> - Jay
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
>


From 1j0lkq002 at sneakemail.com  Sat Dec 11 00:12:50 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Sat, 11 Dec 2004 00:12:50 -0500
Subject: [nycphp-talk] .htaccess user manager for PHP (similar to Auth
	Pro by cgi-city.com); mod_rewrite + PHP
In-Reply-To: <41B9F6B3.2080000@ceruleansky.com>
References: <41B9F6B3.2080000@ceruleansky.com>
Message-ID: <22662-56745@sneakemail.com>

Jayesh Sheth jayeshsh-at-ceruleansky.com |nyphp dev/internal group use| 
wrote:

> Hello all,
>
> I was wondering if any of you knew of a PHP-script (either open source 
> or commercially-licensed) that helps one do the following:
> - Password protect all files or select files in a directory using 
> .htaccess files
> - The information in the .htaccess files will be written when the user 
> selects the files (or directories) to be password protected, and then 
> adds a username and password that correspond to those protected resources
> - Some user info, such as last login date and time and email will be 
> stored in a MySQL database
> - When  the administrator adds a new user (thus allowing the new user 
> to access a specific directory or set of files), that user's info is 
> stored in the MySQL database and the username and password info is 
> also written to a .htaccess file. (In this case the admin either 
> chooses a new password for the user, or one is randomly created by the 
> system.)
> - At this time, the user is also emailed with a note saying something 
> like: "John has added you as a member. Your username is john at aol.com, 
> your password is 4rgf567u. Log-in at http://www.somewebsite.com "
> - An access log should be available, showing who logged in last and when
> - Users should be able to add short notes to a guestbook that is 
> visible to other users
>
> This system should also be able to work with an existing website that 
> is full of static .html files. The reason .htaccess seems the best 
> tool for this job is that the potential client already has a boat-load 
> of static content that is to be protected.
>
> Finally, since the potential client is on a tight budget, the only 
> option seems to be to buy a PHP script that does all of this and 
> customize the script as necessary for the client. This will take much 
> less time than writing it from scratch, and thus fit into this 
> person's budget. I don't might writing this from scratch (in which 
> case I would use the htaccess class from pear.php.net ) - but the 
> thing is writing it from scratch takes longer than just installing and 
> customizing an existing script.
>
> I came across the following product from cgi-city.com:
>
> http://www.cgi-city.com/authpro/demo.shtml
>
> It is written in Perl, though, which is a bit denser than PHP, and a 
> bit harder to work with (my opinion only).
> Additionally, it is simply TOO feature rich, and the potential client 
> will likely not have a clue as to how to use it.
>
> Does anyone have any suggestions on how to proceed, or can anyone 
> suggest an appropriate third-party script?
> I searched sourceforge for "htaccess" and came up with a few things, 
> but I am not sure those scripts are good or easily customizable. If it 
> is a commercial script, I could only use it if the source code is not 
> encoded (i.e. is modifyable, even if I am not allowed to redistribute 
> it.)
>
> Another easier idea occured to me, but it involved mod_rewrite. I have 
> not used mod_rewrite before, but I have read about it. If anyone can 
> help me with the following mod_rewrite rule, I would be most grateful.
>
> Here's the idea:
> - Suppose the client's website is www.abc123.com
> - The client has files such as www.abc123.com/one.html and 
> www.abc123.com/two.html that need to be password protected
> - All current .html files are moved from the root web directory to a 
> sub-directory called "protected". This directory is protected by a 
> single set of  .htaccess username and password that is only available 
> to the administrator
> - The administrator logs into the control panel and whitelists all 
> file or selected files from the "protected" directory to be 
> processed/included later (by mod_rewrite and a PHP script). This 
> whitelist info is stored in a MySQL table
> - A mod_rewrite rule is written to say the following: all .html files 
> accessed from www.abc123.com are rerouted to the following file for 
> processing: www.abc123.com/load.php?page=chosenpage.html
> - The load.php page checks to see if the requested file exists in the 
> MySQL file whitelist.
> - If a user is logged-in, it includes the file. If not, it prompts the 
> user to log-in.
> - The log-in is performed using the PEAR Auth class. The username and 
> password info (along with user email and last login info) is stored in 
> a MySQL table.
>
> The advantage of this approach is that one is not dealing with messy 
> .htaccess files. Additionally, there is no duplication of username and 
> password data as in the previous case - where the username and 
> password were being stored both in .htaccess files and in a MySQL 
> database. Thus all info is in a MySQL database, and works with 
> existing static files.
>
> The user can continue to use Frontpage (or whatever) to modify static 
> files, and simply upload them to the "protected" directory.
>
> Does anyone know of a mod_rewrite rule to do the rewriting described 
> in step 5 above?
>
> Maybe this second method is more complication, but I am interested in 
> hearing feedback.
>
> Thanks in advance,
>
> - Jay
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
>
Jay,

You might look at amember pro. Last I heard that is how it worked, 
although it might do more/different. It was well regarded as a 
membershipadd on for mambo, invisionboard, etc.  and supported by the 
developer himself ($99price tag - look slike 139 now). Never used it 
myself. http://membership.cgi-central.net/scripts/amember/

-=john andrews



From spot at deviantart.com  Sat Dec 11 06:25:51 2004
From: spot at deviantart.com (Spot)
Date: Sat, 11 Dec 2004 03:25:51 -0800
Subject: [nycphp-talk] Bug Tracking
Message-ID: <41BAD93F.3010102@deviantart.com>

What are some suggestions for other nice open source bug management 
projects besides Bugzilla?


Thanks,

Spot
deviantART Inc.
www.deviantART.com


From ben at atlphp.org  Sat Dec 11 09:01:33 2004
From: ben at atlphp.org (Ben Ramsey)
Date: Sat, 11 Dec 2004 09:01:33 -0500
Subject: [nycphp-talk] Bug Tracking
In-Reply-To: <41BAD93F.3010102@deviantart.com>
References: <41BAD93F.3010102@deviantart.com>
Message-ID: <41BAFDBD.2070907@atlphp.org>

Spot wrote:
> What are some suggestions for other nice open source bug management 
> projects besides Bugzilla?

My personal favorite:
Mantis -- http://www.mantisbt.org/

-- 
Ben Ramsey
Zend Certified Engineer
http://benramsey.com


From chsnyder at gmail.com  Sat Dec 11 12:35:48 2004
From: chsnyder at gmail.com (csnyder)
Date: Sat, 11 Dec 2004 12:35:48 -0500
Subject: [nycphp-talk] Bug Tracking
In-Reply-To: <41BAFDBD.2070907@atlphp.org>
References: <41BAD93F.3010102@deviantart.com> <41BAFDBD.2070907@atlphp.org>
Message-ID: <b76252690412110935490bd8ad@mail.gmail.com>

It's a commercial product, and written in Java (2 strikes) but
Atlassian's Jira is the nicest bug tracker I've ever worked with, and
manages to be appealing even to people who aren't software developers.

http://atlassian.com/

They give free licenses to nonprofits and open source projects.


From jayeshsh at ceruleansky.com  Sat Dec 11 13:07:09 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Sat, 11 Dec 2004 13:07:09 -0500
Subject: [nycphp-talk] .htaccess user manager for PHP (similar to Auth Pro by
 cgi-city.com); mod_rewrite + PHP
Message-ID: <41BB374D.6020603@ceruleansky.com>

Hello Rolan, John and others,

thanks for your valuable suggestions. I will keep mod_auth_mysql in 
mind. It seems like a good solution, but it is probably not supported by 
shared hosts ... Still, useful to keep in mind.

John, your suggestion was quite good. I contacted the people at 
cgi-central.net and it seems that their product is available with almost 
all the files unencoded when you buy it. I might end up going with that.

Thanks again for your help.

Best regards,

- Jay
PS: If anyone has good experience with mod_rewrite and wants to swap 
knowhow with me on something that I know (such as building remote XUL + 
PHP apps) please let me know. I am all for exchanging knowledge.


From jayeshsh at ceruleansky.com  Sat Dec 11 14:45:38 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Sat, 11 Dec 2004 14:45:38 -0500 (EST)
Subject: [nycphp-talk] Bug Tracking
Message-ID: <56007.69.86.84.233.1102794338.spork@webmail.ceruleansky.com>

Hello Spot,

I have used Mantis, and found it to be quite good. It is good as a basic,
easy-to-use bug management system. It is certainly easier to use than
Bugzilla.

I am a big Mozilla fan, and I don't want to knock Bugzilla, but I think it
was always a tool written by programmers for programmers. Hence it always
had a hard-to-use interface.

FogBugz by Joe Spolsky's company, Fog Creek, is supposed to be really
good. It is not open source, but nevertheless has some well-received
features (including the ability to import Bugzilla data, I think.)

He has three different versions, one each for Windows, Unix and the Mac.

The Unix and MAc versions seem to use PHP, MySQL and Curl:
http://www.fogcreek.com/FogBugz/KB/setup/UnixReady.html
http://www.fogcreek.com/FogBugz/KB/setup/MacReady.html

The Windows version seems to offer support for Microsoft databases
including support for MySQL. It is unclear whether the Windows version
also uses PHP, but I think it must. (Why create two different versions for
two different platforms?)


Hope that helps.

- Jay


From supertomcom at optonline.net  Sat Dec 11 22:02:36 2004
From: supertomcom at optonline.net (Tom Melendez)
Date: Sat, 11 Dec 2004 22:02:36 -0500
Subject: [nycphp-talk] Bug Tracking
In-Reply-To: <56007.69.86.84.233.1102794338.spork@webmail.ceruleansky.com>
Message-ID: <0I8L008E990KDO@mta3.srv.hcvlny.cv.net>

Two from the "big guys":

I'm starting to use Issue Tracker:

http://www.issue-tracker.com/

It was written by the folks at Redhat, and they still use it today.

There's also MySQL's eventum:

http://dev.mysql.com/downloads/other/eventum/index.html

Nice product with graphs, and as I understand it, they use this in house as
well.  I opted not to use it because it was a little granular than I needed.

Both of these are GPL, and PHP/MySQL.

Good Luck!

Tom
www.liphp.org
 

-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Jayesh Sheth
Sent: Saturday, December 11, 2004 2:46 PM
To: talk at lists.nyphp.org
Subject: [nycphp-talk] Bug Tracking

Hello Spot,

I have used Mantis, and found it to be quite good. It is good as a basic,
easy-to-use bug management system. It is certainly easier to use than
Bugzilla.

I am a big Mozilla fan, and I don't want to knock Bugzilla, but I think it
was always a tool written by programmers for programmers. Hence it always
had a hard-to-use interface.

FogBugz by Joe Spolsky's company, Fog Creek, is supposed to be really good.
It is not open source, but nevertheless has some well-received features
(including the ability to import Bugzilla data, I think.)

He has three different versions, one each for Windows, Unix and the Mac.

The Unix and MAc versions seem to use PHP, MySQL and Curl:
http://www.fogcreek.com/FogBugz/KB/setup/UnixReady.html
http://www.fogcreek.com/FogBugz/KB/setup/MacReady.html

The Windows version seems to offer support for Microsoft databases including
support for MySQL. It is unclear whether the Windows version also uses PHP,
but I think it must. (Why create two different versions for two different
platforms?)


Hope that helps.

- Jay
_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org






From ppinto at aaahawk.com  Sun Dec 12 11:41:49 2004
From: ppinto at aaahawk.com (Peter)
Date: Sun, 12 Dec 2004 11:41:49 -0500
Subject: [nycphp-talk] gmail invite
Message-ID: <41BC74CD.2020509@aaahawk.com>

Does anyone have an invite for GMAIL?  At this point the invites must be 
ubiquitous, can someone send me one?


Thanks,
Pete


From tommyo at gmail.com  Sun Dec 12 11:43:05 2004
From: tommyo at gmail.com (Thomas O'Neill)
Date: Sun, 12 Dec 2004 10:43:05 -0600
Subject: [nycphp-talk] gmail invite
In-Reply-To: <41BC74CD.2020509@aaahawk.com>
References: <41BC74CD.2020509@aaahawk.com>
Message-ID: <d0cb92620412120843c675cc@mail.gmail.com>

you still need an invite?



On Sun, 12 Dec 2004 11:41:49 -0500, Peter <ppinto at aaahawk.com> wrote:
> Does anyone have an invite for GMAIL?  At this point the invites must be
> ubiquitous, can someone send me one?
> 
> Thanks,
> Pete
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
Tom O'Neill
tommyo at gmail.com


From ppinto at aaahawk.com  Sun Dec 12 14:48:15 2004
From: ppinto at aaahawk.com (Peter)
Date: Sun, 12 Dec 2004 14:48:15 -0500
Subject: [nycphp-talk] gmail invite thanks
Message-ID: <41BCA07F.9000404@aaahawk.com>

Thanks I got the gmail account!!!

Pete


From codebowl at gmail.com  Sun Dec 12 15:08:03 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Sun, 12 Dec 2004 15:08:03 -0500
Subject: [nycphp-talk] gmail invite
In-Reply-To: <d0cb92620412120843c675cc@mail.gmail.com>
References: <41BC74CD.2020509@aaahawk.com>
	<d0cb92620412120843c675cc@mail.gmail.com>
Message-ID: <8d9a428004121212083d524d1c@mail.gmail.com>

i didnt think this was the place to ask for an invite

there was much talk about this

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From hans at nyphp.com  Sun Dec 12 15:44:43 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Sun, 12 Dec 2004 12:44:43 -0800
Subject: [nycphp-talk] gmail invite
Message-ID: <41EE526EC2D3C74286415780D3BA9F8706A1DF61@ehost011-1.exch011.intermedia.net>


> i didnt think this was the place to ask for an invite

You're right, it's not.

H



From jlacey at att.net  Sun Dec 12 20:13:15 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 12 Dec 2004 18:13:15 -0700
Subject: [nycphp-talk] [OT] NoMachine NX Terminal Server
Message-ID: <41BCECAB.9080401@att.net>

Hello all,

Although it's been around for a while, I ran across NoMachine's NX 
Terminal Server since Knoppix has a free version (FreeNX) on both its 
3.6 and just released 3.7 CD.

http://www.nomachine.com/

NoMachine has a set up where you can test drive NX, after you first 
download a client.  I downloaded the NX Client for Windows.  The client 
programs are free; NoMachine charges for the commercial version of the 
NX server.

http://www.nomachine.com/download.php

The testdrive link from their homepage:
http://www.nomachine.com/testdrive.php

When you get it going, it opens a window with a full KDE desktop on your 
[Windows] box.  The thing that impressed me is its speed.  I'm on a 
dialup line that never runs faster than 26.4 Kbps and it was usable.

I've used Knoppix and a USB memory stick as a "backup system" to be able 
to deliver courses in most any situation without regard to platform (and 
school sysadmins).  As the NX Terminal Server looks like another, and 
quite franky, better way to accomplish the same thing, I thought I'd 
pass this info along.

enjoy,
John



From 1j0lkq002 at sneakemail.com  Sun Dec 12 22:25:05 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Sun, 12 Dec 2004 22:25:05 -0500
Subject: [nycphp-talk] [OT] NoMachine NX Terminal Server
In-Reply-To: <41BCECAB.9080401@att.net>
References: <41BCECAB.9080401@att.net>
Message-ID: <30879-70563@sneakemail.com>

John Lacey jlacey-at-att.net |nyphp dev/internal group use| wrote:

> Hello all,
>
> Although it's been around for a while, I ran across NoMachine's NX 
> Terminal Server since Knoppix has a free version (FreeNX) on both its 
> 3.6 and just released 3.7 CD.
>
> http://www.nomachine.com/
>
> NoMachine has a set up where you can test drive NX, after you first 
> download a client.  I downloaded the NX Client for Windows.  The 
> client programs are free; NoMachine charges for the commercial version 
> of the NX server.
>
> http://www.nomachine.com/download.php
>
> The testdrive link from their homepage:
> http://www.nomachine.com/testdrive.php
>
> When you get it going, it opens a window with a full KDE desktop on 
> your [Windows] box.  The thing that impressed me is its speed.  I'm on 
> a dialup line that never runs faster than 26.4 Kbps and it was usable.
>
> I've used Knoppix and a USB memory stick as a "backup system" to be 
> able to deliver courses in most any situation without regard to 
> platform (and school sysadmins).  As the NX Terminal Server looks like 
> another, and quite franky, better way to accomplish the same thing, I 
> thought I'd pass this info along.
>
> enjoy,
> John

Thanks for the heads-up. I just enjoyed a nomachine trial Suse session 
and queried Google Italy. Nice to see my sites at the top of the Google 
results GLOBALLY (I thought I had merely achieved top rank nationally ;-)

More seriously, though, why is this better than a local knoppix or other 
livelinux boot? Sure it's a contender for a persistent VPN to your own 
Linux server (there are others and some free), but isn't knoppix locally 
much faster and easier (no system administration once the ISO is set)?

I was running VNC over ssh from WinXP to a SuSe 9  box with persistent 
connections over a year ago, and I'm pretty sure the wizard who 
configured it for me used only OS components. Zero cost and total 
control. I was using VMware on Windows but lately I have been happy with 
knoppix.

-=john andrews




From jlacey at att.net  Sun Dec 12 22:54:14 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 12 Dec 2004 20:54:14 -0700
Subject: [nycphp-talk] [OT] NoMachine NX Terminal Server
In-Reply-To: <30879-70563@sneakemail.com>
References: <41BCECAB.9080401@att.net> <30879-70563@sneakemail.com>
Message-ID: <41BD1266.50300@att.net>

inforequest wrote:

> 
> More seriously, though, why is this better than a local knoppix or other 
> livelinux boot? Sure it's a contender for a persistent VPN to your own 
> Linux server (there are others and some free), but isn't knoppix locally 
> much faster and easier (no system administration once the ISO is set)?
> 

NX Serever is potentially better since the only thing the students need 
is a Windows box (with a downloaded NX client), which allows me to do a 
few interesting things since they are now in a terminal server session 
with my laptop.  I run many flavors of Linux (not all at once :) on top 
of VMware on a win2K laptop which is maxed at 1GB RAM.

You may or may not have an idea of what an instructor can run into when 
they walk into a class where the systems can be in god-knows-what-state, 
and they have a course to teach.  For example, I just finished a 
security tools course that featured the Knoppix-STD CD.  We were doing 
nessus vulnerability scans on desktops where Win2K was removed and XP 
and SP2 was installed between class meetings (with no warning) and were 
then locked down.  I can run several instances of win2k as well as 
windows 2000 server using VMware and work around problems like that.

And with NX Server, I can see a potential for User Mode Linux in 
certain student troubleshooting scenarios, where they have to work on a 
system that's "not theirs".

At this point, I'll end since my cat is staring at me wanting to be fed :)

John



From 1j0lkq002 at sneakemail.com  Sun Dec 12 23:43:52 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Sun, 12 Dec 2004 23:43:52 -0500
Subject: [nycphp-talk] [OT] NoMachine NX Terminal Server
In-Reply-To: <41BD1266.50300@att.net>
References: <41BCECAB.9080401@att.net> <30879-70563@sneakemail.com>
	<41BD1266.50300@att.net>
Message-ID: <22305-03220@sneakemail.com>

John Lacey jlacey-at-att.net |nyphp dev/internal group use| wrote:

> inforequest wrote:
>
>>
>> More seriously, though, why is this better than a local knoppix or 
>> other livelinux boot? Sure it's a contender for a persistent VPN to 
>> your own Linux server (there are others and some free), but isn't 
>> knoppix locally much faster and easier (no system administration once 
>> the ISO is set)?
>>
>
> NX Serever is potentially better since the only thing the students 
> need is a Windows box (with a downloaded NX client), which allows me 
> to do a few interesting things since they are now in a terminal server 
> session with my laptop.  I run many flavors of Linux (not all at once 
> :) on top of VMware on a win2K laptop which is maxed at 1GB RAM.
>
> You may or may not have an idea of what an instructor can run into 
> when they walk into a class where the systems can be in 
> god-knows-what-state, and they have a course to teach.  For example, I 
> just finished a security tools course that featured the Knoppix-STD 
> CD.  We were doing nessus vulnerability scans on desktops where Win2K 
> was removed and XP and SP2 was installed between class meetings (with 
> no warning) and were then locked down.  I can run several instances of 
> win2k as well as windows 2000 server using VMware and work around 
> problems like that.
>
> And with NX Server, I can see a potential for User Mode Linux in 
> certain student troubleshooting scenarios, where they have to work on 
> a system that's "not theirs".
>
> At this point, I'll end since my cat is staring at me wanting to be 
> fed :)
>
> John



So you run nomachine server on your laptop, and offer it locally over 
their LAN connection. Got it, and it sounds great. Thanks for explaining 
-- and explaining so well.

-=john









From joshmccormack at travelersdiary.com  Mon Dec 13 08:54:31 2004
From: joshmccormack at travelersdiary.com (Josh McCormack)
Date: Mon, 13 Dec 2004 08:54:31 -0500
Subject: [nycphp-talk] cheap php hosts?
In-Reply-To: <41ABE295.8020106@clan-forsaken.com>
References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com>
	<41ABE295.8020106@clan-forsaken.com>
Message-ID: <41BD9F17.3070802@travelersdiary.com>

I took a look at nearlyfreespeech.net. They look good. I saw they don't 
handle email at all. What do you do for email hosting with sites you 
have with them?

Josh

DarkWulf wrote:
> I host a few smaller sites at www.nearlyfreespeech.net
> 
> I like them because they have always struck me as very honest people, 
> and surprisingly un-bottom-line orientated. You pay for the hard drive 
> space and bandwidth you use, and thats about it. ($0.02/day for hosting 
> a domain, $0.01/month/megabyte for storage, $1.00/gigabyte for bandwidth)
> 
> Strong caveat is that you really do have to know what you're doing. 
> Their control panel is sometimes confusing. There is no support for "my 
> script doesn't work" and so on and so forth.
> 



From hans at nyphp.com  Mon Dec 13 12:19:49 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Mon, 13 Dec 2004 09:19:49 -0800
Subject: [nycphp-talk] NYTCHP Volunteers
Message-ID: <41EE526EC2D3C74286415780D3BA9F8706A1E43D@ehost011-1.exch011.intermedia.net>


Hello all,

As you know, Wed. is the holiday event.

http://www.nytchp.org

We still need a couple more volunteers to help.  The RSVP has been
closed, so if you haven't RSVP'd, this is the perfect way to attend the
event, and we will require just a couple of hours of your time.

Thanks folks,

---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org




From alexchan.1976 at gmail.com  Mon Dec 13 12:26:26 2004
From: alexchan.1976 at gmail.com (Alex C)
Date: Mon, 13 Dec 2004 12:26:26 -0500
Subject: [nycphp-talk] NYTCHP Volunteers
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706A1E43D@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F8706A1E43D@ehost011-1.exch011.intermedia.net>
Message-ID: <8f494f76041213092627db9d83@mail.gmail.com>

Hans,

What will the voluteers need to do?

Alexander Chan


On Mon, 13 Dec 2004 09:19:49 -0800, Hans Zaunere <hans at nyphp.com> wrote:
> 
> Hello all,
> 
> As you know, Wed. is the holiday event.
> 
> http://www.nytchp.org
> 
> We still need a couple more volunteers to help.  The RSVP has been
> closed, so if you haven't RSVP'd, this is the perfect way to attend the
> event, and we will require just a couple of hours of your time.
> 
> Thanks folks,
> 
> ---
> Hans Zaunere
> President, Founder
> New York PHP
> http://www.nyphp.org
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
>


From ajai at bitblit.net  Mon Dec 13 12:28:46 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Mon, 13 Dec 2004 12:28:46 -0500
Subject: [nycphp-talk] NYTCHP Volunteers
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706A1E43D@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F8706A1E43D@ehost011-1.exch011.intermedia.net>
Message-ID: <41BDD14E.2020708@bitblit.net>

Hans Zaunere wrote:

>Hello all,
>
>As you know, Wed. is the holiday event.
>
>http://www.nytchp.org
>
>We still need a couple more volunteers to help.  The RSVP has been
>closed, so if you haven't RSVP'd, this is the perfect way to attend the
>event, and we will require just a couple of hours of your time.
>

Shame its on the same day as the NYLUG event...

-- 
Aj.
Systems Administrator / Developer



From hans at nyphp.com  Mon Dec 13 12:46:34 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Mon, 13 Dec 2004 09:46:34 -0800
Subject: [nycphp-talk] NYTCHP Volunteers
Message-ID: <41EE526EC2D3C74286415780D3BA9F8706A1E4B7@ehost011-1.exch011.intermedia.net>


> >We still need a couple more volunteers to help.  The RSVP has been
> >closed, so if you haven't RSVP'd, this is the perfect way to attend
the
> >event, and we will require just a couple of hours of your time.
> 
> Shame its on the same day as the NYLUG event...

There is no NYLUG event.  They're having a half hour meeting, then folks
are coming to this event.

If you want to volunteer and want to find out what's involved, email:
contact not junk at nytchp.com


H




From gatzby3jr at gmail.com  Mon Dec 13 16:50:55 2004
From: gatzby3jr at gmail.com (Brian O'Connor)
Date: Mon, 13 Dec 2004 16:50:55 -0500
Subject: [nycphp-talk] cheap php hosts?
In-Reply-To: <200411291836.iATIaD7E000305@webmail3.megamailservers.com>
References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com>
Message-ID: <29da5d15041213135014804e49@mail.gmail.com>

I use hostdime for my website, and I haven't had any problems yet. 
The only thing that bothered me was a slow response time between me
and my server at certain points, and when I notified them, they
switched me to a different servers.  Their customer service is
adequate, with email responses after you file a ticket (I think they
have a telephone service but I prefer online).

www.hostdime.com

On Mon, 29 Nov 2004 13:36:13 -0500, Rahmin Pavlovic
<rahmin at insite-out.com> wrote:
> Sorry if this has been posted before -
> 
> A friend of mine -- not exactly a client, but someone I work with in the music biz -- is looking for a cheap hosting solution.
> 
> He asked me about this $19.95/yr package at register.com, which I'm about to shoot down for a number of reasons, but I'm
> wondering what cheapo php solutions I can offer as an alternative.
> 
> It doesn't have to be twenty-bucks-a-year cheap, and he really doesn't need a 'website building tool', but I want to offer
> something that's clearly better than register.com.
> 
> TIA
> 
> R
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
Brian O'Connor


From webmaster at localnotion.com  Mon Dec 13 17:53:03 2004
From: webmaster at localnotion.com (Matthew Terenzio)
Date: Mon, 13 Dec 2004 17:53:03 -0500
Subject: [nycphp-talk] cheap php hosts?
In-Reply-To: <29da5d15041213135014804e49@mail.gmail.com>
References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com>
	<29da5d15041213135014804e49@mail.gmail.com>
Message-ID: <BEC4CBD8-4D59-11D9-98BB-0003938BDF32@localnotion.com>

Not that it end all list but I like the fact that some of my hosting 
providers end up on this list:

http://uptime.netcraft.com/perf/reports/Hosters

Among the cheapies and PHP on the list is Pair.com and 1and1.com. One 
linux and one FreeBSD.


On Dec 13, 2004, at 4:50 PM, Brian O'Connor wrote:

> I use hostdime for my website, and I haven't had any problems yet.
> The only thing that bothered me was a slow response time between me
> and my server at certain points, and when I notified them, they
> switched me to a different servers.  Their customer service is
> adequate, with email responses after you file a ticket (I think they
> have a telephone service but I prefer online).
>
> www.hostdime.com
>
> On Mon, 29 Nov 2004 13:36:13 -0500, Rahmin Pavlovic
> <rahmin at insite-out.com> wrote:
>> Sorry if this has been posted before -
>>
>> A friend of mine -- not exactly a client, but someone I work with in 
>> the music biz -- is looking for a cheap hosting solution.
>>
>> He asked me about this $19.95/yr package at register.com, which I'm 
>> about to shoot down for a number of reasons, but I'm
>> wondering what cheapo php solutions I can offer as an alternative.
>>
>> It doesn't have to be twenty-bucks-a-year cheap, and he really 
>> doesn't need a 'website building tool', but I want to offer
>> something that's clearly better than register.com.
>>
>> TIA
>>
>> R
>>
>> _______________________________________________
>> New York PHP Talk
>> Supporting AMP Technology (Apache/MySQL/PHP)
>> http://lists.nyphp.org/mailman/listinfo/talk
>> http://www.newyorkphp.org
>>
>
>
> -- 
> Brian O'Connor
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org



From darkwulf at clan-forsaken.com  Mon Dec 13 18:22:36 2004
From: darkwulf at clan-forsaken.com (DarkWulf)
Date: Mon, 13 Dec 2004 15:22:36 -0800
Subject: [nycphp-talk] cheap php hosts?
In-Reply-To: <41BD9F17.3070802@travelersdiary.com>
References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com>	<41ABE295.8020106@clan-forsaken.com>
	<41BD9F17.3070802@travelersdiary.com>
Message-ID: <41BE243C.8070606@clan-forsaken.com>

To be honest, I don't. I understand you can handle the email on your 
own, but that seems like alot of trouble... I host small sites with them 
(otherwise the bandwidth gets expensive), and most really small 
organizations seem to use yahoo, hotmail, or some other free email 
derivative. :-/

I didn't want to have them (small charities mostly) change the way they 
did things too much, so I just had them stay with their old email.

Sorry for the non-answer there.

Josh McCormack wrote:

> I took a look at nearlyfreespeech.net. They look good. I saw they 
> don't handle email at all. What do you do for email hosting with sites 
> you have with them?
>
> Josh





From 1j0lkq002 at sneakemail.com  Mon Dec 13 20:06:30 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Mon, 13 Dec 2004 20:06:30 -0500
Subject: [nycphp-talk] cheap php hosts?
In-Reply-To: <41BD9F17.3070802@travelersdiary.com>
References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com>	<41ABE295.8020106@clan-forsaken.com>
	<41BD9F17.3070802@travelersdiary.com>
Message-ID: <13601-91144@sneakemail.com>

Josh McCormack joshmccormack-at-travelersdiary.com |nyphp dev/internal 
group use| wrote:

> I took a look at nearlyfreespeech.net. They look good. I saw they 
> don't handle email at all. What do you do for email hosting with sites 
> you have with them?
>
> Josh
>
> DarkWulf wrote:
>
>> I host a few smaller sites at www.nearlyfreespeech.net
>>
>> I like them because they have always struck me as very honest people, 
>> and surprisingly un-bottom-line orientated. You pay for the hard 
>> drive space and bandwidth you use, and thats about it. ($0.02/day for 
>> hosting a domain, $0.01/month/megabyte for storage, $1.00/gigabyte 
>> for bandwidth)
>>
>> Strong caveat is that you really do have to know what you're doing. 
>> Their control panel is sometimes confusing. There is no support for 
>> "my script doesn't work" and so on and so forth.
>>

You can purchase mail services from most registrars, ISPs hosting 
companies. You just manage the MX records separate from the rest of the 
domain records.

I manage most of my sites that way. I manage the DNS myself (via a web 
interface), outsource the email hosting, outsource the web hosting. A 
decision to move a site to colo doesn't mean reconfiguring mail servers, 
a change in mail handling doesn't bother the websites, DNS changes are 
justthat: DNS changes, etc.

If you tie your websites and mail functions together, obviously you have 
a need for tighter integration, but I am comfortable using subdomains 
for that when necessary.

-=john andrews


From shawn at shawnlawyer.com  Tue Dec 14 02:24:42 2004
From: shawn at shawnlawyer.com (Shawn Lawyer)
Date: Tue, 14 Dec 2004 02:24:42 -0500
Subject: [nycphp-talk] cheap php hosts?
References: <200411291836.iATIaD7E000305@webmail3.megamailservers.com>
	<29da5d15041213135014804e49@mail.gmail.com>
Message-ID: <052e01c4e1ad$fb4966e0$6401a8c0@ViaoDev1>

Well not that it's cheap but I Colo my servers with company in Cali called 
Simpli. www.simpli.biz . The owners name is Erica and she's very reliable. 
The servers are in a great datacenter and the cost you'd have to work out 
with her. I think her shared hosting starts at $6.95 and they're all LAMP. 
Fyi she also mirrors php.net

Happy Holidays

Shawn Lawyer 



From rrust at r2communications.com  Tue Dec 14 09:09:39 2004
From: rrust at r2communications.com (Randal Rust)
Date: Tue, 14 Dec 2004 09:09:39 -0500
Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart
Message-ID: <41BEF423.5060201@r2communications.com>

A partner and I are building an ecommerce app. He is handling the 
commerce part of the system, but has to go out of the country for a few 
weeks and now it's all in my lap (as was planned).

In looking at the cart, there is an issue that I am not quite sure how 
to resolve. Any customer (registered or not), should be able to add 
items to their shopping cart, leave the site, and come back later and 
still see the items in their cart.

I was thinking I could pull this off by using the session id and storing 
it in the cart, but that won't work if the customer leaves the site and 
comes back a day later.

Now I am thinking that I will have to use a cookie, but even then, how 
do I ensure that the customer sees the correct items when they return? 
Would it work to store the IP address?

Any suggestions?

-- 
Randal Rust

R.Squared Communications
http://www.r2communications.com
Digital Design for Bricks-and-Mortar Businesses



From chsnyder at gmail.com  Tue Dec 14 09:22:14 2004
From: chsnyder at gmail.com (csnyder)
Date: Tue, 14 Dec 2004 09:22:14 -0500
Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart
In-Reply-To: <41BEF423.5060201@r2communications.com>
References: <41BEF423.5060201@r2communications.com>
Message-ID: <b7625269041214062211bd768d@mail.gmail.com>

On Tue, 14 Dec 2004 09:09:39 -0500, Randal Rust
<rrust at r2communications.com> wrote:
> Now I am thinking that I will have to use a cookie, but even then, how
> do I ensure that the customer sees the correct items when they return?

Since you're right about the session going away, you'll need to use a
database to store the items, under an id that you can put into a
cookie for when they come back. The items aren't stored in the cookie,
only the reference to the cart.

A bonus to this approach is that you can also mark the cart with a
userid, so that if they start shopping from home, but then log in at
work to complete the transaction, they can pick up where they left
off.

-- 
Chris Snyder
http://chxo.com/


From rrust at r2communications.com  Tue Dec 14 09:33:41 2004
From: rrust at r2communications.com (Randal Rust)
Date: Tue, 14 Dec 2004 09:33:41 -0500
Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart
In-Reply-To: <b7625269041214062211bd768d@mail.gmail.com>
References: <41BEF423.5060201@r2communications.com>
	<b7625269041214062211bd768d@mail.gmail.com>
Message-ID: <41BEF9C5.4000200@r2communications.com>

csnyder wrote:

> Since you're right about the session going away, you'll need to use a
> database to store the items, 

good. that's what we're doing anyway. no javascript, no over-the-top 
session stuff.

> under an id that you can put into a
> cookie for when they come back. The items aren't stored in the cookie,
> only the reference to the cart.

so i could randomly generate a 6-10 digit id for the cart. would that be 
the way to go?

> A bonus to this approach is that you can also mark the cart with a
> userid, so that if they start shopping from home, but then log in at
> work to complete the transaction, they can pick up where they left
> off.

right, there is a customerID column in the table. but you've got me 
thinking that there should be a 'cart' table, which stores the cartID 
and customerID. it would tie to the 'orders' table, which would hold the 
orderID, cartID, etc.

so each user would have their own unique cart. would that be overkill?

every time someone access the site, i'd have to check for the cookie. if 
it exists, then we're ok, the user already has a cart created. if the 
cookie does not exist, then a new row has to be created in the cart 
table, which provides the unique id for the customer's cart. this would 
avoid having to randomly generate a number.

-- 
Randal Rust

R.Squared Communications
http://www.r2communications.com
Digital Design for Bricks-and-Mortar Businesses



From joshmccormack at travelersdiary.com  Tue Dec 14 10:17:06 2004
From: joshmccormack at travelersdiary.com (Josh McCormack)
Date: Tue, 14 Dec 2004 10:17:06 -0500
Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart
In-Reply-To: <b7625269041214062211bd768d@mail.gmail.com>
References: <41BEF423.5060201@r2communications.com>
	<b7625269041214062211bd768d@mail.gmail.com>
Message-ID: <41BF03F2.1090409@travelersdiary.com>



csnyder wrote:

> On Tue, 14 Dec 2004 09:09:39 -0500, Randal Rust
> <rrust at r2communications.com> wrote:
> 
>>Now I am thinking that I will have to use a cookie, but even then, how
>>do I ensure that the customer sees the correct items when they return?
> 
> 
> Since you're right about the session going away, you'll need to use a
> database to store the items, under an id that you can put into a
> cookie for when they come back. The items aren't stored in the cookie,
> only the reference to the cart.
> 
> A bonus to this approach is that you can also mark the cart with a
> userid, so that if they start shopping from home, but then log in at
> work to complete the transaction, they can pick up where they left
> off.
> 

I'd recommend not having the registration process be a one shot thing. 
Have them choose a user name and password, then later on billing and 
shipping. Otherwise it's too much work if they're just browsing/checking 
stuff out.

Josh



From rrust at r2communications.com  Tue Dec 14 10:37:04 2004
From: rrust at r2communications.com (Randal Rust)
Date: Tue, 14 Dec 2004 10:37:04 -0500
Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart
In-Reply-To: <41BF03F2.1090409@travelersdiary.com>
References: <41BEF423.5060201@r2communications.com>	<b7625269041214062211bd768d@mail.gmail.com>
	<41BF03F2.1090409@travelersdiary.com>
Message-ID: <41BF08A0.4020100@r2communications.com>

Josh McCormack wrote:

> I'd recommend not having the registration process be a one shot thing. 
> Have them choose a user name and password, then later on billing and 
> shipping. Otherwise it's too much work if they're just browsing/checking 
> stuff out.

they don't have to register to browse.

what it would do is just create an empty cart with a cartID. they do 
have to register to make a purchase though, which would provide the cart 
with the necessary customerID.

-- 
Randal Rust

R.Squared Communications
http://www.r2communications.com
Digital Design for Bricks-and-Mortar Businesses



From joshmccormack at travelersdiary.com  Tue Dec 14 10:59:30 2004
From: joshmccormack at travelersdiary.com (Josh McCormack)
Date: Tue, 14 Dec 2004 10:59:30 -0500
Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart
In-Reply-To: <41BF08A0.4020100@r2communications.com>
References: <41BEF423.5060201@r2communications.com>	<b7625269041214062211bd768d@mail.gmail.com>	<41BF03F2.1090409@travelersdiary.com>
	<41BF08A0.4020100@r2communications.com>
Message-ID: <41BF0DE2.8090708@travelersdiary.com>



Randal Rust wrote:

> Josh McCormack wrote:
> 
>> I'd recommend not having the registration process be a one shot thing. 
>> Have them choose a user name and password, then later on billing and 
>> shipping. Otherwise it's too much work if they're just 
>> browsing/checking stuff out.
> 
> 
> they don't have to register to browse.
> 
> what it would do is just create an empty cart with a cartID. they do 
> have to register to make a purchase though, which would provide the cart 
> with the necessary customerID.
> 

By browsing I mean grabbing stuff and continue shopping, the way people 
often do in the physical world.

Josh



From rrust at r2communications.com  Tue Dec 14 11:05:44 2004
From: rrust at r2communications.com (Randal Rust)
Date: Tue, 14 Dec 2004 11:05:44 -0500
Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart
In-Reply-To: <41BF0DE2.8090708@travelersdiary.com>
References: <41BEF423.5060201@r2communications.com>	<b7625269041214062211bd768d@mail.gmail.com>	<41BF03F2.1090409@travelersdiary.com>	<41BF08A0.4020100@r2communications.com>
	<41BF0DE2.8090708@travelersdiary.com>
Message-ID: <41BF0F58.3060601@r2communications.com>

Josh McCormack wrote:

> By browsing I mean grabbing stuff and continue shopping, the way people 
> often do in the physical world.

yeah, we've got that covered. the customer can put an item in the cart 
and continue shopping.

the goal here is to make sure that if a customer puts an item in the 
cart, we don't lose it.

-- 
Randal Rust

R.Squared Communications
http://www.r2communications.com
Digital Design for Bricks-and-Mortar Businesses



From dmintz at davidmintz.org  Tue Dec 14 11:17:46 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Tue, 14 Dec 2004 11:17:46 -0500 (EST)
Subject: [nycphp-talk] that mysterious holiday party
Message-ID: <Pine.BSF.4.58.0412141115010.32984@emra.pair.com>


last I heard "the event will be held in SoHo, Manhattan.  The full address
and a map will be announced Monday, and only to those who have RSVPd with
a valid email address" but this is Tuesday and I haven't heard, so I'm
wondering if I missed something or if the organizers are just letting the
suspense build a bit longer (-:



---
David Mintz
http://davidmintz.org/

$world =~ s|<bush[^>]*>.+</bush>||is;


From hans at nyphp.com  Tue Dec 14 11:18:52 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Tue, 14 Dec 2004 08:18:52 -0800
Subject: [nycphp-talk] that mysterious holiday party
Message-ID: <41EE526EC2D3C74286415780D3BA9F8706BFC9D6@ehost011-1.exch011.intermedia.net>


> last I heard "the event will be held in SoHo, Manhattan.  The full
address
> and a map will be announced Monday, and only to those who have RSVPd
with
> a valid email address" but this is Tuesday and I haven't heard, so I'm
> wondering if I missed something or if the organizers are just letting
the
> suspense build a bit longer (-:

A little delayed - going out today...

H



From chsnyder at gmail.com  Tue Dec 14 11:26:04 2004
From: chsnyder at gmail.com (csnyder)
Date: Tue, 14 Dec 2004 11:26:04 -0500
Subject: [nycphp-talk] that mysterious holiday party
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706BFC9D6@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F8706BFC9D6@ehost011-1.exch011.intermedia.net>
Message-ID: <b76252690412140826302688a3@mail.gmail.com>

> if the organizers are just letting
> the suspense build a bit longer (-:
> 

The NYCBUG folks are working from the rumor that it's going to be in
the plaza next to the Cyclone on Coney Island.... classy!


From sajith.ml at gmail.com  Tue Dec 14 11:56:35 2004
From: sajith.ml at gmail.com (Sajith A)
Date: Tue, 14 Dec 2004 22:26:35 +0530
Subject: [nycphp-talk] Saving Items for Later in a Shopping Cart
In-Reply-To: <41BEF423.5060201@r2communications.com>
References: <41BEF423.5060201@r2communications.com>
Message-ID: <ef613e5d04121408562b38f2a9@mail.gmail.com>

Randal Rust wrote
> In looking at the cart, there is an issue that I am not quite sure how
> to resolve. Any customer (registered or not), should be able to add
> items to their shopping cart, leave the site, and come back later and
> still see the items in their cart.

As Chris Snyder pointed out, it will be good to store the cart in db.
I would also suggest to clean cart table over a period of time - may
be by a cron job - that will delete dead entries generated by casual
browsing [checking against timestamp].

Another thing that is told about carts in general[i think i heard it
from a case study based on amazon] is that, people tend to skip the
cart if they are prompted for a username and password right at the
beginning. It would be ideal to ask for a username and password while
checking out rather than while adding to cart.. You can still save the
temporary cart based on a random unique id generated by the system for
the user stored in the browser.

Ip addresses will not be a good choice as dial-up users will be
getting a random ip from the ISP pool.

God bless you
Sajith A


From agfische at email.smith.edu  Tue Dec 14 13:36:37 2004
From: agfische at email.smith.edu (Aaron Fischer)
Date: Tue, 14 Dec 2004 13:36:37 -0500
Subject: [nycphp-talk] PHP magazines
Message-ID: <166CC4EC-4DFF-11D9-A143-0003930D07F2@email.smith.edu>

Hi all,

I recently ordered an issue of international php magazine 
(http://www.php-mag.net/) and php architect (http://phparch.com/) to 
compare the two and pick one to subscribe to.  They both look pretty 
good, but unfortunately budget dictates that I pick just one.

I'd be interested to hear people's opinions on which one to subscribe 
to.  Are they both pretty similar?  Do they tend to focus on the same 
audience?  Are there differences of note?

One thing to note, the issue of php architect came almost immediately, 
whereas I am still waiting (three weeks later) for the issue of 
international php magazine to arrive.

Thanks for any thoughts,

-Aaron



From listings at impulsenetwork.de  Tue Dec 14 14:13:52 2004
From: listings at impulsenetwork.de (Andreas Gaisbauer)
Date: Tue, 14 Dec 2004 20:13:52 +0100
Subject: [nycphp-talk] PHP magazines
In-Reply-To: <166CC4EC-4DFF-11D9-A143-0003930D07F2@email.smith.edu>
References: <166CC4EC-4DFF-11D9-A143-0003930D07F2@email.smith.edu>
Message-ID: <41BF3B70.2030100@impulsenetwork.de>

Hi,

I'm regular reading the following mags:

- PHP Solutions (www.phpsolmag.org): nice mag but primary focused on beginners

- PHP Magazin (german version): the classic of the php mags. It provides imo 
high class articels on advanced topics. Focused on advanced users.

- PHP Magazin International: the same as the german mag (with complete different 
contents) - top resource...

- PHP Architect (PDF version): I really like php|arch. Intersting topics, and 
the same audience as the php magazines.

If I have to choose one, I would take php|arch because it provides a single 
issue every month (12 issues a year) - php magazin (print) instead is released 
only all 2 month (only 6 issues p.a.)... Another option: take php|arch and php 
magazin international as PDF... maybe your budget allows you to get both PDF mags...

Both mags provide free sample issues
PHP Magazin International https://www.entwickler.com/ssl/phppdf/
PHP Architect PDF Version http://www.phparch.com/issue.php?mid=9



bye bye
Andreas

Aaron Fischer wrote:
> Hi all,
> 
> I recently ordered an issue of international php magazine 
> (http://www.php-mag.net/) and php architect (http://phparch.com/) to 
> compare the two and pick one to subscribe to.  They both look pretty 
> good, but unfortunately budget dictates that I pick just one.
> 
> I'd be interested to hear people's opinions on which one to subscribe 
> to.  Are they both pretty similar?  Do they tend to focus on the same 
> audience?  Are there differences of note?
> 
> One thing to note, the issue of php architect came almost immediately, 
> whereas I am still waiting (three weeks later) for the issue of 
> international php magazine to arrive.
> 
> Thanks for any thoughts,
> 
> -Aaron
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 
> 


From ben at atlphp.org  Tue Dec 14 14:26:08 2004
From: ben at atlphp.org (Ben Ramsey)
Date: Tue, 14 Dec 2004 14:26:08 -0500
Subject: [nycphp-talk] PHP magazines
In-Reply-To: <166CC4EC-4DFF-11D9-A143-0003930D07F2@email.smith.edu>
References: <166CC4EC-4DFF-11D9-A143-0003930D07F2@email.smith.edu>
Message-ID: <41BF3E50.9040009@atlphp.org>

Aaron Fischer wrote:
> One thing to note, the issue of php architect came almost immediately, 
> whereas I am still waiting (three weeks later) for the issue of 
> international php magazine to arrive.

This will almost always happen because PHP Mag is located in Germany. It 
takes me two months to get their issues.

php|a comes a bit quicker to me, but I still get it a month after it's 
been released. For example, I just received the November 2004 issue 
yesterday, but the December issue is already out. (I'm located in 
Atlanta, so I guess it takes longer to get to me.)

Needless to say, I'm a bit upset with the delay in receiving both of 
these publications, but there's not much I can do about that.

Since each magazine competes with the other, they try to stay on top of 
news and latest trends. So, content-wise they're both pretty good. Both 
use well-known speakers, writers, bloggers, and developers for their 
material. I also have spoken to the editors of both publications, and 
they're both great people who are seeking the best possible content for 
the community.

I think it may come to this for you: PHP Mag is published bi-monthly (6 
issues a year), whereas php|architect is published monthly. So, it may 
come down to how many issues you want for your money. Still, if budget 
would allow for both, I'd say to get both.

-- 
Ben Ramsey
Zend Certified Engineer
http://benramsey.com


From mwithington at PLMresearch.com  Tue Dec 14 22:40:35 2004
From: mwithington at PLMresearch.com (Mark Withington)
Date: Tue, 14 Dec 2004 22:40:35 -0500
Subject: [nycphp-talk] OT:  HTMLTableCellElement
Message-ID: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3586A6F6B@network.PLMresearch.com>

Has anyone had any experience/luck using the DOM HTMLTableCellElement.width
to provide <td> information?  I'm trying to generate table headings using
DHTML that would be positioned absolute (and thereby eliminate the need for
frames).  Everything works great, except the DHTML column widths don't line
up with the HTML (generated) table body.  I'm letting the browser adjust the
columns as necessary and was hoping to use HTMLTableCellElement.width to
provide the information that I would then inject into the DHTML table <td>
tags.

Any suggestions/help would be appreciated.

Mark

--------------------------
Mark L. Withington
PLMresearch
v: 508-746-2383
m: 508-801-0181
Calendar: http://www.plmresearch.com/calendar.php



-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Aaron Fischer
Sent: Tuesday, December 14, 2004 1:37 PM
To: NYPHP-Talk
Subject: [nycphp-talk] PHP magazines


Hi all,

I recently ordered an issue of international php magazine 
(http://www.php-mag.net/) and php architect (http://phparch.com/) to 
compare the two and pick one to subscribe to.  They both look pretty 
good, but unfortunately budget dictates that I pick just one.

I'd be interested to hear people's opinions on which one to subscribe 
to.  Are they both pretty similar?  Do they tend to focus on the same 
audience?  Are there differences of note?

One thing to note, the issue of php architect came almost immediately, 
whereas I am still waiting (three weeks later) for the issue of 
international php magazine to arrive.

Thanks for any thoughts,

-Aaron

_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org


From hans at cyberxdesigns.com  Wed Dec 15 10:18:58 2004
From: hans at cyberxdesigns.com (Hans C. Kaspersetz)
Date: Wed, 15 Dec 2004 10:18:58 -0500
Subject: [nycphp-talk] OT:  HTMLTableCellElement
In-Reply-To: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3586A6F6B@network.PLMresearch.com>
References: <1F3CD8DDFB6A9B4C9B8DD06E4A7DE3586A6F6B@network.PLMresearch.com>
Message-ID: <41C055E2.4060407@cyberxdesigns.com>

Mark,

Not sure if you are aware, but NY PHP has a front end list for these 
types of questions.    Check it out might get you a better response.

http://lists.nyphp.org/mailman/listinfo/front-end

Hans

Mark Withington wrote:

>Has anyone had any experience/luck using the DOM HTMLTableCellElement.width
>to provide <td> information?  I'm trying to generate table headings using
>DHTML that would be positioned absolute (and thereby eliminate the need for
>frames).  Everything works great, except the DHTML column widths don't line
>up with the HTML (generated) table body.  I'm letting the browser adjust the
>columns as necessary and was hoping to use HTMLTableCellElement.width to
>provide the information that I would then inject into the DHTML table <td>
>tags.
>
>Any suggestions/help would be appreciated.
>
>Mark
>
>  
>
--- snip ---

-- 
Hans C. Kaspersetz
Cyber X Designs

http://www.cyberxdesigns.com



From it at avp.org  Wed Dec 15 11:31:18 2004
From: it at avp.org (Chris Baronavski)
Date: Wed, 15 Dec 2004 11:31:18 -0500
Subject: [nycphp-talk] Open Source Volunteer Management Systems
Message-ID: <20041215112431.SM00237@miasma>

Does anyone know of any good open source volunteer management systems?

 

 

Thanks,


Chris

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041215/128ac33b/attachment.html>

From dorgan at optonline.net  Wed Dec 15 14:43:47 2004
From: dorgan at optonline.net (Donald J. Organ IV)
Date: Wed, 15 Dec 2004 14:43:47 -0500
Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT']
Message-ID: <41C093F3.7090508@optonline.net>

does anyone know a work around for the lack of $_SERVER['DOCUMENT_ROOT'] 
on windows 2003 servers


From jsiegel1 at optonline.net  Wed Dec 15 14:53:37 2004
From: jsiegel1 at optonline.net (Jeff Siegel)
Date: Wed, 15 Dec 2004 14:53:37 -0500
Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT']
In-Reply-To: <41C093F3.7090508@optonline.net>
References: <41C093F3.7090508@optonline.net>
Message-ID: <41C09641.9040004@optonline.net>

Linux. ;)

Jeff

Donald J. Organ IV wrote:

> does anyone know a work around for the lack of $_SERVER['DOCUMENT_ROOT'] 
> on windows 2003 servers
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


From rahmin at insite-out.com  Wed Dec 15 14:59:22 2004
From: rahmin at insite-out.com (Rahmin Pavlovic)
Date: Wed, 15 Dec 2004 14:59:22 -0500
Subject: [nycphp-talk] redirect problem
Message-ID: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com>

An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041215/83bc2fb5/attachment.ksh>

From john at cyber-ny.com  Wed Dec 15 15:06:03 2004
From: john at cyber-ny.com (John Nunez)
Date: Wed, 15 Dec 2004 15:06:03 -0500
Subject: [nycphp-talk] redirect problem
In-Reply-To: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com>
References: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com>
Message-ID: <41C0992B.4030200@cyber-ny.com>

I think the problem is with the browser specs.  Using header( 'location: 
http://...com' ); cause the browser to receive a Error Code #302(?) and 
it will redirect to the new url that has been supplied but it's a 
temporary redirect. On refresh the browser will attempt the original 
url.  The method I use to fix this is:
echo '<script language="Javascript">location.href="http://...com"</script>';

There might be a better/proper way of re-directing the browser.

Rahmin Pavlovic wrote:
> Hello all,
> 
> I'm feeling especially out of it today - maybe someone here can help -
> 
> I have a page here that checks the db for a certain condition, which if met,
> redirects the user to another page.
> 
> That condition can be set by an external process, so it's entirely possible for
> the condition to be met while the user is on the page.  If that's the case, and
> the user hits reload, redirect.
> 
> So far so good.
> 
> The problem here is that, after being redirected, if the user hits reload on the
> new page, the previous page comes up.  Actually, the real problem is:  I don't
> know why it's doing that.
> 
> Has anyone experienced this before?  My header hurts..
> 
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


From john at cyber-ny.com  Wed Dec 15 15:07:37 2004
From: john at cyber-ny.com (John Nunez)
Date: Wed, 15 Dec 2004 15:07:37 -0500
Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT']
In-Reply-To: <41C093F3.7090508@optonline.net>
References: <41C093F3.7090508@optonline.net>
Message-ID: <41C09989.2090305@cyber-ny.com>

Donald

print_r out the $_SYSTEM variable to see if IIS has renamed it.

John

Donald J. Organ IV wrote:
> does anyone know a work around for the lack of $_SERVER['DOCUMENT_ROOT'] 
> on windows 2003 servers
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


From dcech at phpwerx.net  Wed Dec 15 15:08:17 2004
From: dcech at phpwerx.net (Dan Cech)
Date: Wed, 15 Dec 2004 15:08:17 -0500
Subject: [nycphp-talk] redirect problem
In-Reply-To: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com>
References: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com>
Message-ID: <41C099B1.8080105@phpwerx.net>

Rahmin Pavlovic wrote:
> Hello all,
> 
> I'm feeling especially out of it today - maybe someone here can help -
> 
> I have a page here that checks the db for a certain condition, which if met,
> redirects the user to another page.

How exactly are you redirecting the user?

Dan


From dcech at phpwerx.net  Wed Dec 15 15:12:12 2004
From: dcech at phpwerx.net (Dan Cech)
Date: Wed, 15 Dec 2004 15:12:12 -0500
Subject: [nycphp-talk] redirect problem
In-Reply-To: <41C0992B.4030200@cyber-ny.com>
References: <200412151959.iBFJxMuk005364@webmail5.megamailservers.com>
	<41C0992B.4030200@cyber-ny.com>
Message-ID: <41C09A9C.4090805@phpwerx.net>

John Nunez wrote:
> I think the problem is with the browser specs.  Using header( 'location: 
> http://...com' ); cause the browser to receive a Error Code #302(?) and 
> it will redirect to the new url that has been supplied but it's a 
> temporary redirect. On refresh the browser will attempt the original 
> url.  The method I use to fix this is:
> echo '<script 
> language="Javascript">location.href="http://...com"</script>';
> 
> There might be a better/proper way of re-directing the browser.

Another method is to use an http-equiv meta element:

<meta http-equiv="Refresh" content="5;url=http://www.example.com" />

which doesn't require JavaScript.

Dan


From ben at atlphp.org  Wed Dec 15 15:12:57 2004
From: ben at atlphp.org (Ben Ramsey)
Date: Wed, 15 Dec 2004 15:12:57 -0500
Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT']
In-Reply-To: <41C09989.2090305@cyber-ny.com>
References: <41C093F3.7090508@optonline.net> <41C09989.2090305@cyber-ny.com>
Message-ID: <41C09AC9.70901@atlphp.org>

John Nunez wrote:
> print_r out the $_SYSTEM variable to see if IIS has renamed it.

Or don't use the $_SYSTEM variable at all and use realpath() or 
pathinfo()...

http://www.php.net/realpath
http://www.php.net/pathinfo

-- 
Ben Ramsey
Zend Certified Engineer
http://benramsey.com


From flakie at gmail.com  Wed Dec 15 15:26:34 2004
From: flakie at gmail.com (Eric Rank)
Date: Wed, 15 Dec 2004 14:26:34 -0600
Subject: [nycphp-talk] Session security: protecting against hijacking attempts
Message-ID: <adca5f7d0412151226437b0eaa@mail.gmail.com>

Hi all,

I'm looking for a good standard practice for authenticating Sessions
to protect against hijacking attempts. What have you tried? What
works? What doesn't?

I know that the only REAL way to protext against this is to use SSL,
but I'm trying to get as secure as possible without SSL.

So far I've decided that as a minimum I can check the user agent and
the remote ip address on each page request to see if a session is
hijacked. This is the most obvious way to see if the session is being
used by a different user. However, these things can be spoofed, and in
fact, they probably don't even need to be spoofed if 2 users are
behind the same router and have the same user agent.

What else can one do to protect?

Thanks,

Eric Rank


From ajai at bitblit.net  Wed Dec 15 15:33:31 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Wed, 15 Dec 2004 15:33:31 -0500
Subject: [nycphp-talk] htpasswd files from PHP
Message-ID: <41C09F9B.3030008@bitblit.net>

Anyone written code or a library to manage htpasswd files from a web 
page with PHP?

---
Aj.

Systems Administrator / Developer



From rahmin at insite-out.com  Wed Dec 15 15:48:44 2004
From: rahmin at insite-out.com (Rahmin Pavlovic)
Date: Wed, 15 Dec 2004 15:48:44 -0500
Subject: [nycphp-talk] redirect problem
Message-ID: <200412152048.iBFKmiTN005076@webmail4.megamailservers.com>

An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041215/56ac4f0e/attachment.ksh>

From chsnyder at gmail.com  Wed Dec 15 15:55:50 2004
From: chsnyder at gmail.com (csnyder)
Date: Wed, 15 Dec 2004 15:55:50 -0500
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts
In-Reply-To: <adca5f7d0412151226437b0eaa@mail.gmail.com>
References: <adca5f7d0412151226437b0eaa@mail.gmail.com>
Message-ID: <b762526904121512555932d5de@mail.gmail.com>

As you said, SSL is the only way to be sure.

If I'm using your website through my evil neighbor's wireless access
point, and she decides to hijack my session, there is nothing we can
do about it. She'll probably duplicate my user-agent header, she has
the same ip address, and if she passes the same session cookie then
she *is* me, as far as your server can tell.

It used to be that a hijacker had to live inside the ISP to be able to
capture the packets -- but with wireless, anyone can play.

You can prevent inadvertant hijacking by requiring cookies.
Otherwise... good luck.


From flakie at gmail.com  Wed Dec 15 17:47:07 2004
From: flakie at gmail.com (Eric Rank)
Date: Wed, 15 Dec 2004 16:47:07 -0600
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts
In-Reply-To: <b762526904121512555932d5de@mail.gmail.com>
References: <adca5f7d0412151226437b0eaa@mail.gmail.com>
	<b762526904121512555932d5de@mail.gmail.com>
Message-ID: <adca5f7d0412151447751cfba@mail.gmail.com>

Is that it? Nothing else I can do to prevent it? Thus far this is the
conclusion that I've come up with too. It's slightly disturbing....
but web security vulnerabilities make me pretty squeemish. Is this
something that needs to be worried about, or am I just paranoind?

Eric Rank




On Wed, 15 Dec 2004 15:55:50 -0500, csnyder <chsnyder at gmail.com> wrote:
> As you said, SSL is the only way to be sure.
> 
> If I'm using your website through my evil neighbor's wireless access
> point, and she decides to hijack my session, there is nothing we can
> do about it. She'll probably duplicate my user-agent header, she has
> the same ip address, and if she passes the same session cookie then
> she *is* me, as far as your server can tell.
> 
> It used to be that a hijacker had to live inside the ISP to be able to
> capture the packets -- but with wireless, anyone can play.
> 
> You can prevent inadvertant hijacking by requiring cookies.
> Otherwise... good luck.


From fields at surgam.net  Wed Dec 15 18:00:56 2004
From: fields at surgam.net (Adam Fields)
Date: Wed, 15 Dec 2004 18:00:56 -0500
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts
In-Reply-To: <adca5f7d0412151447751cfba@mail.gmail.com>
References: <adca5f7d0412151226437b0eaa@mail.gmail.com>
	<b762526904121512555932d5de@mail.gmail.com>
	<adca5f7d0412151447751cfba@mail.gmail.com>
Message-ID: <20041215230056.GG434@lola.aquick.org>

On Wed, Dec 15, 2004 at 04:47:07PM -0600, Eric Rank wrote:
> Is that it? Nothing else I can do to prevent it? Thus far this is the
> conclusion that I've come up with too. It's slightly disturbing....
> but web security vulnerabilities make me pretty squeemish. Is this
> something that needs to be worried about, or am I just paranoind?

Er... this isn't limited to wireless - anyone between the server and
the user can eavesdrop on everything that crosses the wire, and
consequently fake it.

What's the aversion to SSL? It's not perfect, but it exists precisely
to try to address this exact problem.


> On Wed, 15 Dec 2004 15:55:50 -0500, csnyder <chsnyder at gmail.com> wrote:
> > As you said, SSL is the only way to be sure.
> > 
> > If I'm using your website through my evil neighbor's wireless access
> > point, and she decides to hijack my session, there is nothing we can
> > do about it. She'll probably duplicate my user-agent header, she has
> > the same ip address, and if she passes the same session cookie then
> > she *is* me, as far as your server can tell.
> > 
> > It used to be that a hijacker had to live inside the ISP to be able to
> > capture the packets -- but with wireless, anyone can play.
> > 
> > You can prevent inadvertant hijacking by requiring cookies.
> > Otherwise... good luck.
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org

-- 
				- Adam

-----
[ http://www.aquick.org/blog ]
[ http://www.adamfields.com ][ http://del.icio.us/fields ]
[ http://www.aquick.org/photoblog ][ http://www.aquick.org/gallery ]




From ttoomey at ydnt.com  Wed Dec 15 18:09:56 2004
From: ttoomey at ydnt.com (Tim Toomey)
Date: Wed, 15 Dec 2004 17:09:56 -0600
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts
In-Reply-To: <adca5f7d0412151226437b0eaa@mail.gmail.com>
References: <adca5f7d0412151226437b0eaa@mail.gmail.com>
Message-ID: <41C0C444.10104@ydnt.com>

Eric Rank wrote:

>Hi all,
>
>I'm looking for a good standard practice for authenticating Sessions
>to protect against hijacking attempts. What have you tried? What
>works? What doesn't?
>
>I know that the only REAL way to protext against this is to use SSL,
>but I'm trying to get as secure as possible without SSL.
>
>So far I've decided that as a minimum I can check the user agent and
>the remote ip address on each page request to see if a session is
>hijacked. This is the most obvious way to see if the session is being
>used by a different user. However, these things can be spoofed, and in
>fact, they probably don't even need to be spoofed if 2 users are
>behind the same router and have the same user agent.
>
>What else can one do to protect?
>
>Thanks,
>
>Eric Rank
>  
>

I know one thing I did to limit session hijacking is setup your files to 
automatically redirect to a portion of your php that kills the session 
after say 10 minutes of the page not being changed.

<meta http-equiv=refresh content="600; 
URL=http://www.pancorp.com/income_per_image/index.php?action=logout&timeout=1"> 


Then I have a simple little function I call up inbetween an if statement 
asking if action is set and timeout is equal to one to destroy the 
session array and log the user out.

-- 
-Tim Toomey
ttoomey at ydnt.com



From chsnyder at gmail.com  Wed Dec 15 18:11:37 2004
From: chsnyder at gmail.com (csnyder)
Date: Wed, 15 Dec 2004 18:11:37 -0500
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts
In-Reply-To: <adca5f7d0412151447751cfba@mail.gmail.com>
References: <adca5f7d0412151226437b0eaa@mail.gmail.com>
	<b762526904121512555932d5de@mail.gmail.com>
	<adca5f7d0412151447751cfba@mail.gmail.com>
Message-ID: <b7625269041215151110aa0b9a@mail.gmail.com>

On Wed, 15 Dec 2004 16:47:07 -0600, Eric Rank <flakie at gmail.com> wrote:
> Is this something that needs to be worried about, or am I just paranoind?

Yes. ;-)

No, not really -- you need to think about what harm can come from
someone impersonating an authenticated user of your application.
Falsified posts on a message board are usually no big deal, but
defacement of your Fortune 500 company's dynamic website would be a
much bigger concern.

Just because it's relatively easy to do, doesn't mean that anyone will
ever take the trouble to do it. If the possibility keeps you awake at
night, use SSL. Otherwise don't sweat it.


From flakie at gmail.com  Wed Dec 15 20:42:43 2004
From: flakie at gmail.com (Eric Rank)
Date: Wed, 15 Dec 2004 19:42:43 -0600
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts
In-Reply-To: <b7625269041215151110aa0b9a@mail.gmail.com>
References: <adca5f7d0412151226437b0eaa@mail.gmail.com>
	<b762526904121512555932d5de@mail.gmail.com>
	<adca5f7d0412151447751cfba@mail.gmail.com>
	<b7625269041215151110aa0b9a@mail.gmail.com>
Message-ID: <adca5f7d04121517427104970d@mail.gmail.com>

Thanks for the feedback.

Using SSL will be an option when it's available. I'm just trying to
figure out some best practices in order to stop the gaps as much as
possible. I just want to know what IS possible and if I'm missing
anything.

>From the responses so far, it seems that (just as you say, Chris) I
should use SSL for the really important stuff. Otherwise, a mixture of
timeout settings, useragent and ip verification, and possibly the use
of cookies, are the best, if not only, means of verifying the session.

Although, my gut tells me that there's some other creative solution possible...

- Eric Rank

> > Is this something that needs to be worried about, or am I just paranoind?
> 
> Yes. ;-)
> 
> No, not really -- you need to think about what harm can come from
> someone impersonating an authenticated user of your application.
> Falsified posts on a message board are usually no big deal, but
> defacement of your Fortune 500 company's dynamic website would be a
> much bigger concern.
> 
> Just because it's relatively easy to do, doesn't mean that anyone will
> ever take the trouble to do it. If the possibility keeps you awake at
> night, use SSL. Otherwise don't sweat it.


From codebowl at gmail.com  Thu Dec 16 08:05:50 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 16 Dec 2004 08:05:50 -0500
Subject: [nycphp-talk] htpasswd files from PHP
In-Reply-To: <41C09F9B.3030008@bitblit.net>
References: <41C09F9B.3030008@bitblit.net>
Message-ID: <8d9a428004121605054751f13a@mail.gmail.com>

i have none on hand that i have written however i have seen some that
will allow you to add/edit/delete users from a web based admin area.
search on hotscripts.com under php for htaccess it should turn up some
results.  Maybe this is something i will write in the future :D

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From shiflett at php.net  Thu Dec 16 09:05:34 2004
From: shiflett at php.net (Chris Shiflett)
Date: Thu, 16 Dec 2004 06:05:34 -0800 (PST)
Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT']
In-Reply-To: <41C093F3.7090508@optonline.net>
Message-ID: <20041216140534.49479.qmail@web52807.mail.yahoo.com>

--- "Donald J. Organ IV" <dorgan at optonline.net> wrote:
> does anyone know a work around for the lack of
> $_SERVER['DOCUMENT_ROOT'] on windows 2003 servers

I put this in httpd.conf to work around the lack of
$_SERVER['SERVER_ROOT']:

SetEnv SERVER_ROOT /path/to/apache

You could do the same sort of thing for document root.

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly     HTTP Developer's Handbook - Sams
Coming Soon                 http://httphandbook.org/


From dorgan at optonline.net  Thu Dec 16 09:23:30 2004
From: dorgan at optonline.net (Donald J. Organ IV)
Date: Thu, 16 Dec 2004 09:23:30 -0500
Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT']
In-Reply-To: <20041216140534.49479.qmail@web52807.mail.yahoo.com>
References: <20041216140534.49479.qmail@web52807.mail.yahoo.com>
Message-ID: <41C19A62.6040307@optonline.net>

Chris Shiflett wrote:

>--- "Donald J. Organ IV" <dorgan at optonline.net> wrote:
>  
>
>>does anyone know a work around for the lack of
>>$_SERVER['DOCUMENT_ROOT'] on windows 2003 servers
>>    
>>
>
>I put this in httpd.conf to work around the lack of
>$_SERVER['SERVER_ROOT']:
>
>SetEnv SERVER_ROOT /path/to/apache
>
>You could do the same sort of thing for document root.
>
>Chris
>
>=====
>Chris Shiflett - http://shiflett.org/
>
>PHP Security - O'Reilly     HTTP Developer's Handbook - Sams
>Coming Soon                 http://httphandbook.org/
>_______________________________________________
>New York PHP Talk
>Supporting AMP Technology (Apache/MySQL/PHP)
>http://lists.nyphp.org/mailman/listinfo/talk
>http://www.newyorkphp.org
>
>  
>
yeah but the hosting company i am using is using IIS so there is no 
httpd.conf file


From shiflett at php.net  Thu Dec 16 09:49:20 2004
From: shiflett at php.net (Chris Shiflett)
Date: Thu, 16 Dec 2004 06:49:20 -0800 (PST)
Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT']
In-Reply-To: <41C19A62.6040307@optonline.net>
Message-ID: <20041216144920.3554.qmail@web52804.mail.yahoo.com>

--- "Donald J. Organ IV" <dorgan at optonline.net> wrote:
> yeah but the hosting company i am using is using IIS so there is
> no httpd.conf file

Yikes! Good luck with that. :-(

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly     HTTP Developer's Handbook - Sams
Coming Soon                 http://httphandbook.org/


From mark at thirdstation.com  Thu Dec 16 10:19:02 2004
From: mark at thirdstation.com (mark)
Date: Thu, 16 Dec 2004 11:19:02 -0400
Subject: [nycphp-talk] DBM file support and caching in PHP
Message-ID: <20041216151902.M51527@thirdstation.com>

Greetings,

I am porting a library from Perl to PHP that will provide an API to perform over-the-network lookups 
of information.

The network lookups can potentially take a long time so, I'd like to cache results locally in a DBM file.  
>From what I've discovered so far, DBM file support is not enabled by default and must be compiled 
into the php binary.  Because I'd like the library to be easy to install, basically just untar it and go, I 
want to avoid asking my customers to recompile their php installations.

I also don't want to ask that the customers use their own DB's for caching because I don't want them 
to know anything about the cache (other than the fact it's there).  It's internal to the library.

Does PHP offer any built-in mechanisms to cache data?  I was going to serialize PHP objects out to 
the DBM file.  I'd use a flat file but, I need the fast lookup that DBM gives.

Any suggestions, wisdom?  Any info will be greatly appreciated.

Thanks,
Mark



From mark at thirdstation.com  Thu Dec 16 10:35:53 2004
From: mark at thirdstation.com (mark)
Date: Thu, 16 Dec 2004 11:35:53 -0400
Subject: [nycphp-talk] DBM file support and caching in PHP
Message-ID: <20041216153553.M85104@thirdstation.com>

Hi all,

Follow-up to my last message.  I just found the PEAR Cache_Lite package, 30 seconds after posting 
to the list.  Figures.

It looks like it does what I need.  Anyone have any experience using it?  Are there caveats?

Thanks,
Mark


From psaw at pswebcode.com  Thu Dec 16 10:43:49 2004
From: psaw at pswebcode.com (Peter Sawczynec)
Date: Thu, 16 Dec 2004 10:43:49 -0500
Subject: [nycphp-talk] Shooting stars pour down the black heaven...
Message-ID: <000201c4e386$0ce8e950$68e4a144@Liz>

     Out back the horizon was strangely tinted. Low sun floated, a metallic
pink bubble behind stubby grey oaks with branches retaining clutches of
tightly curled crimson and gold leaves. Giant, shining blackbirds commanded
and complained. Robins cased the plush crusted field. An alert rabbit stood,
nose moving precisely like swanky hips, stared towards the broad white
Victorian with lemon shutters, mint window frames, pink trellises under the
gables, and three sides of wide porch filled with four generations of white
rockers, an Adirondack, two swings and a hammock.
     Rough winds smacked the frosted glass in the second floor dormers.
Ancient warped wooden sashes clicked and clapped in the frames. Fine brass
wind chimes strained and sprayed in the gusts, hurling icy tinkles. A rake,
hoe and shovel slid from position and sequentially clunked to the floor.
     Time lapsed in my unforgettable floating world.
 
     Happy, happy holidays to you and yours...
 
Warmest regards,
 
Peter Sawczynec
Technology Director
PSWebcode
psaw at pswebcode.com
718.543.3240
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041216/83d7d095/attachment.html>

From fields at hedge.net  Thu Dec 16 11:16:20 2004
From: fields at hedge.net (Adam Fields)
Date: Thu, 16 Dec 2004 11:16:20 -0500
Subject: [nycphp-talk] Thanks to our hosts!
Message-ID: <20041216161620.GD19604@lola.aquick.org>

It was great to see some of you last night! I hope you're still
recovering from whatever hangover you might have acquired.

Just a quick thanks to our hosts, who put a lot of effort into putting
together a fun party. Great drink, great food, great space.

Thanks!

-- 
				- Adam

-----
[ http://www.aquick.org/blog ]
[ http://www.adamfields.com ][ http://del.icio.us/fields ]
[ http://www.aquick.org/photoblog ][ http://www.aquick.org/gallery ]



From danielc at analysisandsolutions.com  Thu Dec 16 11:57:13 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Thu, 16 Dec 2004 11:57:13 -0500
Subject: [nycphp-talk] DBM file support and caching in PHP
In-Reply-To: <20041216151902.M51527@thirdstation.com>
References: <20041216151902.M51527@thirdstation.com>
Message-ID: <20041216165712.GA5374@panix.com>

On Thu, Dec 16, 2004 at 11:19:02AM -0400, mark wrote:
> I also don't want to ask that the customers use their own DB's for 
> caching

Have you thought about using SQLite?  It's built into PHP 5 by default.  
While it has many characteristics of a DBMS, it's really just a glorified 
file format, so doesn't have a DBMS server.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From george at omniti.com  Thu Dec 16 12:02:57 2004
From: george at omniti.com (George Schlossnagle)
Date: Thu, 16 Dec 2004 12:02:57 -0500
Subject: [nycphp-talk] DBM file support and caching in PHP
In-Reply-To: <20041216165712.GA5374@panix.com>
References: <20041216151902.M51527@thirdstation.com>
	<20041216165712.GA5374@panix.com>
Message-ID: <55A8A702-4F84-11D9-A171-000D93359332@omniti.com>


On Dec 16, 2004, at 11:57 AM, Daniel Convissor wrote:

> On Thu, Dec 16, 2004 at 11:19:02AM -0400, mark wrote:
>> I also don't want to ask that the customers use their own DB's for
>> caching
>
> Have you thought about using SQLite?  It's built into PHP 5 by default.
> While it has many characteristics of a DBMS, it's really just a 
> glorified
> file format, so doesn't have a DBMS server.

That's a rather poor characterization.  SQLite is actually much more 
fully featured that something like MySQL, it just happens to be an 
embedded RDBMS instead of a standalone server.  Extending your 
characterization would mean that all the DBM implementation (including 
ones with full transactional support like db4) are glorified file 
formats, simply because they embed and aren't talked to over so sort of 
IPC or networking.

George



From chsnyder at gmail.com  Thu Dec 16 12:11:29 2004
From: chsnyder at gmail.com (csnyder)
Date: Thu, 16 Dec 2004 12:11:29 -0500
Subject: [nycphp-talk] Shooting stars pour down the black heaven...
In-Reply-To: <000201c4e386$0ce8e950$68e4a144@Liz>
References: <000201c4e386$0ce8e950$68e4a144@Liz>
Message-ID: <b7625269041216091132df148e@mail.gmail.com>

<?php
class holidayGreeting implements cheer {
  private $buffer;
  public function __construct( (string) $message ) {
    $this->buffer = $message."\n...and happy freek'n holidays!";
  }
  public function asHtml() {
    return nl2br( $this->buffer );
  }
}
$greets = new holidayGreeting( "Wishing you many bugfree returns..." );
?>
<html>
  <head>
    <title>Warmest Regards</title>
  </head>
  <body>
    <div style="font-size: really-goddam-big; font-style=pretty;">
      <?=$greets->asHtml()?>
    </div>
  </body>
</html>
<?php
if ( isset($_GET['debug']) ) {
  print "<pre>PS -- Thanks for a great party last night. Friends, art,
music, free beer ... a dream come true!</pre>";
}
//EOF


From hans at nyphp.com  Thu Dec 16 12:26:51 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Thu, 16 Dec 2004 09:26:51 -0800
Subject: [nycphp-talk] Thanks to our hosts!
Message-ID: <41EE526EC2D3C74286415780D3BA9F8706D13EF5@ehost011-1.exch011.intermedia.net>


> It was great to see some of you last night! I hope you're still
> recovering from whatever hangover you might have acquired.
> 
> Just a quick thanks to our hosts, who put a lot of effort into putting
> together a fun party. Great drink, great food, great space.

Thanks Adam, and for everyone that joined us last night.  It was a great
time, and we're looking forward to making such events in the future.

Regards,


---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org





From psaw at pswebcode.com  Thu Dec 16 12:54:59 2004
From: psaw at pswebcode.com (Peter Sawczynec)
Date: Thu, 16 Dec 2004 12:54:59 -0500
Subject: [nycphp-talk] Quick DHTML/FLash Conflict Question
Message-ID: <002201c4e398$5f8f7db0$68e4a144@Liz>

Using PHP to feed vars to JavaScript that creates DHTML menu system on the
fly.
When the menu is opened and menu items overlay a Flash .swf on the same
page, 
the .swf file is always on top obscuring menu items.

Can ordinary HTML be forced on top of Flash? Use CSS z-index?

Warmest regards,

Peter Sawczynec
Technology Director
PSWebcode
psaw at pswebcode.com
718.543.3240




From rahmin at insite-out.com  Thu Dec 16 13:10:02 2004
From: rahmin at insite-out.com (Rahmin Pavlovic)
Date: Thu, 16 Dec 2004 13:10:02 -0500
Subject: [nycphp-talk] Quick DHTML/FLash Conflict Question
Message-ID: <200412161810.iBGIA2uk028725@webmail5.megamailservers.com>

An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041216/da891c83/attachment.ksh>

From chsnyder at gmail.com  Thu Dec 16 13:54:30 2004
From: chsnyder at gmail.com (csnyder)
Date: Thu, 16 Dec 2004 13:54:30 -0500
Subject: [nycphp-talk] Quick DHTML/FLash Conflict Question
In-Reply-To: <200412161810.iBGIA2uk028725@webmail5.megamailservers.com>
References: <200412161810.iBGIA2uk028725@webmail5.megamailservers.com>
Message-ID: <b7625269041216105445122b48@mail.gmail.com>

On Thu, 16 Dec 2004 13:10:02 -0500, Rahmin Pavlovic
<rahmin at insite-out.com> wrote:

> Not really.  Best cross-browser method I can think of is to make the movie
> disappear when the menu is activated (reappearing when deactivated) using either
> the css 'display' or 'visible' properties.

Wow, does that work?

Flash, QuickTime, etc. are outside of the browser's rendering process
-- they're given a piece of screen real estate and told to "write
here". So there's no way to put HTML on top.

You could dynamically insert things into the .swf using some actionscript. 

-- 
Chris Snyder
http://chxo.com/


From mjdewitt at alexcommgrp.com  Thu Dec 16 13:58:04 2004
From: mjdewitt at alexcommgrp.com (DeWitt, Michael)
Date: Thu, 16 Dec 2004 13:58:04 -0500
Subject: [nycphp-talk] Call for pictures of the holiday party
Message-ID: <BCF799A6B63DD411985D00805F9F9033E0A765@mail.alexcommgrp.com>

It was great seeing so many of you at the party last night. 

I noticed that quite a few people had cameras.  I would like to gather
everyone's pictures and hang them in the NYPHP gallery (which is open to all
to view at http://nyphp.org/content/gallery/). If you have some that you
would like to share, would you please compress and email them to me at
mailto:mjdewitt at alexcommgrp.com 

Thanks

Mike
NYPHP


From rahmin at insite-out.com  Thu Dec 16 14:12:42 2004
From: rahmin at insite-out.com (Rahmin Pavlovic)
Date: Thu, 16 Dec 2004 14:12:42 -0500
Subject: [nycphp-talk] Quick DHTML/FLash Conflict Question
Message-ID: <200412161912.iBGJCguk012545@webmail5.megamailservers.com>

An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041216/9659ec30/attachment.ksh>

From codebowl at gmail.com  Thu Dec 16 14:22:32 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 16 Dec 2004 14:22:32 -0500
Subject: [nycphp-talk] Call for pictures of the holiday party
In-Reply-To: <BCF799A6B63DD411985D00805F9F9033E0A765@mail.alexcommgrp.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A765@mail.alexcommgrp.com>
Message-ID: <8d9a4280041216112272c9c646@mail.gmail.com>

OHHH Drunken programmers, i gotta see that :D

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From joshmccormack at travelersdiary.com  Thu Dec 16 15:00:32 2004
From: joshmccormack at travelersdiary.com (Josh McCormack)
Date: Thu, 16 Dec 2004 15:00:32 -0500
Subject: [nycphp-talk] Quick DHTML/FLash Conflict Question
In-Reply-To: <200412161810.iBGIA2uk028725@webmail5.megamailservers.com>
References: <200412161810.iBGIA2uk028725@webmail5.megamailservers.com>
Message-ID: <41C1E960.40501@travelersdiary.com>



Rahmin Pavlovic wrote:
> On Thu, 16 Dec 2004 12:54 , Peter Sawczynec <psaw at pswebcode.com> sent:
> 
> 
>>Using PHP to feed vars to JavaScript that creates DHTML menu system on the
>>fly.
>>When the menu is opened and menu items overlay a Flash .swf on the same
>>page, 
>>the .swf file is always on top obscuring menu items.
>>
>>Can ordinary HTML be forced on top of Flash? Use CSS z-index?
>>
> 
> 
> 
> Not really.  Best cross-browser method I can think of is to make the movie
> disappear when the menu is activated (reappearing when deactivated) using either
> the css 'display' or 'visible' properties.
> 
Switch out the movie with a gif of it, if possible.

Josh



From shawn at shawnlawyer.com  Fri Dec 17 03:00:07 2004
From: shawn at shawnlawyer.com (Shawn Lawyer)
Date: Fri, 17 Dec 2004 03:00:07 -0500
Subject: [nycphp-talk] $_SERVER['DOCUMENT_ROOT']
References: <41C093F3.7090508@optonline.net>
Message-ID: <003d01c4e40e$6ce1a9e0$6401a8c0@ViaoDev1>

>From when I was a little Kiddie

function docRoot()
{ return str_repeat('../', substr_count($_SERVER['REQUEST_URI'], "/")-1); }

$docRoot=docRoot();

> does anyone know a work around for the lack of $_SERVER['DOCUMENT_ROOT'] 
> on windows 2003 servers

Shawn Lawyer




From j.aponte at gmail.com  Fri Dec 17 12:55:00 2004
From: j.aponte at gmail.com (Juancarlos Aponte)
Date: Fri, 17 Dec 2004 12:55:00 -0500
Subject: [nycphp-talk] php + mysql
Message-ID: <a986d740412170955549bb72a@mail.gmail.com>

Hey, I'm trying to get PHP 5.0.x to work with the latest MySQL on
Windows Server 2003 (don't flame me). I've edited the php.ini file as
per PHP's website.  Somehow I still can't get it to work properly.  I
got rid of the semicolon in front of the phpmysql.dll line in the ini
file but it still doesn't work. I put the libmysql.dll file into the
windows system directory (both system and system32).  Can anyone help
me out here? Thanks.

-- 
.: Juancarlos :.

"Any fool can know. The point is to understand."
-Albert Einstein


From jayeshsh at ceruleansky.com  Fri Dec 17 13:13:58 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Fri, 17 Dec 2004 13:13:58 -0500
Subject: [nycphp-talk] PHP + Java with PHPMQ
Message-ID: <41C321E6.5070903@ceruleansky.com>

Hello everyone,

I hope you are all enjoying the tropical weather of New York City. I 
don't know about any of you, but who would want to vacation on a 
tropical island such as Java in this warm weather?

Speaking of Java, I thought I should mention this interesting article I 
came across:

http://www.onjava.com/lpt/a/5363

Amir Shevat has written the PHPMQ system. He has this to say:
"JMS (Java Messaging Service) is an interface implemented by most J2EE 
containers in order to provide point-to-point queuing and topic-based 
(publish/subscribe) functionality. JMS is frequently used by enterprise 
and back-end applications for distributed communication and 
collaboration. [...] Although efforts are being made to develop PHP as a 
back-end scripting language, its use is still very much confined to 
front-end applications. Combining the strengths of PHP--easy and fast 
web development, and compatibility with many types of databases--with 
those of JMS, which is the standard for communication with back-end 
enterprise applications, creates a powerful and easy-to-use tool for 
both Java and PHP developers.

PHPMQ gives the PHP developer JMS-like abilities through the MantaRay 
messaging bus. This document gives an overview of PHPMQ and its use by 
the PHP developer."

This seems like a cool project.

- Jay
PS: People interested in both Java and PHP may want to check out (the 
end of) this article too:
http://www.oracle.com/technology/pub/articles/php_experts/FutureofPHP.html


From danielc at analysisandsolutions.com  Fri Dec 17 13:27:10 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Fri, 17 Dec 2004 13:27:10 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <a986d740412170955549bb72a@mail.gmail.com>
References: <a986d740412170955549bb72a@mail.gmail.com>
Message-ID: <20041217182710.GA20963@panix.com>

On Fri, Dec 17, 2004 at 12:55:00PM -0500, Juancarlos Aponte wrote:
> Hey, I'm trying to get PHP 5.0.x to work with the latest MySQL on
> Windows Server 2003

WHICH version of MySQL?  4.0.x needs the mysql extension.  4.1.x needs 
the mysqli extension.

Are you running PHP as a CGI or as a module?


> got rid of the semicolon in front of the phpmysql.dll line in the ini
> file but it still doesn't work.

You mean php_mysql.dll (or php_mysqli.dll).

Did you uncomment the proper DLL/extension?  Did you properly set the 
extension_dir entry in php.ini?  For example:

   extension_dir = "c:\progra~1\php\ext"


> I put the libmysql.dll file into the
> windows system directory (both system and system32).  Can anyone help

libmysql.dll?  Anyway, don't.  Put it back in the php\ext directory.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From mjdewitt at alexcommgrp.com  Fri Dec 17 14:27:39 2004
From: mjdewitt at alexcommgrp.com (DeWitt, Michael)
Date: Fri, 17 Dec 2004 14:27:39 -0500
Subject: [nycphp-talk] PHP Vulnerability
Message-ID: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>

Just forwarding Brad's note as this is on-topic here.

Mike

> -----Original Message-----
> From:	Brad Schonhorst [SMTP:bschonhorst at vcsnyc.org]
> Sent:	Friday, December 17, 2004 2:18 PM
> To:	nycbug List
> Subject:	[nycbug-talk] OT: PHP Vulnerability
> 
> 
>  From http://www.hardened-php.net
> 
> During the development of Hardened-PHP several serious vulnerabilties 
> were discovered and fixed. The following advisory has been released.
> 
> The advisory:
> http://www.hardened-php.net/advisories/012004.txt
> 
> Apparently PHP 4 and 5 is effected which includes the versions running 
> on Mac OS X  Server (PHP v 4.3.2)
> 
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month


From chsnyder at gmail.com  Fri Dec 17 14:47:49 2004
From: chsnyder at gmail.com (csnyder)
Date: Fri, 17 Dec 2004 14:47:49 -0500
Subject: [nycphp-talk] PHP Vulnerability
In-Reply-To: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>
Message-ID: <b76252690412171147ba288ad@mail.gmail.com>

Looks like another Friday afternoon upgrade session for a lot of us.
According to the announcement, any code that uses unserialize() on any
values that include user input is vulnerable.


On a related note, does anyone here use Hardened-PHP?

Or as a Slashdot poster wondered earlier, is there any reason why the
Hardened-PHP patches aren't part of vanilla PHP in the first place?

   chris.


From danielc at analysisandsolutions.com  Fri Dec 17 15:49:20 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Fri, 17 Dec 2004 15:49:20 -0500
Subject: [nycphp-talk] PHP Vulnerability
In-Reply-To: <b76252690412171147ba288ad@mail.gmail.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>
	<b76252690412171147ba288ad@mail.gmail.com>
Message-ID: <20041217204920.GA6226@panix.com>

On Fri, Dec 17, 2004 at 02:47:49PM -0500, csnyder wrote:

> According to the announcement, any code that uses unserialize() on any
> values that include user input is vulnerable.

You mean _improperly validated_ user input.  Come on, who would pass 
unsanitized user input to ANYTHING? :)

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From mjdewitt at alexcommgrp.com  Fri Dec 17 15:55:38 2004
From: mjdewitt at alexcommgrp.com (DeWitt, Michael)
Date: Fri, 17 Dec 2004 15:55:38 -0500
Subject: [nycphp-talk] 35% off from Addison-Wesley/Prentice Hall to group
	members
Message-ID: <BCF799A6B63DD411985D00805F9F9033E0A784@mail.alexcommgrp.com>

If you are looking for some reading material over the holidays, here you go:

For discount off Prentice Hall PTR books:
http://www.phptr.com/promotion/1945

For discount off Addison-Wesley books: 
http://www.awprofessional.com/promotion/1942 

Mike


From shiflett at php.net  Fri Dec 17 16:02:34 2004
From: shiflett at php.net (Chris Shiflett)
Date: Fri, 17 Dec 2004 13:02:34 -0800 (PST)
Subject: [nycphp-talk] PHP Vulnerability
In-Reply-To: <20041217204920.GA6226@panix.com>
Message-ID: <20041217210234.64020.qmail@web52803.mail.yahoo.com>

--- Daniel Convissor <danielc at analysisandsolutions.com> wrote:
> You mean _improperly validated_ user input.  Come on, who would
> pass unsanitized user input to ANYTHING? :)

That's a good point. This is why I don't find most vulnerabilities to be a
concern. However, whenever there is a vulnerability in something people
use to filter data (even if it's not the best approach), I consider it to
be very serious. For example, this is from the Security Focus description
of the recent addslashes() vulnerability fixed in 4.3.10:

    <?php
    $whatever = addslashes($_REQUEST['whatever']);
    include("/path/to/program/" . $whatever . "/header.htm");
    ?>

    A malicious attacker might open the following URL, disclosing
    the boot.ini file:

    http://localhost/phpscript.php?whatever=../../../../boot.ini%00

That's not exactly a great way to be filtering something, but it
demonstrates that even those who try to adhere to some security practices
can still be affected by vulnerabilities.

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly     HTTP Developer's Handbook - Sams
Coming Soon                 http://httphandbook.org/


From chsnyder at gmail.com  Fri Dec 17 16:11:48 2004
From: chsnyder at gmail.com (csnyder)
Date: Fri, 17 Dec 2004 16:11:48 -0500
Subject: [nycphp-talk] PHP Vulnerability
In-Reply-To: <20041217204920.GA6226@panix.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>
	<b76252690412171147ba288ad@mail.gmail.com>
	<20041217204920.GA6226@panix.com>
Message-ID: <b762526904121713112ea49a03@mail.gmail.com>

Daniel Convissor  wrote:
> You mean _improperly validated_ user input.  Come on, who would pass
> unsanitized user input to ANYTHING? :)

Well gees -- you pass unsanitized user input to addslashes(), dontcha?

We're not talking about sending user input to a database query or
shell command -- the unserialize() vulnerability happens inside PHP
itself.


From danielc at analysisandsolutions.com  Fri Dec 17 16:22:16 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Fri, 17 Dec 2004 16:22:16 -0500
Subject: [nycphp-talk] PHP Vulnerability
In-Reply-To: <b762526904121713112ea49a03@mail.gmail.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>
	<b76252690412171147ba288ad@mail.gmail.com>
	<20041217204920.GA6226@panix.com>
	<b762526904121713112ea49a03@mail.gmail.com>
Message-ID: <20041217212216.GA24492@panix.com>

On Fri, Dec 17, 2004 at 04:11:48PM -0500, csnyder wrote:

> Well gees -- you pass unsanitized user input to addslashes(), dontcha?

Uh, no.

If I expect something to be an integer, it better be an integer.  If I 
had to accept a file name, it wouldn't be allowed to have double 
periods or slashes in it.  I tend to check for length also.  Etc...

Though, of course, I use PHP functions to do that checking.  So, if 
preg functions had a vulnerability... OUCH!

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From dmintz at davidmintz.org  Fri Dec 17 16:27:00 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Fri, 17 Dec 2004 16:27:00 -0500 (EST)
Subject: [nycphp-talk] why addslashes()? [PHP Vulnerability]
In-Reply-To: <20041217212216.GA24492@panix.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>
	<b76252690412171147ba288ad@mail.gmail.com>
	<20041217204920.GA6226@panix.com>
	<b762526904121713112ea49a03@mail.gmail.com>
	<20041217212216.GA24492@panix.com>
Message-ID: <Pine.BSF.4.58.0412171623210.14127@emra.pair.com>


Isn't the main purpose of addslashes() to escape stuff for SQL query
purposes? In that case let's do our sanitization per normal, then use
parameterized SQL queries instead and forget addslashes().

On Fri, 17 Dec 2004, Daniel Convissor wrote:

> On Fri, Dec 17, 2004 at 04:11:48PM -0500, csnyder wrote:
>
> > Well gees -- you pass unsanitized user input to addslashes(), dontcha?
>
> Uh, no.
>
> If I expect something to be an integer, it better be an integer.  If I
> had to accept a file name, it wouldn't be allowed to have double
> periods or slashes in it.  I tend to check for length also.  Etc...


---
David Mintz
http://davidmintz.org/


From dmintz at davidmintz.org  Fri Dec 17 16:30:35 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Fri, 17 Dec 2004 16:30:35 -0500 (EST)
Subject: [nycphp-talk] Subversion (vs CVS)
Message-ID: <Pine.BSF.4.58.0412171630040.14127@emra.pair.com>


Has anybody migrated to Subversion and if so, how do ya like it?

---
David Mintz
http://davidmintz.org/

$world =~ s|<bush[^>]*>.+</bush>||is;


From shiflett at php.net  Fri Dec 17 16:35:15 2004
From: shiflett at php.net (Chris Shiflett)
Date: Fri, 17 Dec 2004 13:35:15 -0800 (PST)
Subject: [nycphp-talk] PHP Vulnerability
In-Reply-To: <20041217212216.GA24492@panix.com>
Message-ID: <20041217213515.11535.qmail@web52809.mail.yahoo.com>

--- Daniel Convissor <danielc at analysisandsolutions.com> wrote:
> If I expect something to be an integer, it better be an integer.
> If I had to accept a file name, it wouldn't be allowed to have
> double periods or slashes in it. I tend to check for length also.

This is a very good practice. Like Dan, I also don't like the idea of
relying on something like addslashes() to protect against SQL injection.
Data should be both filtered and escaped, not just escaped.

In fact, I have a very high opinion of the principle of defense in depth,
which is just a fancy way to say that redundancy is a good thing, even in
terms of security safeguards. It's nice to have a backup check, just in
case you screw up when writing your code. Not that any of us do that. :-)

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly     HTTP Developer's Handbook - Sams
Coming Soon                 http://httphandbook.org/


From george at omniti.com  Fri Dec 17 16:34:06 2004
From: george at omniti.com (George Schlossnagle)
Date: Fri, 17 Dec 2004 16:34:06 -0500
Subject: [nycphp-talk] PHP Vulnerability
In-Reply-To: <20041217212216.GA24492@panix.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>
	<b76252690412171147ba288ad@mail.gmail.com>
	<20041217204920.GA6226@panix.com>
	<b762526904121713112ea49a03@mail.gmail.com>
	<20041217212216.GA24492@panix.com>
Message-ID: <61501A7C-5073-11D9-A171-000D93359332@omniti.com>

I think in general it's bad policy to blame the victim, even when it's 
due to some oversight.  Besides, it really is an untenable standard 
that people should have to manually deserialize all their data 
themselves as a verification before then passing it to PHP.  It is 
unserialize's job to determine if it's inputs are valid serialized data 
or not.

The problem was that you could have something which for all  intents 
and purposes looked like a duck, quacked like a duck, but wasn't a duck 
and a resulted in an unchecked buffer overrun.

George



From tom at supertom.com  Fri Dec 17 16:37:00 2004
From: tom at supertom.com (Tom)
Date: Fri, 17 Dec 2004 16:37:00 -0500
Subject: [nycphp-talk] Subversion (vs CVS)
In-Reply-To: <Pine.BSF.4.58.0412171630040.14127@emra.pair.com>
References: <Pine.BSF.4.58.0412171630040.14127@emra.pair.com>
Message-ID: <1103319419.2269.24.camel@tmelendez.int.bascom.com>

Hi David,

Yes, we just migrated from CVS couple of weeks ago.  Very full featured,
and use is similar to CVS, so no big learning curve.  I strongly
recommend it.  Also converted our history without issue.    There are
Windows and Linux clients available as well.

Tom
www.liphp.org

On Fri, 2004-12-17 at 16:30, David Mintz wrote:
> Has anybody migrated to Subversion and if so, how do ya like it?
> 
> ---
> David Mintz
> http://davidmintz.org/
> 
> $world =~ s|<bush[^>]*>.+</bush>||is;
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org




From chsnyder at gmail.com  Fri Dec 17 16:40:29 2004
From: chsnyder at gmail.com (csnyder)
Date: Fri, 17 Dec 2004 16:40:29 -0500
Subject: [nycphp-talk] PHP Vulnerability
In-Reply-To: <20041217212216.GA24492@panix.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>
	<b76252690412171147ba288ad@mail.gmail.com>
	<20041217204920.GA6226@panix.com>
	<b762526904121713112ea49a03@mail.gmail.com>
	<20041217212216.GA24492@panix.com>
Message-ID: <b7625269041217134037b0871b@mail.gmail.com>

Daniel Convissor  wrote:
> Though, of course, I use PHP functions to do that checking.  So, if
> preg functions had a vulnerability... OUCH!

Heh. Exactly what I mean. 

In this case, I actually have no idea what the specially crafted
string is that breaks unserialize() -- but if it's a string, and not
an insanely big one, then it would go through any input validation
unnoticed.

Especially if it was in, say, a message field where all you did was
strip_tags() and store it. Which is why I'm upgrading now.


From fields at hedge.net  Fri Dec 17 16:49:40 2004
From: fields at hedge.net (Adam Fields)
Date: Fri, 17 Dec 2004 16:49:40 -0500
Subject: [nycphp-talk] Subversion (vs CVS)
In-Reply-To: <Pine.BSF.4.58.0412171630040.14127@emra.pair.com>
References: <Pine.BSF.4.58.0412171630040.14127@emra.pair.com>
Message-ID: <20041217214940.GB17205@lola.aquick.org>

On Fri, Dec 17, 2004 at 04:30:35PM -0500, David Mintz wrote:
> 
> Has anybody migrated to Subversion and if so, how do ya like it?

Yup. It's better in pretty much every way.

-- 
				- Adam

-----
[ http://www.aquick.org/blog ]
[ http://www.adamfields.com ][ http://del.icio.us/fields ]
[ http://www.aquick.org/photoblog ][ http://www.aquick.org/gallery ]




From george at omniti.com  Fri Dec 17 16:51:34 2004
From: george at omniti.com (George Schlossnagle)
Date: Fri, 17 Dec 2004 16:51:34 -0500
Subject: [nycphp-talk] Subversion (vs CVS)
In-Reply-To: <20041217214940.GB17205@lola.aquick.org>
References: <Pine.BSF.4.58.0412171630040.14127@emra.pair.com>
	<20041217214940.GB17205@lola.aquick.org>
Message-ID: <D1B5452A-5075-11D9-A171-000D93359332@omniti.com>


On Dec 17, 2004, at 4:49 PM, Adam Fields wrote:

> On Fri, Dec 17, 2004 at 04:30:35PM -0500, David Mintz wrote:
>>
>> Has anybody migrated to Subversion and if so, how do ya like it?
>
> Yup. It's better in pretty much every way.

Anyone know how to (easily) find the global revision number for a tag?  
For example, I want to do the svn version of

cvs log -r SOMETAG .

Seems like you need to do:

svn diff -rNNNN  .

where NNNN is the revision number of the tag.  Also, I don't want to 
have a working copy of the tag in question to do this.

George



From ajai at bitblit.net  Fri Dec 17 17:55:00 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Fri, 17 Dec 2004 17:55:00 -0500
Subject: [nycphp-talk] Subversion (vs CVS)
In-Reply-To: <20041217214940.GB17205@lola.aquick.org>
References: <Pine.BSF.4.58.0412171630040.14127@emra.pair.com>
	<20041217214940.GB17205@lola.aquick.org>
Message-ID: <41C363C4.1060608@bitblit.net>

Adam Fields wrote:

>On Fri, Dec 17, 2004 at 04:30:35PM -0500, David Mintz wrote:
>  
>
>>Has anybody migrated to Subversion and if so, how do ya like it?
>>    
>>
>
>Yup. It's better in pretty much every way.
>
>  
>

Anybody used RapidSVN or another GUI front-end for Subversion on Mac OS X???

-- 
Aj.
Systems Administrator / Developer



From danielc at analysisandsolutions.com  Fri Dec 17 18:09:59 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Fri, 17 Dec 2004 18:09:59 -0500
Subject: [nycphp-talk] DBM file support and caching in PHP
In-Reply-To: <55A8A702-4F84-11D9-A171-000D93359332@omniti.com>
References: <20041216151902.M51527@thirdstation.com>
	<20041216165712.GA5374@panix.com>
	<55A8A702-4F84-11D9-A171-000D93359332@omniti.com>
Message-ID: <20041217230959.GA8487@panix.com>

On Thu, Dec 16, 2004 at 12:02:57PM -0500, George Schlossnagle wrote:
> 
> That's a rather poor characterization.  SQLite is actually much more 
> fully featured that something like MySQL, it just happens to be an 
> embedded RDBMS instead of a standalone server.

Granted.  I was making a quick generalization.  In part that's based 
on my being wary to use SQLite for an application that needs (heavy)
simultaneous reading and writing.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From danielc at analysisandsolutions.com  Fri Dec 17 18:16:09 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Fri, 17 Dec 2004 18:16:09 -0500
Subject: [nycphp-talk] PHP Vulnerability
In-Reply-To: <61501A7C-5073-11D9-A171-000D93359332@omniti.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>
	<b76252690412171147ba288ad@mail.gmail.com>
	<20041217204920.GA6226@panix.com>
	<b762526904121713112ea49a03@mail.gmail.com>
	<20041217212216.GA24492@panix.com>
	<61501A7C-5073-11D9-A171-000D93359332@omniti.com>
Message-ID: <20041217231609.GB8487@panix.com>

On Fri, Dec 17, 2004 at 04:34:06PM -0500, George Schlossnagle wrote:
> I think in general it's bad policy to blame the victim

Of course.


> Besides, it really is an untenable standard 
> that people should have to manually deserialize all their data 
> themselves

Not my intention.  I was infering more that I wouldn't pass 
unvalidated info to serialize() and wouldn't rely on cookie data being 
clean.


> The problem was that you could have something which for all  intents 
> and purposes looked like a duck, quacked like a duck, but wasn't a duck 
> and a resulted in an unchecked buffer overrun.

Hmmm... so what animal would that be?  I guess a some unusual snake 
that quacks.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From jlacey at att.net  Fri Dec 17 18:24:10 2004
From: jlacey at att.net (John Lacey)
Date: Fri, 17 Dec 2004 16:24:10 -0700
Subject: [nycphp-talk] 35% off from Addison-Wesley/Prentice Hall to group
	members
In-Reply-To: <BCF799A6B63DD411985D00805F9F9033E0A784@mail.alexcommgrp.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A784@mail.alexcommgrp.com>
Message-ID: <41C36A9A.7000709@att.net>

DeWitt, Michael wrote:
> If you are looking for some reading material over the holidays, here you go:
> 
> For discount off Prentice Hall PTR books:
> http://www.phptr.com/promotion/1945
> 
> For discount off Addison-Wesley books: 
> http://www.awprofessional.com/promotion/1942 
> 

thanks Mike,

and speaking of books, people who are looking for a good treatment on 
security with a focus on web programming, you might check out a book 
called "Innocent Code -- a security wake-up call for web programmers" by 
Sverre H. Huseby.  Bookpool has it along with their usual killer prices:

http://www.bookpool.com/.x/seohzqasy8/ss?qs=innocent+code&x=0&y=0

I bought it sometime ago while waiting for Shiflett's security book to 
hit the shelves.

BTW George Schlossnagle, nice job on the "Advanced PHP Programming" 
book.  It is well-organized and contains a wealth of interesting and 
diverse topics.  I have a little business developing and teaching Open 
Source classes (mainly LAMP stack).   I hope to offer several levels of 
courses and if things work out, I want to develop an advanced PHP 
course--your book would make a good text, I'm thinking.  The method to 
my madness is to pick a good text and then develop a student workbook 
around it.

John




From george at omniti.com  Fri Dec 17 18:31:53 2004
From: george at omniti.com (George Schlossnagle)
Date: Fri, 17 Dec 2004 18:31:53 -0500
Subject: [nycphp-talk] PHP Vulnerability
In-Reply-To: <20041217231609.GB8487@panix.com>
References: <BCF799A6B63DD411985D00805F9F9033E0A77D@mail.alexcommgrp.com>
	<b76252690412171147ba288ad@mail.gmail.com>
	<20041217204920.GA6226@panix.com>
	<b762526904121713112ea49a03@mail.gmail.com>
	<20041217212216.GA24492@panix.com>
	<61501A7C-5073-11D9-A171-000D93359332@omniti.com>
	<20041217231609.GB8487@panix.com>
Message-ID: <D5363B04-5083-11D9-A171-000D93359332@omniti.com>


On Dec 17, 2004, at 6:16 PM, Daniel Convissor wrote:
> Hmmm... so what animal would that be?  I guess a some unusual snake
> that quacks.

A well-disguised snake.  :)


George



From j.aponte at gmail.com  Fri Dec 17 23:47:21 2004
From: j.aponte at gmail.com (Juancarlos Aponte)
Date: Fri, 17 Dec 2004 23:47:21 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <20041217182710.GA20963@panix.com>
References: <a986d740412170955549bb72a@mail.gmail.com>
	<20041217182710.GA20963@panix.com>
Message-ID: <a986d7404121720476ba7433a@mail.gmail.com>

I have version 4.1.7 of MySQL.  I recommented the
extension=php_mysql.dll line and set the extension dir to the proper
directory and also put the libmysql.dll file back into the PHP
directory.  Restarted Apache, and it still didn't work.  I even tried
adding an "extension=php_mysqli.dll" line into the php.ini file but to
no avail.  PHPmyadmin still gives me an error when trying to start up.
 "Cannot load mysql extension..." Anyone else have some ideas? Thanks
a ton.

On Fri, 17 Dec 2004 13:27:10 -0500, Daniel Convissor
<danielc at analysisandsolutions.com> wrote:
> On Fri, Dec 17, 2004 at 12:55:00PM -0500, Juancarlos Aponte wrote:
> > Hey, I'm trying to get PHP 5.0.x to work with the latest MySQL on
> > Windows Server 2003
> 
> WHICH version of MySQL?  4.0.x needs the mysql extension.  4.1.x needs
> the mysqli extension.
> 
> Are you running PHP as a CGI or as a module?
> 
> 
> > got rid of the semicolon in front of the phpmysql.dll line in the ini
> > file but it still doesn't work.
> 
> You mean php_mysql.dll (or php_mysqli.dll).
> 
> Did you uncomment the proper DLL/extension?  Did you properly set the
> extension_dir entry in php.ini?  For example:
> 
>   extension_dir = "c:\progra~1\php\ext"
> 
> 
> > I put the libmysql.dll file into the
> > windows system directory (both system and system32).  Can anyone help
> 
> libmysql.dll?  Anyway, don't.  Put it back in the php\ext directory.
> 
> --Dan
> 
> --
> T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
>            data intensive web and database programming
>                http://www.AnalysisAndSolutions.com/
> 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
.: Juancarlos :.

"Any fool can know. The point is to understand."
-Albert Einstein


From danielc at analysisandsolutions.com  Sat Dec 18 00:46:12 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Sat, 18 Dec 2004 00:46:12 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <a986d7404121720476ba7433a@mail.gmail.com>
References: <a986d740412170955549bb72a@mail.gmail.com>
	<20041217182710.GA20963@panix.com>
	<a986d7404121720476ba7433a@mail.gmail.com>
Message-ID: <20041218054612.GA14294@panix.com>

On Fri, Dec 17, 2004 at 11:47:21PM -0500, Juancarlos Aponte wrote:
> I have version 4.1.7 of MySQL.  I recommented the
> extension=php_mysql.dll line and set the extension dir to the proper
> directory and also put the libmysql.dll file back into the PHP
> directory.  Restarted Apache, and it still didn't work.  I even tried
> adding an "extension=php_mysqli.dll" line into the php.ini file but to
> no avail.  PHPmyadmin still gives me an error when trying to start up.
>  "Cannot load mysql extension..." Anyone else have some ideas? Thanks
> a ton.

Please pay attention.

* You have to use the mysqli extension for MySQL 4.1.x, so uncomment
   php_mysqli.dll extension in your php.ini.
* That also means you need to use the mysqli_*() functions, not the old 
   mysql_*() functions.
* Since you probably don't have MySQL 4.0.x installed, DO NOT enable the
   php_mysql.dll extension.
* What are you talking about with the libmysql.dll?  The libmySQL.dll
   that MySQL installs to the mysql bin directory (for example
   C:\Program Files\mysql41\bin)?  Don't move that from there (Put it
   back there).  Guess you misinterpreted some instructions you read 
   somewhere else.
* You didn't mention what you set the extension_dir to in php.ini.
* If you're using PHP as an Apache module, restart Apache.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From tgales at tgaconnect.com  Sat Dec 18 08:07:24 2004
From: tgales at tgaconnect.com (Tim Gales)
Date: Sat, 18 Dec 2004 08:07:24 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <a986d7404121720476ba7433a@mail.gmail.com>
Message-ID: <001b01c4e502$84a18650$e98d3818@oberon1>

Juancarlos Aponte writes:

> I have version 4.1.7 of MySQL.  I recommented the 
> extension=php_mysql.dll line and set the extension dir to the 
> proper directory and also put the libmysql.dll file back into 
> the PHP directory.  Restarted Apache, and it still didn't 
> work.  I even tried adding an "extension=php_mysqli.dll" line 
> into the php.ini file but to no avail.  PHPmyadmin still 
> gives me an error when trying to start up.  "Cannot load 
> mysql extension..." Anyone else have some ideas? Thanks a ton. 

Windows has a search path, which it uses to resolve 
symbols at run-time (dynamic link loading). The 
dynamic link loader looks in:

1) The directory where the executable exists 

2) The current directory

3) The system directory 

4) The PATH environment (this is the path for 
   executatbles -- NOT  LIBPATH, the environment variable)

Chances are that you either have another bad (incompatible)
LIBMYSQL.DLL located higher in the search order  
(i.e in the system directory versus the PATH) or
none at all in the search path.

T. Gales & Associates
'Helping People Connect with Technology'

http://www.tgaconnect.com




From tgales at tgaconnect.com  Sat Dec 18 08:24:29 2004
From: tgales at tgaconnect.com (Tim Gales)
Date: Sat, 18 Dec 2004 08:24:29 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <001b01c4e502$84a18650$e98d3818@oberon1>
Message-ID: <001c01c4e504$e7d21030$e98d3818@oberon1>

> Chances are that you either have another bad (incompatible) 
> LIBMYSQL.DLL located higher in the search order  
> (i.e in the system directory versus the PATH) or
> none at all in the search path. 

er, 
make that LIBMYSQLI.DLL 
which is probably missing from 
the search path

T. Gales & Associates
'Helping People Connect with Technology'

http://www.tgaconnect.com



From codebowl at gmail.com  Sat Dec 18 08:39:10 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Sat, 18 Dec 2004 08:39:10 -0500
Subject: [nycphp-talk] 35% off from Addison-Wesley/Prentice Hall to group
	members
In-Reply-To: <41C36A9A.7000709@att.net>
References: <BCF799A6B63DD411985D00805F9F9033E0A784@mail.alexcommgrp.com>
	<41C36A9A.7000709@att.net>
Message-ID: <8d9a42800412180539629da7e4@mail.gmail.com>

is George on this list?

i have to say he did a great job on that book too.  I picked it up
about 1-2 mos ago and fell in love with the book as soon as i started
reading :D

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From danielc at analysisandsolutions.com  Sat Dec 18 08:49:54 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Sat, 18 Dec 2004 08:49:54 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <001c01c4e504$e7d21030$e98d3818@oberon1>
References: <001b01c4e502$84a18650$e98d3818@oberon1>
	<001c01c4e504$e7d21030$e98d3818@oberon1>
Message-ID: <20041218134954.GA9400@panix.com>

On Sat, Dec 18, 2004 at 08:24:29AM -0500, Tim Gales wrote:
> make that LIBMYSQLI.DLL 

In MySQL 4.1.x the DLL MySQL ships is in the bin directory is named 
libmySQL.dll.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From rrust at r2communications.com  Sat Dec 18 09:45:56 2004
From: rrust at r2communications.com (Randal Rust)
Date: Sat, 18 Dec 2004 09:45:56 -0500
Subject: [nycphp-talk] PayFlow Pro Extension
Message-ID: <41C442A4.8050609@r2communications.com>

Is this my only option for processing transactions via Verisign's 
PayFlow Pro?

http://us2.php.net/pfpro

-- 
Randal Rust

R.Squared Communications
http://www.r2communications.com
Digital Design for Bricks-and-Mortar Businesses



From tgales at tgaconnect.com  Sat Dec 18 11:25:19 2004
From: tgales at tgaconnect.com (Tim Gales)
Date: Sat, 18 Dec 2004 11:25:19 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <20041218134954.GA9400@panix.com>
Message-ID: <001d01c4e51e$2aa51ce0$e98d3818@oberon1>

> Subject: Re: [nycphp-talk] php + mysql
> 
> 
> On Sat, Dec 18, 2004 at 08:24:29AM -0500, Tim Gales wrote:
> > make that LIBMYSQLI.DLL
> 
> In MySQL 4.1.x the DLL MySQL ships is in the bin directory is named 
> libmySQL.dll.
> 
> --Dan

you wrote:

"Please pay attention.

* You have to use the mysqli extension for MySQL 4.1.x, so uncomment
   php_mysqli.dll extension in your php.ini.
* That also means you need to use the mysqli_*() functions, not the old 
   mysql_*() functions. "

 php_mysqli.dll (5.0.2.2) depends upon libmysqli.dll.

T. Gales & Associates
'Helping People Connect with Technology'

http://www.tgaconnect.com



From j.aponte at gmail.com  Sat Dec 18 13:12:35 2004
From: j.aponte at gmail.com (Juancarlos Aponte)
Date: Sat, 18 Dec 2004 13:12:35 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <20041218054612.GA14294@panix.com>
References: <a986d740412170955549bb72a@mail.gmail.com>
	<20041217182710.GA20963@panix.com>
	<a986d7404121720476ba7433a@mail.gmail.com>
	<20041218054612.GA14294@panix.com>
Message-ID: <a986d7404121810122fca80dc@mail.gmail.com>

ok.

-extension_dir = "c:\PHP\ext"
-extension=php_mysqli.dll
-I also have a libmySQL.dll in mysql\bin and another in the PHP
directory.  I've tried leaving only the one in the PHP and then only
the one in the mysql, but nothing worked.  There exists none in the
Windows System directory either.
-PHP is installed as an Apache module.
-Supposedly, PHPMyAdmin supports MySQL 4.1.x and above.

On Sat, 18 Dec 2004 00:46:12 -0500, Daniel Convissor
<danielc at analysisandsolutions.com> wrote:
> On Fri, Dec 17, 2004 at 11:47:21PM -0500, Juancarlos Aponte wrote:
> > I have version 4.1.7 of MySQL.  I recommented the
> > extension=php_mysql.dll line and set the extension dir to the proper
> > directory and also put the libmysql.dll file back into the PHP
> > directory.  Restarted Apache, and it still didn't work.  I even tried
> > adding an "extension=php_mysqli.dll" line into the php.ini file but to
> > no avail.  PHPmyadmin still gives me an error when trying to start up.
> >  "Cannot load mysql extension..." Anyone else have some ideas? Thanks
> > a ton.
> 
> Please pay attention.
> 
> * You have to use the mysqli extension for MySQL 4.1.x, so uncomment
>   php_mysqli.dll extension in your php.ini.
> * That also means you need to use the mysqli_*() functions, not the old
>   mysql_*() functions.
> * Since you probably don't have MySQL 4.0.x installed, DO NOT enable the
>   php_mysql.dll extension.
> * What are you talking about with the libmysql.dll?  The libmySQL.dll
>   that MySQL installs to the mysql bin directory (for example
>   C:\Program Files\mysql41\bin)?  Don't move that from there (Put it
>   back there).  Guess you misinterpreted some instructions you read
>   somewhere else.
> * You didn't mention what you set the extension_dir to in php.ini.
> * If you're using PHP as an Apache module, restart Apache.
> 
> --Dan
> 
> --
> T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
>            data intensive web and database programming
>                http://www.AnalysisAndSolutions.com/
> 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
.: Juancarlos :.

"Any fool can know. The point is to understand."
-Albert Einstein


From jlacey at att.net  Sat Dec 18 14:10:10 2004
From: jlacey at att.net (John Lacey)
Date: Sat, 18 Dec 2004 12:10:10 -0700
Subject: [nycphp-talk] php + mysql
In-Reply-To: <a986d7404121810122fca80dc@mail.gmail.com>
References: <a986d740412170955549bb72a@mail.gmail.com>	<20041217182710.GA20963@panix.com>	<a986d7404121720476ba7433a@mail.gmail.com>	<20041218054612.GA14294@panix.com>
	<a986d7404121810122fca80dc@mail.gmail.com>
Message-ID: <41C48092.1050408@att.net>

Juancarlos Aponte wrote:
> ok.
> 
> -extension_dir = "c:\PHP\ext"
> -extension=php_mysqli.dll
> -I also have a libmySQL.dll in mysql\bin and another in the PHP
> directory.  I've tried leaving only the one in the PHP and then only
> the one in the mysql, but nothing worked.  There exists none in the
> Windows System directory either.
> -PHP is installed as an Apache module.
> -Supposedly, PHPMyAdmin supports MySQL 4.1.x and above.


what version of phpmyadmin are you running?




From j.aponte at gmail.com  Sat Dec 18 14:17:20 2004
From: j.aponte at gmail.com (Juancarlos Aponte)
Date: Sat, 18 Dec 2004 14:17:20 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <41C48092.1050408@att.net>
References: <a986d740412170955549bb72a@mail.gmail.com>
	<20041217182710.GA20963@panix.com>
	<a986d7404121720476ba7433a@mail.gmail.com>
	<20041218054612.GA14294@panix.com>
	<a986d7404121810122fca80dc@mail.gmail.com> <41C48092.1050408@att.net>
Message-ID: <a986d74041218111760f48c17@mail.gmail.com>

phpmyadmin 2.6.1, downloaded two days ago.


On Sat, 18 Dec 2004 12:10:10 -0700, John Lacey <jlacey at att.net> wrote:
> Juancarlos Aponte wrote:
> > ok.
> >
> > -extension_dir = "c:\PHP\ext"
> > -extension=php_mysqli.dll
> > -I also have a libmySQL.dll in mysql\bin and another in the PHP
> > directory.  I've tried leaving only the one in the PHP and then only
> > the one in the mysql, but nothing worked.  There exists none in the
> > Windows System directory either.
> > -PHP is installed as an Apache module.
> > -Supposedly, PHPMyAdmin supports MySQL 4.1.x and above.
> 
> 
> what version of phpmyadmin are you running?
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
.: Juancarlos :.

"Any fool can know. The point is to understand."
-Albert Einstein


From jlacey at att.net  Sat Dec 18 14:24:28 2004
From: jlacey at att.net (John Lacey)
Date: Sat, 18 Dec 2004 12:24:28 -0700
Subject: [nycphp-talk] php + mysql
In-Reply-To: <a986d74041218111760f48c17@mail.gmail.com>
References: <a986d740412170955549bb72a@mail.gmail.com>	<20041217182710.GA20963@panix.com>	<a986d7404121720476ba7433a@mail.gmail.com>	<20041218054612.GA14294@panix.com>	<a986d7404121810122fca80dc@mail.gmail.com>
	<41C48092.1050408@att.net>
	<a986d74041218111760f48c17@mail.gmail.com>
Message-ID: <41C483EC.7000901@att.net>

Juancarlos Aponte wrote:
> phpmyadmin 2.6.1, downloaded two days ago.
> 

ok, had to ask since I didn't see that mentioned in the thread...

pardon me for asking an obvious question here, but is it safe to assume 
that in addition to phpmyadmin not working that a connection cannot be 
made to mysql with a short test script?

John



From j.aponte at gmail.com  Sat Dec 18 14:37:26 2004
From: j.aponte at gmail.com (Juancarlos Aponte)
Date: Sat, 18 Dec 2004 14:37:26 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <41C483EC.7000901@att.net>
References: <a986d740412170955549bb72a@mail.gmail.com>
	<20041217182710.GA20963@panix.com>
	<a986d7404121720476ba7433a@mail.gmail.com>
	<20041218054612.GA14294@panix.com>
	<a986d7404121810122fca80dc@mail.gmail.com> <41C48092.1050408@att.net>
	<a986d74041218111760f48c17@mail.gmail.com> <41C483EC.7000901@att.net>
Message-ID: <a986d740412181137695d330e@mail.gmail.com>

This is what I have right now as a test script.

# test.php
<?php

echo 'Hello World';

require_once ('mysql/mysql_connect.php');

$query = "INSERT into espana_pics (pid, filepath, filename, title)
VALUES (1, images/, eiffel.jpg, Eiffel)";
$result = @mysql_query ($query);
?>

# mysql_connect.php
<?php

define('DB_USER','root');
define('DB_PASSWORD','password');
define('DB_HOST','localhost');
define('DB_NAME','serverdb');

$dbc = mysql_connect (DB_HOST,DB_USER,DB_PASSWORD);
mysql_select_db (DB_NAME);

?>

To my knowledge that is correct syntax.

The other problem that I have is that index.php doesn't work.  I can't
just type in /phpmyadmin and it goes to index.php, I have to
physically put in index.php in the address bar. It's annoying and I
dont know where to fix it.

On Sat, 18 Dec 2004 12:24:28 -0700, John Lacey <jlacey at att.net> wrote:
> Juancarlos Aponte wrote:
> > phpmyadmin 2.6.1, downloaded two days ago.
> >
> 
> ok, had to ask since I didn't see that mentioned in the thread...
> 
> pardon me for asking an obvious question here, but is it safe to assume
> that in addition to phpmyadmin not working that a connection cannot be
> made to mysql with a short test script?
> 
> John
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
.: Juancarlos :.

"Any fool can know. The point is to understand."
-Albert Einstein


From jlacey at att.net  Sat Dec 18 14:53:52 2004
From: jlacey at att.net (John Lacey)
Date: Sat, 18 Dec 2004 12:53:52 -0700
Subject: [nycphp-talk] php + mysql
In-Reply-To: <a986d740412181137695d330e@mail.gmail.com>
References: <a986d740412170955549bb72a@mail.gmail.com>	<20041217182710.GA20963@panix.com>	<a986d7404121720476ba7433a@mail.gmail.com>	<20041218054612.GA14294@panix.com>	<a986d7404121810122fca80dc@mail.gmail.com>
	<41C48092.1050408@att.net>	<a986d74041218111760f48c17@mail.gmail.com>
	<41C483EC.7000901@att.net>
	<a986d740412181137695d330e@mail.gmail.com>
Message-ID: <41C48AD0.6030006@att.net>

Juancarlos Aponte wrote:
> This is what I have right now as a test script.
> 
> # test.php
> <?php
> 
> echo 'Hello World';
> 
> require_once ('mysql/mysql_connect.php');
> 
> $query = "INSERT into espana_pics (pid, filepath, filename, title)
> VALUES (1, images/, eiffel.jpg, Eiffel)";
> $result = @mysql_query ($query);
> ?>
> 
> # mysql_connect.php
> <?php
> 
> define('DB_USER','root');
> define('DB_PASSWORD','password');
> define('DB_HOST','localhost');
> define('DB_NAME','serverdb');
> 
> $dbc = mysql_connect (DB_HOST,DB_USER,DB_PASSWORD);
> mysql_select_db (DB_NAME);
> 
> ?>
> 
> To my knowledge that is correct syntax.

have you tried a "mysqli_connect"?


> 
> The other problem that I have is that index.php doesn't work.  I can't
> just type in /phpmyadmin and it goes to index.php, I have to
> physically put in index.php in the address bar. It's annoying and I
> dont know where to fix it.


the "DirectoryIndex" directive handles that...  for apache 2.x they 
broke out sections of the httpd.conf file into "ssl.conf", "php.conf", 
etc.  if you have a php.conf file look there, if not, check that 
directive in httpd.conf

If I recall, this concerned a windows 2003 platform -- I only use a 
windows platform with XAMPP (runs apache 2.x) for convenience, my 
hosting company runs apache 1.3.33.  So, double-check the above .conf 
files locations on the windows box you're on.








From mitch.pirtle at gmail.com  Sat Dec 18 17:58:06 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Sat, 18 Dec 2004 17:58:06 -0500
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
Message-ID: <330532b6041218145832a98212@mail.gmail.com>

Folks,

Please help this tired old unix fart with his new laptop.  I've tried
for hours, trudged through forums, and even tried XAMPP and several
other WAMP 'easy to install, really!' packages that don't work.

I've opened up port 80 on the firewall (both UDP and TCP), and other
than that have absolutely no idea what it takes to get going on a SP2
box.

Please, can someone end the pain?

-- Mitch, grateful to have the old fedora box laying around (for now)


From danielc at analysisandsolutions.com  Sat Dec 18 22:26:55 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Sat, 18 Dec 2004 22:26:55 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <a986d740412181137695d330e@mail.gmail.com>
References: <a986d740412170955549bb72a@mail.gmail.com>
	<20041217182710.GA20963@panix.com>
	<a986d7404121720476ba7433a@mail.gmail.com>
	<20041218054612.GA14294@panix.com>
	<a986d7404121810122fca80dc@mail.gmail.com>
	<41C48092.1050408@att.net>
	<a986d74041218111760f48c17@mail.gmail.com>
	<41C483EC.7000901@att.net>
	<a986d740412181137695d330e@mail.gmail.com>
Message-ID: <20041219032655.GA17608@panix.com>

Dude:

On Sat, Dec 18, 2004 at 02:37:26PM -0500, Juancarlos Aponte wrote:
> require_once ('mysql/mysql_connect.php');

...snip...

> $dbc = mysql_connect (DB_HOST,DB_USER,DB_PASSWORD);
> mysql_select_db (DB_NAME);

As the manual says, and I said twice, you need to use the mysqli 
extension.  And, as the manual said and I said last time, you have to use 
mysqli_connect() and mysqli_select_db()
     ^                    ^
    notice the "i"'s  there?
All of the functions you need to operate with MySQL 4.1 need to have an 
"i" in them.

As far as phpmyadmin, I bet there's a setting you didn't set telling it to 
use the mysqli extension.

Good bye,

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From danielc at analysisandsolutions.com  Sat Dec 18 22:36:14 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Sat, 18 Dec 2004 22:36:14 -0500
Subject: [nycphp-talk] PayFlow Pro Extension
In-Reply-To: <41C442A4.8050609@r2communications.com>
References: <41C442A4.8050609@r2communications.com>
Message-ID: <20041219033614.GB17608@panix.com>

On Sat, Dec 18, 2004 at 09:45:56AM -0500, Randal Rust wrote:
> Is this my only option for processing transactions via Verisign's 
> PayFlow Pro?
> http://us2.php.net/pfpro

I used PayFlow Pro via PHP by writing the transaction info to a file and 
then using shell commands in an exec() call to initiate the transaction.  
Worked like a charm.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From rolan at omnistep.com  Sat Dec 18 23:00:35 2004
From: rolan at omnistep.com (Rolan Yang)
Date: Sat, 18 Dec 2004 23:00:35 -0500
Subject: [nycphp-talk] PayFlow Pro Extension
In-Reply-To: <41C442A4.8050609@r2communications.com>
References: <41C442A4.8050609@r2communications.com>
Message-ID: <41C4FCE3.3050800@omnistep.com>

I used the php functions without any problems. It's pretty easy.
Msg me offline if you want to see some examples.

~Rolan

Randal Rust wrote:

> Is this my only option for processing transactions via Verisign's 
> PayFlow Pro?
>
> http://us2.php.net/pfpro
>


From rolan at omnistep.com  Sun Dec 19 00:48:05 2004
From: rolan at omnistep.com (Rolan Yang)
Date: Sun, 19 Dec 2004 00:48:05 -0500
Subject: [nycphp-talk] PayFlow Pro Extension
In-Reply-To: <81073D33-5179-11D9-B6ED-000A95D78076@duikerbok.com>
References: <41C442A4.8050609@r2communications.com>
	<41C4FCE3.3050800@omnistep.com>
	<81073D33-5179-11D9-B6ED-000A95D78076@duikerbok.com>
Message-ID: <41C51615.8040409@omnistep.com>

Here is an example function that will charge the card and return the 
response code.
Replace the USER,PWD,VENDOR parameters with the info Verisign provides 
to you.
The Payflow manual describes the different response codes in detail, but 
really most of the time all you need to know is wether the charge was 
accepted or rejected.

~Rolan

<?
/* EXAMPLE:
$response=chargecard(1.5,'4111111111111111','0904','Rolan Yang','123 
Westgate Dr','08820');
print "Result: ".$response[RESULT]." PNREF:".$response[PNREF]." 
AUTHCODE:".$response[AUTHCODE]."\n"; */

function chargecard($amt,$acct,$exp,$name,$street,$zip) {
if (strlen($acct)>19) {$acct=substr($acct,0,19);}
if (strlen($name)>30) {$name=substr($name,0,30);}
if (strlen($street)>30) {$street=substr($street,0,30);}
pfpro_init();
$transaction = array(USER=> 'VerisignUserNameGoesHere',
     PWD=> 'SecretPasswordGoesHere',
     TRXTYPE=> 'S',
     TENDER=> 'C',
     AMT=> $amt,
     ACCT=> $acct,
     EXPDATE=> $exp,
     PARTNER=> 'VeriSign',
     VENDOR=> 'VendorNameGoesHere',
     STREET=> $street,
     ZIP=> $zip,
     NAME=> $name
);
putenv("PFPRO_CERT_PATH=/etc/verisign/certs/");
$response = pfpro_process($transaction,'payflow.verisign.com','443');
if (!$response) { print "BLAH!\n"; die("Couldn't establish link to 
Verisign.\n"); }
pfpro_cleanup();
return ($response);
}
?>

Jose Villegas wrote:

> Hey Rolan,
>
> I'm about to set up a site with PayFlow as well. I'd love to see your 
> examples too, if it's not too much trouble.
>
> -jose
> www.josevillegasdesign.com
>
> On Dec 18, 2004, at 11:00 PM, Rolan Yang wrote:
>
>> I used the php functions without any problems. It's pretty easy.
>> Msg me offline if you want to see some examples.
>>
>> ~Rolan
>>
>> Randal Rust wrote:
>>
>>> Is this my only option for processing transactions via Verisign's 
>>> PayFlow Pro?
>>>
>>> http://us2.php.net/pfpro
>>>
>> _______________________________________________
>> New York PHP Talk
>> Supporting AMP Technology (Apache/MySQL/PHP)
>> http://lists.nyphp.org/mailman/listinfo/talk
>> http://www.newyorkphp.org
>>
>>
>
>


From jlacey at att.net  Sun Dec 19 12:22:19 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 19 Dec 2004 10:22:19 -0700
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <330532b6041218145832a98212@mail.gmail.com>
References: <330532b6041218145832a98212@mail.gmail.com>
Message-ID: <41C5B8CB.7010804@att.net>

Mitch Pirtle wrote:
> Folks,
> 
> Please help this tired old unix fart with his new laptop.  I've tried
> for hours, trudged through forums, and even tried XAMPP and several
> other WAMP 'easy to install, really!' packages that don't work.
> 
> I've opened up port 80 on the firewall (both UDP and TCP), and other
> than that have absolutely no idea what it takes to get going on a SP2
> box.
> 
> Please, can someone end the pain?

A couple weeks ago, just for grins and giggles I loaded up XAMPP on a 
box with XP where the college sysadmin had just installed SP2.  Short 
version, it didn't work.  Since I don't have XP SP2 at home, I haven't 
had a chance to look into it.  It wouldn't allow loopbacked access to 
Apache, so it looks like a fairly straightforward SP2 config issue. If 
you get it working, let us know what you found.

John



From tgales at tgaconnect.com  Sun Dec 19 13:18:18 2004
From: tgales at tgaconnect.com (Tim Gales)
Date: Sun, 19 Dec 2004 13:18:18 -0500
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <41C5B8CB.7010804@att.net>
Message-ID: <002001c4e5f7$1de646d0$e98d3818@oberon1>

> Subject: Re: [nycphp-talk] WAMP on a new XP box with SP2 possible?
> 
> 
> Mitch Pirtle wrote:
> > Folks,
> > 
> > Please help this tired old unix fart with his new laptop.  
> I've tried 
> > for hours, trudged through forums, and even tried XAMPP and several 
> > other WAMP 'easy to install, really!' packages that don't work.
> > 
> > I've opened up port 80 on the firewall (both UDP and TCP), 
> and other 
> > than that have absolutely no idea what it takes to get 
> going on a SP2 
> > box.
> > 
> > Please, can someone end the pain?
> 
> A couple weeks ago, just for grins and giggles I loaded up XAMPP on a 
> box with XP where the college sysadmin had just installed SP2.  Short 
> version, it didn't work.  Since I don't have XP SP2 at home, 
> I haven't 
> had a chance to look into it.  It wouldn't allow loopbacked access to 
> Apache, so it looks like a fairly straightforward SP2 config 
> issue. If 
> you get it working, let us know what you found.
> 

Well, a brave soul (not me) might try an update located at:
http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyi
d=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en 

It tries to solve some loopback problems with XP2. 

T. Gales & Associates
'Helping People Connect with Technology'

http://www.tgaconnect.com





From danielc at analysisandsolutions.com  Sun Dec 19 13:42:50 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Sun, 19 Dec 2004 13:42:50 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <001d01c4e51e$2aa51ce0$e98d3818@oberon1>
References: <20041218134954.GA9400@panix.com>
	<001d01c4e51e$2aa51ce0$e98d3818@oberon1>
Message-ID: <20041219184250.GA12099@panix.com>

On Sat, Dec 18, 2004 at 11:25:19AM -0500, Tim Gales wrote:
> 
>  php_mysqli.dll (5.0.2.2) depends upon libmysqli.dll.

Hmmm.  Okay, I never really looked at all the files involved until 
this moment.  On my Windows XP box with MySQL 4.1.2-alpha and PHP 
5.1.0-dev from snaps.php.net a moment ago, here are all the files 
named *mysql*.dll

c:\program files\php\ext\php_mysql.dll     (for the mysql <= 4.0.x)
c:\program files\php\ext\php_mysqli.dll    (for the mysql >= 4.1.x)
c:\program files\php\libmysql.dll          (I'd never noticed this before)

c:\program files\mysql41\bin\libmySQL.dll
c:\program files\mysql41\Embedded\DLL\debug\libmysqld.dll
c:\program files\mysql41\Embedded\DLL\release\libmysqld.dll
c:\program files\mysql41\lib\debug\libmySQL.dll
c:\program files\mysql41\lib\opt\libmySQL.dll
c:\program files\mysql41\lib\opt\libmysqld.dll


So, under this setup, there's no libmysqli.dll.  BUT, looking at 
different versions of PHP, I see there's a libmysqli.dll in the 
"c:\program files\php" directory.  It exists in the versions 5.0.0 
through 5.0.2 (haven't looked at 5.0.3). It was removed from HEAD 
(5.1.x) some time after 2004-10-31.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From danielc at analysisandsolutions.com  Sun Dec 19 13:48:27 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Sun, 19 Dec 2004 13:48:27 -0500
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <330532b6041218145832a98212@mail.gmail.com>
References: <330532b6041218145832a98212@mail.gmail.com>
Message-ID: <20041219184827.GB12099@panix.com>

Mitch:

I'm running Apache (1.3.x) and PHP (as CGI) on XP _PRO_ SP2 without a 
problem.  Though, I'm using Zone Alarm as my firewall, not Windows 
Firewall.

Anything differ with you from the above beside the firewall?  If not, 
disconnect from the network, disable the firewall and see what 
happens.

I'm assuming Apache starts okay and stays running and PHP works fine 
from the command line.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From jlacey at att.net  Sun Dec 19 13:51:10 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 19 Dec 2004 11:51:10 -0700
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <002001c4e5f7$1de646d0$e98d3818@oberon1>
References: <002001c4e5f7$1de646d0$e98d3818@oberon1>
Message-ID: <41C5CD9E.5090304@att.net>

Tim Gales wrote:
>>Subject: Re: [nycphp-talk] WAMP on a new XP box with SP2 possible?
>>
>>
>>Mitch Pirtle wrote:

>>
>>>for hours, trudged through forums, and even tried XAMPP and several 
>>>other WAMP 'easy to install, really!' packages that don't work.
>>>
> 
> 
> Well, a brave soul (not me) might try an update located at:
> http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyi
> d=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en 
> 
> It tries to solve some loopback problems with XP2. 


I google for this and hit "translate" -- XAMPP board is German

" XAMPP does not function under XP SP2!
But! Only Microsoft provided an improved Firewall in the service luggage 
2 (SP2), which "nice-proves" also ungefragt starts. This blockert then 
important haven the 80 (HTTP) and 443 (https) and the Apache server does 
not want (more) to start. The fast solution: The Microsoft Firewall over 
the task border deactivate and the XAMPP try again to start. "


"service luggage 2"  I love it!

J





From j.aponte at gmail.com  Sun Dec 19 14:13:11 2004
From: j.aponte at gmail.com (Juancarlos Aponte)
Date: Sun, 19 Dec 2004 14:13:11 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <20041219184250.GA12099@panix.com>
References: <20041218134954.GA9400@panix.com>
	<001d01c4e51e$2aa51ce0$e98d3818@oberon1>
	<20041219184250.GA12099@panix.com>
Message-ID: <a986d740412191113541130ef@mail.gmail.com>

Well, it seems as though I overlooked something very minor in the
PHPMyAdmin config page and now it works almost perfectly.  The mysqli
functions are working just fine as well. Now the only problem i have,
although it is very minor is that I can't get index.php to work like
index.html would.  Meaning, if I type in my URL, index.php is not
selected by default, instead I have an index.html page that
automatically refreshes to index.php.  A little annoying but I can
deal.  If anyone has a solution, that'd be great.  Sorry if I wasn't
paying attention too much there Daniel, I sometimes overlook things
because I have no patience. Thanks a lot for the help.


On Sun, 19 Dec 2004 13:42:50 -0500, Daniel Convissor
<danielc at analysisandsolutions.com> wrote:
> On Sat, Dec 18, 2004 at 11:25:19AM -0500, Tim Gales wrote:
> >
> >  php_mysqli.dll (5.0.2.2) depends upon libmysqli.dll.
> 
> Hmmm.  Okay, I never really looked at all the files involved until
> this moment.  On my Windows XP box with MySQL 4.1.2-alpha and PHP
> 5.1.0-dev from snaps.php.net a moment ago, here are all the files
> named *mysql*.dll
> 
> c:\program files\php\ext\php_mysql.dll     (for the mysql <= 4.0.x)
> c:\program files\php\ext\php_mysqli.dll    (for the mysql >= 4.1.x)
> c:\program files\php\libmysql.dll          (I'd never noticed this before)
> 
> c:\program files\mysql41\bin\libmySQL.dll
> c:\program files\mysql41\Embedded\DLL\debug\libmysqld.dll
> c:\program files\mysql41\Embedded\DLL\release\libmysqld.dll
> c:\program files\mysql41\lib\debug\libmySQL.dll
> c:\program files\mysql41\lib\opt\libmySQL.dll
> c:\program files\mysql41\lib\opt\libmysqld.dll
> 
> So, under this setup, there's no libmysqli.dll.  BUT, looking at
> different versions of PHP, I see there's a libmysqli.dll in the
> "c:\program files\php" directory.  It exists in the versions 5.0.0
> through 5.0.2 (haven't looked at 5.0.3). It was removed from HEAD
> (5.1.x) some time after 2004-10-31.
> 
> --Dan
> 
> --
> T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
>            data intensive web and database programming
>                http://www.AnalysisAndSolutions.com/
> 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
.: Juancarlos :.

"Any fool can know. The point is to understand."
-Albert Einstein


From jlacey at att.net  Sun Dec 19 14:13:30 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 19 Dec 2004 12:13:30 -0700
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <002001c4e5f7$1de646d0$e98d3818@oberon1>
References: <002001c4e5f7$1de646d0$e98d3818@oberon1>
Message-ID: <41C5D2DA.5080406@att.net>

Tim Gales wrote:
>>Subject: Re: [nycphp-talk] WAMP on a new XP box with SP2 possible?

> 
> Well, a brave soul (not me) might try an update located at:
> http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyi
> d=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en 
> 
> It tries to solve some loopback problems with XP2. 
> 


Tim (and Mitch)

The above link doesn't seem to work, but I did find this: (update for 
SP2 concerning the loopback address)

http://www.microsoft.com/downloads/details.aspx?FamilyID=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en

and the tiny version:
http://tinyurl.com/4oxqw

John



From mitch.pirtle at gmail.com  Sun Dec 19 16:34:12 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Sun, 19 Dec 2004 16:34:12 -0500
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <41C5D2DA.5080406@att.net>
References: <002001c4e5f7$1de646d0$e98d3818@oberon1> <41C5D2DA.5080406@att.net>
Message-ID: <330532b6041219133415b9bf32@mail.gmail.com>

Tried that, but the problem is still there.  In a nutshell, when
trying to install Apache (2.0.47 OR 2.0.51) I get a DOS command window
that says the installer could not connect to socket 0.0.0.0:80, and
fails to install the service.

Forget startup, I can't even get though the install :-(

-- Mitch

On Sun, 19 Dec 2004 12:13:30 -0700, John Lacey <jlacey at att.net> wrote:
> Tim Gales wrote:
> >>Subject: Re: [nycphp-talk] WAMP on a new XP box with SP2 possible?
> 
> >
> > Well, a brave soul (not me) might try an update located at:
> > http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyi
> > d=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en
> >
> > It tries to solve some loopback problems with XP2.
> >
> 
> 
> Tim (and Mitch)
> 
> The above link doesn't seem to work, but I did find this: (update for
> SP2 concerning the loopback address)
> 
> http://www.microsoft.com/downloads/details.aspx?FamilyID=17d997d2-5034-4bbb-b74d-ad8430a1f7c8&displaylang=en
> 
> and the tiny version:
> http://tinyurl.com/4oxqw
> 
> John
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
>


From jlacey at att.net  Sun Dec 19 16:41:30 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 19 Dec 2004 14:41:30 -0700
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <330532b6041219133415b9bf32@mail.gmail.com>
References: <002001c4e5f7$1de646d0$e98d3818@oberon1> <41C5D2DA.5080406@att.net>
	<330532b6041219133415b9bf32@mail.gmail.com>
Message-ID: <41C5F58A.9080801@att.net>

Mitch Pirtle wrote:
> Tried that, but the problem is still there.  In a nutshell, when
> trying to install Apache (2.0.47 OR 2.0.51) I get a DOS command window
> that says the installer could not connect to socket 0.0.0.0:80, and
> fails to install the service.
> 
> Forget startup, I can't even get though the install :-(
> 

In XAMPP, you can run the "apache_start.bat" file which does not install 
Apache as a service.  The same holds true for MySQL.  In this case, the 
DOS window that is opened must be left open -- minimized, of course.

Have you tried this?

John



From hans at nyphp.com  Sun Dec 19 16:42:14 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Sun, 19 Dec 2004 13:42:14 -0800
Subject: [nycphp-talk] php + mysql
Message-ID: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net>


> Well, it seems as though I overlooked something very minor in the
> PHPMyAdmin config page and now it works almost perfectly.  The mysqli
> functions are working just fine as well. Now the only problem i have,
> although it is very minor is that I can't get index.php to work like
> index.html would.  Meaning, if I type in my URL, index.php is not
> selected by default, instead I have an index.html page that
> automatically refreshes to index.php.  A little annoying but I can
> deal.  If anyone has a solution, that'd be great.  Sorry if I wasn't
> paying attention too much there Daniel, I sometimes overlook things
> because I have no patience. Thanks a lot for the help.

This is Apache's DirectoryIndex

It probably looks something like this now:

DirectoryIndex index.html

It should look like this:

DirectoryIndex index.html index.php

H



From mitch.pirtle at gmail.com  Sun Dec 19 16:44:49 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Sun, 19 Dec 2004 16:44:49 -0500
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <20041219184827.GB12099@panix.com>
References: <330532b6041218145832a98212@mail.gmail.com>
	<20041219184827.GB12099@panix.com>
Message-ID: <330532b6041219134457d3642b@mail.gmail.com>

Hey Dan,

Turned off Windows firewall, and the same error occurs. The install
does its thing, and at the end a DOS window pops up and says:

"Only one usage of each socket address is normally permitted. :
make_sock : could not bind to address 0.0.0.0:80"

And then closes itself after a few seconds.  After closing, a new DOS
window that complains that the service "Apache" could not be found.

Anyone out there install Apache 2.0.X on a new XP SP2 machine with success?

-- Mitch

On Sun, 19 Dec 2004 13:48:27 -0500, Daniel Convissor
<danielc at analysisandsolutions.com> wrote:
> Mitch:
> 
> I'm running Apache (1.3.x) and PHP (as CGI) on XP _PRO_ SP2 without a
> problem.  Though, I'm using Zone Alarm as my firewall, not Windows
> Firewall.
> 
> Anything differ with you from the above beside the firewall?  If not,
> disconnect from the network, disable the firewall and see what
> happens.
> 
> I'm assuming Apache starts okay and stays running and PHP works fine
> from the command line.


From hans at nyphp.com  Sun Dec 19 16:45:45 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Sun, 19 Dec 2004 13:45:45 -0800
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
Message-ID: <41EE526EC2D3C74286415780D3BA9F8706F1C0E4@ehost011-1.exch011.intermedia.net>


> Tried that, but the problem is still there.  In a nutshell, when
> trying to install Apache (2.0.47 OR 2.0.51) I get a DOS command window
> that says the installer could not connect to socket 0.0.0.0:80, and
> fails to install the service.
> 
> Forget startup, I can't even get though the install :-(

In addition to the loopback stuff, I think the firewall stuff is also a
problem.  Go to Control Panel -> Windows Firewall

Then select Off, and see if that does it.  If so, you can enable it if
you really want, but configure access as needed.

H


From mitch.pirtle at gmail.com  Sun Dec 19 16:47:44 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Sun, 19 Dec 2004 16:47:44 -0500
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706F1C0E4@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F8706F1C0E4@ehost011-1.exch011.intermedia.net>
Message-ID: <330532b60412191347745b578e@mail.gmail.com>

Nope, turned off the firewall and the error is identical.  I'm
starting to suspect it is with the Apache installer, as the install
fails regardless of firewall being enabled or not.

-- Mitch

On Sun, 19 Dec 2004 13:45:45 -0800, Hans Zaunere <hans at nyphp.com> wrote:
> 
> > Tried that, but the problem is still there.  In a nutshell, when
> > trying to install Apache (2.0.47 OR 2.0.51) I get a DOS command window
> > that says the installer could not connect to socket 0.0.0.0:80, and
> > fails to install the service.
> >
> > Forget startup, I can't even get though the install :-(
> 
> In addition to the loopback stuff, I think the firewall stuff is also a
> problem.  Go to Control Panel -> Windows Firewall
> 
> Then select Off, and see if that does it.  If so, you can enable it if
> you really want, but configure access as needed.


From j.aponte at gmail.com  Sun Dec 19 16:47:44 2004
From: j.aponte at gmail.com (Juancarlos Aponte)
Date: Sun, 19 Dec 2004 16:47:44 -0500
Subject: [nycphp-talk] php + mysql
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net>
Message-ID: <a986d7404121913476220ade8@mail.gmail.com>

Awesome, all problems solved then.  Thank you to everyone that has
helped me out throughout my long and arduous process of setting this
up (Daniel, Tim, John, and Hans).  Now if only I could get it to go
faster, don't assume any of you could help me out there? Just kidding
guys. Thanks again.


On Sun, 19 Dec 2004 13:42:14 -0800, Hans Zaunere <hans at nyphp.com> wrote:
> 
> > Well, it seems as though I overlooked something very minor in the
> > PHPMyAdmin config page and now it works almost perfectly.  The mysqli
> > functions are working just fine as well. Now the only problem i have,
> > although it is very minor is that I can't get index.php to work like
> > index.html would.  Meaning, if I type in my URL, index.php is not
> > selected by default, instead I have an index.html page that
> > automatically refreshes to index.php.  A little annoying but I can
> > deal.  If anyone has a solution, that'd be great.  Sorry if I wasn't
> > paying attention too much there Daniel, I sometimes overlook things
> > because I have no patience. Thanks a lot for the help.
> 
> This is Apache's DirectoryIndex
> 
> It probably looks something like this now:
> 
> DirectoryIndex index.html
> 
> It should look like this:
> 
> DirectoryIndex index.html index.php
> 
> H
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
.: Juancarlos :.

"Any fool can know. The point is to understand."
-Albert Einstein


From jlacey at att.net  Sun Dec 19 16:48:26 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 19 Dec 2004 14:48:26 -0700
Subject: [nycphp-talk] php + mysql
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net>
Message-ID: <41C5F72A.8060102@att.net>

Hans Zaunere wrote:
>>Well, it seems as though I overlooked something very minor in the
>>PHPMyAdmin config page and now it works almost perfectly.  The mysqli
>>functions are working just fine as well. Now the only problem i have,
>>although it is very minor is that I can't get index.php to work like
>>index.html would.  Meaning, if I type in my URL, index.php is not
>>selected by default, instead I have an index.html page that
>>automatically refreshes to index.php.  A little annoying but I can
>>deal.  If anyone has a solution, that'd be great.  Sorry if I wasn't
>>paying attention too much there Daniel, I sometimes overlook things
>>because I have no patience. Thanks a lot for the help.
> 
> 
> This is Apache's DirectoryIndex
> 
> It probably looks something like this now:
> 
> DirectoryIndex index.html
> 
> It should look like this:
> 
> DirectoryIndex index.html index.php
> 

also, be sure there's not an index.html file in the directory that can 
be loaded first...

John



From hans at nyphp.com  Sun Dec 19 16:53:21 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Sun, 19 Dec 2004 13:53:21 -0800
Subject: [nycphp-talk] php + mysql
Message-ID: <41EE526EC2D3C74286415780D3BA9F8706F1C0E6@ehost011-1.exch011.intermedia.net>


> > It should look like this:
> >
> > DirectoryIndex index.html index.php
> >
> 
> also, be sure there's not an index.html file in the directory that can
> be loaded first...

Good point.  If you'd rather have index.php have precedence over
index.html, you'd switch the order:

DirectoryIndex index.php index.html


---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org





From jlacey at att.net  Sun Dec 19 16:54:54 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 19 Dec 2004 14:54:54 -0700
Subject: [nycphp-talk] php + mysql
In-Reply-To: <a986d7404121913476220ade8@mail.gmail.com>
References: <41EE526EC2D3C74286415780D3BA9F8706F1C0E3@ehost011-1.exch011.intermedia.net>
	<a986d7404121913476220ade8@mail.gmail.com>
Message-ID: <41C5F8AE.6040305@att.net>

Juancarlos Aponte wrote:
> Awesome, all problems solved then.  Thank you to everyone that has
> helped me out throughout my long and arduous process of setting this
> up (Daniel, Tim, John, and Hans).  Now if only I could get it to go
> faster, don't assume any of you could help me out there? Just kidding
> guys. Thanks again.
> 

There is, if you're on that Windows box:

http://www.zend.com/store/products/zend-win-enabler.php?hstore

:)

John



From danielc at analysisandsolutions.com  Sun Dec 19 17:49:09 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Sun, 19 Dec 2004 17:49:09 -0500
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <330532b6041219134457d3642b@mail.gmail.com>
References: <330532b6041218145832a98212@mail.gmail.com>
	<20041219184827.GB12099@panix.com>
	<330532b6041219134457d3642b@mail.gmail.com>
Message-ID: <20041219224909.GA11760@panix.com>

On Sun, Dec 19, 2004 at 04:44:49PM -0500, Mitch Pirtle wrote:
> 
> "Only one usage of each socket address is normally permitted. :
> make_sock : could not bind to address 0.0.0.0:80"

Sounds like you have another web server running.  IIS?  A worm?  Another 
version of Apache?  Run netstat to see what's up with port 80.

Hmmm, 0.0.0.0?  That's odd.

Anyway, I strongly suggest going the simple, 100% reliable route.  Apache 
1, PHP as CGI.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From jlacey at att.net  Sun Dec 19 17:58:02 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 19 Dec 2004 15:58:02 -0700
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <20041219224909.GA11760@panix.com>
References: <330532b6041218145832a98212@mail.gmail.com>	<20041219184827.GB12099@panix.com>	<330532b6041219134457d3642b@mail.gmail.com>
	<20041219224909.GA11760@panix.com>
Message-ID: <41C6077A.9030201@att.net>

Daniel Convissor wrote:
> On Sun, Dec 19, 2004 at 04:44:49PM -0500, Mitch Pirtle wrote:
> 
>>"Only one usage of each socket address is normally permitted. :
>>make_sock : could not bind to address 0.0.0.0:80"
> 
> 
> Sounds like you have another web server running.  IIS?  A worm?  Another 
> version of Apache?  Run netstat to see what's up with port 80.
> 
> Hmmm, 0.0.0.0?  That's odd.


0.0.0.0 says listen on all addresses



From jlacey at att.net  Sun Dec 19 18:07:47 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 19 Dec 2004 16:07:47 -0700
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <20041219224909.GA11760@panix.com>
References: <330532b6041218145832a98212@mail.gmail.com>	<20041219184827.GB12099@panix.com>	<330532b6041219134457d3642b@mail.gmail.com>
	<20041219224909.GA11760@panix.com>
Message-ID: <41C609C3.7040003@att.net>

Daniel Convissor wrote:
> On Sun, Dec 19, 2004 at 04:44:49PM -0500, Mitch Pirtle wrote:
> 
>>"Only one usage of each socket address is normally permitted. :
>>make_sock : could not bind to address 0.0.0.0:80"
> 
> 
> Sounds like you have another web server running.  IIS?  A worm?  Another 
> version of Apache?  Run netstat to see what's up with port 80.
> 
> Hmmm, 0.0.0.0?  That's odd.
> 
> Anyway, I strongly suggest going the simple, 100% reliable route.  Apache 
> 1, PHP as CGI.
> 
> --Dan
> 


the thought just occurred to me, I wonder what an nmap scan to localhost 
would show in an XP SP2 environment

J



From list at harveyk.com  Sun Dec 19 19:12:17 2004
From: list at harveyk.com (harvey)
Date: Sun, 19 Dec 2004 19:12:17 -0500
Subject: [nycphp-talk] MySQL Query Question
Message-ID: <6.2.0.14.0.20041219190947.039cd900@pop.earthlink.net>

Hello NYPHP,

Let's say that I have a db and it has a table with list of Senators. Each 
Senator record has a field for state_fid. Then there's a States table with 
the names of the states and their associated state_id's. The Senator table 
also has a field for party_fid. And there's a Party table with the names of 
the parties and their associated party_id's.

Now suppose I want to query the db and alphabetically list the Name, State, 
and Party of each Senator. Question is this--in general, which (if either) 
is the preferred method?

Create one query similar to:
Query Senator
Select senate.senator_name, state.state_name, party.party_name
 From senate, state, party
Where senate.state_fid = state.state_id
And senate.party_fid = party.party_id
Order by senate.senator_name

Then loop through the results to print.

Or create multiple queries similar to:
Select senator_name, state_fid, party_fid
 From senate
Order by senator_name

And then loop through the results with add'l queries similar to:
Query state
Select name from state where state_id = $row_Senator['state_fid']
...
Query party
Select name from party where party_id = $row_Senator['party_fid']
...

The first method would seem more elegant, but it seems to take longer also 
(although that might just be my imagination).

Any suggestions? Thanks!

Harvey




From danielc at analysisandsolutions.com  Sun Dec 19 19:25:18 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Sun, 19 Dec 2004 19:25:18 -0500
Subject: [nycphp-talk] MySQL Query Question
In-Reply-To: <6.2.0.14.0.20041219190947.039cd900@pop.earthlink.net>
References: <6.2.0.14.0.20041219190947.039cd900@pop.earthlink.net>
Message-ID: <20041220002518.GB3801@panix.com>

On Sun, Dec 19, 2004 at 07:12:17PM -0500, harvey wrote:
> 
> Now suppose I want to query the db and alphabetically list the Name, State, 
> and Party of each Senator. Question is this--in general, which (if either) 
> is the preferred method?

One query is better.  Joining tables is what DBMS's are all about.

I prefer the JOIN syntax rather than the WHERE syntax.

Also, I suggest naming the state_id field (etc) the same in both the 
senate and state tables, then you can use the easier USING clause for the 
_first_ (in this case) join.  So, for example:


> Select senate.senator_name, state.state_name, party.party_name
> From senate, state, party
> Where senate.state_fid = state.state_id
> And senate.party_fid = party.party_id
> Order by senate.senator_name

 SELECT senate.senator_name, state.state_name, party.party_name
 FROM senate
 JOIN state USING state_id
 JOIN party ON (party.party_id = senate.party_id)
 ORDER BY senate.senator_name

As far as the USING vs ON clause... You can only use JOIN if the columns 
are the same in table/join right above it have the same names.

By the way, you've done a good job normalizing your database.


> The first method would seem more elegant, but it seems to take longer also 
> (although that might just be my imagination).

I suspect you have a very wild imagination.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From mitch.pirtle at gmail.com  Sun Dec 19 21:16:15 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Sun, 19 Dec 2004 21:16:15 -0500
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible?
In-Reply-To: <20041219224909.GA11760@panix.com>
References: <330532b6041218145832a98212@mail.gmail.com>
	<20041219184827.GB12099@panix.com>
	<330532b6041219134457d3642b@mail.gmail.com>
	<20041219224909.GA11760@panix.com>
Message-ID: <330532b6041219181655071621@mail.gmail.com>

On Sun, 19 Dec 2004 17:49:09 -0500, Daniel Convissor
<danielc at analysisandsolutions.com> wrote:
> Sounds like you have another web server running.  IIS?  A worm?  Another
> version of Apache?  Run netstat to see what's up with port 80.

Nothing is on port 80, or 443.  *sigh*

> Hmmm, 0.0.0.0?  That's odd.
> 
> Anyway, I strongly suggest going the simple, 100% reliable route.  Apache
> 1, PHP as CGI.

Not an option, coding future stuff for the 2.0.x series - and no
longer see 1.3.x in production (in over 20 sites).

Looks like this is a common problem, and the solution is not apparent yet.

-- Mitch


From mitch.pirtle at gmail.com  Mon Dec 20 09:13:36 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Mon, 20 Dec 2004 09:13:36 -0500
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? SOLVED
In-Reply-To: <330532b6041219181655071621@mail.gmail.com>
References: <330532b6041218145832a98212@mail.gmail.com>
	<20041219184827.GB12099@panix.com>
	<330532b6041219134457d3642b@mail.gmail.com>
	<20041219224909.GA11760@panix.com>
	<330532b6041219181655071621@mail.gmail.com>
Message-ID: <330532b6041220061358f60ccb@mail.gmail.com>

Hi gang,

Funny enough, the culprit wasn't SP2 or the firewall, it was either
skype or trillian.  Stopped both, reinstalled Apache2, and now
everything is running just fine.

Had no idea either would try to co-opt port 80 on the local machine,
but caught one of them red-handed with netstat.

Thanks for the attempts, and best wishes to everyone for the holidays.

-- Mitch, grateful to be associated with such a great group of
talented individuals

On Sun, 19 Dec 2004 21:16:15 -0500, Mitch Pirtle <mitch.pirtle at gmail.com> wrote:
> On Sun, 19 Dec 2004 17:49:09 -0500, Daniel Convissor
> <danielc at analysisandsolutions.com> wrote:
> > Sounds like you have another web server running.  IIS?  A worm?  Another
> > version of Apache?  Run netstat to see what's up with port 80.
> 
> Nothing is on port 80, or 443.  *sigh*
> 
> > Hmmm, 0.0.0.0?  That's odd.
> >
> > Anyway, I strongly suggest going the simple, 100% reliable route.  Apache
> > 1, PHP as CGI.
> 
> Not an option, coding future stuff for the 2.0.x series - and no
> longer see 1.3.x in production (in over 20 sites).
> 
> Looks like this is a common problem, and the solution is not apparent yet.
> 
> -- Mitch
>


From mjdewitt at alexcommgrp.com  Mon Dec 20 11:37:05 2004
From: mjdewitt at alexcommgrp.com (DeWitt, Michael)
Date: Mon, 20 Dec 2004 11:37:05 -0500
Subject: [nycphp-talk] OT:  HTMLTableCellElement
Message-ID: <BCF799A6B63DD411985D00805F9F9033E0A794@mail.alexcommgrp.com>



> -----Original Message-----
> From:	Hans C. Kaspersetz [SMTP:hans at cyberxdesigns.com]
> Sent:	Wednesday, December 15, 2004 10:19 AM
> To:	NYPHP Talk
> Subject:	Re: [nycphp-talk] OT:  HTMLTableCellElement
> 
> Mark,
> 
> Not sure if you are aware, but NY PHP has a front end list for these 
> types of questions.    Check it out might get you a better response.
> 
> http://lists.nyphp.org/mailman/listinfo/front-end
> 
> Hans
> 
> Mark Withington wrote:
> 
> >Has anyone had any experience/luck using the DOM
> HTMLTableCellElement.width
> >to provide <td> information?  I'm trying to generate table headings using
> >DHTML that would be positioned absolute (and thereby eliminate the need
> for
> >frames).  Everything works great, except the DHTML column widths don't
> line
> >up with the HTML (generated) table body.  I'm letting the browser adjust
> the
> >columns as necessary and was hoping to use HTMLTableCellElement.width to
> >provide the information that I would then inject into the DHTML table
> <td>
> >tags.
> >
> >Any suggestions/help would be appreciated.
> >
> >Mark
> >
> >  
> >
> --- snip ---
> 
> -- 
> Hans C. Kaspersetz
> Cyber X Designs
> 
> http://www.cyberxdesigns.com
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org


From codebowl at gmail.com  Mon Dec 20 14:55:24 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Mon, 20 Dec 2004 14:55:24 -0500
Subject: [nycphp-talk] PHP and MSSQL 7
Message-ID: <8d9a42800412201155651b3bb@mail.gmail.com>

Hello Everyone,

i have been trying to use the MSSQL functions in PHP and i cannot get
it to connect i keep getting the error that mssql_connect cannot
connect to the host.

$link = mssql_connect("207.76.168.21", $dbinfo['user'], $dbinfo['pass']);

that is the connection string i was using
and this is the error recieved

Warning: mssql_connect(): Unable to connect to server: 207.76.168.21
in /htdocs/data.php on line 9

I read the docs and noticed a user comment about using freetds, i$link
= mssql_connect("207.76.168.21", $dbinfo['user'], $dbinfo['pass']);
added a server to my freetds.conf file which was found in /etc/ and
then i restarted apache, i changed my mssql_connect to look like this

$link = mssql_connect("MyServer70", $dbinfo['user'], $dbinfo['pass']);

when i use this, i get the same error except the hostname is now
MyServer70 rather than the IP address of the server, here is what i
have in my freetds config

# A typical Microsoft SQL Server 7.0 configuration	
[MyServer70]
	host = 207.76.168.21
	port = 1433
	tds version = 7.0

after adding that i restarted my xampp apache install and i get this error

Warning: mssql_connect(): Unable to connect to server: MyServer70 in
/htdocs/data.php on line 9

am i doing something wrong or is this generally hard to accomplish
from a linux to windows server connection?

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From chsnyder at gmail.com  Mon Dec 20 15:17:04 2004
From: chsnyder at gmail.com (csnyder)
Date: Mon, 20 Dec 2004 15:17:04 -0500
Subject: [nycphp-talk] PHP and MSSQL 7
In-Reply-To: <8d9a42800412201155651b3bb@mail.gmail.com>
References: <8d9a42800412201155651b3bb@mail.gmail.com>
Message-ID: <b762526904122012173eac20a7@mail.gmail.com>

Joseph Crawford wrote:

> added a server to my freetds.conf file which was found in /etc/ and
> then i restarted apache, i changed my mssql_connect to look like this
> 
> $link = mssql_connect("MyServer70", $dbinfo['user'], $dbinfo['pass']);
> 

That's the way to do it... make sure you have
putenv("FREETDSCONF=/etc/freetds.conf"); at the start of your script.

I find that debugging MSSQL server connections is a huge PITA -- once
you get the hostname right, you may struggle for a while figuring out
how to correctly specify the username. And lord help ya if you're
using a second or third MSSQL instance on the same server -- what port
is *that*?

Every time I go through this I remember why I never used to support
Microsoft servers.


From codebowl at gmail.com  Mon Dec 20 15:30:19 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Mon, 20 Dec 2004 15:30:19 -0500
Subject: [nycphp-talk] PHP and MSSQL 7
In-Reply-To: <b762526904122012173eac20a7@mail.gmail.com>
References: <8d9a42800412201155651b3bb@mail.gmail.com>
	<b762526904122012173eac20a7@mail.gmail.com>
Message-ID: <8d9a428004122012303a0ee55e@mail.gmail.com>

csnyder,

thanks for the information i will take a stab at that in a bit.  I
know i wish i had control over the use of the MSSQL server but my
client uses a national database for real estate they can rent/sell on
thier site, they pay a co for the data and that co uses MSSQL bleh.

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From codebowl at gmail.com  Mon Dec 20 15:40:48 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Mon, 20 Dec 2004 15:40:48 -0500
Subject: [nycphp-talk] PHP and MSSQL 7
In-Reply-To: <8d9a428004122012303a0ee55e@mail.gmail.com>
References: <8d9a42800412201155651b3bb@mail.gmail.com>
	<b762526904122012173eac20a7@mail.gmail.com>
	<8d9a428004122012303a0ee55e@mail.gmail.com>
Message-ID: <8d9a42800412201240445e9fb2@mail.gmail.com>

csnyder,
i have added that and now it kinda works, but why would i get this error?

Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to
allocate 14095 bytes) in /htdocs/data.php on line 14

usually i see that when i execute an sql import from phpmyadmin that
is too large for PMA to process.

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From nestorflorez at earthlink.net  Mon Dec 20 15:56:40 2004
From: nestorflorez at earthlink.net (Nestor Florez)
Date: Mon, 20 Dec 2004 12:56:40 -0800 (PST)
Subject: [nycphp-talk] PHP and MSSQL 7
Message-ID: <4331629.1103576200712.JavaMail.root@huey.psp.pas.earthlink.net>

Joe,


This is what I use when accessing a Mssql DB

$hostname = "192.168.0.20,1433";
$username = "user1";
$password = "pwd1";
$dbName   = "mydb";


if($conn = mssql_connect($hostname,$username,$password))
{
}
else
{
  die("DATABASE FAILED TO RESPOND.");
}

Hope that this helps you.

Nestor :-)
http://www.IneedWork.org
-----Original Message-----
From: Joseph Crawford <codebowl at gmail.com>
Sent: Dec 20, 2004 11:55 AM
To: NYPHP Talk <talk at lists.nyphp.org>
Subject: [nycphp-talk] PHP and MSSQL 7

Hello Everyone,

i have been trying to use the MSSQL functions in PHP and i cannot get
it to connect i keep getting the error that mssql_connect cannot
connect to the host.

$link = mssql_connect("207.76.168.21", $dbinfo['user'], $dbinfo['pass']);

that is the connection string i was using
and this is the error recieved

Warning: mssql_connect(): Unable to connect to server: 207.76.168.21
in /htdocs/data.php on line 9

I read the docs and noticed a user comment about using freetds, i$link
= mssql_connect("207.76.168.21", $dbinfo['user'], $dbinfo['pass']);
added a server to my freetds.conf file which was found in /etc/ and
then i restarted apache, i changed my mssql_connect to look like this

$link = mssql_connect("MyServer70", $dbinfo['user'], $dbinfo['pass']);

when i use this, i get the same error except the hostname is now
MyServer70 rather than the IP address of the server, here is what i
have in my freetds config

# A typical Microsoft SQL Server 7.0 configuration	
[MyServer70]
	host = 207.76.168.21
	port = 1433
	tds version = 7.0

after adding that i restarted my xampp apache install and i get this error

Warning: mssql_connect(): Unable to connect to server: MyServer70 in
/htdocs/data.php on line 9

am i doing something wrong or is this generally hard to accomplish
from a linux to windows server connection?

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com
_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org





From jlacey at att.net  Mon Dec 20 16:09:32 2004
From: jlacey at att.net (John Lacey)
Date: Mon, 20 Dec 2004 14:09:32 -0700
Subject: [nycphp-talk] PHP and MSSQL 7
In-Reply-To: <4331629.1103576200712.JavaMail.root@huey.psp.pas.earthlink.net>
References: <4331629.1103576200712.JavaMail.root@huey.psp.pas.earthlink.net>
Message-ID: <41C73F8C.8030606@att.net>

Nestor Florez wrote:
> Joe,
> 
> 
> This is what I use when accessing a Mssql DB
> 
> $hostname = "192.168.0.20,1433";
> $username = "user1";
> $password = "pwd1";
> $dbName   = "mydb";

Nestor,

Should a comma "," or a colon ":" go after the IP address?  I'm 
unfamiliar with that syntax so I thought I'd ask.  I assume the 1433 is 
the port number that the mssql server waits on ala MySQL port 3306.

thanks,
John



From nestorflorez at earthlink.net  Mon Dec 20 16:16:48 2004
From: nestorflorez at earthlink.net (Nestor Florez)
Date: Mon, 20 Dec 2004 13:16:48 -0800 (PST)
Subject: [nycphp-talk] PHP and MSSQL 7
Message-ID: <12493829.1103577408588.JavaMail.root@huey.psp.pas.earthlink.net>

This is the biggest thing to remember 
a comma "," for MSSQL and 
a colon ":" for Mysql

:-)

-----Original Message-----
From: John Lacey <jlacey at att.net>
Sent: Dec 20, 2004 1:09 PM
To: NYPHP Talk <talk at lists.nyphp.org>
Subject: Re: [nycphp-talk] PHP and MSSQL 7

Nestor Florez wrote:
> Joe,
> 
> 
> This is what I use when accessing a Mssql DB
> 
> $hostname = "192.168.0.20,1433";
> $username = "user1";
> $password = "pwd1";
> $dbName   = "mydb";

Nestor,

Should a comma "," or a colon ":" go after the IP address?  I'm 
unfamiliar with that syntax so I thought I'd ask.  I assume the 1433 is 
the port number that the mssql server waits on ala MySQL port 3306.

thanks,
John

_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org





From jlacey at att.net  Mon Dec 20 16:26:34 2004
From: jlacey at att.net (John Lacey)
Date: Mon, 20 Dec 2004 14:26:34 -0700
Subject: [nycphp-talk] PHP and MSSQL 7
In-Reply-To: <12493829.1103577408588.JavaMail.root@huey.psp.pas.earthlink.net>
References: <12493829.1103577408588.JavaMail.root@huey.psp.pas.earthlink.net>
Message-ID: <41C7438A.4020404@att.net>


thanks, I'll file that one away, although I'll probably have to make 
room in my head for more facts by getting rid of either a Supreme's song 
or Elvis' All Shook Up

:)


Nestor Florez wrote:
> This is the biggest thing to remember 
> a comma "," for MSSQL and 
> a colon ":" for Mysql
> 
> :-)
> 
> -----Original Message-----
> From: John Lacey <jlacey at att.net>
> Sent: Dec 20, 2004 1:09 PM
> To: NYPHP Talk <talk at lists.nyphp.org>
> Subject: Re: [nycphp-talk] PHP and MSSQL 7
> 
> Nestor Florez wrote:
> 
>>Joe,
>>
>>
>>This is what I use when accessing a Mssql DB
>>
>>$hostname = "192.168.0.20,1433";
>>$username = "user1";
>>$password = "pwd1";
>>$dbName   = "mydb";
> 
> 
> Nestor,
> 
> Should a comma "," or a colon ":" go after the IP address?  I'm 
> unfamiliar with that syntax so I thought I'd ask.  I assume the 1433 is 
> the port number that the mssql server waits on ala MySQL port 3306.
> 
> thanks,
> John
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 
> 
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 
> 




From 1j0lkq002 at sneakemail.com  Mon Dec 20 16:49:36 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Mon, 20 Dec 2004 16:49:36 -0500
Subject: [nycphp-talk] PHP and MSSQL 7
In-Reply-To: <41C7438A.4020404@att.net>
References: <12493829.1103577408588.JavaMail.root@huey.psp.pas.earthlink.net>
	<41C7438A.4020404@att.net>
Message-ID: <17443-37215@sneakemail.com>

John Lacey jlacey-at-att.net |nyphp dev/internal group use| wrote:

>
> thanks, I'll file that one away, although I'll probably have to make 
> room in my head for more facts by getting rid of either a Supreme's 
> song or Elvis' All Shook Up
>
> :) 



Hahaha I still keep those - they still come in handy. I made a whole lot 
of room by completely erasingmy memory of [HTTP_GETVARS/POSTVARS] and 
Netscape 4.x browser issues earlier this year!

-=john andrews





From danielc at analysisandsolutions.com  Mon Dec 20 18:25:21 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Mon, 20 Dec 2004 18:25:21 -0500
Subject: [nycphp-talk] PHP and MSSQL 7
In-Reply-To: <41C73F8C.8030606@att.net>
References: <4331629.1103576200712.JavaMail.root@huey.psp.pas.earthlink.net>
	<41C73F8C.8030606@att.net>
Message-ID: <20041220232521.GA2906@panix.com>

On Mon, Dec 20, 2004 at 02:09:32PM -0700, John Lacey wrote:
> Nestor Florez wrote:
> >
> >$hostname = "192.168.0.20,1433";
> 
> Should a comma "," or a colon ":" go after the IP address? 

For MS SQL... on Windows, use a comma, on Unix use a colon.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From prusak at gmail.com  Tue Dec 21 02:53:41 2004
From: prusak at gmail.com (Ophir Prusak)
Date: Tue, 21 Dec 2004 02:53:41 -0500
Subject: [nycphp-talk] [OT] Hosting: Is www.theplanet.com any good?
Message-ID: <f1dc81bb04122023535918c26c@mail.gmail.com>

I just gave up on ev1servers (I had a real horror story with them).
Anyone have anything to say about www.theplanet.com ?

Thanks
Ophir


From jperkins at sneer.org  Tue Dec 21 09:26:06 2004
From: jperkins at sneer.org (Jason N.Perkins)
Date: Tue, 21 Dec 2004 08:26:06 -0600
Subject: [nycphp-talk] [OT] Hosting: Is www.theplanet.com any good?
In-Reply-To: <f1dc81bb04122023535918c26c@mail.gmail.com>
References: <f1dc81bb04122023535918c26c@mail.gmail.com>
Message-ID: <4022599E-535C-11D9-8B96-000D93C999BA@sneer.org>


On Dec 21, 2004, at 1:53 AM, Ophir Prusak wrote:

> I just gave up on ev1servers (I had a real horror story with them).
> Anyone have anything to say about www.theplanet.com ?

I used servers from servermatrix.net (The Planet's lower end subsidiary 
for dedicated boxes) and was very happy with them. Great prices, great 
support response times. They really seem to have their act together 
(and this is from a guy who worked [and loved it] at Rackspace).


--
Jason N Perkins



From mitch.pirtle at gmail.com  Tue Dec 21 09:29:01 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Tue, 21 Dec 2004 09:29:01 -0500
Subject: [nycphp-talk] [OT] Hosting: Is www.theplanet.com any good?
In-Reply-To: <4022599E-535C-11D9-8B96-000D93C999BA@sneer.org>
References: <f1dc81bb04122023535918c26c@mail.gmail.com>
	<4022599E-535C-11D9-8B96-000D93C999BA@sneer.org>
Message-ID: <330532b604122106295970aff6@mail.gmail.com>

Speaking of RackSpace, the guy that started it all is now at
ServerBeach.com - which is basically RackSpace on a budget, where you
do the system administration yourself.

The prices are awesome, they have NAS available for remote backup, and
also offer redundant disks as an option.

I switched back to them two months ago and can only say good things about them.

-- Mitch


From jperkins at sneer.org  Tue Dec 21 09:50:53 2004
From: jperkins at sneer.org (Jason N.Perkins)
Date: Tue, 21 Dec 2004 08:50:53 -0600
Subject: [nycphp-talk] [OT] Hosting: Is www.theplanet.com any good?
In-Reply-To: <330532b604122106295970aff6@mail.gmail.com>
References: <f1dc81bb04122023535918c26c@mail.gmail.com>
	<4022599E-535C-11D9-8B96-000D93C999BA@sneer.org>
	<330532b604122106295970aff6@mail.gmail.com>
Message-ID: <B6A03B48-535F-11D9-8B96-000D93C999BA@sneer.org>


On Dec 21, 2004, at 8:29 AM, Mitch Pirtle wrote:

> Speaking of RackSpace, the guy that started it all is now at
> ServerBeach.com - which is basically RackSpace on a budget, where you
> do the system administration yourself.

It was actually two of the guys - Richard Yoo and Dirk Elmendorf.

> The prices are awesome, they have NAS available for remote backup, and
> also offer redundant disks as an option.

I had the opportunity to work in the same office as their lead tech guy 
and some of the stuff that he had done is really, really cool from an 
automated hosting standpoint.

> I switched back to them two months ago and can only say good things 
> about them.

Excellent! I was always reluctant to mix business and personal, so I 
kept my stuff hosted elsewhere. Also, the buyout of ServerBeach by Pier 
1 hasn't had any negative impact on their operations that I'm aware of.

--
Jason N Perkins



From preinheimer at gmail.com  Tue Dec 21 10:20:33 2004
From: preinheimer at gmail.com (Paul Reinheimer)
Date: Tue, 21 Dec 2004 10:20:33 -0500
Subject: [nycphp-talk] [OT] Hosting: Is www.theplanet.com any good?
In-Reply-To: <B6A03B48-535F-11D9-8B96-000D93C999BA@sneer.org>
References: <f1dc81bb04122023535918c26c@mail.gmail.com>
	<4022599E-535C-11D9-8B96-000D93C999BA@sneer.org>
	<330532b604122106295970aff6@mail.gmail.com>
	<B6A03B48-535F-11D9-8B96-000D93C999BA@sneer.org>
Message-ID: <6ec19ec704122107204146b9b5@mail.gmail.com>

I am also on ServerMatrix, all in all a great experiance for me. My
only negative comment is that the support (& other) techs have a
tendancy to close tickets before I feel the issue is otherwise
resolved.

The few times I have called support I got a tech first ring after transfer. 


paul



On Tue, 21 Dec 2004 08:50:53 -0600, Jason N. Perkins <jperkins at sneer.org> wrote:
> 
> On Dec 21, 2004, at 8:29 AM, Mitch Pirtle wrote:
> 
> > Speaking of RackSpace, the guy that started it all is now at
> > ServerBeach.com - which is basically RackSpace on a budget, where you
> > do the system administration yourself.
> 
> It was actually two of the guys - Richard Yoo and Dirk Elmendorf.
> 
> > The prices are awesome, they have NAS available for remote backup, and
> > also offer redundant disks as an option.
> 
> I had the opportunity to work in the same office as their lead tech guy
> and some of the stuff that he had done is really, really cool from an
> automated hosting standpoint.
> 
> > I switched back to them two months ago and can only say good things
> > about them.
> 
> Excellent! I was always reluctant to mix business and personal, so I
> kept my stuff hosted elsewhere. Also, the buyout of ServerBeach by Pier
> 1 hasn't had any negative impact on their operations that I'm aware of.
> 
> --
> Jason N Perkins
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
Paul Reinheimer
Zend Certified Engineer


From mjdewitt at alexcommgrp.com  Tue Dec 21 12:11:18 2004
From: mjdewitt at alexcommgrp.com (DeWitt, Michael)
Date: Tue, 21 Dec 2004 12:11:18 -0500
Subject: [nycphp-talk] NYTCHP party pictures have been posted
Message-ID: <BCF799A6B63DD411985D00805F9F9033E0A7A5@mail.alexcommgrp.com>

You can check them out at http://nyphp.org/content/gallery

Mike


From cmerlo441 at gmail.com  Tue Dec 21 15:03:19 2004
From: cmerlo441 at gmail.com (Christopher Merlo)
Date: Tue, 21 Dec 2004 15:03:19 -0500
Subject: [nycphp-talk] Looks like Chris will get Slashdotted again :)
Message-ID: <946586480412211203a6b3f43@mail.gmail.com>

Chris S.'s blog is linked to in an article that just hit Slashdot
regarding the use of PHP with Apache 2.0.  In the article, Chris is
described as a "high-profile PHP community member".  Good work, Chris!
 :)
-c

-- 
cmerlo441 at gmail.com


From chsnyder at gmail.com  Tue Dec 21 15:10:41 2004
From: chsnyder at gmail.com (csnyder)
Date: Tue, 21 Dec 2004 15:10:41 -0500
Subject: [nycphp-talk] Looks like Chris will get Slashdotted again :)
In-Reply-To: <946586480412211203a6b3f43@mail.gmail.com>
References: <946586480412211203a6b3f43@mail.gmail.com>
Message-ID: <b76252690412211210276e611@mail.gmail.com>

Disambiguation: that's Chris Shiflett 

Slashdotted, nice work!


From jlacey at att.net  Tue Dec 21 16:05:16 2004
From: jlacey at att.net (John Lacey)
Date: Tue, 21 Dec 2004 14:05:16 -0700
Subject: [nycphp-talk] Looks like Chris will get Slashdotted again :)
In-Reply-To: <946586480412211203a6b3f43@mail.gmail.com>
References: <946586480412211203a6b3f43@mail.gmail.com>
Message-ID: <41C8900C.8060402@att.net>

Christopher Merlo wrote:
> Chris S.'s blog is linked to in an article that just hit Slashdot
> regarding the use of PHP with Apache 2.0.  In the article, Chris is
> described as a "high-profile PHP community member".  Good work, Chris!
>  :)
> -c
> 

well, in addition to Chris Shiflett, John Coggeshall also posts to this 
list.  Both John's and Chris' blogs are mentioned in the Slashdot article.

Chris:
http://shiflett.org/archive/86

John:
http://blog.coggeshall.org/archives/174_Apache_2.0,_My_Two_Cents.html


J



From jlacey at att.net  Tue Dec 21 16:13:54 2004
From: jlacey at att.net (John Lacey)
Date: Tue, 21 Dec 2004 14:13:54 -0700
Subject: [nycphp-talk] Looks like Chris will get Slashdotted again :)
In-Reply-To: <946586480412211203a6b3f43@mail.gmail.com>
References: <946586480412211203a6b3f43@mail.gmail.com>
Message-ID: <41C89212.2030003@att.net>

Christopher Merlo wrote:
> Chris S.'s blog is linked to in an article that just hit Slashdot
> regarding the use of PHP with Apache 2.0.  In the article, Chris is
> described as a "high-profile PHP community member".  Good work, Chris!
>  :)
> -c
> 

I've cut-and-pasted some repartee from Bruce Perens...I thought his last 
comment about "Slashdot readership" was particularly poignant :)



  It's a threading issue (Score:5, Interesting)
by Bruce Perens (3872) <bruce&perens,com> on Tuesday December 21, 
@02:34PM (#11150764)
(http://perens.com/ | Last Journal: Wednesday June 16, @04:13PM)
Either PHP itself, or many PHP applications, are not written to deal 
with the multi-threading offered by Apache 2.0 . So, it seems, you will 
do best if you install one of the less optimal threading models. And 
then you lose much of the benefit of Apache 2.

Apache 2 and a recent Linux kernel come pretty close to the theoretical 
limits of the hardware when it comes to serving static content. It just 
loafs along while saturating whatever net connection you give it. It's 
worth trying out.

Bruce
[ Reply to This ]



       I'm sorry Bruce, you'll have to come back later. (Score:5, Funny)
       by Mr Guy (547690) on Tuesday December 21, @02:37PM (#11150804)
       (Last Journal: Tuesday September 07, @04:29PM)
       It's not nearly late enough in the thread for someone respected 
to post correct, non-inflamatory, rational information. You're going to 
stop all the foaming at the mouth, and who wants a half-frothed troll 
this close to Christmas?
       [ Reply to This | Parent ]




             Re:I'm sorry Bruce, you'll have to come back later 
(Score:5, Funny)
             by Bruce Perens (3872) <bruce&perens,com> on Tuesday 
December 21, @02:53PM (#11151028) (http://perens.com/ | Last Journal: 
Wednesday June 16, @04:13PM)
             It's OK because I didn't read any of the articles linked to 
in the Slashdot story before posting. Thus, I maintain the proper level 
of ignorance for Slashdot.

             On the other hand, I had looked at the problem reasonably 
hard when choosing supported software for UserLinux, so I did know 
something about the problem. So perhaps that disqualifies me.

             Bruce



From frank_wong2 at informationideas.com  Tue Dec 21 16:20:31 2004
From: frank_wong2 at informationideas.com (Frank Wong)
Date: Tue, 21 Dec 2004 16:20:31 -0500
Subject: [nycphp-talk] mysql_close() error
Message-ID: <LOBBJOCDHNEMOHLKCPIOAENJEHAA.frank_wong2@informationideas.com>

Has anyone seen an error like this before?

Warning: mysql_close(): 12 is not a valid MySQL-Link resource

I connected to the DB using
*************************************************************************
	// Connecting, selecting database //
	$link = mysql_connect($host, $sys_user, $sys_password)
		or die("Could not connect : " . mysql_error());
		mysql_select_db($sys_db) or die("Could not select database");
*************************************************************************

I tried to close using
*************************************************************************
	// Closing connection //
	mysql_close($link);
*************************************************************************

Other than that, I only use the $link to query the DB.  How does $link
become 12 as stated in the error message?  This is driving me nuts...

TIA for any help.
________________________
Frank Wong
Consultant
Information Ideas
www.informationideas.com



From chsnyder at gmail.com  Tue Dec 21 16:29:37 2004
From: chsnyder at gmail.com (csnyder)
Date: Tue, 21 Dec 2004 16:29:37 -0500
Subject: [nycphp-talk] mysql_close() error
In-Reply-To: <LOBBJOCDHNEMOHLKCPIOAENJEHAA.frank_wong2@informationideas.com>
References: <LOBBJOCDHNEMOHLKCPIOAENJEHAA.frank_wong2@informationideas.com>
Message-ID: <b762526904122113292f0d5864@mail.gmail.com>

Not an answer to your question, but unless you explicitly need to
close the db connection (because your script is running in daemon mode
or something) you can leave out the mysql_close() -- the connection is
closed automatically once execution is finished.

Still, that's perplexing. Do you do anything to $link that would cause
it to be recast as a string or int?


From frank_wong2 at informationideas.com  Tue Dec 21 16:40:28 2004
From: frank_wong2 at informationideas.com (Frank Wong)
Date: Tue, 21 Dec 2004 16:40:28 -0500
Subject: [nycphp-talk] mysql_close() error
In-Reply-To: <b762526904122113292f0d5864@mail.gmail.com>
Message-ID: <LOBBJOCDHNEMOHLKCPIOEENKEHAA.frank_wong2@informationideas.com>

In my function, there is no reference to $link other than the lines with
mysql_connect and mysql_close.  Also, my function does not call another
function so any code that would alter $link should be contained within this
function.

$link is also a local variable.

I will try removing mysql_close and see what happens.

Thanks.

-----Original Message-----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org]On Behalf Of csnyder
Sent: Tuesday, December 21, 2004 4:30 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] mysql_close() error


Not an answer to your question, but unless you explicitly need to
close the db connection (because your script is running in daemon mode
or something) you can leave out the mysql_close() -- the connection is
closed automatically once execution is finished.

Still, that's perplexing. Do you do anything to $link that would cause
it to be recast as a string or int?
_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org




From frank_wong2 at informationideas.com  Tue Dec 21 16:52:50 2004
From: frank_wong2 at informationideas.com (Frank Wong)
Date: Tue, 21 Dec 2004 16:52:50 -0500
Subject: [nycphp-talk] mysql_close() error
In-Reply-To: <b762526904122113292f0d5864@mail.gmail.com>
Message-ID: <LOBBJOCDHNEMOHLKCPIOAENLEHAA.frank_wong2@informationideas.com>

The interesting thing is if I explicitly force mysql_connect to open a new
connection by using
****************************************************************************
*******************************************
	// Connecting, selecting database //
	$link = mysql_connect($host, $sys_user, $sys_password, TRUE)
		or show_error_page("Could not connect : " . mysql_error());
		mysql_select_db($sys_db) or show_error_page("Could not select database");
****************************************************************************
*******************************************

I get the error message
****************************************************************************
*******************************************
Warning: mysql_close(): 14 is not a valid MySQL-Link resource
****************************************************************************
*******************************************

instead of the original error message without explicitly forcing a new
connection
****************************************************************************
*******************************************
Warning: mysql_close(): 12 is not a valid MySQL-Link resource
****************************************************************************
*******************************************

Do those numbers represent something?  Error number or anything else?


Frank

-----Original Message-----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org]On Behalf Of csnyder
Sent: Tuesday, December 21, 2004 4:30 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] mysql_close() error


Not an answer to your question, but unless you explicitly need to
close the db connection (because your script is running in daemon mode
or something) you can leave out the mysql_close() -- the connection is
closed automatically once execution is finished.

Still, that's perplexing. Do you do anything to $link that would cause
it to be recast as a string or int?
_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org




From faber at linuxnj.com  Tue Dec 21 17:00:57 2004
From: faber at linuxnj.com (Faber Fedor)
Date: Tue, 21 Dec 2004 17:00:57 -0500
Subject: [nycphp-talk] Re: mysql_close() error
In-Reply-To: <LOBBJOCDHNEMOHLKCPIOAENJEHAA.frank_wong2@informationideas.com>
References: <LOBBJOCDHNEMOHLKCPIOAENJEHAA.frank_wong2@informationideas.com>
Message-ID: <20041221220057.GA21398@uranus.faber.nom>

On 21/12/04 16:20 -0500, Frank Wong wrote:
> Has anyone seen an error like this before?
> 
> Warning: mysql_close(): 12 is not a valid MySQL-Link resource
> 
> I connected to the DB using
> *************************************************************************
> 	// Connecting, selecting database //
> 	$link = mysql_connect($host, $sys_user, $sys_password)
> 		or die("Could not connect : " . mysql_error());
> 		mysql_select_db($sys_db) or die("Could not select database");
> *************************************************************************
> 
> I tried to close using
> *************************************************************************
> 	// Closing connection //
> 	mysql_close($link);
> *************************************************************************
> 
> Other than that, I only use the $link to query the DB.  How does $link
> become 12 as stated in the error message?  This is driving me nuts...

The way I read this is as follows:

You open a connection to MySQL and assign that connection to $link.
$link is kinda like a filehandle; it's a number that magically points to
something. If you were to execute the mysql_connect() multiple times and
print $link after each, you'll see increasing (probably sequential)
numbers.

For some reason, when you go to close $link, it's no longer pointing to
a database connection/filehandle.

So don't worry about the value of $link, worry about why $link no longer
points to a database resource.


-- 
 
Regards,
 
Faber                     

Linux New Jersey: Open Source Solutions for New Jersey
http://www.linuxnj.com





From frank_wong2 at informationideas.com  Tue Dec 21 17:05:17 2004
From: frank_wong2 at informationideas.com (Frank Wong)
Date: Tue, 21 Dec 2004 17:05:17 -0500
Subject: [nycphp-talk] Re: mysql_close() error
In-Reply-To: <20041221220057.GA21398@uranus.faber.nom>
Message-ID: <LOBBJOCDHNEMOHLKCPIOEENMEHAA.frank_wong2@informationideas.com>

Thanks for the pointer... ;)  I'll look into why it is losing the handler.

Frank

-----Original Message-----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org]On Behalf Of Faber Fedor
Sent: Tuesday, December 21, 2004 5:01 PM
To: NYPHP Talk
Subject: [nycphp-talk] Re: mysql_close() error


On 21/12/04 16:20 -0500, Frank Wong wrote:
> Has anyone seen an error like this before?
> 
> Warning: mysql_close(): 12 is not a valid MySQL-Link resource
> 
> I connected to the DB using
> *************************************************************************
> 	// Connecting, selecting database //
> 	$link = mysql_connect($host, $sys_user, $sys_password)
> 		or die("Could not connect : " . mysql_error());
> 		mysql_select_db($sys_db) or die("Could not select database");
> *************************************************************************
> 
> I tried to close using
> *************************************************************************
> 	// Closing connection //
> 	mysql_close($link);
> *************************************************************************
> 
> Other than that, I only use the $link to query the DB.  How does $link
> become 12 as stated in the error message?  This is driving me nuts...

The way I read this is as follows:

You open a connection to MySQL and assign that connection to $link.
$link is kinda like a filehandle; it's a number that magically points to
something. If you were to execute the mysql_connect() multiple times and
print $link after each, you'll see increasing (probably sequential)
numbers.

For some reason, when you go to close $link, it's no longer pointing to
a database connection/filehandle.

So don't worry about the value of $link, worry about why $link no longer
points to a database resource.


-- 
 
Regards,
 
Faber                     

Linux New Jersey: Open Source Solutions for New Jersey
http://www.linuxnj.com



_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org




From danielc at analysisandsolutions.com  Tue Dec 21 17:15:37 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Tue, 21 Dec 2004 17:15:37 -0500
Subject: [nycphp-talk] mysql_close() error
In-Reply-To: <LOBBJOCDHNEMOHLKCPIOAENJEHAA.frank_wong2@informationideas.com>
References: <LOBBJOCDHNEMOHLKCPIOAENJEHAA.frank_wong2@informationideas.com>
Message-ID: <20041221221537.GA20009@panix.com>

On Tue, Dec 21, 2004 at 04:20:31PM -0500, Frank Wong wrote:
> 
> Warning: mysql_close(): 12 is not a valid MySQL-Link resource

Sounds like the database connection was already closed somewhere else 
in your scripts.  Comment out all calls to mysql_close() except this 
one you're talking about.

If that isn't it, how about doing some debugging?  What you've given 
here is pseudo code, leaving out a lot of stuff, so ther's no way we 
can know what's really going on, plus having such a large example is 
distracting you from the problem at hand.  You need to make a REAL 
self contained example that breaks down everything to the simplest 
level possible:

<?php
 // set the $host, etc, vars here...

 $link = mysql_connect($host, $sys_user, $sys_password)
         or die("Could not connect : " . mysql_error());
 mysql_select_db($sys_db)
         or die("Could not select database");
 mysql_close($link);
?>

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From frank_wong2 at informationideas.com  Tue Dec 21 17:26:55 2004
From: frank_wong2 at informationideas.com (Frank Wong)
Date: Tue, 21 Dec 2004 17:26:55 -0500
Subject: [nycphp-talk] mysql_close() error
In-Reply-To: <20041221221537.GA20009@panix.com>
Message-ID: <LOBBJOCDHNEMOHLKCPIOOENNEHAA.frank_wong2@informationideas.com>

Aha, thanks for the input.  I found the problem. But I need a bit of
education as to why this works this way.

Once I narrowed it down, I found that there was another function I was
calling which mysql_close($link). So what I don't understand is the scope of
$link.

If I have

function one() {
	$link = mysql_connect(...
	mysql_close($link);
}

function two() {
	$link = mysql_connnect(...
	one();
	$mysql_close($link);
}

the var $link from function two is automatically referenced by function one
even though I did not pass it in?

Sorry if this is a newbie question.  Thanks.


Frank

-----Original Message-----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org]On Behalf Of Daniel Convissor
Sent: Tuesday, December 21, 2004 5:16 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] mysql_close() error


On Tue, Dec 21, 2004 at 04:20:31PM -0500, Frank Wong wrote:
>
> Warning: mysql_close(): 12 is not a valid MySQL-Link resource

Sounds like the database connection was already closed somewhere else
in your scripts.  Comment out all calls to mysql_close() except this
one you're talking about.

If that isn't it, how about doing some debugging?  What you've given
here is pseudo code, leaving out a lot of stuff, so ther's no way we
can know what's really going on, plus having such a large example is
distracting you from the problem at hand.  You need to make a REAL
self contained example that breaks down everything to the simplest
level possible:

<?php
 // set the $host, etc, vars here...

 $link = mysql_connect($host, $sys_user, $sys_password)
         or die("Could not connect : " . mysql_error());
 mysql_select_db($sys_db)
         or die("Could not select database");
 mysql_close($link);
?>

--Dan

--
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409
_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org




From adam at trachtenberg.com  Tue Dec 21 18:08:12 2004
From: adam at trachtenberg.com (Adam Maccabee Trachtenberg)
Date: Tue, 21 Dec 2004 18:08:12 -0500 (EST)
Subject: [nycphp-talk] mysql_close() error
In-Reply-To: <LOBBJOCDHNEMOHLKCPIOOENNEHAA.frank_wong2@informationideas.com>
References: <LOBBJOCDHNEMOHLKCPIOOENNEHAA.frank_wong2@informationideas.com>
Message-ID: <Pine.LNX.4.58.0412211804170.428@miranda.org>

On Tue, 21 Dec 2004, Frank Wong wrote:

> the var $link from function two is automatically referenced by function one
> even though I did not pass it in?
>
> Sorry if this is a newbie question.  Thanks.

Actually, it has nothing to do with lexical scoping. It's more subtle
than that.

I believe that if you try to make a second connection to MySQL via PHP
that's identical to an existing connection, then PHP will reuse the
first connection. That's why mysql_connect() returns the same resource
handle.

-adam

-- 
adam at trachtenberg.com | http://www.trachtenberg.com
author of o'reilly's "upgrading to php 5" and "php cookbook"
avoid the holiday rush, buy your copies today!


From chsnyder at gmail.com  Tue Dec 21 18:16:10 2004
From: chsnyder at gmail.com (csnyder)
Date: Tue, 21 Dec 2004 18:16:10 -0500
Subject: [nycphp-talk] mysql_close() error
In-Reply-To: <Pine.LNX.4.58.0412211804170.428@miranda.org>
References: <LOBBJOCDHNEMOHLKCPIOOENNEHAA.frank_wong2@informationideas.com>
	<Pine.LNX.4.58.0412211804170.428@miranda.org>
Message-ID: <b76252690412211516224b4932@mail.gmail.com>

Adam Maccabee Trachtenberg  wrote:

> I believe that if you try to make a second connection to MySQL via PHP
> that's identical to an existing connection, then PHP will reuse the
> first connection. That's why mysql_connect() returns the same resource
> handle.

Which would explain why $link loses its magical resourceness after the
first mysql_close() -- and also why it's a good idea not to use
mysql_close(), except in exceptional circumstances.


From chsnyder at gmail.com  Tue Dec 21 18:16:10 2004
From: chsnyder at gmail.com (csnyder)
Date: Tue, 21 Dec 2004 18:16:10 -0500
Subject: [nycphp-talk] mysql_close() error
In-Reply-To: <Pine.LNX.4.58.0412211804170.428@miranda.org>
References: <LOBBJOCDHNEMOHLKCPIOOENNEHAA.frank_wong2@informationideas.com>
	<Pine.LNX.4.58.0412211804170.428@miranda.org>
Message-ID: <b76252690412211516224b4932@mail.gmail.com>

Adam Maccabee Trachtenberg  wrote:

> I believe that if you try to make a second connection to MySQL via PHP
> that's identical to an existing connection, then PHP will reuse the
> first connection. That's why mysql_connect() returns the same resource
> handle.

Which would explain why $link loses its magical resourceness after the
first mysql_close() -- and also why it's a good idea not to use
mysql_close(), except in exceptional circumstances.


From frank_wong2 at informationideas.com  Tue Dec 21 21:46:47 2004
From: frank_wong2 at informationideas.com (Frank Wong)
Date: Tue, 21 Dec 2004 21:46:47 -0500
Subject: [nycphp-talk] mysql_close() error
In-Reply-To: <b76252690412211516224b4932@mail.gmail.com>
Message-ID: <LOBBJOCDHNEMOHLKCPIOEEOCEHAA.frank_wong2@informationideas.com>

Now I get it.  Thanks for clarifying how mysql_connect and mysql_close work.

Frank

-----Original Message-----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org]On Behalf Of csnyder
Sent: Tuesday, December 21, 2004 6:16 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] mysql_close() error


Adam Maccabee Trachtenberg  wrote:

> I believe that if you try to make a second connection to MySQL via PHP
> that's identical to an existing connection, then PHP will reuse the
> first connection. That's why mysql_connect() returns the same resource
> handle.

Which would explain why $link loses its magical resourceness after the
first mysql_close() -- and also why it's a good idea not to use
mysql_close(), except in exceptional circumstances.
_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org




From rolan at omnistep.com  Wed Dec 22 03:34:12 2004
From: rolan at omnistep.com (Rolan Yang)
Date: Wed, 22 Dec 2004 03:34:12 -0500
Subject: [nycphp-talk] Turck_mmcache weirdness after upgrading to php4.3.10
Message-ID: <41C93184.2090005@omnistep.com>

Some of my scripts have begun to exhibit odd behavior after upgrading to 
php 4.3.10, such as variables not printing their values when used in 
"print" statements. After modifying the php scripts and then reverting 
it back to the original code, the scripts began to function properly. I 
suspect this has something to do with Turck_mmcache 2.3.23 which is 
loaded.  I will upgrade to the lastest Turck_mmcache to see if it fixes 
the problems.

I just thought I'd make a report to save some head pounding in case 
anyone else encounters a similiar problem.

~Rolan




From shiflett at php.net  Wed Dec 22 03:53:32 2004
From: shiflett at php.net (Chris Shiflett)
Date: Wed, 22 Dec 2004 00:53:32 -0800 (PST)
Subject: [nycphp-talk] Looks like Chris will get Slashdotted again :)
In-Reply-To: <946586480412211203a6b3f43@mail.gmail.com>
Message-ID: <20041222085332.36870.qmail@web52802.mail.yahoo.com>

--- Christopher Merlo <cmerlo441 at gmail.com> wrote:
> Chris S.'s blog is linked to in an article that just hit
> Slashdot regarding the use of PHP with Apache 2.0.

This always seems to happen when I'm out of town and without convenient
Internet access. :-)

Hopefully my server did better. Everything except the comments is static,
so that's about the best I can do on a shared host.

> In the article, Chris is described as a "high-profile PHP
> community member". Good work, Chris!

Thanks, although I don't see myself as having done any work. I am pleased
to see that Rich was able to stir things up and get a discussion started.
I really only blogged about it to try to help give him a little more
attention.

I was happy to read Andi's most recent comment:

http://marc.theaimsgroup.com/?l=php-dev&m=110369402613847&w=2

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly     HTTP Developer's Handbook - Sams
Coming Soon                 http://httphandbook.org/


From leam at reuel.net  Wed Dec 22 06:13:49 2004
From: leam at reuel.net (leam at reuel.net)
Date: Wed, 22 Dec 2004 06:13:49 -0500
Subject: [nycphp-talk] Input validation?
Message-ID: <20041222111349.GC3623@leitz>

Good heavens, the people I write php for are actually using it! Errgh!

Any good references on validating user input that's headed for a database? What are some of the ways malicious or bad data is formed? 

And Merry Christmas Season to everyone! 

ciao!

leam


From jsiegel1 at optonline.net  Wed Dec 22 06:41:00 2004
From: jsiegel1 at optonline.net (Jeff Siegel)
Date: Wed, 22 Dec 2004 06:41:00 -0500
Subject: [nycphp-talk] Input validation?
In-Reply-To: <20041222111349.GC3623@leitz>
References: <20041222111349.GC3623@leitz>
Message-ID: <41C95D4C.6060401@optonline.net>

For starters see: 
http://education.nyphp.org/phundamentals/PH_storingretrieving.php

You'll probably also want to use some regular expressions with 
http://php.net/preg_match

You should also check out "PHP Cookbook" - there are some "recipes" 
dealing with input validation -  and there is a section in "Web Database 
Applications with PHP and MySQL" (Williams/Lane...this is an Oreilly 
book) on validating input.

Jeff

leam at reuel.net wrote:
> Good heavens, the people I write php for are actually using it! Errgh!
> 
> Any good references on validating user input that's headed for a database? What are some of the ways malicious or bad data is formed? 
> 
> And Merry Christmas Season to everyone! 
> 
> ciao!
> 
> leam
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


From amiller at criticalmedia.biz  Wed Dec 22 07:34:34 2004
From: amiller at criticalmedia.biz (Alan T. Miller)
Date: Wed, 22 Dec 2004 05:34:34 -0700
Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8.
References: <20041222111349.GC3623@leitz> <41C95D4C.6060401@optonline.net>
Message-ID: <004c01c4e822$97c3a510$0b01a8c0@webdev>

It looks like I got slammed by some new PHP vulnerablity. It first appeard 
that what it did was to replace all your index pages with its own that 
proclaims "This site is defaced!!!" and then includes ... "NeverEverNoSanity 
WebWorm generation 8.".

Well, in an effort to fix this problem, I completely rebuilt apache, 
mod_ssl, and PHP. And when I tried to upload new index files from my backup, 
I still get the damn messages but it is as if thay are overlaid on top of my 
regular pages. So Weird...

Anyone have any information about this, how to fix, how to clean this up, 
how to prevent (other than the obvious upgrade your PHP the absolute minute 
an update comes out?).

Thanks in advance,

Alan



From flakie at gmail.com  Wed Dec 22 09:36:38 2004
From: flakie at gmail.com (Eric Rank)
Date: Wed, 22 Dec 2004 08:36:38 -0600
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts POSSIBLE SOLUTION
In-Reply-To: <adca5f7d04121517427104970d@mail.gmail.com>
References: <adca5f7d0412151226437b0eaa@mail.gmail.com>
	<b762526904121512555932d5de@mail.gmail.com>
	<adca5f7d0412151447751cfba@mail.gmail.com>
	<b7625269041215151110aa0b9a@mail.gmail.com>
	<adca5f7d04121517427104970d@mail.gmail.com>
Message-ID: <adca5f7d0412220636115a0ecc@mail.gmail.com>

After thinking hard about what's involved with session hijacking, one
thing seemed to be the lynchpin in attacks, the session id. If an
attacker knows the session id, he can hijack the victim's session.

So my thought was to change the session id with every request. This
way, the session is only good for a very short time. It also does a
very adequate job of protecting against session fixation attacks
(http://www.acros.si/papers/session_fixation.pdf) because once the
attackers session is used to gain permissions, it becomes an invalid
id.

The php function session_regenerate_id() looked promissing. However,
it falls a bit short by not deleting the old session id once the new
session id is generated. So I whipped together a procedure to make it
work.

The things that it relies on are 1. the id being hard to catch, and 2.
the attacker doesn't beat the legit user to the punch. For example,
let's say an attacker was sniffing the network and sees a session id
go by. if he goes to a page specifying the stolen session id as his
own, the legit user will lose all her data in the session because the
id she specifies on her next page is no longer valid. However, if
you've got someone sniffing the network, there are probably bigger
problems to be concerned about.

To me, the following approach does a fairly adequate job of protecting
against session hijack attempts. You can use this in addition to other
validation tests (using cookies with unique id's, using user-agent &
ip comparisons, etc). I've done some preliminary testing and it seems
to work ok. I'd love to hear some feedback.

It goes something like this:

<?php
session_start();
$temp = $_SESSION;  //make a copy of the session
session_unset(); //clear the session data. probably an unnecessary line
if (isset($_COOKIE[session_name()])) {   //kill the cookie on the client
      @setcookie(session_name(), '', time()-42000, '/');
} 

 //use this instead of session destroy to kill the session file on the server
unlink(session_save_path().'/'.'sess_'.session_id()); 

session_regenerate_id();  //generate a new session id. this sets a new
cookie on client as well
$_SESSION = $temp;  //put the temp info back on the session superglobal

//The rest of your code that uses sessions below...
?>


Eric Rank


From jsiegel1 at optonline.net  Wed Dec 22 10:11:07 2004
From: jsiegel1 at optonline.net (Jeff Siegel)
Date: Wed, 22 Dec 2004 10:11:07 -0500
Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8.
In-Reply-To: <004c01c4e822$97c3a510$0b01a8c0@webdev>
References: <20041222111349.GC3623@leitz> <41C95D4C.6060401@optonline.net>
	<004c01c4e822$97c3a510$0b01a8c0@webdev>
Message-ID: <41C98E8B.3000705@optonline.net>

This seems to be a combination of PHP and phpBB issue.

Personally speaking...if you've got this combination, I think it's time 
to dump phpBB since it seems to often be on the "security vulnerability" 
list.

Jeff

Alan T. Miller wrote:

> It looks like I got slammed by some new PHP vulnerablity. It first 
> appeard that what it did was to replace all your index pages with its 
> own that proclaims "This site is defaced!!!" and then includes ... 
> "NeverEverNoSanity WebWorm generation 8.".
> 
> Well, in an effort to fix this problem, I completely rebuilt apache, 
> mod_ssl, and PHP. And when I tried to upload new index files from my 
> backup, I still get the damn messages but it is as if thay are overlaid 
> on top of my regular pages. So Weird...
> 
> Anyone have any information about this, how to fix, how to clean this 
> up, how to prevent (other than the obvious upgrade your PHP the absolute 
> minute an update comes out?).
> 
> Thanks in advance,
> 
> Alan
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


From sailer at bnl.gov  Wed Dec 22 10:14:42 2004
From: sailer at bnl.gov (Tim Sailer)
Date: Wed, 22 Dec 2004 10:14:42 -0500
Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8.
In-Reply-To: <41C98E8B.3000705@optonline.net>
References: <20041222111349.GC3623@leitz> <41C95D4C.6060401@optonline.net>
	<004c01c4e822$97c3a510$0b01a8c0@webdev>
	<41C98E8B.3000705@optonline.net>
Message-ID: <20041222151442.GB7306@bnl.gov>

On Wed, Dec 22, 2004 at 10:11:07AM -0500, Jeff Siegel wrote:
> This seems to be a combination of PHP and phpBB issue.
> 
> Personally speaking...if you've got this combination, I think it's time 
> to dump phpBB since it seems to often be on the "security vulnerability" 
> list.

phpBB seems to have features that everyone likes. Not that it's an excuse,
but those of us who do hosting have customers that demand things like
phpBB, so, until there's something that's as good or better (in their view),
I for one, am stuck with frequent patching. This all reminds me way too
much of Sendmail-patch-du-jour.

Tim

-- 
Tim Sailer <sailer at bnl.gov> 
Information and Special Technologies Program
Office of CounterIntelligence 
Brookhaven National Laboratory  (631) 344-3001


From jsiegel1 at optonline.net  Wed Dec 22 10:51:31 2004
From: jsiegel1 at optonline.net (Jeff Siegel)
Date: Wed, 22 Dec 2004 10:51:31 -0500
Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8.
In-Reply-To: <20041222151442.GB7306@bnl.gov>
References: <20041222111349.GC3623@leitz> <41C95D4C.6060401@optonline.net>
	<004c01c4e822$97c3a510$0b01a8c0@webdev>
	<41C98E8B.3000705@optonline.net> <20041222151442.GB7306@bnl.gov>
Message-ID: <41C99803.5050007@optonline.net>

Tim Sailer wrote:

> On Wed, Dec 22, 2004 at 10:11:07AM -0500, Jeff Siegel wrote:
> 
>>This seems to be a combination of PHP and phpBB issue.
>>
>>Personally speaking...if you've got this combination, I think it's time 
>>to dump phpBB since it seems to often be on the "security vulnerability" 
>>list.
> 
> 
> phpBB seems to have features that everyone likes. Not that it's an excuse,
> but those of us who do hosting have customers that demand things like
> phpBB, so, until there's something that's as good or better (in their view),
> I for one, am stuck with frequent patching. This all reminds me way too
> much of Sendmail-patch-du-jour.

Believe me...I understand. I have a client that has (or should I say 
"insisted on using") phpNuke/phpBB.

Jeff


From tgales at tgaconnect.com  Wed Dec 22 11:08:08 2004
From: tgales at tgaconnect.com (Tim Gales)
Date: Wed, 22 Dec 2004 11:08:08 -0500
Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8.
Message-ID: <200412221608.iBMG88F00703@tgaconnect.com>



> It looks like I got slammed by some new PHP vulnerablity. It first 
appeard 
> that what it did was to replace all your index pages with its own 
that 
> proclaims "This site is defaced!!!" and then 
includes ... "NeverEverNoSanity 
> WebWorm generation 8.".
> 
> Well, in an effort to fix this problem, I completely rebuilt apache, 
> mod_ssl, and PHP. And when I tried to upload new index files from my 
backup, 
> I still get the damn messages but it is as if thay are overlaid on 
top of my 
> regular pages. So Weird...
> 
> Anyone have any information about this...

>From what I have read there is a script 
which uses Google to find vulnerable sites 
like yours.

It could happen that after you totally redo 
your site, you can systematically get compromised 
again in short order.

I would consider changing default directories 
and renaming configuration files.

Tim G.


From 1j0lkq002 at sneakemail.com  Wed Dec 22 11:35:46 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Wed, 22 Dec 2004 11:35:46 -0500
Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8.
In-Reply-To: <200412221608.iBMG88F00703@tgaconnect.com>
References: <200412221608.iBMG88F00703@tgaconnect.com>
Message-ID: <26817-22098@sneakemail.com>

Tim Gales tgales-at-tgaconnect.com |nyphp dev/internal group use| wrote:

>  
>
>>It looks like I got slammed by some new PHP vulnerablity. It first 
>>    
>>
>appeard 
>  
>
>>that what it did was to replace all your index pages with its own 
>>    
>>
>that 
>  
>
>>proclaims "This site is defaced!!!" and then 
>>    
>>
>includes ... "NeverEverNoSanity
>

There is a flaw in the highlight script for which manual hacks are 
available. There were also multiple security flaws in PHP <  version 
4.3.10 or 5.0.3 (Secunia):


An integer overflow in the "pack()" function....bypasses the safe_mode 
feature and allows execution of arbitrary code with the privileges of 
the web server.

An integer overflow in the "unpack()" function can be exploited to leak 
information stored on the heap by passing specially crafted parameters 
to the function.

An error within safe_mode when executing commands can be exploited to 
bypass the safe_mode_exec_dir restriction by injecting shell commands 
into the current directory name.

*** An error in safe_mode combined with certain implementations of 
"realpath()" can be exploited to bypass safe_mode via a specially 
crafted file path.

*** Various errors within the deserialization code can be exploited to 
disclose information or execute arbitrary code via specially crafted 
strings passed to the "unserialize()" function.

An unspecified error in the "shmop_write()" function may result in an 
attempt to write to an out-of-bounds memory location.

An unspecified error in the "addslashes()" function causes it to not 
escape "\0" correctly.

An unspecified boundary error exists in the "exif_read_data()" function 
when handling long section names.

An unspecified error within "magic_quotes_gpc" may allow a one-level 
directory traversal when uploading files.

Other potential security issues have also been reported.

(*** phpBB vulnerability is related to dependency on these)

As for phpBB:

Edit |overall_footer.tpl| and remove the version number
Consider using mod_rewrite to change the default file names, since they 
are used as search footprints
It is widely believed that you should de-link the members directory 
(memberlist.php) to avoid spam and ID-based cracking atempts. However, 
for SEO purposes, try linking that instead to a search results page 
showing all posts of that member (search.php?search_author=membername).
Check your forums description text. Crackers have hidden js within the 
description, which loads on user's browsers when viewed (logged in users :-)
Disallow remote avatars

Want to see the damage? Check out this search :
http://www.google.com/search?hl=en&lr=&q=%22This+site+is+defaced%21%21%21%22&btnG=Search

-=john andrews



From 1j0lkq002 at sneakemail.com  Wed Dec 22 11:49:23 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Wed, 22 Dec 2004 11:49:23 -0500
Subject: [nycphp-talk] Input validation?
In-Reply-To: <41C95D4C.6060401@optonline.net>
References: <20041222111349.GC3623@leitz> <41C95D4C.6060401@optonline.net>
Message-ID: <3262-30217@sneakemail.com>

Jeff Siegel jsiegel1-at-optonline.net |nyphp dev/internal group use| wrote:

> For starters see: 
> http://education.nyphp.org/phundamentals/PH_storingretrieving.php
>
> You'll probably also want to use some regular expressions with 
> http://php.net/preg_match
>
> You should also check out "PHP Cookbook" - there are some "recipes" 
> dealing with input validation -  and there is a section in "Web 
> Database Applications with PHP and MySQL" (Williams/Lane...this is an 
> Oreilly book) on validating input.
>
> Jeff
>
> leam at reuel.net wrote:
>
>> Good heavens, the people I write php for are actually using it! Errgh!
>>
>> Any good references on validating user input that's headed for a 
>> database? What are some of the ways malicious or bad data is formed?
>> And Merry Christmas Season to everyone!
>> ciao!
>>
>> leam
>

During development you may want to propose a quick coding style tip for 
anyone messing with code. Once they understand the need for input 
validation they can "guesstimate" the relative level of input validation 
being done by a script *in it's current state* and add a comment to that 
effect. For example, a new script never tested starts with <!-- ival 0  
--> and one where the coder has routinely included use of input 
validation libraries might get <!-- ival 7  -->. You might simply 
require anything they add to be commented as level 1, for safety.

You might suggest that placing a low ival comment removes culpability 
from the coder... to help it get included ;-)

Many problems arise from 
not-having-time-to-go-back-and-clean-up-the-code-later and this "method" 
keeps it on the radar during coding, making it easier to 
locate/prioritize review later (find all files ival level 0, then 1, 
then 2, etc.....)

No replacement for good house standards, proper use of classes, 
libraries, code review, and all that. And of course don't leave the 
comments in production code.... But at the same time, it might help out.

-=john andrews




From corey at domanistudios.com  Wed Dec 22 13:19:41 2004
From: corey at domanistudios.com (corey szopinski)
Date: Wed, 22 Dec 2004 13:19:41 -0500
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts POSSIBLE SOLUTION
In-Reply-To: <adca5f7d0412220636115a0ecc@mail.gmail.com>
Message-ID: <BDEF24ED.E287%corey@domanistudios.com>

Hey Eric-

One idea to throw in with this: the idea of using a session id along with a
key. The key is generated by an algorithm on the client and the server, and
?merged? into the session id. I?m thinking of something like the md5sum of
the useragent+ip address+seconds since last request. All three values are
known entities to both the client and the server, so you can do the md5sum
on both sides without passing the actual value. Instead, you can merge the
php session id with this md5sum in a way that you can subtract the key to
get the session id. I?m not sure what merging technique to suggest that?s
reversible, but the general idea is to vary the id passed to the server in a
known and predictable way, without it looking predictable (the md5 will look
random). At the end of all of this you get the original session id issued by
the server, without passing that id in the clear.

It?s essentially a poor-man?s SSL. Since the handshake sequence happens on
every request. You won?t be encrypting anything, but you could be 95% sure
that no one is getting in the middle. For extra security, throw in a random
seed generated by the server on the first request and use that in your md5.

Although I have to ask: why not just set up a self-signed certificate for
this?

-c


On 12/22/04 9:36 AM, "Eric Rank" <flakie at gmail.com> wrote:

> After thinking hard about what's involved with session hijacking, one
> thing seemed to be the lynchpin in attacks, the session id. If an
> attacker knows the session id, he can hijack the victim's session.
> 
> So my thought was to change the session id with every request. This
> way, the session is only good for a very short time. It also does a
> very adequate job of protecting against session fixation attacks
> (http://www.acros.si/papers/session_fixation.pdf) because once the
> attackers session is used to gain permissions, it becomes an invalid
> id.
> 
> The php function session_regenerate_id() looked promissing. However,
> it falls a bit short by not deleting the old session id once the new
> session id is generated. So I whipped together a procedure to make it
> work.
> 
> The things that it relies on are 1. the id being hard to catch, and 2.
> the attacker doesn't beat the legit user to the punch. For example,
> let's say an attacker was sniffing the network and sees a session id
> go by. if he goes to a page specifying the stolen session id as his
> own, the legit user will lose all her data in the session because the
> id she specifies on her next page is no longer valid. However, if
> you've got someone sniffing the network, there are probably bigger
> problems to be concerned about.
> 
> To me, the following approach does a fairly adequate job of protecting
> against session hijack attempts. You can use this in addition to other
> validation tests (using cookies with unique id's, using user-agent &
> ip comparisons, etc). I've done some preliminary testing and it seems
> to work ok. I'd love to hear some feedback.
> 
> It goes something like this:
> 
> <?php
> session_start();
> $temp = $_SESSION;  //make a copy of the session
> session_unset(); //clear the session data. probably an unnecessary line
> if (isset($_COOKIE[session_name()])) {   //kill the cookie on the client
>       @setcookie(session_name(), '', time()-42000, '/');
> } 
> 
>  //use this instead of session destroy to kill the session file on the server
> unlink(session_save_path().'/'.'sess_'.session_id());
> 
> session_regenerate_id();  //generate a new session id. this sets a new
> cookie on client as well
> $_SESSION = $temp;  //put the temp info back on the session superglobal
> 
> //The rest of your code that uses sessions below...
> ?>
> 




Corey Szopinski
Director of Technology

DOMANI STUDIOS
corey at domanistudios.com
55 Washington St. Suite 822
Brooklyn, NY 11201
718-797-4470  x116 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041222/56e5668d/attachment.html>

From preinheimer at gmail.com  Wed Dec 22 13:31:25 2004
From: preinheimer at gmail.com (Paul Reinheimer)
Date: Wed, 22 Dec 2004 13:31:25 -0500
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts POSSIBLE SOLUTION
In-Reply-To: <adca5f7d0412220636115a0ecc@mail.gmail.com>
References: <adca5f7d0412151226437b0eaa@mail.gmail.com>
	<b762526904121512555932d5de@mail.gmail.com>
	<adca5f7d0412151447751cfba@mail.gmail.com>
	<b7625269041215151110aa0b9a@mail.gmail.com>
	<adca5f7d04121517427104970d@mail.gmail.com>
	<adca5f7d0412220636115a0ecc@mail.gmail.com>
Message-ID: <6ec19ec704122210316f471f4d@mail.gmail.com>

If a user has disabled cookies, and the session ID is being propegated
in the URL, this will break whenever the user uses the back button
then clicks on a new link. As links on previous pages will still
reference the old session id. The back button is an essential element
of the user experiance as it provides a safety mechanism for the user,
no matter what they do or click on, they can click back to 'fix it'.
Systems that negativly affect that process shouldn't be undertaken
lightly.

The primary methods for an attacker to obtain a session id would be
session fixation (sending a user to specially crafted url to set their
session id) and man in the middle attacks. Regenerating their session
id once (rather than repeatedly) would be enough to foil  a fixation
attack, but not man in the middle attacks. This constant regeneration
process might have some advantages in a man in the middle attack as
once the attacker started using the session it would be reset, and the
valid user would be asked to log in again, hopefully this process
would destroy any previous sessions associated with the account.
Though personally, I don't think this increase is worth the trade off
of breaking the back button for non-cookie users & increased server
load from constant regeneration & file access.

Also, my understanding of session_regenerate_id() is that it moves the
session from the previous ID to a newly generated one, the old ID
should be invalid at that point.

I'm a big supporter of regenerating the session id everytime the
visitor changes access levels. When they log in, regenerate the id.
When they log out, regenerate the id, etc.


Be carefull with doing IP matching as users behind proxies may change
IPs at seemingly random intervals. :)


paul




On Wed, 22 Dec 2004 08:36:38 -0600, Eric Rank <flakie at gmail.com> wrote:
> After thinking hard about what's involved with session hijacking, one
> thing seemed to be the lynchpin in attacks, the session id. If an
> attacker knows the session id, he can hijack the victim's session.
> 
> So my thought was to change the session id with every request. This
> way, the session is only good for a very short time. It also does a
> very adequate job of protecting against session fixation attacks
> (http://www.acros.si/papers/session_fixation.pdf) because once the
> attackers session is used to gain permissions, it becomes an invalid
> id.
> 
> The php function session_regenerate_id() looked promissing. However,
> it falls a bit short by not deleting the old session id once the new
> session id is generated. So I whipped together a procedure to make it
> work.
> 
> The things that it relies on are 1. the id being hard to catch, and 2.
> the attacker doesn't beat the legit user to the punch. For example,
> let's say an attacker was sniffing the network and sees a session id
> go by. if he goes to a page specifying the stolen session id as his
> own, the legit user will lose all her data in the session because the
> id she specifies on her next page is no longer valid. However, if
> you've got someone sniffing the network, there are probably bigger
> problems to be concerned about.
> 
> To me, the following approach does a fairly adequate job of protecting
> against session hijack attempts. You can use this in addition to other
> validation tests (using cookies with unique id's, using user-agent &
> ip comparisons, etc). I've done some preliminary testing and it seems
> to work ok. I'd love to hear some feedback.
> 
> It goes something like this:
> 
> <?php
> session_start();
> $temp = $_SESSION;  //make a copy of the session
> session_unset(); //clear the session data. probably an unnecessary line
> if (isset($_COOKIE[session_name()])) {   //kill the cookie on the client
>       @setcookie(session_name(), '', time()-42000, '/');
> }
> 
>  //use this instead of session destroy to kill the session file on the server
> unlink(session_save_path().'/'.'sess_'.session_id());
> 
> session_regenerate_id();  //generate a new session id. this sets a new
> cookie on client as well
> $_SESSION = $temp;  //put the temp info back on the session superglobal
> 
> //The rest of your code that uses sessions below...
> ?>
> 
> 
> Eric Rank
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
Paul Reinheimer
Zend Certified Engineer


From preinheimer at gmail.com  Wed Dec 22 13:39:11 2004
From: preinheimer at gmail.com (Paul Reinheimer)
Date: Wed, 22 Dec 2004 13:39:11 -0500
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts POSSIBLE SOLUTION
In-Reply-To: <BDEF24ED.E287%corey@domanistudios.com>
References: <adca5f7d0412220636115a0ecc@mail.gmail.com>
	<BDEF24ED.E287%corey@domanistudios.com>
Message-ID: <6ec19ec70412221039550a4c15@mail.gmail.com>

This sounds neat, but how does my client generate the ID? Javascript?
On each request?

Also, my computer doesn't know what its external IP is, I sit behind a
connection sharing router, it thinks it is 192.168.1.85, while the
server will think it is 64.52.118.25 (or whatever).  Users behind
connection proxies or other similar corporate constructs will run into
similar problems. The seconds since last request thing is also going
to be a bit wonky as a result of pings & lag.


Some type of specially crafted but shifting key might work well for
applications communicating with each other directly, but I don't know
how well it would work for a user browsing a site.



paul




On Wed, 22 Dec 2004 13:19:41 -0500, corey szopinski
<corey at domanistudios.com> wrote:
>  Hey Eric-
>  
>  One idea to throw in with this: the idea of using a session id along with a
> key. The key is generated by an algorithm on the client and the server, and
> "merged" into the session id. I'm thinking of something like the md5sum of
> the useragent+ip address+seconds since last request. All three values are
> known entities to both the client and the server, so you can do the md5sum
> on both sides without passing the actual value. Instead, you can merge the
> php session id with this md5sum in a way that you can subtract the key to
> get the session id. I'm not sure what merging technique to suggest that's
> reversible, but the general idea is to vary the id passed to the server in a
> known and predictable way, without it looking predictable (the md5 will look
> random). At the end of all of this you get the original session id issued by
> the server, without passing that id in the clear.
>  
>  It's essentially a poor-man's SSL. Since the handshake sequence happens on
> every request. You won't be encrypting anything, but you could be 95% sure
> that no one is getting in the middle. For extra security, throw in a random
> seed generated by the server on the first request and use that in your md5.
>  
>  Although I have to ask: why not just set up a self-signed certificate for
> this?
>  
>  -c
> 
>  
>  
>  On 12/22/04 9:36 AM, "Eric Rank" <flakie at gmail.com> wrote:
>  
>  
> After thinking hard about what's involved with session hijacking, one
>  thing seemed to be the lynchpin in attacks, the session id. If an
>  attacker knows the session id, he can hijack the victim's session.
>  
>  So my thought was to change the session id with every request. This
>  way, the session is only good for a very short time. It also does a
>  very adequate job of protecting against session fixation attacks
>  (http://www.acros.si/papers/session_fixation.pdf) because once the
>  attackers session is used to gain permissions, it becomes an invalid
>  id.
>  
>  The php function session_regenerate_id() looked promissing. However,
>  it falls a bit short by not deleting the old session id once the new
>  session id is generated. So I whipped together a procedure to make it
>  work.
>  
>  The things that it relies on are 1. the id being hard to catch, and 2.
>  the attacker doesn't beat the legit user to the punch. For example,
>  let's say an attacker was sniffing the network and sees a session id
>  go by. if he goes to a page specifying the stolen session id as his
>  own, the legit user will lose all her data in the session because the
>  id she specifies on her next page is no longer valid. However, if
>  you've got someone sniffing the network, there are probably bigger
>  problems to be concerned about.
>  
>  To me, the following approach does a fairly adequate job of protecting
>  against session hijack attempts. You can use this in addition to other
>  validation tests (using cookies with unique id's, using user-agent &
>  ip comparisons, etc). I've done some preliminary testing and it seems
>  to work ok. I'd love to hear some feedback.
>  
>  It goes something like this:
>  
>  <?php
>  session_start();
>  $temp = $_SESSION;  //make a copy of the session
>  session_unset(); //clear the session data. probably an unnecessary line
>  if (isset($_COOKIE[session_name()])) {   //kill the cookie on the client
>        @setcookie(session_name(), '', time()-42000, '/');
>  } 
>  
>   //use this instead of session destroy to kill the session file on the
> server
>  unlink(session_save_path().'/'.'sess_'.session_id()); 
>  
>  session_regenerate_id();  //generate a new session id. this sets a new
>  cookie on client as well
>  $_SESSION = $temp;  //put the temp info back on the session superglobal
>  
>  //The rest of your code that uses sessions below...
>  ?>
>  
>  
>  
>  
>  
>  Corey Szopinski
>  Director of Technology 
>  
>  DOMANI STUDIOS
>  corey at domanistudios.com 
>  55 Washington St. Suite 822
>  Brooklyn, NY 11201
>  718-797-4470  x116 
>  
>  
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 
> 


-- 
Paul Reinheimer
Zend Certified Engineer


From chsnyder at gmail.com  Wed Dec 22 13:47:40 2004
From: chsnyder at gmail.com (csnyder)
Date: Wed, 22 Dec 2004 13:47:40 -0500
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts POSSIBLE SOLUTION
In-Reply-To: <6ec19ec704122210316f471f4d@mail.gmail.com>
References: <adca5f7d0412151226437b0eaa@mail.gmail.com>
	<b762526904121512555932d5de@mail.gmail.com>
	<adca5f7d0412151447751cfba@mail.gmail.com>
	<b7625269041215151110aa0b9a@mail.gmail.com>
	<adca5f7d04121517427104970d@mail.gmail.com>
	<adca5f7d0412220636115a0ecc@mail.gmail.com>
	<6ec19ec704122210316f471f4d@mail.gmail.com>
Message-ID: <b762526904122210477fa12fe9@mail.gmail.com>

> md5sum of the useragent+ip address+seconds since last request. 
> All three values are known entities to both the client and the server

Not true -- my client seldom knows what IP address the server will
see, because I'm behind a NATing router.

Also, if you think this through it doesn't prevent a man-in-the-middle
attack. MITM knows all of this info, and has a copy of the javascript
required to generate the id.

SSL is the only way to prevent session hijacking in all cases.


From webmaster at localnotion.com  Wed Dec 22 17:10:28 2004
From: webmaster at localnotion.com (Matthew Terenzio)
Date: Wed, 22 Dec 2004 17:10:28 -0500
Subject: [nycphp-talk] mysql_close() error
In-Reply-To: <LOBBJOCDHNEMOHLKCPIOEEOCEHAA.frank_wong2@informationideas.com>
References: <LOBBJOCDHNEMOHLKCPIOEEOCEHAA.frank_wong2@informationideas.com>
Message-ID: <49F64CAB-5466-11D9-B3B3-0003938BDF32@localnotion.com>


On Dec 21, 2004, at 9:46 PM, Frank Wong wrote:

>
> Adam Maccabee Trachtenberg  wrote:
>
>> I believe that if you try to make a second connection to MySQL via PHP
>> that's identical to an existing connection, then PHP will reuse the
>> first connection. That's why mysql_connect() returns the same resource
>> handle.
>
> Which would explain why $link loses its magical resourceness after the
> first mysql_close() -- and also why it's a good idea not to use
> mysql_close(), except in exceptional circumstances.

I wasn't paying terribly close attention to this thread but I had an 
issue today which may be related.

Using Postgresql, I recently added a couple of scripts written by an 
outside company which allowed them to bulk sync some data that my 
company wanted.

I began noticing that some of my DB backed web pages were displaying 
errors .
Shame on me for allowing that, I know, I hadn't read Phundamentals yet 
when I created those pages :)
Any way. . .

The two errors were Postgres "can't connect, too many clients already."

and Postgres "The connection was terminated by the administrator"

The latter being caused mostly by a page refresh.

I upped the Postgresql.conf max users to 64 instead of 32 though I knew 
that was not a proper fix.
I suspected these scripts so I removed them.
The errors continued but at a lesser and lesser rate. I guessed some 
connections were still actively being shared.
Finally they ceased.

I looked at the scripts again and they were pretty basic, but I changed 
pg_connect()  to pg_pconnect() and removed the pg_close() altogether.

So far so good. Time will tell.

I guess the moral is don't let cold fusion guys write your PHP scripts. 
:)
I didn't just throw the scripts on the server, by the way, but they 
were pretty basic and it didn't occur to me that the close DB function 
would terminate connections elsewhere.

That is what happened isn't it?



From flakie at gmail.com  Wed Dec 22 14:07:58 2004
From: flakie at gmail.com (Eric Rank)
Date: Wed, 22 Dec 2004 13:07:58 -0600
Subject: [nycphp-talk] Session security: protecting against hijacking
	attempts POSSIBLE SOLUTION
In-Reply-To: <BDEF24ED.E287%corey@domanistudios.com>
References: <adca5f7d0412220636115a0ecc@mail.gmail.com>
	<BDEF24ED.E287%corey@domanistudios.com>
Message-ID: <adca5f7d04122211071743d9c5@mail.gmail.com>

Howdy Corey,

Using some kind of unique key is a good idea. It makes a lot of sense
to combine some sort of unique identifier generated by the client.

There are of course problems with using the ip for people behind
proxies, among other issues getting the unique goods to generate some
sort of key. But regardless, getting some sort of semi-unique value
shouldn't be too hard. However, unless I'm missing something (I feel
like I am), it seems to me that there's a slight shortcoming in using
a session id with a mixed in key.

As you mention, the key+session id value does have to transfer from
client to server, so anyone watching could see that crazy string, copy
it and send some headers to the server matching that. The server then
de-crypts the crazy string, and accepts it as valid. Using a timestamp
in the key is a good idea though. That would certainly help make
things unique.

Self signed certificate ? I completely agree that where real security
is necessary, SSL is a necessity. In some cases, ssl isn't available
(for people running on cheap hosting packages). That's why I'm beating
this horse. Is it dead yet? :-)

Thanks,

Eric




On Wed, 22 Dec 2004 13:19:41 -0500, corey szopinski
<corey at domanistudios.com> wrote:
>  Hey Eric-
>  
>  One idea to throw in with this: the idea of using a session id along with a
> key. The key is generated by an algorithm on the client and the server, and
> "merged" into the session id. I'm thinking of something like the md5sum of
> the useragent+ip address+seconds since last request. All three values are
> known entities to both the client and the server, so you can do the md5sum
> on both sides without passing the actual value. Instead, you can merge the
> php session id with this md5sum in a way that you can subtract the key to
> get the session id. I'm not sure what merging technique to suggest that's
> reversible, but the general idea is to vary the id passed to the server in a
> known and predictable way, without it looking predictable (the md5 will look
> random). At the end of all of this you get the original session id issued by
> the server, without passing that id in the clear.
>  
>  It's essentially a poor-man's SSL. Since the handshake sequence happens on
> every request. You won't be encrypting anything, but you could be 95% sure
> that no one is getting in the middle. For extra security, throw in a random
> seed generated by the server on the first request and use that in your md5.
>  
>  Although I have to ask: why not just set up a self-signed certificate for
> this?
>  
>  -c
> 
>  
>  
>  On 12/22/04 9:36 AM, "Eric Rank" <flakie at gmail.com> wrote:
>  
>  
> After thinking hard about what's involved with session hijacking, one
>  thing seemed to be the lynchpin in attacks, the session id. If an
>  attacker knows the session id, he can hijack the victim's session.
>  
>  So my thought was to change the session id with every request. This
>  way, the session is only good for a very short time. It also does a
>  very adequate job of protecting against session fixation attacks
>  (http://www.acros.si/papers/session_fixation.pdf) because once the
>  attackers session is used to gain permissions, it becomes an invalid
>  id.
>  
>  The php function session_regenerate_id() looked promissing. However,
>  it falls a bit short by not deleting the old session id once the new
>  session id is generated. So I whipped together a procedure to make it
>  work.
>  
>  The things that it relies on are 1. the id being hard to catch, and 2.
>  the attacker doesn't beat the legit user to the punch. For example,
>  let's say an attacker was sniffing the network and sees a session id
>  go by. if he goes to a page specifying the stolen session id as his
>  own, the legit user will lose all her data in the session because the
>  id she specifies on her next page is no longer valid. However, if
>  you've got someone sniffing the network, there are probably bigger
>  problems to be concerned about.
>  
>  To me, the following approach does a fairly adequate job of protecting
>  against session hijack attempts. You can use this in addition to other
>  validation tests (using cookies with unique id's, using user-agent &
>  ip comparisons, etc). I've done some preliminary testing and it seems
>  to work ok. I'd love to hear some feedback.
>  
>  It goes something like this:
>  
>  <?php
>  session_start();
>  $temp = $_SESSION;  //make a copy of the session
>  session_unset(); //clear the session data. probably an unnecessary line
>  if (isset($_COOKIE[session_name()])) {   //kill the cookie on the client
>        @setcookie(session_name(), '', time()-42000, '/');
>  } 
>  
>   //use this instead of session destroy to kill the session file on the
> server
>  unlink(session_save_path().'/'.'sess_'.session_id()); 
>  
>  session_regenerate_id();  //generate a new session id. this sets a new
>  cookie on client as well
>  $_SESSION = $temp;  //put the temp info back on the session superglobal
>  
>  //The rest of your code that uses sessions below...
>  ?>
>  
>  
>  
>  
>  
>  Corey Szopinski
>  Director of Technology 
>  
>  DOMANI STUDIOS
>  corey at domanistudios.com 
>  55 Washington St. Suite 822
>  Brooklyn, NY 11201
>  718-797-4470  x116


From preinheimer at gmail.com  Wed Dec 22 20:29:26 2004
From: preinheimer at gmail.com (Paul Reinheimer)
Date: Wed, 22 Dec 2004 20:29:26 -0500
Subject: [nycphp-talk] WAMP on a new XP box with SP2 possible? SOLVED
In-Reply-To: <330532b6041220061358f60ccb@mail.gmail.com>
References: <330532b6041218145832a98212@mail.gmail.com>
	<20041219184827.GB12099@panix.com>
	<330532b6041219134457d3642b@mail.gmail.com>
	<20041219224909.GA11760@panix.com>
	<330532b6041219181655071621@mail.gmail.com>
	<330532b6041220061358f60ccb@mail.gmail.com>
Message-ID: <6ec19ec70412221729bd51837@mail.gmail.com>

Skype grabs port 80

Next time try 
netstat -ano 
at the command line, it will list all active or open connections/ports
and the PID associated with eact, then you can match the PID in
question with task manager (you will need to add the column).

I had this exact problem yesterday :)


paul

On Mon, 20 Dec 2004 09:13:36 -0500, Mitch Pirtle <mitch.pirtle at gmail.com> wrote:
> Hi gang,
> 
> Funny enough, the culprit wasn't SP2 or the firewall, it was either
> skype or trillian.  Stopped both, reinstalled Apache2, and now
> everything is running just fine.
> 
> Had no idea either would try to co-opt port 80 on the local machine,
> but caught one of them red-handed with netstat.
> 
> Thanks for the attempts, and best wishes to everyone for the holidays.
> 
> -- Mitch, grateful to be associated with such a great group of
> talented individuals
> 
> On Sun, 19 Dec 2004 21:16:15 -0500, Mitch Pirtle <mitch.pirtle at gmail.com> wrote:
> > On Sun, 19 Dec 2004 17:49:09 -0500, Daniel Convissor
> > <danielc at analysisandsolutions.com> wrote:
> > > Sounds like you have another web server running.  IIS?  A worm?  Another
> > > version of Apache?  Run netstat to see what's up with port 80.
> >
> > Nothing is on port 80, or 443.  *sigh*
> >
> > > Hmmm, 0.0.0.0?  That's odd.
> > >
> > > Anyway, I strongly suggest going the simple, 100% reliable route.  Apache
> > > 1, PHP as CGI.
> >
> > Not an option, coding future stuff for the 2.0.x series - and no
> > longer see 1.3.x in production (in over 20 sites).
> >
> > Looks like this is a common problem, and the solution is not apparent yet.
> >
> > -- Mitch
> >
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
Paul Reinheimer
Zend Certified Engineer


From hans at nyphp.com  Wed Dec 22 20:30:18 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Wed, 22 Dec 2004 17:30:18 -0800
Subject: [nycphp-talk] Session security: protecting against
	hijackingattempts POSSIBLE SOLUTION
Message-ID: <41EE526EC2D3C74286415780D3BA9F87071E9D33@ehost011-1.exch011.intermedia.net>


> After thinking hard about what's involved with session hijacking, one
> thing seemed to be the lynchpin in attacks, the session id. If an
> attacker knows the session id, he can hijack the victim's session.
> 
> So my thought was to change the session id with every request. This
> way, the session is only good for a very short time. It also does a
> very adequate job of protecting against session fixation attacks
> (http://www.acros.si/papers/session_fixation.pdf) because once the
> attackers session is used to gain permissions, it becomes an invalid
> id.

I did something like this using sequenced sessions.  It's basically the
same idea as the sequence numbers TCP uses (SYN/ACK).  See attached;  it
works pretty well and I've used it in a couple of sites.  Easy to use
and won't reuse the same session id more than once, making it easy to
detect if a hi-jack has occurred, and hard to perform a hi-jack to begin
with.  For high traffic environments, it could use a couple of
improvements.


---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org



-------------- next part --------------
A non-text attachment was scrubbed...
Name: pas.ss.php
Type: application/octet-stream
Size: 2277 bytes
Desc: pas.ss.php
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041222/c7a69ba6/attachment.obj>

From rolan at omnistep.com  Wed Dec 22 21:40:16 2004
From: rolan at omnistep.com (Rolan Yang)
Date: Wed, 22 Dec 2004 21:40:16 -0500
Subject: [nycphp-talk] Session security: protecting against
	hijacking	attempts POSSIBLE SOLUTION
In-Reply-To: <adca5f7d0412220636115a0ecc@mail.gmail.com>
References: <adca5f7d0412151226437b0eaa@mail.gmail.com>	<b762526904121512555932d5de@mail.gmail.com>	<adca5f7d0412151447751cfba@mail.gmail.com>	<b7625269041215151110aa0b9a@mail.gmail.com>	<adca5f7d04121517427104970d@mail.gmail.com>
	<adca5f7d0412220636115a0ecc@mail.gmail.com>
Message-ID: <41CA3010.8090003@omnistep.com>

If you are really concerned about hijacking and security then the web 
pages should be fetched/served over SSL.

~Rolan

Eric Rank wrote:

>After thinking hard about what's involved with session hijacking, one
>thing seemed to be the lynchpin in attacks, the session id. If an
>attacker knows the session id, he can hijack the victim's session.
>
>  
>


From tom at supertom.com  Thu Dec 23 12:08:37 2004
From: tom at supertom.com (Tom)
Date: Thu, 23 Dec 2004 12:08:37 -0500
Subject: [nycphp-talk] PHP 5.1 release timeframe?
Message-ID: <1103821716.16722.16.camel@tmelendez.int.bascom.com>

Hey folks,

Just wondering if anyone here had any ideas about when PHP 5.1 would be
released.  From my searching, I'm going to conclude that there is no
date in site, but I thought someone may have some inside information
that would prove otherwise.

More specifically, I'm looking for support of PHP5 and SQLite 3, which I
read on the internals list was tentatively slotted for PHP 5.1.  So, if
I'm wrong about that, and it would be included at some other time,
please let me know that as well.

Thanks, and have a good holiday!

Tom
www.liphp.org




From adam at trachtenberg.com  Thu Dec 23 13:07:03 2004
From: adam at trachtenberg.com (Adam Maccabee Trachtenberg)
Date: Thu, 23 Dec 2004 13:07:03 -0500 (EST)
Subject: [nycphp-talk] PHP 5.1 release timeframe?
In-Reply-To: <1103821716.16722.16.camel@tmelendez.int.bascom.com>
References: <1103821716.16722.16.camel@tmelendez.int.bascom.com>
Message-ID: <Pine.LNX.4.58.0412231304430.428@miranda.org>

On Thu, 23 Dec 2004, Tom wrote:

> More specifically, I'm looking for support of PHP5 and SQLite 3,
> which I read on the internals list was tentatively slotted for PHP
> 5.1.  So, if I'm wrong about that, and it would be included at some
> other time, please let me know that as well.

I haven't seen a lot of work on that driver. From what I've heard, it
will not be a modification of the existing SQLite extension, as there
are big differences between SQLite 2 and 3. Instead, the PHP SQLite 3
driver may be part of PDO.

I haven't played around with PDO, but it doesn't look like it's
actively maintained. There are fixes and features that come in here
and there, but I've never really seen a posting with a concrete status
or launch plan.

-adam

-- 
adam at trachtenberg.com | http://www.trachtenberg.com
author of o'reilly's "upgrading to php 5" and "php cookbook"
avoid the holiday rush, buy your copies today!


From hans at nyphp.com  Thu Dec 23 13:07:52 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Thu, 23 Dec 2004 10:07:52 -0800
Subject: [nycphp-talk] PHP 5.1 release timeframe?
Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA053@ehost011-1.exch011.intermedia.net>


> Just wondering if anyone here had any ideas about when PHP 5.1 would
be
> released.  From my searching, I'm going to conclude that there is no
> date in site, but I thought someone may have some inside information
> that would prove otherwise.
> 
> More specifically, I'm looking for support of PHP5 and SQLite 3, which
I
> read on the internals list was tentatively slotted for PHP 5.1.  So,
if
> I'm wrong about that, and it would be included at some other time,
> please let me know that as well.

I think the classic "it'll be released when it's ready" mantra holds.
That said, I've been using PHP 5.1 (cvs HEAD) on AMD64 (because it
handles lib64) and it's been working quite well.


---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org




From mitch.pirtle at gmail.com  Thu Dec 23 14:39:07 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Thu, 23 Dec 2004 14:39:07 -0500
Subject: [nycphp-talk] hmm, looking at PHP IDEs again...
Message-ID: <330532b60412231139246173bd@mail.gmail.com>

...and stumbled across this one:

    http://www.mpsoftware.dk/phpdesigner.php

Nice, has a class browser so code folding isn't so sorely missed.  I
will live in this over the holidays just to see how well it is done,
but on the surface it looks VERY polished (and I am now free of
dreamweaver!).  It was mentioned on this site, a sort of Freshmeat][
for PHP IDEs:

    http://www.php-editors.com

Any other XP-based editors that are free worth mentioning that are not there?

-- Mitch, if I could only find something like Kate for Windows *sigh*


From darkwulf at clan-forsaken.com  Thu Dec 23 15:04:08 2004
From: darkwulf at clan-forsaken.com (DarkWulf)
Date: Thu, 23 Dec 2004 12:04:08 -0800
Subject: [nycphp-talk] hmm, looking at PHP IDEs again...
In-Reply-To: <330532b60412231139246173bd@mail.gmail.com>
References: <330532b60412231139246173bd@mail.gmail.com>
Message-ID: <41CB24B8.7050003@clan-forsaken.com>

My personal perception is that it looks good, but doesn't work so well.

The FTP manager... seems broken (no online editing...only lets you 
download, and I occasionally couldn't do even that!). One other thing is 
that there are three different programs on their site... and they all 
look the same?

Mitch Pirtle wrote:

>...and stumbled across this one:
>
>    http://www.mpsoftware.dk/phpdesigner.php
>  
>




From codebowl at gmail.com  Thu Dec 23 17:18:07 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 23 Dec 2004 17:18:07 -0500
Subject: [nycphp-talk] hmm, looking at PHP IDEs again...
In-Reply-To: <41CB24B8.7050003@clan-forsaken.com>
References: <330532b60412231139246173bd@mail.gmail.com>
	<41CB24B8.7050003@clan-forsaken.com>
Message-ID: <8d9a42800412231418555ab8c8@mail.gmail.com>

i dont personally think i have found anything better than zend myself.

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From mitch.pirtle at gmail.com  Thu Dec 23 17:25:59 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Thu, 23 Dec 2004 17:25:59 -0500
Subject: [nycphp-talk] hmm, looking at PHP IDEs again...
In-Reply-To: <8d9a42800412231418555ab8c8@mail.gmail.com>
References: <330532b60412231139246173bd@mail.gmail.com>
	<41CB24B8.7050003@clan-forsaken.com>
	<8d9a42800412231418555ab8c8@mail.gmail.com>
Message-ID: <330532b604122314253fbfbac@mail.gmail.com>

On Thu, 23 Dec 2004 17:18:07 -0500, Joseph Crawford <codebowl at gmail.com> wrote:
> i dont personally think i have found anything better than zend myself.

That would put you on a dual opteron with 2GB of RAM, right?  ;-)  Or
have they made some reasonable gains in the snappiness category?

-- Mitch


From codebowl at gmail.com  Thu Dec 23 17:28:34 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 23 Dec 2004 17:28:34 -0500
Subject: [nycphp-talk] hmm, looking at PHP IDEs again...
In-Reply-To: <330532b604122314253fbfbac@mail.gmail.com>
References: <330532b60412231139246173bd@mail.gmail.com>
	<41CB24B8.7050003@clan-forsaken.com>
	<8d9a42800412231418555ab8c8@mail.gmail.com>
	<330532b604122314253fbfbac@mail.gmail.com>
Message-ID: <8d9a428004122314287cf728be@mail.gmail.com>

well here are the specs of my machine

P4 1.4ghz
128mb RDRam

i usually run X windows, Zend, Firefox, X-Chat, and some other apps. 
I think it's a tad heavy on the ram side, however it's a java app :D

Did i mention i couldnt get windows 2000 to run on this machine LOL

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From codebowl at gmail.com  Thu Dec 23 17:28:57 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 23 Dec 2004 17:28:57 -0500
Subject: [nycphp-talk] hmm, looking at PHP IDEs again...
In-Reply-To: <8d9a428004122314287cf728be@mail.gmail.com>
References: <330532b60412231139246173bd@mail.gmail.com>
	<41CB24B8.7050003@clan-forsaken.com>
	<8d9a42800412231418555ab8c8@mail.gmail.com>
	<330532b604122314253fbfbac@mail.gmail.com>
	<8d9a428004122314287cf728be@mail.gmail.com>
Message-ID: <8d9a428004122314282c5dde2a@mail.gmail.com>

I would have more ram if RDRam wasnt so damn expensive

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From jlacey at att.net  Thu Dec 23 17:29:39 2004
From: jlacey at att.net (John Lacey)
Date: Thu, 23 Dec 2004 15:29:39 -0700
Subject: [nycphp-talk] hmm, looking at PHP IDEs again...
In-Reply-To: <8d9a42800412231418555ab8c8@mail.gmail.com>
References: <330532b60412231139246173bd@mail.gmail.com>	<41CB24B8.7050003@clan-forsaken.com>
	<8d9a42800412231418555ab8c8@mail.gmail.com>
Message-ID: <41CB46D3.3030608@att.net>

Joseph Crawford wrote:
> i dont personally think i have found anything better than zend myself.
> 


I use Ultraedit, Vim and Zend Studio for various tasks, and of course vi 
over SSH since it's 'too convenient'.  Some of the features of Zend 
Studio, like the code analyzer, are especially effective in 
demonstrating to my students how an IDE can pay for itself over time. 
In addition, even if I thought that ZS wasn't the best all-around IDE 
out there, I'd buy it anyway to support Zend.  Think of all the things 
those folks have given us and we often don't take the time to say thank 
you.

John



From codebowl at gmail.com  Thu Dec 23 17:32:25 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Thu, 23 Dec 2004 17:32:25 -0500
Subject: [nycphp-talk] hmm, looking at PHP IDEs again...
In-Reply-To: <41CB46D3.3030608@att.net>
References: <330532b60412231139246173bd@mail.gmail.com>
	<41CB24B8.7050003@clan-forsaken.com>
	<8d9a42800412231418555ab8c8@mail.gmail.com> <41CB46D3.3030608@att.net>
Message-ID: <8d9a4280041223143233d7af20@mail.gmail.com>

i havent ventured off into the code analyzer yet, still a lot to learn
about the zend features but if you say it is that good i will have to
look into it

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From shiflett at php.net  Thu Dec 23 21:11:16 2004
From: shiflett at php.net (Chris Shiflett)
Date: Thu, 23 Dec 2004 18:11:16 -0800 (PST)
Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8.
In-Reply-To: <004c01c4e822$97c3a510$0b01a8c0@webdev>
Message-ID: <20041224021116.31487.qmail@web52809.mail.yahoo.com>

--- "Alan T. Miller" <amiller at criticalmedia.biz> wrote:
> It looks like I got slammed by some new PHP vulnerablity. It first
> appeard that what it did was to replace all your index pages with
> its own that proclaims "This site is defaced!!!" and then includes
> ... "NeverEverNoSanity WebWorm generation 8.".

[snip]

> Anyone have any information about this, how to fix, how to clean
> this up, how to prevent (other than the obvious upgrade your PHP
> the absolute minute an update comes out?).

I believe this is due to a security vulnerability in phpBB that is made
much worse by the vulnerability in PHP 4.3.9. PHP has an upgrade
available, so you can upgrade to that. I'm not sure if phpBB has a fix
yet, but this surely won't be the last hole anyway. :-)

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly     HTTP Developer's Handbook - Sams
Coming Soon                 http://httphandbook.org/


From shiflett at php.net  Thu Dec 23 21:13:12 2004
From: shiflett at php.net (Chris Shiflett)
Date: Thu, 23 Dec 2004 18:13:12 -0800 (PST)
Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8.
In-Reply-To: <20041222151442.GB7306@bnl.gov>
Message-ID: <20041224021312.93591.qmail@web52801.mail.yahoo.com>

--- Tim Sailer <sailer at bnl.gov> wrote:
> phpBB seems to have features that everyone likes.

Out of curiosity, does it have any features that FUDforum does not? I
realize that phpBB is very pretty, and FUDforum is a bit fugly, but
perhaps all it needs is a facelift.

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly     HTTP Developer's Handbook - Sams
Coming Soon                 http://httphandbook.org/


From dmintz at davidmintz.org  Fri Dec 24 02:00:53 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Fri, 24 Dec 2004 02:00:53 -0500 (EST)
Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3)
Message-ID: <Pine.BSF.4.58.0412240121030.90697@emra.pair.com>


I upgraded to MySQL 1.4.8. It's installed in /usr/local/mysql and I can
connect with it just fine via the command line.

The PHP docs say:

"To install the mysqli extension for PHP, use the
--with-mysqli=mysql_config_path/mysql_config  configuration option where
mysql_config_path represents the location of the mysql_config program that
comes with MySQL versions greater than 4.1.

"If you would like to install the mysql extension along with the mysqli
extension you have to use the same client library to avoid any conflicts."

Dumb question:  so what configure options should I use if I want to
compile in support for both the old mysql and the new mysqli APIs and
ensure that they are using the same client library?

What I've done is used '--with-mysql=/usr/local/mysql' as well as
'--with-mysqli=/usr/local/mysql/bin/mysql_config' and I guess that wasn't
too smart. mysqli is working but when I try mysql_xxx(), all kinds of
weirdness happens.


Ever so gratefully,


---
David Mintz
http://davidmintz.org/

"Don't let the liberal media tell you what to think
and feel. If you have hatred in your heart, let it out."

   -- Clayton Bigsby, black white supremacist


From yury at heavenspa.com  Fri Dec 24 09:03:36 2004
From: yury at heavenspa.com (Yury Rush)
Date: Fri, 24 Dec 2004 09:03:36 -0500
Subject: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation 8.
In-Reply-To: <20041224021116.31487.qmail@web52809.mail.yahoo.com>
Message-ID: <ECEKLPHECCLGFGAFEPEJMEFHDFAA.yury@heavenspa.com>

temp solution:http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513

ciao
yury

too bad google wont stop the search!

-----Original Message-----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org]On Behalf Of Chris Shiflett
Sent: Thursday, December 23, 2004 9:11 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] Help... NeverEverNoSanity WebWorm generation
8.


--- "Alan T. Miller" <amiller at criticalmedia.biz> wrote:
> It looks like I got slammed by some new PHP vulnerablity. It first
> appeard that what it did was to replace all your index pages with
> its own that proclaims "This site is defaced!!!" and then includes
> ... "NeverEverNoSanity WebWorm generation 8.".

[snip]

> Anyone have any information about this, how to fix, how to clean
> this up, how to prevent (other than the obvious upgrade your PHP
> the absolute minute an update comes out?).

I believe this is due to a security vulnerability in phpBB that is made
much worse by the vulnerability in PHP 4.3.9. PHP has an upgrade
available, so you can upgrade to that. I'm not sure if phpBB has a fix
yet, but this surely won't be the last hole anyway. :-)

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly     HTTP Developer's Handbook - Sams
Coming Soon                 http://httphandbook.org/
_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.newyorkphp.org



From hans at nyphp.com  Fri Dec 24 14:47:28 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Fri, 24 Dec 2004 11:47:28 -0800
Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3)
Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA3CB@ehost011-1.exch011.intermedia.net>


> I upgraded to MySQL 1.4.8. It's installed in /usr/local/mysql and I
can
> connect with it just fine via the command line.

MySQL 4.1.8, right? :)

> The PHP docs say:
> 
> "To install the mysqli extension for PHP, use the
> --with-mysqli=mysql_config_path/mysql_config  configuration option
where
> mysql_config_path represents the location of the mysql_config program
that
> comes with MySQL versions greater than 4.1.
> 
> "If you would like to install the mysql extension along with the
mysqli
> extension you have to use the same client library to avoid any
conflicts."
> 
> Dumb question:  so what configure options should I use if I want to
> compile in support for both the old mysql and the new mysqli APIs and
> ensure that they are using the same client library?
> 
> What I've done is used '--with-mysql=/usr/local/mysql' as well as
> '--with-mysqli=/usr/local/mysql/bin/mysql_config' and I guess that
wasn't
> too smart. mysqli is working but when I try mysql_xxx(), all kinds of
> weirdness happens.

>From an initial take, that should do it.

Depending exactly on the weirdness you're seeing, it could be related to
the new authentication protocol and passwords MySQL 4.1.x uses by
default.

Overview:
http://dev.mysql.com/doc/mysql/en/Upgrading-from-4.0.html

Possible this:
http://dev.mysql.com/doc/mysql/en/Upgrading-grant-tables.html

Most likely this:
http://dev.mysql.com/doc/mysql/en/Old_client.html


---
Hans Zaunere, Sales Engineer
MySQL, Inc.  www.mysql.com
Office: +1 212.213.1131

Are you MySQL certified?
www.mysql.com/certification

President, Founder
New York PHP
http://www.nyphp.org




From mark at nostromo.net  Sun Dec 26 00:12:42 2004
From: mark at nostromo.net (Mark Horton)
Date: Sun, 26 Dec 2004 00:12:42 -0500
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
Message-ID: <41CE484A.1030306@nostromo.net>

Is anyone using phpMyAdmin on AMD64 with PHP 5?  I'm getting segfaults 
when I try to use "mysqli".  If I switch to just "mysql" then it works 
fine.  However, I'm using mysql 4.1.8 and would like to use mysqli.

Just curious if I'm doing something wrong or if others are having the 
same issue.

Versions I'm using:

PHP 5.0.3
MYSQL 4.1.8
Apache 2.0.52
phpMyAdmin 2.6.0-pl3

Mark


From jlacey at att.net  Sun Dec 26 02:15:57 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 26 Dec 2004 00:15:57 -0700
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
In-Reply-To: <41CE484A.1030306@nostromo.net>
References: <41CE484A.1030306@nostromo.net>
Message-ID: <41CE652D.8000802@att.net>

Mark Horton wrote:
> Is anyone using phpMyAdmin on AMD64 with PHP 5?  I'm getting segfaults 
> when I try to use "mysqli".  If I switch to just "mysql" then it works 
> fine.  However, I'm using mysql 4.1.8 and would like to use mysqli.
> 
> Just curious if I'm doing something wrong or if others are having the 
> same issue.
> 
> Versions I'm using:
> 
> PHP 5.0.3
> MYSQL 4.1.8
> Apache 2.0.52
> phpMyAdmin 2.6.0-pl3
> 


have you taken a look at the config file for the mysqli change?
.
.
.


$cfg['Servers'][$i]['connect_type']  = 'tcp';       // How to connect to 
MySQL server ('tcp' or 'socket')
$cfg['Servers'][$i]['extension']     = 'mysql';     // The php MySQL 
extension to use ('mysql' or 'mysqli')
$cfg['Servers'][$i]['compress']      = FALSE;       // Use compressed 
protocol for the MySQL connection
.
.
.

John



From codebowl at gmail.com  Sun Dec 26 11:00:43 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Sun, 26 Dec 2004 11:00:43 -0500
Subject: [nycphp-talk] [ OT ] Very funny tech support skit
Message-ID: <8d9a428004122608005c0fd361@mail.gmail.com>

i stumbled accross this and thought many people here would get a kick
out of this

i would consider this to be NWS since there is some foul language
other than that you are good no nudity or anything.

http://www.nitra.ca/tech.swf
-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From jeff at geeksociety.com  Sun Dec 26 12:27:26 2004
From: jeff at geeksociety.com (Jeffrey Stevison)
Date: Sun, 26 Dec 2004 11:27:26 -0600
Subject: [nycphp-talk] cURL login to Squirrelmail
Message-ID: <691D8258-5763-11D9-AD23-000A95BE04BE@geeksociety.com>

I'm using the following to automatically login users to their web based  
email from our intranet.  I get a message from the browser "Can't open  
page blah because it could not load any data from this location"

I'm not sure if the problem is with my cURL code or squirrelmail.  Here  
is the code:

     session_start();

	$ch = curl_init();
	
	curl_setopt($ch, CURLOPT_URL,"http://mysite/webmail/src/redirect.php");
	curl_setopt($ch, CURLOPT_POST, 1);
	curl_setopt($ch, CURLOPT_POSTFIELDS,  
"login_username=".$_SESSION['Username']."&secretkey=".$_SESSION['Passwor 
d']."&js_autodetect_results=0&just_logged_in=1");
	curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
	
	curl_exec ($ch);
	curl_close ($ch);


Jeff



From dmintz at davidmintz.org  Sun Dec 26 13:03:46 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Sun, 26 Dec 2004 13:03:46 -0500 (EST)
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
In-Reply-To: <41CE652D.8000802@att.net>
References: <41CE484A.1030306@nostromo.net> <41CE652D.8000802@att.net>
Message-ID: <Pine.BSF.4.58.0412261300230.99894@emra.pair.com>


I got bit by the what I believe may be the same thing, i.e., in one place
the phpMyAdmin docs tell you that you can safely keep your old config file
when you uppgrade and copy it over the new one. But if you do that to
upgrade from a pre-mysqli version to one with mysqli support and you're
using mysqli, surprise! It doesn't work.

On Sun, 26 Dec 2004, John Lacey wrote:

> Mark Horton wrote:
> > Is anyone using phpMyAdmin on AMD64 with PHP 5?  I'm getting segfaults
> > when I try to use "mysqli".  If I switch to just "mysql" then it works
> > fine.  However, I'm using mysql 4.1.8 and would like to use mysqli.
> >
><snip />
> have you taken a look at the config file for the mysqli change?
> .
> .
<snip />
---
David Mintz
http://davidmintz.org/

"Don't let the liberal media tell you what to think
and feel. If you have hatred in your heart, let it out."

   -- Clayton Bigsby, black white supremacist


From dmintz at davidmintz.org  Sun Dec 26 13:32:56 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Sun, 26 Dec 2004 13:32:56 -0500 (EST)
Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3)
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA3CB@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F87071EA3CB@ehost011-1.exch011.intermedia.net>
Message-ID: <Pine.BSF.4.58.0412261303540.99894@emra.pair.com>

On Fri, 24 Dec 2004, Hans Zaunere wrote:

>
> > I upgraded to MySQL 1.4.8. It's installed in /usr/local/mysql and I
> can
> > connect with it just fine via the command line.
>
> MySQL 4.1.8, right? :)

Numbers number numbers, to paraphrase Hamlet. (-:

> <snip />
> Depending exactly on the weirdness you're seeing, it could be related to
> the new authentication protocol and passwords MySQL 4.1.x uses by
> default.
>

I was seeing stuff so weird and mysterious that I didn't know where to
begin, hence the vagueness. I would try to use "classic" mysql and a let's
say page1.php would fail; so I'd try page2.php in a browser and kept
getting page1.php back at me. I would look at Apache error log and see
segmentation fault. I would get things quietly failing and not be able to
find a verbose error message anywhere.

I got tired and cowardly tried a different tack:  compile php 4.3.10 with
just mysql support; compile php 5.0.3 with just mysqli support. Played
with some PEAR DB test scripts that checked the version at runtime and
loaded either mysql or mysqli depending. Worked fine in both 4 and 5. But
I could only get phpMyAdmin to work with mysqli. (PS I also hacked
PhpMyAdmin config to check the PHP version and load the appropriate
extension.)

Now I am finding a most peculiar behavior with my 4.3.10 which is breaking
phpMyAdmin et al and has nothing to do with MySQL. On a different
(FreeBSD) host the behavior is what you expect, but on my (RH9) machine, I
when I run this...

<?php
$array = array('one' ,'two','three' );
foreach ($array as $i) {
	echo "$i<br />\n" ;
}
?>
... I get:

Array
Array
Array

.. instead of:

one
two
three

How strange is that?

---
David Mintz
http://davidmintz.org/

"Don't let the liberal media tell you what to think
and feel. If you have hatred in your heart, let it out."

   -- Clayton Bigsby, black white supremacist


From mark at nostromo.net  Sun Dec 26 13:38:38 2004
From: mark at nostromo.net (Mark Horton)
Date: Sun, 26 Dec 2004 13:38:38 -0500
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
In-Reply-To: <41CE652D.8000802@att.net>
References: <41CE484A.1030306@nostromo.net> <41CE652D.8000802@att.net>
Message-ID: <41CF052E.7030506@nostromo.net>

John Lacey wrote:
> Mark Horton wrote:
> 
>> Is anyone using phpMyAdmin on AMD64 with PHP 5?  I'm getting segfaults 
>> when I try to use "mysqli".  If I switch to just "mysql" then it works 
>> fine.  However, I'm using mysql 4.1.8 and would like to use mysqli.
>>
>> Just curious if I'm doing something wrong or if others are having the 
>> same issue.
>>
>> Versions I'm using:
>>
>> PHP 5.0.3
>> MYSQL 4.1.8
>> Apache 2.0.52
>> phpMyAdmin 2.6.0-pl3
>>
> 
> 
> have you taken a look at the config file for the mysqli change?
> .
> .
> .
> 
> 
> $cfg['Servers'][$i]['connect_type']  = 'tcp';       // How to connect to 
> MySQL server ('tcp' or 'socket')
> $cfg['Servers'][$i]['extension']     = 'mysql';     // The php MySQL 
> extension to use ('mysql' or 'mysqli')
> $cfg['Servers'][$i]['compress']      = FALSE;       // Use compressed 
> protocol for the MySQL connection

Yep.  This is how I found out it segfaults.  If I change it to mysqli it 
doesn't work.  I'm going to see if I can duplicate the problem on a x86 
system.  This was I can tell if its actually 64bit related or not.

Mark


From jlacey at att.net  Sun Dec 26 14:12:02 2004
From: jlacey at att.net (John Lacey)
Date: Sun, 26 Dec 2004 12:12:02 -0700
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
In-Reply-To: <41CF052E.7030506@nostromo.net>
References: <41CE484A.1030306@nostromo.net> <41CE652D.8000802@att.net>
	<41CF052E.7030506@nostromo.net>
Message-ID: <41CF0D02.7020802@att.net>

Mark Horton wrote:
> John Lacey wrote:
>>
>> have you taken a look at the config file for the mysqli change?

> 
> Yep.  This is how I found out it segfaults.  If I change it to mysqli it 
> doesn't work.  I'm going to see if I can duplicate the problem on a x86 
> system.  This was I can tell if its actually 64bit related or not.

ok, we had some traffic on here recently where that parameter seemed to 
be the problem, but it was not on a 64 bit system IIRC -- so I thought 
it worth mentioning

I believe Hans Z has some experience with the 64 bit platform, so you 
might want to see if he'll weigh in on this

John



From mark at nostromo.net  Sun Dec 26 20:46:49 2004
From: mark at nostromo.net (Mark Horton)
Date: Sun, 26 Dec 2004 20:46:49 -0500
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
In-Reply-To: <41CF052E.7030506@nostromo.net>
References: <41CE484A.1030306@nostromo.net> <41CE652D.8000802@att.net>
	<41CF052E.7030506@nostromo.net>
Message-ID: <41CF6989.6090108@nostromo.net>

Mark Horton wrote:
> 
> Yep.  This is how I found out it segfaults.  If I change it to mysqli it 
> doesn't work.  I'm going to see if I can duplicate the problem on a x86 
> system.  This was I can tell if its actually 64bit related or not.

FYI: I was not able to reproduce the problem in 32 bit mode.  So it 
looks like this is probably a 64 bit issue.

Mark


From hans at nyphp.com  Sun Dec 26 21:21:17 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Sun, 26 Dec 2004 18:21:17 -0800
Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3)
Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA489@ehost011-1.exch011.intermedia.net>


> > > I upgraded to MySQL 1.4.8. It's installed in /usr/local/mysql and
I
> > can
> > > connect with it just fine via the command line.
> >
> > MySQL 4.1.8, right? :)
> 
> Numbers number numbers, to paraphrase Hamlet. (-:
> 
> > <snip />
> > Depending exactly on the weirdness you're seeing, it could be
related to
> > the new authentication protocol and passwords MySQL 4.1.x uses by
> > default.
> >
> 
> I was seeing stuff so weird and mysterious that I didn't know where to
> begin, hence the vagueness. I would try to use "classic" mysql and a
let's
> say page1.php would fail; so I'd try page2.php in a browser and kept
> getting page1.php back at me. I would look at Apache error log and see
> segmentation fault. I would get things quietly failing and not be able
to
> find a verbose error message anywhere.
> 
> I got tired and cowardly tried a different tack:  compile php 4.3.10
with
> just mysql support; compile php 5.0.3 with just mysqli support. Played
> with some PEAR DB test scripts that checked the version at runtime and
> loaded either mysql or mysqli depending. Worked fine in both 4 and 5.
But
> I could only get phpMyAdmin to work with mysqli. (PS I also hacked
> PhpMyAdmin config to check the PHP version and load the appropriate
> extension.)

There might be problems with dynamically loading an extension, since I'm
not sure how stable/recommended that actually is.  Perhaps a recompile
with the extensions as static would help?

> Now I am finding a most peculiar behavior with my 4.3.10 which is
breaking
> phpMyAdmin et al and has nothing to do with MySQL. On a different
> (FreeBSD) host the behavior is what you expect, but on my (RH9)
machine, I
> when I run this...
> 
> <?php
> $array = array('one' ,'two','three' );
> foreach ($array as $i) {
> 	echo "$i<br />\n" ;
> }
> ?>
> ... I get:
> 
> Array
> Array
> Array
> 
> .. instead of:
> 
> one
> two
> three
> 
> How strange is that?

That is some strangeness - seems like the code is totally messed up.
Perhaps it's related to dynamically loading shared objects, but other
than that, I've never seen these problems (and have mysql/mysqli on many
different hardware, OS, and PHP versions).

H



From hans at nyphp.com  Sun Dec 26 21:26:13 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Sun, 26 Dec 2004 18:26:13 -0800
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA48B@ehost011-1.exch011.intermedia.net>


> Is anyone using phpMyAdmin on AMD64 with PHP 5?  I'm getting segfaults

Yeah - using mysql and mysqli extensions on Fedora/SuSE on various AMD
64 boxes.

> when I try to use "mysqli".  If I switch to just "mysql" then it works
> fine.  However, I'm using mysql 4.1.8 and would like to use mysqli.

I'm betting the problem is a cross of 32bit and 64bit versions of
things.  Are you sure you have the AMD64 binaries from mysql.com?  And,
you need to download the client libs... and ensure you have the
AMD64/x86_64 versions.  Mixing 32 and 64 will cause problems.

And this also goes for other libs.  If you link 64bit libs into PHP, and
mix 32bit libs in too, you'll likely have problems, which may also be
hard to avoid.  Meaning, unless you're using PHP 5.1 (from CVS) you
can't really point it to use the 64bit libraries.  Thus, if you have
some 32bit libs, and some 64bit MySQL libs, you'll have problems.

Hope this helps a little (and makes sense), but let me know if not.  I'm
going to be writing up some stuff on AMP and AMD64 but the basic rule is
all 32bit or all 64bit libs - don't mix.


---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org




From danielc at analysisandsolutions.com  Sun Dec 26 21:34:56 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Sun, 26 Dec 2004 21:34:56 -0500
Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3)
In-Reply-To: <Pine.BSF.4.58.0412261303540.99894@emra.pair.com>
References: <41EE526EC2D3C74286415780D3BA9F87071EA3CB@ehost011-1.exch011.intermedia.net>
	<Pine.BSF.4.58.0412261303540.99894@emra.pair.com>
Message-ID: <20041227023456.GA17609@panix.com>

On Sun, Dec 26, 2004 at 01:32:56PM -0500, David Mintz wrote:
> <?php
> $array = array('one' ,'two','three' );
> foreach ($array as $i) {
> 	echo "$i<br />\n" ;
> }
> ?>
> ... I get:
> 
> Array
> Array
> Array

Got Zend Optimizer running?  Upgrade it.  PHP changed some internal things 
in 4.3.10 that makes ZO wack out.

Some significant mistakes were made in the 4.3.10 and 5.0.3 releases.  
Quite sad.  For example, in 5.0.3, the following code evaluates as true, 
even though up until this release, it had evaluated to false.

   $str = 'x';
   var_dump(isset($str->prop));

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From dmintz at davidmintz.org  Sun Dec 26 21:53:31 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Sun, 26 Dec 2004 21:53:31 -0500 (EST)
Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3)
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA489@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F87071EA489@ehost011-1.exch011.intermedia.net>
Message-ID: <Pine.BSF.4.58.0412262137340.79324@emra.pair.com>

On Sun, 26 Dec 2004, Hans Zaunere wrote:

> [...]
> There might be problems with dynamically loading an extension, since I'm
> not sure how stable/recommended that actually is.  Perhaps a recompile
> with the extensions as static would help?

OK, you're teaching little Special Ed now. I didn't think I was
dynamically loading anything. If you compile --with-this and --with-that
(which is what I'm doing with mysql and mysqli), then when your scripts
use this and that extension, it's what, static or dynamically loaded?
Static, I thought.

|-:

On Sun, 26 Dec 2004, Daniel Convissor wrote:

>
> Got Zend Optimizer running?  Upgrade it.  PHP changed some internal
> things in 4.3.10 that makes ZO wack out.
>
> Some significant mistakes were made in the 4.3.10 and 5.0.3 releases.
> Quite sad.

OK I will give that a try, thanks Dan. I see they say are saying
(http://www.zend.com/store/products/zend-optimizer.php):

"Due to incompatibility of the previous version of Zend Optimizer with
PHP 4.3.10, it is strongly recommended that owners of Zend Performance
Suite, Zend Accelerator, Zend Studio Server, and Zend WinEnabler, upgrade
to Zend Optimizer 2.5.7.

It is also recommended you upgrade to PHP 4.3.10 or PHP 5.0.3."

Re that last bit, I'm kind of like, huh? Upgrading is what brought me all
this grief in the first place, whereas the status quo ante was cool. Oh
yeah that's right, the security thing is why I upgraded....

I look forward to 4.3.11 and 5.0.4 -- I think (-:

---
David Mintz
http://davidmintz.org/

"Don't let the liberal media tell you what to think
and feel. If you have hatred in your heart, let it out."

   -- Clayton Bigsby, black white supremacist


From dmintz at davidmintz.org  Sun Dec 26 22:06:23 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Sun, 26 Dec 2004 22:06:23 -0500 (EST)
Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3)
In-Reply-To: <Pine.BSF.4.58.0412262137340.79324@emra.pair.com>
References: <41EE526EC2D3C74286415780D3BA9F87071EA489@ehost011-1.exch011.intermedia.net>
	<Pine.BSF.4.58.0412262137340.79324@emra.pair.com>
Message-ID: <Pine.BSF.4.58.0412262204360.38463@emra.pair.com>

On Sun, 26 Dec 2004, I wrote:

> On Sun, 26 Dec 2004, Daniel Convissor wrote:
>
> >
> > Got Zend Optimizer running?  Upgrade it.  PHP changed some internal
> > things in 4.3.10 that makes ZO wack out.
> >
>
> OK I will give that a try, thanks Dan.

[five minutes later] Bingo!

<fawn>Damn you guys are good.</fawn>

---
David Mintz
http://davidmintz.org/


From mark at nostromo.net  Sun Dec 26 23:46:16 2004
From: mark at nostromo.net (Mark Horton)
Date: Sun, 26 Dec 2004 23:46:16 -0500
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA48B@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F87071EA48B@ehost011-1.exch011.intermedia.net>
Message-ID: <41CF9398.60107@nostromo.net>

Hans Zaunere wrote:
>>Is anyone using phpMyAdmin on AMD64 with PHP 5?  I'm getting segfaults
> 
> 
> Yeah - using mysql and mysqli extensions on Fedora/SuSE on various AMD
> 64 boxes.

What versions of PHP, Mysql, and Apache are you running?  Perhaps I'll
try it with a known good combination first.


>>when I try to use "mysqli".  If I switch to just "mysql" then it works
>>fine.  However, I'm using mysql 4.1.8 and would like to use mysqli.
> 
> 
> I'm betting the problem is a cross of 32bit and 64bit versions of
> things.  Are you sure you have the AMD64 binaries from mysql.com?  And,
> you need to download the client libs... and ensure you have the
> AMD64/x86_64 versions.  Mixing 32 and 64 will cause problems.

> And this also goes for other libs.  If you link 64bit libs into PHP, and
> mix 32bit libs in too, you'll likely have problems, which may also be
> hard to avoid.  Meaning, unless you're using PHP 5.1 (from CVS) you
> can't really point it to use the 64bit libraries.  Thus, if you have
> some 32bit libs, and some 64bit MySQL libs, you'll have problems.

Would ldd tell me this?  When I do "ldd libphp5.so" it reports only 64 
bit libs.  I'm completely stumped.  I'm running off a clean install of 
suse 9.2 (although I had the same problem on suse 9.1).  The only verion 
of mysql I have is 64bit.

Mark


From ajai at bitblit.net  Mon Dec 27 12:36:47 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Mon, 27 Dec 2004 12:36:47 -0500
Subject: [nycphp-talk] On the subject of MySQL 4.1.8...
Message-ID: <41D0482F.3070107@bitblit.net>


I recently upgraded MySQL to 4.1.8 and had some PHP applications break 
because of changes in date handling, so I ended up rolling back to the 
older version. My question is, is it possible to enable backwards 
compatibility for 4.1.8 especially wrt date handling???

-- 
Aj.
Systems Administrator / Developer



From danielc at analysisandsolutions.com  Mon Dec 27 12:43:24 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Mon, 27 Dec 2004 12:43:24 -0500
Subject: [nycphp-talk] On the subject of MySQL 4.1.8...
In-Reply-To: <41D0482F.3070107@bitblit.net>
References: <41D0482F.3070107@bitblit.net>
Message-ID: <20041227174324.GA10142@panix.com>

On Mon, Dec 27, 2004 at 12:36:47PM -0500, Ajai Khattri wrote:
> 
> I recently upgraded MySQL to 4.1.8

From?

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From j.aponte at gmail.com  Mon Dec 27 12:51:03 2004
From: j.aponte at gmail.com (Juancarlos Aponte)
Date: Mon, 27 Dec 2004 12:51:03 -0500
Subject: [nycphp-talk] On the subject of MySQL 4.1.8...
In-Reply-To: <41D0482F.3070107@bitblit.net>
References: <41D0482F.3070107@bitblit.net>
Message-ID: <a986d7404122709515afb203@mail.gmail.com>

Wouldn't that have something to do with the mysqli functions being
used intsead of the mysql functions for 4.1.x?  I had that problem
while I was attempting to get MySQL to work.  Not sure if you have the
same issue as I am not very experienced but just a thought.


On Mon, 27 Dec 2004 12:36:47 -0500, Ajai Khattri <ajai at bitblit.net> wrote:
> 
> I recently upgraded MySQL to 4.1.8 and had some PHP applications break
> because of changes in date handling, so I ended up rolling back to the
> older version. My question is, is it possible to enable backwards
> compatibility for 4.1.8 especially wrt date handling???
> 
> --
> Aj.
> Systems Administrator / Developer
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


-- 
.: Juancarlos :.

"Any fool can know. The point is to understand."
-Albert Einstein


From ajai at bitblit.net  Mon Dec 27 13:11:23 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Mon, 27 Dec 2004 13:11:23 -0500
Subject: [nycphp-talk] On the subject of MySQL 4.1.8...
In-Reply-To: <20041227174324.GA10142@panix.com>
References: <41D0482F.3070107@bitblit.net> <20041227174324.GA10142@panix.com>
Message-ID: <41D0504B.7030907@bitblit.net>

Daniel Convissor wrote:

>From?
>

4.0.23 (yes, its been awhile...).


-- 
Aj.
Systems Administrator / Developer



From matthew_van_horn at yahoo.com  Mon Dec 27 13:40:10 2004
From: matthew_van_horn at yahoo.com (Matthew Van Horn)
Date: Mon, 27 Dec 2004 13:40:10 -0500
Subject: [nycphp-talk] On the subject of MySQL 4.1.8...
In-Reply-To: <41D0482F.3070107@bitblit.net>
References: <41D0482F.3070107@bitblit.net>
Message-ID: <1104172810.3627.3.camel@naginata.mattvanhorn.com>

 On Mon, 2004-12-27 at 12:36, Ajai Khattri wrote:
> I recently upgraded MySQL to 4.1.8 and had some PHP applications break 
> because of changes in date handling, so I ended up rolling back to the 
> older version. My question is, is it possible to enable backwards 
> compatibility for 4.1.8 especially wrt date handling???

I had similar problems with java/hibernate and fixed it by using the
following  argument in the connection string.
&zeroDateTimeBehavior=convertToNull


-- 
Matthew Van Horn <matthew_van_horn at yahoo.com>



From hans at nyphp.com  Mon Dec 27 14:47:20 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Mon, 27 Dec 2004 11:47:20 -0800
Subject: [nycphp-talk] On the subject of MySQL 4.1.8...
Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA6DA@ehost011-1.exch011.intermedia.net>


> I recently upgraded MySQL to 4.1.8 and had some PHP applications break
> because of changes in date handling, so I ended up rolling back to the
> older version. My question is, is it possible to enable backwards
> compatibility for 4.1.8 especially wrt date handling???

>From http://dev.mysql.com/doc/mysql/en/Upgrading-from-4.0.html

For functions that produce a DATE, DATETIME, or TIME value, the result
returned to the client now is fixed up to have a temporal type. For
example, in MySQL 4.1, you get this result:

mysql> SELECT CAST('2001-1-1' AS DATETIME);
       -> '2001-01-01 00:00:00'

In MySQL 4.0, the result is different:

mysql> SELECT CAST('2001-1-1' AS DATETIME);
       -> '2001-01-01'

AND:

Incompatible change: TIMESTAMP is now returned as a string in
'YYYY-MM-DD HH:MM:SS' format (from 4.0.12 the --new option can be used
to make a 4.0 server behave as 4.1 in this respect). See section
11.3.1.2 TIMESTAMP Properties as of MySQL 4.1. If you want to have the
value returned as a number (as MySQL 4.0 does) you should add +0 to
TIMESTAMP columns when you retrieve them:

mysql> SELECT ts_col + 0 FROM tbl_name;

Display widths for TIMESTAMP columns are no longer supported. For
example, if you declare a column as TIMESTAMP(10), the (10) is ignored.
These changes were necessary for SQL standards compliance. In a future
version, a further change will be made (backward compatible with this
change), allowing the timestamp length to indicate the desired number of
digits for fractions of a second.


So yeah, date stuff has changed a bit.  Unfortunately there isn't a way
to get 4.1 to behave as 4.0 in these respects.  However, you can get 4.0
to act as 4.1 to ease upgrading.  Check out the --new option as
described in the above link, and here:

http://dev.mysql.com/doc/mysql/en/Server_options.html


---
Hans Zaunere, Sales Engineer
MySQL, Inc.  www.mysql.com
Office: +1 212.213.1131

Are you MySQL certified?
www.mysql.com/certification

President, Founder
New York PHP
http://www.nyphp.org





From hans at nyphp.com  Mon Dec 27 14:55:41 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Mon, 27 Dec 2004 11:55:41 -0800
Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3)
Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA6E8@ehost011-1.exch011.intermedia.net>


> > There might be problems with dynamically loading an extension, since
I'm
> > not sure how stable/recommended that actually is.  Perhaps a
recompile
> > with the extensions as static would help?
> 
> OK, you're teaching little Special Ed now. I didn't think I was
> dynamically loading anything. If you compile --with-this and
--with-that
> (which is what I'm doing with mysql and mysqli), then when your
scripts
> use this and that extension, it's what, static or dynamically loaded?
> Static, I thought.

Yeah, that'll be static then.  What confused me is that you said you had
set some applications to detect and load either extension, which I took
to mean using dl() (http://php.net/dl) which can be troublesome.  As Dan
pointed out, there were some problems in recent releases, and the ZO
would be the only thing to make the language itself act to strangely.

---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org





From hans at nyphp.com  Mon Dec 27 14:58:06 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Mon, 27 Dec 2004 11:58:06 -0800
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA6ED@ehost011-1.exch011.intermedia.net>


> >>Is anyone using phpMyAdmin on AMD64 with PHP 5?  I'm getting
segfaults
> >
> >
> > Yeah - using mysql and mysqli extensions on Fedora/SuSE on various
AMD
> > 64 boxes.
> 
> What versions of PHP, Mysql, and Apache are you running?  Perhaps I'll
> try it with a known good combination first.

Various Apaches (doesn't really matter) and MySQL 4.1.6-4.1.7.  The key
is PHP; really, only the PHP version in CVS (checkout HEAD) will work
correctly in detecting the right 64bit libs.

> >>when I try to use "mysqli".  If I switch to just "mysql" then it
works
> >>fine.  However, I'm using mysql 4.1.8 and would like to use mysqli.
> >
> >
> > I'm betting the problem is a cross of 32bit and 64bit versions of
> > things.  Are you sure you have the AMD64 binaries from mysql.com?
And,
> > you need to download the client libs... and ensure you have the
> > AMD64/x86_64 versions.  Mixing 32 and 64 will cause problems.
> 
> > And this also goes for other libs.  If you link 64bit libs into PHP,
and
> > mix 32bit libs in too, you'll likely have problems, which may also
be
> > hard to avoid.  Meaning, unless you're using PHP 5.1 (from CVS) you
> > can't really point it to use the 64bit libraries.  Thus, if you have
> > some 32bit libs, and some 64bit MySQL libs, you'll have problems.
> 
> Would ldd tell me this?  When I do "ldd libphp5.so" it reports only 64
> bit libs.  I'm completely stumped.  I'm running off a clean install of
> suse 9.2 (although I had the same problem on suse 9.1).  The only
verion
> of mysql I have is 64bit.

Yeah, ldd should give you some clues.  However, unless you're using PHP
from CVS (5.1) it might not be linking against what you expect,
especially when used with a lot of extensions.  What does your
./configure look like?  Perhaps you could strip to a bare minimum
./configure, then add extensions until things start to segfault again.


---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org



From jlacey at att.net  Mon Dec 27 15:40:37 2004
From: jlacey at att.net (John Lacey)
Date: Mon, 27 Dec 2004 13:40:37 -0700
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA6ED@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F87071EA6ED@ehost011-1.exch011.intermedia.net>
Message-ID: <41D07345.20305@att.net>

Hans Zaunere wrote:

>>What versions of PHP, Mysql, and Apache are you running?  Perhaps I'll
>>try it with a known good combination first.
> 
> 
> Various Apaches (doesn't really matter) and MySQL 4.1.6-4.1.7.  The key
> is PHP; really, only the PHP version in CVS (checkout HEAD) will work
> correctly in detecting the right 64bit libs.
> 

Hans,

I happened to see a mysql 4.1.8a on MySQL's site this morning, but 
couldn't find anything on it.

?
John



From hans at nyphp.com  Mon Dec 27 16:18:11 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Mon, 27 Dec 2004 13:18:11 -0800
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
Message-ID: <41EE526EC2D3C74286415780D3BA9F87071EA777@ehost011-1.exch011.intermedia.net>



> Hans,
> 
> I happened to see a mysql 4.1.8a on MySQL's site this morning, but
> couldn't find anything on it.

Was it the source tarball?  A letter is just a reroll of the tarball,
for instance, if a typo is found in the README type of files included in
the source distribution.

H




From jlacey at att.net  Mon Dec 27 16:31:57 2004
From: jlacey at att.net (John Lacey)
Date: Mon, 27 Dec 2004 14:31:57 -0700
Subject: [nycphp-talk] AMD64 phpMyAdmin with PHP 5
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA777@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F87071EA777@ehost011-1.exch011.intermedia.net>
Message-ID: <41D07F4D.60105@att.net>

Hans Zaunere wrote:
> 
>>Hans,
>>
>>I happened to see a mysql 4.1.8a on MySQL's site this morning, but
>>couldn't find anything on it.
> 
> 
> Was it the source tarball?  A letter is just a reroll of the tarball,
> for instance, if a typo is found in the README type of files included in
> the source distribution.
> 

yup, that's what it was... I went back to the download page and scrolled 
to the bottom and found the source tarball listed with the letter "a". 
Since the binaries don't carry the letter designation, then for the 
folks who use the MySQL AB supplied binaries (which I'm sure are most of 
us), it's a no-op.  Strange--when I searched for 4.1.8a nothing turned up.

thx
John



From dmintz at davidmintz.org  Tue Dec 28 09:35:57 2004
From: dmintz at davidmintz.org (David Mintz)
Date: Tue, 28 Dec 2004 09:35:57 -0500 (EST)
Subject: [nycphp-talk] mysql and mysqli together (with PHP 5.0.3)
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F87071EA6E8@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F87071EA6E8@ehost011-1.exch011.intermedia.net>
Message-ID: <Pine.BSF.4.58.0412280928250.69709@emra.pair.com>

On Mon, 27 Dec 2004, Hans Zaunere wrote:

> > [...]If you compile --with-this and
> > --with-that (which is what I'm doing with mysql and mysqli), then when
> > your scripts use this and that extension, it's what, static or dynamically
> > loaded? Static, I thought.
>
> Yeah, that'll be static then.  What confused me is that you said you had
> set some applications to detect and load either extension, which I took
> to mean using dl() (http://php.net/dl) which can be troublesome.

Ah yes, my bad. I was (mis)speaking of loading PEAR DB/mysql.php versus
DB/mysqli.php by specifying 'mysql' or 'mysqli' in the DSN being passed to
DB::connect()

> As Dan
> pointed out, there were some problems in recent releases, and the ZO
> would be the only thing to make the language itself act to strangely.
>

It was some pretty bizarre behavior indeed, and thank you again.

---
David Mintz
http://davidmintz.org/

"Don't let the liberal media tell you what to think
and feel. If you have hatred in your heart, let it out."

   -- Clayton Bigsby, black white supremacist


From Cbielanski at inta.org  Tue Dec 28 09:55:04 2004
From: Cbielanski at inta.org (Chris Bielanski)
Date: Tue, 28 Dec 2004 09:55:04 -0500
Subject: [nycphp-talk] PHP-CLI Timeout
Message-ID: <4DBE3775D77C744E9D1B9D06082E75D60AAAE9@intamail1.com>

Happy holidaze all,

I'm trying to parse a number of large webserver logs into a DB and I would
prefer to use PHP as its our shop's lingua franca. How do I keep PHP from
timing out the script after 30 seconds (or whatever I use in set_timeout())?
Is there a method for running a script on the command line that doesn't
terminate like this?


Thanks,
Chris Bielanski
Web Programmer, 
International Trademark Association,
1133 Avenue of the Americas, 33rd Floor
New York, NY 10036
+1 (212) 642-1745, f: +1 (212) 768-7796
mailto:cbielanski at inta.org, www.inta.org  
INTA -- 125 Years of Excellence




From scott at crisscott.com  Tue Dec 28 09:59:32 2004
From: scott at crisscott.com (Scott Mattocks)
Date: Tue, 28 Dec 2004 09:59:32 -0500
Subject: [nycphp-talk] PHP-CLI Timeout
In-Reply-To: <4DBE3775D77C744E9D1B9D06082E75D60AAAE9@intamail1.com>
References: <4DBE3775D77C744E9D1B9D06082E75D60AAAE9@intamail1.com>
Message-ID: <41D174D4.2070404@crisscott.com>

Chris Bielanski wrote:
> I'm trying to parse a number of large webserver logs into a DB and I would
> prefer to use PHP as its our shop's lingua franca. How do I keep PHP from
> timing out the script after 30 seconds (or whatever I use in set_timeout())?
> Is there a method for running a script on the command line that doesn't
> terminate like this?

set_time_limit(-1);
// http://us2.php.net/manual/en/function.set-time-limit.php
// http://us2.php.net/manual/en/ref.info.php#ini.max-execution-time

This will let the script run indefinately depending on your system 
settings (max_execution_time).

--
Scott Mattocks


From hans at nyphp.com  Tue Dec 28 10:09:12 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Tue, 28 Dec 2004 07:09:12 -0800
Subject: [nycphp-talk] PHP-CLI Timeout
Message-ID: <41EE526EC2D3C74286415780D3BA9F8707348172@ehost011-1.exch011.intermedia.net>


> > I'm trying to parse a number of large webserver logs into a DB and I
would
> > prefer to use PHP as its our shop's lingua franca. How do I keep PHP
from
> > timing out the script after 30 seconds (or whatever I use in
set_timeout())?
> > Is there a method for running a script on the command line that
doesn't
> > terminate like this?
> 
> set_time_limit(-1);
> // http://us2.php.net/manual/en/function.set-time-limit.php
> // http://us2.php.net/manual/en/ref.info.php#ini.max-execution-time
> 
> This will let the script run indefinately depending on your system
> settings (max_execution_time).

Also, if this is a 4.3.x version of PHP, and it's truly compiled as a
CLI (not a CGI) an execution time limit doesn't exist.


---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org




From Cbielanski at inta.org  Tue Dec 28 10:18:25 2004
From: Cbielanski at inta.org (Chris Bielanski)
Date: Tue, 28 Dec 2004 10:18:25 -0500
Subject: [nycphp-talk] PHP-CLI Timeout
Message-ID: <4DBE3775D77C744E9D1B9D06082E75D60AAAEA@intamail1.com>

I'm afraid the set_time_limit(-1); threw an error. I decided to use a bad
idea to get me through the crunch and I'm calling set_time_limit(60) in my
processing loops.

per the Fine Manual:
"When called, set_time_limit() restarts the timeout counter from zero. In
other words, if the timeout is the default 30 seconds, and 25 seconds into
script execution a call such as set_time_limit(20) is made, the script will
run for a total of 45 seconds before timing out."

...mmmm. Just the kind of ingredients one needs for a dirty hack...

PHP -v tells me I have v. 4.3.4 (cgi-fcgi)


Thanks,
Chris Bielanski
Web Programmer, 
International Trademark Association,
1133 Avenue of the Americas, 33rd Floor
New York, NY 10036
+1 (212) 642-1745, f: +1 (212) 768-7796
mailto:cbielanski at inta.org, www.inta.org  
INTA -- 125 Years of Excellence



> -----Original Message-----
> From: Hans Zaunere [mailto:hans at nyphp.com]
> Sent: Tuesday, December 28, 2004 10:09 AM
> To: NYPHP Talk
> Subject: RE: [nycphp-talk] PHP-CLI Timeout
> 
> 
> 
> > > I'm trying to parse a number of large webserver logs into 
> a DB and I
> would
> > > prefer to use PHP as its our shop's lingua franca. How do 
> I keep PHP
> from
> > > timing out the script after 30 seconds (or whatever I use in
> set_timeout())?
> > > Is there a method for running a script on the command line that
> doesn't
> > > terminate like this?
> > 
> > set_time_limit(-1);
> > // http://us2.php.net/manual/en/function.set-time-limit.php
> > // http://us2.php.net/manual/en/ref.info.php#ini.max-execution-time
> > 
> > This will let the script run indefinately depending on your system
> > settings (max_execution_time).
> 
> Also, if this is a 4.3.x version of PHP, and it's truly compiled as a
> CLI (not a CGI) an execution time limit doesn't exist.
> 
> 
> ---
> Hans Zaunere
> President, Founder
> New York PHP
> http://www.nyphp.org
> 
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.newyorkphp.org
> 


From scott at crisscott.com  Tue Dec 28 10:17:58 2004
From: scott at crisscott.com (Scott Mattocks)
Date: Tue, 28 Dec 2004 10:17:58 -0500
Subject: [nycphp-talk] PHP-CLI Timeout
In-Reply-To: <4DBE3775D77C744E9D1B9D06082E75D60AAAEA@intamail1.com>
References: <4DBE3775D77C744E9D1B9D06082E75D60AAAEA@intamail1.com>
Message-ID: <41D17926.3060801@crisscott.com>

Chris Bielanski wrote:

> I'm afraid the set_time_limit(-1); threw an error. I decided to use a bad
> idea to get me through the crunch and I'm calling set_time_limit(60) in my
> processing loops.

Sorry. I gave you bad information. per the Fine Manual again: "If 
seconds is set to zero, no time limit is imposed."

> 
> per the Fine Manual:
> "When called, set_time_limit() restarts the timeout counter from zero. In
> other words, if the timeout is the default 30 seconds, and 25 seconds into
> script execution a call such as set_time_limit(20) is made, the script will
> run for a total of 45 seconds before timing out."
> 
> ...mmmm. Just the kind of ingredients one needs for a dirty hack...
> 
> PHP -v tells me I have v. 4.3.4 (cgi-fcgi)

-- 
Scott Mattocks
scott at crisscott.com
http://www.crisscott.com
http://pear.php.net/user/scottmattocks


From codebowl at gmail.com  Tue Dec 28 12:12:48 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Tue, 28 Dec 2004 12:12:48 -0500
Subject: [nycphp-talk] Site Optimization
Message-ID: <8d9a4280041228091214959ba1@mail.gmail.com>

i was wondering.....

are there any tools out there to simulate high traffic on your web
server say where you specify how many users hit the site at one time
and the tool actually hits your server that many times?

sites seem to run fast on my dev server and on low traffic servers i
would just like to see how my apps would run under heavy traffic
circumstances.

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From drydell at att.net  Tue Dec 28 12:22:45 2004
From: drydell at att.net (drydell at att.net)
Date: Tue, 28 Dec 2004 17:22:45 +0000
Subject: [nycphp-talk] Site Optimization
Message-ID: <122820041722.28455.41D196650005E67C00006F27215876672004040A0B979D0B@att.net>

check out LoadRunner:
http://www.mercury.com/us/products/performance-center/loadrunner/


 -------------- Original message ----------------------
From: Joseph Crawford <codebowl at gmail.com>
> i was wondering.....
> 
> are there any tools out there to simulate high traffic on your web
> server say where you specify how many users hit the site at one time
> and the tool actually hits your server that many times?
> 
> sites seem to run fast on my dev server and on low traffic servers i
> would just like to see how my apps would run under heavy traffic
> circumstances.
> 
> -- 
> Joseph Crawford Jr.
> Codebowl Solutions
> codebowl at gmail.com
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org




From patterson at computer.org  Tue Dec 28 12:21:09 2004
From: patterson at computer.org (Bill Patterson)
Date: Tue, 28 Dec 2004 12:21:09 -0500
Subject: [nycphp-talk] Site Optimization
In-Reply-To: <8d9a4280041228091214959ba1@mail.gmail.com>
References: <8d9a4280041228091214959ba1@mail.gmail.com>
Message-ID: <41D19605.5080505@computer.org>

Perhaps, if there is no opensource version of this, we could 
collectively build one on sourceforge?  Between cron jobs and PHP to hit 
sites, we might be able to build some kind of simulator.

Bill

Joseph Crawford wrote:

>i was wondering.....
>
>are there any tools out there to simulate high traffic on your web
>server say where you specify how many users hit the site at one time
>and the tool actually hits your server that many times?
>
>sites seem to run fast on my dev server and on low traffic servers i
>would just like to see how my apps would run under heavy traffic
>circumstances.
>
>  
>



From codebowl at gmail.com  Tue Dec 28 12:26:01 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Tue, 28 Dec 2004 12:26:01 -0500
Subject: [nycphp-talk] Site Optimization
In-Reply-To: <41D19605.5080505@computer.org>
References: <8d9a4280041228091214959ba1@mail.gmail.com>
	<41D19605.5080505@computer.org>
Message-ID: <8d9a428004122809261fe1574e@mail.gmail.com>

thanks for the info i am looking now :D


-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From codebowl at gmail.com  Tue Dec 28 12:26:42 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Tue, 28 Dec 2004 12:26:42 -0500
Subject: [nycphp-talk] Site Optimization
In-Reply-To: <8d9a428004122809261fe1574e@mail.gmail.com>
References: <8d9a4280041228091214959ba1@mail.gmail.com>
	<41D19605.5080505@computer.org>
	<8d9a428004122809261fe1574e@mail.gmail.com>
Message-ID: <8d9a428004122809264c739281@mail.gmail.com>

ack there has to be a GPL application out there that doesnt "require"
you to pay to use it :D

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From faber at linuxnj.com  Tue Dec 28 12:34:19 2004
From: faber at linuxnj.com (Faber Fedor)
Date: Tue, 28 Dec 2004 12:34:19 -0500
Subject: [nycphp-talk] Re: Site Optimization
In-Reply-To: <8d9a428004122809264c739281@mail.gmail.com>
References: <8d9a4280041228091214959ba1@mail.gmail.com>
	<41D19605.5080505@computer.org>
	<8d9a428004122809261fe1574e@mail.gmail.com>
	<8d9a428004122809264c739281@mail.gmail.com>
Message-ID: <20041228173419.GA23016@uranus.faber.nom>

On 28/12/04 12:26 -0500, Joseph Crawford wrote:
> ack there has to be a GPL application out there that doesnt "require"
> you to pay to use it :D

I thought there was a utility that came with Apache that did this kind
of testing.  IIRC, it had a small name (three letters or so).  I can't
find anything else at the moment...

If you google 'load test site:www.apache.org' something called JMEter
pops up all over the place...


-- 
 
Regards,
 
Faber                     

Linux New Jersey: Open Source Solutions for New Jersey
http://www.linuxnj.com





From ajai at bitblit.net  Tue Dec 28 12:42:47 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Tue, 28 Dec 2004 12:42:47 -0500
Subject: [nycphp-talk] Site Optimization
In-Reply-To: <8d9a4280041228091214959ba1@mail.gmail.com>
References: <8d9a4280041228091214959ba1@mail.gmail.com>
Message-ID: <41D19B17.3090107@bitblit.net>

Joseph Crawford wrote:

>i was wondering.....
>
>are there any tools out there to simulate high traffic on your web
>server say where you specify how many users hit the site at one time
>and the tool actually hits your server that many times?
>
>sites seem to run fast on my dev server and on low traffic servers i
>would just like to see how my apps would run under heavy traffic
>circumstances.
>

Awhile ago, I found this site had some useful tools:

http://opensourcetesting.org

-- 
Aj.
Systems Administrator / Developer



From ajai at bitblit.net  Tue Dec 28 12:44:28 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Tue, 28 Dec 2004 12:44:28 -0500
Subject: [nycphp-talk] Re: Site Optimization
In-Reply-To: <20041228173419.GA23016@uranus.faber.nom>
References: <8d9a4280041228091214959ba1@mail.gmail.com>	<41D19605.5080505@computer.org>	<8d9a428004122809261fe1574e@mail.gmail.com>	<8d9a428004122809264c739281@mail.gmail.com>
	<20041228173419.GA23016@uranus.faber.nom>
Message-ID: <41D19B7C.30300@bitblit.net>

Faber Fedor wrote:

>On 28/12/04 12:26 -0500, Joseph Crawford wrote:
>
>>ack there has to be a GPL application out there that doesnt "require"
>>you to pay to use it :D
>>
>
>I thought there was a utility that came with Apache that did this kind
>of testing.  IIRC, it had a small name (three letters or so).  I can't
>find anything else at the moment...
>

How about Deluge?
http://deluge.sourceforge.net/

-- 
Aj.
Systems Administrator / Developer



From tgales at tgaconnect.com  Tue Dec 28 12:45:49 2004
From: tgales at tgaconnect.com (Tim Gales)
Date: Tue, 28 Dec 2004 12:45:49 -0500
Subject: [nycphp-talk] Re: Site Optimization
Message-ID: <200412281745.iBSHjnD18206@tgaconnect.com>

Faber Fedor writes:
> I thought there was a utility that came with Apache that did this kind
> of testing.  IIRC, it had a small name (three letters or so).  I can't
> find anything else at the moment...

Flood has four letters.

Tim Gales

www.tgaconnect.com 
Helping People Connect With Technology


From faber at linuxnj.com  Tue Dec 28 12:47:12 2004
From: faber at linuxnj.com (Faber Fedor)
Date: Tue, 28 Dec 2004 12:47:12 -0500
Subject: [nycphp-talk] Re: Site Optimization
In-Reply-To: <41D19B17.3090107@bitblit.net>
References: <8d9a4280041228091214959ba1@mail.gmail.com>
	<41D19B17.3090107@bitblit.net>
Message-ID: <20041228174712.GA23145@uranus.faber.nom>


The "little utility" I was thinking of is called "ab" (Apache
benchmarking).

-- 
 
Regards,
 
Faber                     

Linux New Jersey: Open Source Solutions for New Jersey
http://www.linuxnj.com





From tgales at tgaconnect.com  Tue Dec 28 12:48:08 2004
From: tgales at tgaconnect.com (Tim Gales)
Date: Tue, 28 Dec 2004 12:48:08 -0500
Subject: [nycphp-talk] Re: Site Optimization
Message-ID: <200412281748.iBSHm8B18547@tgaconnect.com>


> Flood has four letters.
food has four letters --
better break for some soon.

Tim G.


From henry at beewh.com  Tue Dec 28 12:50:52 2004
From: henry at beewh.com (Henry Ponce)
Date: Tue, 28 Dec 2004 14:50:52 -0300
Subject: [nycphp-talk] help needed
Message-ID: <200412281450.52995.henry@beewh.com>

Hello people:

i have a problem that is driving me crazy.

i am developing a site that is currently in:

http://www.php-developers.com.ar

1. With Opera Browser there are no problems.
2. with ie you can open the page once, and when you try refreshing there is a 
problem.
3. same problem with firefox.

I'm using include() to include the different blocks.

I don't know what the problem might be. can anyone point me in the right 
direction.

i also tested with www.php-developers.com.ar/newsarticles.php and i get the 
same error, with the first include. i hope you understand my problem.

thank you.
Henry





From jayeshsh at ceruleansky.com  Tue Dec 28 12:51:00 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Tue, 28 Dec 2004 12:51:00 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
Message-ID: <41D19D04.3050901@ceruleansky.com>

Hello all,

perhaps some of the (SuSe) Linux gurus out there will have an idea as to 
what is going on here.

I have an existing SuSe 9.1 Linux LAMP server set up with Apache 2.x, 
PHP 4.3.x, MySQL 4.x.
The thing is that I want to use PHP 5 instead of PHP 4. But I also want 
to run older PHP4 scripts.

I followed the instructions in Appendix C of Adam Trachtenberg's 
"Upgrading to PHP 5" book to use PHP 5 as a CGI, so that I can continue 
to use PHP 4 as an Apache module.
(To use PHP5 scripts, I would simply configure Apache to execute scripts 
from a particular directory using the PHP 5 CGI binary.)

I compiled PHP with the following options:

./configure --prefix=/usr/local/php5/ \
--enable-force-cgi-redirect \
--with-xml \
--with-libxml-dir=/usr/local/ \
--enable-soap \
--with-xsl=/usr/local/ \
--with-mysql \
--with-tidy-dir=/usr/ \
--with-curl-dir=/usr/local/ \
--with-mcrypt-dir=/usr/local/ \
--with-zlib-dir=/usr/local/ \
--with-gd \
--with-jpeg-dir=/usr/local/ \
--with-png-dir=/usr/local/ \
--enable-gd-native-ttf \
--enable-ftp \
--enable-sockets \
--enable-wddx \
--with-xmlrpc \
--with-iconv \
--enable-soap

Thus, the PHP binary was installed to :
/usr/local/php/bin/

I am not sure the this was right thing to do, but I chowned 
/usr/local/php/bin/ and its subdirectories to run as wwwrun user and 
belong to www group (Apache's user and group).

I then modified /etc/apache2/httpd.conf and added the following 
information to the end of it:

ScriptAlias /php5 /usr/local/php5/bin
<Directory /usr/local/php5/bin/>
    Options +ExecCGI +FollowSymLinks
    AllowOverride None
</Directory>

<Directory /srv/www/htdocs/php5>
    AddHandler php-cgi-script .php
    Action php-cgi-script /php5/php
    Options +ExecCGI
</Directory>

But when I try to access http://myipaddress/php5/
I get the following error in Apache's error logs ( 
/var/log/apache2/error-log ) :

[Tue Dec 28 12:18:33 2004] [warn] Init: Session Cache is not configured 
[hint: SSLSessionCache]
[Tue Dec 28 12:18:33 2004] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec2)
[Tue Dec 28 12:18:34 2004] [notice] Apache/2.0.49 (Linux/SuSE) 
configured -- resuming normal operations
[Tue Dec 28 12:20:20 2004] [error] [client 69.86.**.***] client denied 
by server configuration: /usr/local/php5/bin/pinfo.php
[Tue Dec 28 12:23:18 2004] [error] [client 69.86.**.***] client denied 
by server configuration: /usr/local/php5/bin/php.cgi
[Tue Dec 28 12:25:32 2004] [error] [client 69.86.**.***] client denied 
by server configuration: /usr/local/php5/bin/php
script not found or unable to stat

You see various different things after the "client denied by server 
configuration:" part because I was renaming the php binary and also I 
added a .htaccess in another subdirectory that looked like the following:

AddHandler custom-php .php .pcgi
Action custom-php /php5/php
Options +ExecCGI

But when I access http://myipaddress/php5/pinfo.php
I get the following error:

Access forbidden!

You don't have permission to access the requested object. It is either 
read-protected or not readable by the server.

If you think this is a server error, please contact the webmaster.
Error 403

Does anyone know why this is happening?

Thanks in advance!

Best regards,

- Jay




From fields at hedge.net  Tue Dec 28 12:51:21 2004
From: fields at hedge.net (Adam Fields)
Date: Tue, 28 Dec 2004 12:51:21 -0500
Subject: [nycphp-talk] Re: Site Optimization
In-Reply-To: <20041228173419.GA23016@uranus.faber.nom>
References: <8d9a4280041228091214959ba1@mail.gmail.com>
	<41D19605.5080505@computer.org>
	<8d9a428004122809261fe1574e@mail.gmail.com>
	<8d9a428004122809264c739281@mail.gmail.com>
	<20041228173419.GA23016@uranus.faber.nom>
Message-ID: <20041228175121.GH11264@lola.aquick.org>

On Tue, Dec 28, 2004 at 12:34:19PM -0500, Faber Fedor wrote:
> On 28/12/04 12:26 -0500, Joseph Crawford wrote:
> > ack there has to be a GPL application out there that doesnt "require"
> > you to pay to use it :D
> 
> I thought there was a utility that came with Apache that did this kind
> of testing.  IIRC, it had a small name (three letters or so).  I can't
> find anything else at the moment...
> 
> If you google 'load test site:www.apache.org' something called JMEter
> pops up all over the place...


There are a lot of load testing utilities. Here's a pretty
comprehensive list:

http://www.softwareqatest.com/qatweb1.html#LOAD

I've used Siege, Webhammer, Loadrunner (not free), and I think
WebAvalanche. I'd start with Siege and see if that works for you. If
not, there's plenty of other stuff to try on that list.

I believe JMeter used to be the ApacheBench tools, but it morphed into
a bigger suite, so they changed the name.

-- 
				- Adam

-----
[ http://www.aquick.org/blog ]
[ http://www.adamfields.com ][ http://del.icio.us/fields ]
[ http://www.aquick.org/photoblog ][ http://www.aquick.org/gallery ]




From nestorflorez at earthlink.net  Tue Dec 28 14:09:03 2004
From: nestorflorez at earthlink.net (Nestor Florez)
Date: Tue, 28 Dec 2004 11:09:03 -0800 (PST)
Subject: [nycphp-talk] help needed
Message-ID: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net>

Henry,

did not see a problem  using mozilla for this site:
http://www.php-developers.com.ar/

Nestor :-)

-----Original Message-----
From: Henry Ponce <henry at beewh.com>
Sent: Dec 28, 2004 9:50 AM
To: NYPHP Talk <talk at lists.nyphp.org>
Subject: [nycphp-talk] help needed

Hello people:

i have a problem that is driving me crazy.

i am developing a site that is currently in:

http://www.php-developers.com.ar

1. With Opera Browser there are no problems.
2. with ie you can open the page once, and when you try refreshing there is a 
problem.
3. same problem with firefox.

I'm using include() to include the different blocks.

I don't know what the problem might be. can anyone point me in the right 
direction.

i also tested with www.php-developers.com.ar/newsarticles.php and i get the 
same error, with the first include. i hope you understand my problem.

thank you.
Henry



_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org





From henry at beewh.com  Tue Dec 28 14:18:20 2004
From: henry at beewh.com (Henry Ponce)
Date: Tue, 28 Dec 2004 16:18:20 -0300
Subject: [nycphp-talk] help needed
In-Reply-To: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net>
References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net>
Message-ID: <200412281618.21019.henry@beewh.com>

I am testing with Firefox and ie, and i can only refresh once.

With opera and mozilla there is no problem.

any help is appreciated.

Thank you,
Henry


On Tuesday 28 December 2004 16:09, Nestor Florez wrote:
> Henry,
>
> did not see a problem  using mozilla for this site:
> http://www.php-developers.com.ar/
>
> Nestor :-)
>
> -----Original Message-----
> From: Henry Ponce <henry at beewh.com>
> Sent: Dec 28, 2004 9:50 AM
> To: NYPHP Talk <talk at lists.nyphp.org>
> Subject: [nycphp-talk] help needed
>
> Hello people:
>
> i have a problem that is driving me crazy.
>
> i am developing a site that is currently in:
>
> http://www.php-developers.com.ar
>
> 1. With Opera Browser there are no problems.
> 2. with ie you can open the page once, and when you try refreshing there is
> a problem.
> 3. same problem with firefox.
>
> I'm using include() to include the different blocks.
>
> I don't know what the problem might be. can anyone point me in the right
> direction.
>
> i also tested with www.php-developers.com.ar/newsarticles.php and i get the
> same error, with the first include. i hope you understand my problem.
>
> thank you.
> Henry
>
>
>
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
>
>
>
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org



From codebowl at gmail.com  Tue Dec 28 14:22:52 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Tue, 28 Dec 2004 14:22:52 -0500
Subject: [nycphp-talk] help needed
In-Reply-To: <200412281618.21019.henry@beewh.com>
References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net>
	<200412281618.21019.henry@beewh.com>
Message-ID: <8d9a42800412281122678cf936@mail.gmail.com>

i am not seeing the problem using firefox 1.0 can you be more specific
as to what you are getting?  I went to the site and refreshed about 4
times and the site loaded fine for me.

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From jlacey at att.net  Tue Dec 28 14:28:20 2004
From: jlacey at att.net (John Lacey)
Date: Tue, 28 Dec 2004 12:28:20 -0700
Subject: [nycphp-talk] help needed
In-Reply-To: <200412281618.21019.henry@beewh.com>
References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net>
	<200412281618.21019.henry@beewh.com>
Message-ID: <41D1B3D4.5070307@att.net>

Henry Ponce wrote:
> I am testing with Firefox and ie, and i can only refresh once.
> 
> With opera and mozilla there is no problem.
> 
> any help is appreciated.

Henry,

I ran the URL through the HTML validator at:
http://validator.w3.org/

got a 'few errors' -- it's a place to start at least :)

John



From henry at beewh.com  Tue Dec 28 14:31:48 2004
From: henry at beewh.com (Henry Ponce)
Date: Tue, 28 Dec 2004 16:31:48 -0300
Subject: [nycphp-talk] help needed
In-Reply-To: <8d9a42800412281122678cf936@mail.gmail.com>
References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net>
	<200412281618.21019.henry@beewh.com>
	<8d9a42800412281122678cf936@mail.gmail.com>
Message-ID: <200412281631.48489.henry@beewh.com>

Joseph:

the problem is that, using firefox or MS Internet Explorer, I can only open 
the page once, with no problems and I can only refresh once (in Firefox) and 
0 times with Internet Explorer.

With Mozilla or Opera explorer i get no mistakes. i can refresh as many times 
as i wish.

the page http://www.php-developers.com.ar has a complete version with all the 
includes. I have created a smaller version in 
http://www.php-developers.com.ar/newsarticles.php with only one include. And 
i get the same error.


This is very strange. I have checked all the mysql queries and the connection.

Here is my phpinfo(): http://www.php-developers.com.ar/phpinfo.php

I have been searching google all day for a solution. But i'm stuck. I don't 
think it has to do with timeouts, because i see it perfectly with Mozilla and 
Opera.

I hope this explains my problem. Please help.

Henry


On Tuesday 28 December 2004 16:22, Joseph Crawford wrote:
> i am not seeing the problem using firefox 1.0 can you be more specific
> as to what you are getting?  I went to the site and refreshed about 4
> times and the site loaded fine for me.



From ajai at bitblit.net  Tue Dec 28 14:39:25 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Tue, 28 Dec 2004 14:39:25 -0500
Subject: [nycphp-talk] help needed
In-Reply-To: <200412281631.48489.henry@beewh.com>
References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net>	<200412281618.21019.henry@beewh.com>	<8d9a42800412281122678cf936@mail.gmail.com>
	<200412281631.48489.henry@beewh.com>
Message-ID: <41D1B66D.8030600@bitblit.net>

Henry Ponce wrote:

>the problem is that, using firefox or MS Internet Explorer, I can only open 
>the page once, with no problems and I can only refresh once (in Firefox) and 
>0 times with Internet Explorer.
>
I am testing with IE5 - just wondering what the error is - do you mean 
the missing images in the middle???

-- 
Aj.
Systems Administrator / Developer



From henry at beewh.com  Tue Dec 28 14:43:57 2004
From: henry at beewh.com (Henry Ponce)
Date: Tue, 28 Dec 2004 16:43:57 -0300
Subject: [nycphp-talk] help needed
In-Reply-To: <41D1B66D.8030600@bitblit.net>
References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net>
	<200412281631.48489.henry@beewh.com> <41D1B66D.8030600@bitblit.net>
Message-ID: <200412281643.58001.henry@beewh.com>

the error i found is that i can't "refresh". the page "hangs" and then after a 
while i get a "not page found sign." or "no data".

Henry

On Tuesday 28 December 2004 16:39, Ajai Khattri wrote:

> Henry Ponce wrote:
> >the problem is that, using firefox or MS Internet Explorer, I can only
> > open the page once, with no problems and I can only refresh once (in
> > Firefox) and 0 times with Internet Explorer.
>
> I am testing with IE5 - just wondering what the error is - do you mean
> the missing images in the middle???



From ajai at bitblit.net  Tue Dec 28 14:49:59 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Tue, 28 Dec 2004 14:49:59 -0500
Subject: [nycphp-talk] help needed
In-Reply-To: <200412281643.58001.henry@beewh.com>
References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net>	<200412281631.48489.henry@beewh.com>
	<41D1B66D.8030600@bitblit.net> <200412281643.58001.henry@beewh.com>
Message-ID: <41D1B8E7.2060905@bitblit.net>

Henry Ponce wrote:

>the error i found is that i can't "refresh". the page "hangs" and then after a 
>while i get a "not page found sign." or "no data".
>

I dont have that problem - using IE5.

-- 
Aj.
Systems Administrator / Developer



From j.aponte at gmail.com  Tue Dec 28 14:56:28 2004
From: j.aponte at gmail.com (Juancarlos Aponte)
Date: Tue, 28 Dec 2004 14:56:28 -0500
Subject: [nycphp-talk] help needed
In-Reply-To: <41D1B8E7.2060905@bitblit.net>
References: <5918529.1104260943388.JavaMail.root@scooter.psp.pas.earthlink.net>
	<200412281631.48489.henry@beewh.com> <41D1B66D.8030600@bitblit.net>
	<200412281643.58001.henry@beewh.com> <41D1B8E7.2060905@bitblit.net>
Message-ID: <a986d740412281156cf336f3@mail.gmail.com>

I was also able to refresh several times using IE6 through Maxthon.  Strange.


On Tue, 28 Dec 2004 14:49:59 -0500, Ajai Khattri <ajai at bitblit.net> wrote:
> Henry Ponce wrote:
> 
> >the error i found is that i can't "refresh". the page "hangs" and then after a
> >while i get a "not page found sign." or "no data".
> >
> 
> I dont have that problem - using IE5.
> 
> --
> Aj.
> Systems Administrator / Developer
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
> 


-- 
.: Juancarlos :.

"Any fool can know. The point is to understand."
-Albert Einstein


From ereyes at totalcreations.com  Tue Dec 28 14:59:23 2004
From: ereyes at totalcreations.com (Edgar Reyes)
Date: Tue, 28 Dec 2004 14:59:23 -0500
Subject: [nycphp-talk] help needed
In-Reply-To: <200412281618.21019.henry@beewh.com>
Message-ID: <003d01c4ed17$b9fca6f0$6400a8c0@ERENTR>

Hello I tested it with IE and Firefox and with out a problem!! Was able to
refresh it more than once..

ER

-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Henry Ponce
Sent: Tuesday, December 28, 2004 2:18 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] help needed

I am testing with Firefox and ie, and i can only refresh once.

With opera and mozilla there is no problem.

any help is appreciated.

Thank you,
Henry


On Tuesday 28 December 2004 16:09, Nestor Florez wrote:
> Henry,
>
> did not see a problem  using mozilla for this site:
> http://www.php-developers.com.ar/
>
> Nestor :-)
>
> -----Original Message-----
> From: Henry Ponce <henry at beewh.com>
> Sent: Dec 28, 2004 9:50 AM
> To: NYPHP Talk <talk at lists.nyphp.org>
> Subject: [nycphp-talk] help needed
>
> Hello people:
>
> i have a problem that is driving me crazy.
>
> i am developing a site that is currently in:
>
> http://www.php-developers.com.ar
>
> 1. With Opera Browser there are no problems.
> 2. with ie you can open the page once, and when you try refreshing there
is
> a problem.
> 3. same problem with firefox.
>
> I'm using include() to include the different blocks.
>
> I don't know what the problem might be. can anyone point me in the right
> direction.
>
> i also tested with www.php-developers.com.ar/newsarticles.php and i get
the
> same error, with the first include. i hope you understand my problem.
>
> thank you.
> Henry
>
>
>
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
>
>
>
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org

_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org



From codebowl at gmail.com  Tue Dec 28 15:35:49 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Tue, 28 Dec 2004 15:35:49 -0500
Subject: [nycphp-talk] help needed
In-Reply-To: <003d01c4ed17$b9fca6f0$6400a8c0@ERENTR>
References: <200412281618.21019.henry@beewh.com>
	<003d01c4ed17$b9fca6f0$6400a8c0@ERENTR>
Message-ID: <8d9a4280041228123572e198dc@mail.gmail.com>

i am having no problems here and without being able to re-create your
error i am not sure how we can help you.

one thing you might try is to delete your cache in both ie and
firefox, restart both browsers, heck maybe even a reboot of the
machine.  I am not sure since i am not sitting at your keyboard :(

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From henry at beewh.com  Tue Dec 28 15:40:52 2004
From: henry at beewh.com (Henry Ponce)
Date: Tue, 28 Dec 2004 17:40:52 -0300
Subject: [nycphp-talk] help needed
In-Reply-To: <8d9a4280041228123572e198dc@mail.gmail.com>
References: <200412281618.21019.henry@beewh.com>
	<003d01c4ed17$b9fca6f0$6400a8c0@ERENTR>
	<8d9a4280041228123572e198dc@mail.gmail.com>
Message-ID: <200412281740.52216.henry@beewh.com>

Joseph, thanks for your help. 

You know what I discovered by asking people to open the page... people in the 
US and Spain can open the web page correctly. But people in Estonia and 
Argentina (i am currently in Argentina) can't. 
I can't find the problem. Maybe it's the internet connection speed. don't 
know.

I will keep trying to solve this.

Henry


On Tuesday 28 December 2004 17:35, Joseph Crawford wrote:
> i am having no problems here and without being able to re-create your
> error i am not sure how we can help you.
>
> one thing you might try is to delete your cache in both ie and
> firefox, restart both browsers, heck maybe even a reboot of the
> machine.  I am not sure since i am not sitting at your keyboard :(



From codebowl at gmail.com  Tue Dec 28 18:16:42 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Tue, 28 Dec 2004 18:16:42 -0500
Subject: [nycphp-talk] help needed
In-Reply-To: <200412281740.52216.henry@beewh.com>
References: <200412281618.21019.henry@beewh.com>
	<003d01c4ed17$b9fca6f0$6400a8c0@ERENTR>
	<8d9a4280041228123572e198dc@mail.gmail.com>
	<200412281740.52216.henry@beewh.com>
Message-ID: <8d9a4280041228151642d5783b@mail.gmail.com>

it could be latency issues, give it time might just be in the middle
of an internet hiccup or something :D glad i could have helped.

-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From sajith.ml at gmail.com  Tue Dec 28 20:12:42 2004
From: sajith.ml at gmail.com (Sajith A)
Date: Wed, 29 Dec 2004 06:42:42 +0530
Subject: [nycphp-talk] Site Optimization
In-Reply-To: <41D19605.5080505@computer.org>
References: <8d9a4280041228091214959ba1@mail.gmail.com>
	<41D19605.5080505@computer.org>
Message-ID: <ef613e5d041228171252d2a6c2@mail.gmail.com>

>Bill wrote
> Perhaps, if there is no opensource version of this, we could
> collectively build one on sourceforge?  Between cron jobs and PHP to hit
> sites, we might be able to build some kind of simulator.

How about doing it in python. I'm new to python - still would like to
know anyone interested here.


From jayeshsh at ceruleansky.com  Tue Dec 28 21:27:29 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Tue, 28 Dec 2004 21:27:29 -0500 (EST)
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
 server configuration
Message-ID: <33220.69.86.84.233.1104287249.spork@webmail.ceruleansky.com>

Hi all,

to save others endless hours of banging their heads against a wall made of
green SuSe lizards, I am posting this fix, which I think did the trick (I
need to check to see if all the extensions are working okay though).

In /etc/apache2/httpd.conf the changes at the end should be slightly
different:

ScriptAlias /php5 /usr/local/php5_try2/bin

<Directory /usr/local/php5_try2/bin/>
        Options +ExecCGI +FollowSymLinks
        Order allow,deny
        Allow from all
        AllowOverride None
</Directory>

<Directory /srv/www/htdocs/php5docs>
        AddHandler php-cgi-script .php
        Action php-cgi-script /php5/php
        Options +ExecCGI
</Directory>

The parts that are critical and needed is:

Order allow,deny
Allow from all

Best regards,

- Jay
PS:
Why does SuSe set up MySQL 4.0 with no user accounts created? Is the
correct behavior? I guess I should edit the my.cnf file to add users ?


From danielc at analysisandsolutions.com  Wed Dec 29 00:51:45 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Wed, 29 Dec 2004 00:51:45 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
In-Reply-To: <33220.69.86.84.233.1104287249.spork@webmail.ceruleansky.com>
References: <33220.69.86.84.233.1104287249.spork@webmail.ceruleansky.com>
Message-ID: <20041229055145.GA25010@panix.com>

On Tue, Dec 28, 2004 at 09:27:29PM -0500, Jayesh Sheth wrote:
> 
> to save others endless hours of banging their heads against a wall made of
> green SuSe lizards, I am posting this fix, which I think did the trick (I

Congrats.


> Why does SuSe set up MySQL 4.0 with no user accounts created? Is the
> correct behavior? I guess I should edit the my.cnf file to add users ?

That's the best behavior, as far as I'm concerned.  That way, no 
unexpected, unauthorized access can happen.

my.cnf?  No.  Users go into the users table.  Put them in there, but don't 
give them permission there.  Give them permissions on a particular 
database via the db table.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409


From brent at landover.com  Wed Dec 29 09:00:06 2004
From: brent at landover.com (Brent Baisley)
Date: Wed, 29 Dec 2004 09:00:06 -0500
Subject: [nycphp-talk] Site Optimization
In-Reply-To: <8d9a428004122809264c739281@mail.gmail.com>
References: <8d9a4280041228091214959ba1@mail.gmail.com>
	<41D19605.5080505@computer.org>
	<8d9a428004122809261fe1574e@mail.gmail.com>
	<8d9a428004122809264c739281@mail.gmail.com>
Message-ID: <F18B7DEE-59A1-11D9-A708-000A95CD828E@landover.com>

You could do a fairly simple load tester using Javascript. Just add an 
onLoad event handler to the body that refreshes or redirects the page. 
Open multiple browser windows to simulate multiple users, limited by 
the bandwidth of the machine.
5 machines * 10 browser windows = ~50 user simulation.

That is truly a "poor mans" load tester. But it's something quick, easy 
and cheap.


On Dec 28, 2004, at 12:26 PM, Joseph Crawford wrote:

> ack there has to be a GPL application out there that doesnt "require"
> you to pay to use it :D
>
> -- 
> Joseph Crawford Jr.
> Codebowl Solutions
> codebowl at gmail.com
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
>
>
-- 
Brent Baisley
Systems Architect
Landover Associates, Inc.
Search & Advisory Services for Advanced Technology Environments
p: 212.759.6400/800.759.0577



From jayeshsh at ceruleansky.com  Wed Dec 29 10:18:39 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Wed, 29 Dec 2004 10:18:39 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
Message-ID: <41D2CACF.8090101@ceruleansky.com>

Hi Dan,

thanks for your followup and help with MySQL.

I realized that on Linux the first time setup for MySQL is different. 
You are also right about not using my.cnf for user info (for some weird 
reason I remember that once on Windows using MySQL 3.23 I could add a 
user using a config file ... but I guess not on Linux.)

Also - SuSe Linux 9.1 behaves in a non-standard way. So, the following 
instructions might be of use to others and save them loads of time.

I am reformatting this information from another post on the Internet:

First do the following:
-----------------------------------------------------------
su - root
cd /etc/init.d
./mysql start

If the daemon comes up, then make sure the permissions in

/var/lib/mysql are correct:

cd /var/lib
ls -lR mysql
<= SHOULD BE "mysql:daemon" ( was root:root in my case)

If necessary, then change the permissions manually:

chown -R mysql:daemon /var/lib/mysql
----------------------------------------------------------
Then restart the SuSe box.

Then the mysql daemon started automatically.
-----------------------------------------------------------
Assuming the (initial Linux MySQL setup script) mysql_install_db was run 
correctly, you can now set the password for the two root MySQL accounts:

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h something.yourserver.com password 
'new-password'
-----------------------------------------------------------

Other MySQL paths for SuSe:
Main config file: etc/my.cnf
Socket: /var/lib/mysql/mysql.sock
MySQL DB data dir: /var/lib/mysql/mysql/
MySQL binaries directory: /usr/bin/mysql*

This should hopefully save others gobs of time on SuSe Linux.

Best regards,
- Jay





From ajai at bitblit.net  Wed Dec 29 10:51:54 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Wed, 29 Dec 2004 10:51:54 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
In-Reply-To: <33220.69.86.84.233.1104287249.spork@webmail.ceruleansky.com>
References: <33220.69.86.84.233.1104287249.spork@webmail.ceruleansky.com>
Message-ID: <41D2D29A.8060405@bitblit.net>

Jayesh Sheth wrote:

>PS:
>Why does SuSe set up MySQL 4.0 with no user accounts created? Is the
>correct behavior? I guess I should edit the my.cnf file to add users ?
>

No:

http://dev.mysql.com/doc/mysql/en/User_Account_Management.html

-- 
Aj.
Systems Administrator / Developer



From jayeshsh at ceruleansky.com  Wed Dec 29 14:07:14 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Wed, 29 Dec 2004 14:07:14 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
Message-ID: <41D30062.2050209@ceruleansky.com>

Hi Ajai,

thanks for your post. I figured it out ... please see my previous post.

It seems that the default MySQL accounts have to be initialized on Linux.

<rant>
Xampp for Windows really spoils you. Once you have downloaded the 
sources for 10 different libraries from 10 different sites, built them 
using 10 distinct set of ./configure directives, located the settings, 
binaries, log files, libary, source directories for Apache andMySQL - 
all in different places -, then built PHP three different times using 
different configure directives, and then fought with Apache over one 
Apache directive overriding another, then wondering why  your particular 
distribution moved some configuration file from some/obscure/directory 
to someother/obscure/directory, you realize how wonderful Windows DLLs 
are. If you need a particular extension on Windows, all you have to do 
is uncomment it in php.ini and restart XAMPP. But no, on Linux you have 
to first go through the whole compile song and dance - first for the 
libraries you want, then again for PHP. I may not have said this before, 
but Thank God for Bill Gates and Microsoft for have spared me this 
misery of compilation so far! (If only Windows weren't so easily 
hackable, WAMP would be an AWESOME platform.)
</rant>

Best regards,

- Jay


From mitch.pirtle at gmail.com  Wed Dec 29 14:29:31 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Wed, 29 Dec 2004 14:29:31 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
In-Reply-To: <41D30062.2050209@ceruleansky.com>
References: <41D30062.2050209@ceruleansky.com>
Message-ID: <330532b604122911297e414f1@mail.gmail.com>

On Wed, 29 Dec 2004 14:07:14 -0500, Jayesh Sheth
<jayeshsh at ceruleansky.com> wrote:
> 
> <rant>
> Xampp for Windows really spoils you. Once you have downloaded the
> sources for 10 different libraries from 10 different sites, built them
> using 10 distinct set of ./configure directives, located the settings,
> binaries, log files, libary, source directories for Apache andMySQL -
> all in different places -, then built PHP three different times using
> different configure directives, and then fought with Apache over one
> Apache directive overriding another, then wondering why  your particular
> distribution moved some configuration file from some/obscure/directory
> to someother/obscure/directory, you realize how wonderful Windows DLLs
> are. If you need a particular extension on Windows, all you have to do
> is uncomment it in php.ini and restart XAMPP. But no, on Linux you have
> to first go through the whole compile song and dance - first for the
> libraries you want, then again for PHP. I may not have said this before,
> but Thank God for Bill Gates and Microsoft for have spared me this
> misery of compilation so far! (If only Windows weren't so easily
> hackable, WAMP would be an AWESOME platform.)
> </rant>

Great googely-moogely!  What in the world are you trying to use?  For
every linux distro I ever installed (redhat, fedora, debian, knoppix,
gentoo, suse, mandrake, slackware, CentOS, RHEL, dyne|bolic, ubuntu,
and others I have forgotten) you have an automated way* of installing
all of this.

* apt-based or rpm-based (with apt): apt-get install php
php-postgresql php-imap blah...

Even gentoo was just an emerge away, and the most primitive system I
know of (FreeBSD) has packages available...  What distro you using,
jurrassic linux?  Did it come on floppies?

(rimshot)

Hey everybody, we gotta save Jay, he's trapped in some sort of
wormhole and only has slackware with the 2.0 kernel!!!

-- Mitch, with an evil grin


From ajai at bitblit.net  Wed Dec 29 14:29:48 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Wed, 29 Dec 2004 14:29:48 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
In-Reply-To: <41D30062.2050209@ceruleansky.com>
References: <41D30062.2050209@ceruleansky.com>
Message-ID: <41D305AC.4050002@bitblit.net>

Jayesh Sheth wrote:

> you realize how wonderful Windows DLLs are.

Or how difficult Windoze can be when you choose not to do things the M$ way.

> But no, on Linux you have to first go through the whole compile song 
> and dance - first for the libraries you want, then again for PHP.

Most Linux distros have great package managers that handle all this crap 
for you.

> I may not have said this before, but Thank God for Bill Gates and 
> Microsoft for have spared me this misery of compilation so far! (If 
> only Windows weren't so easily hackable, WAMP would be an AWESOME 
> platform.)


Source-based distros like Gentoo make rebuilding very very easy - I 
never configure stuff "by hand" anymore, don't need to.

-- 
Aj.
Systems Administrator / Developer



From jlacey at att.net  Wed Dec 29 14:38:26 2004
From: jlacey at att.net (John Lacey)
Date: Wed, 29 Dec 2004 12:38:26 -0700
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
In-Reply-To: <41D30062.2050209@ceruleansky.com>
References: <41D30062.2050209@ceruleansky.com>
Message-ID: <41D307B2.8070609@att.net>

Jayesh Sheth wrote:
> Hi Ajai,
> 
> thanks for your post. I figured it out ... please see my previous post.
> 
> It seems that the default MySQL accounts have to be initialized on Linux.
> 
> <rant>
> Xampp for Windows really spoils you. Once you have downloaded the 
> sources for 10 different libraries from 10 different sites, built them 
> using 10 distinct set of ./configure directives, located the settings, 
> binaries, log files, libary, source directories for Apache andMySQL - 
> all in different places -, then built PHP three different times using 
> different configure directives, and then fought with Apache over one 
> Apache directive overriding another, then wondering why  your particular 
> distribution moved some configuration file from some/obscure/directory 
> to someother/obscure/directory, you realize how wonderful Windows DLLs 
> are. If you need a particular extension on Windows, all you have to do 
> is uncomment it in php.ini and restart XAMPP. But no, on Linux you have 
> to first go through the whole compile song and dance - first for the 
> libraries you want, then again for PHP. I may not have said this before, 
> but Thank God for Bill Gates and Microsoft for have spared me this 
> misery of compilation so far! (If only Windows weren't so easily 
> hackable, WAMP would be an AWESOME platform.)
> </rant>
> 

I don't think one needs to go thru all that grief, but if it's any 
consolation Jay, XAMPP 1.4.11 was just released with the latest Zend 
Optimizer (2.5.7) that addresses various problems (like the foreach 
craziness) with using PHP 4.3.10 and the old ZO

John



From 1j0lkq002 at sneakemail.com  Wed Dec 29 15:01:38 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Wed, 29 Dec 2004 15:01:38 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied
	byserver configuration
Message-ID: <20672-67944@sneakemail.com>

Slackare? What's that? Sounds kewl. Does it run on XP? Can I borrow the CD?


-=john andrews (oddly proud to put my name on this post :-)


Original Message:
-----------------
From: Mitch Pirtle mitch.pirtle-at-gmail.com |nyphp dev/internal group use|
...
Date: Wed, 29 Dec 2004 14:29:31 -0500
To: talk at lists.nyphp.org
Subject: Re: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied
byserver configuration

Great googely-moogely!  What in the world are you trying to use?  For
every linux distro I ever installed (redhat, fedora, debian, knoppix,
gentoo, suse, mandrake, slackware, CentOS, RHEL, dyne|bolic, ubuntu,
and others I have forgotten) you have an automated way* of installing
all of this.

* apt-based or rpm-based (with apt): apt-get install php
php-postgresql php-imap blah...

Even gentoo was just an emerge away, and the most primitive system I
know of (FreeBSD) has packages available...  What distro you using,
jurrassic linux?  Did it come on floppies?

(rimshot)

Hey everybody, we gotta save Jay, he's trapped in some sort of
wormhole and only has slackware with the 2.0 kernel!!!

-- Mitch, with an evil grin
_____________________________

--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .




From jayeshsh at ceruleansky.com  Wed Dec 29 19:14:40 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Wed, 29 Dec 2004 19:14:40 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
Message-ID: <41D34870.2060802@ceruleansky.com>

Hi Mitch,

 >Great googely-moogely!  What in the world are you trying to use?  For
 >every linux distro I ever installed (redhat, fedora, debian, knoppix,
 >gentoo, suse, mandrake, slackware, CentOS, RHEL, dyne|bolic, ubuntu,
 >and others I have forgotten) you have an automated way* of installing
 >all of this.
 >

I was using SuSe 9.1. The machine had Apache 2.0, PHP 4.x (as an Apache 
module) and MySQL 4.0 installed. But I just wanted to add PHP 5 as a 
CGI-binary mapped to a separate sub-directory of htdocs, while 
preserving Apache 2.0 and MySQL 4.0, and while keeping the PHP 4 Apache 
module as the parser for the rest of the htdocs files. In other words, I 
wanted to keep the same base system while adding the possibility to have 
a "php5docs" subdirectory where special PHP5 scripts/apps could run.

 Correct me if I am wrong, but I think there are no RPMs for PHP5 ? So I 
had to do this by hand.

Also - I wanted PHP 5 with specific extensions. (After much compiling, 
the phpinfo file would still not show that mcrypt and mhash were 
installed. Must be some voodoo magic required to make it work.)

 >* apt-based or rpm-based (with apt): apt-get install php
 >php-postgresql php-imap blah...
 >
 >Even gentoo was just an emerge away, and the most primitive system I
 >know of (FreeBSD) has packages available...  What distro you using,
 >jurrassic linux?  Did it come on floppies?
 >
 >(rimshot)
 >
 >Hey everybody, we gotta save Jay, he's trapped in some sort of
 >wormhole and only has slackware with the 2.0 kernel!!!
 >
 >-- Mitch, with an evil grin

Slackware did seem cool perhaps 5 years ago - but it is too Unixish for 
most people ...

Best regards,

- Jay


From jayeshsh at ceruleansky.com  Wed Dec 29 19:22:18 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Wed, 29 Dec 2004 19:22:18 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
Message-ID: <41D34A3A.6060601@ceruleansky.com>

Hi John,

thanks for your note.

 >I don't think one needs to go thru all that grief, but if it's any
 >consolation Jay, XAMPP 1.4.11 was just released with the latest Zend
 >Optimizer (2.5.7) that addresses various problems (like the foreach
 >craziness) with using PHP 4.3.10 and the old ZO
 >
 >John

I think there must be XAMPP version for Linux with PHP 5, but I did want 
to install it on top of my existing setup which had Apache 2, PHP 4 and 
MySQL 4.0 already installed. So then I would need uninstall all of those 
(AMP) and then install XAMPP. Another thing is that XAMPP is a 
distribution meant for local development, as opposed to server 
deployment. So it bundles every possible library, and leaves settings 
wide open. I think I read once that there is a secure settings script, 
but still there would hand tuning / human sanity checks required.

I figured it would easier just to add PHP 5 as a CGI binary mapped to a 
specific subdirectory of my htdocs folder, so that I could continue to 
use PHP 4 while also using PHP 5-specfic apps.

Note to Mitch (I forgot to mention this in my last reply to him)
SuSe also comes out of the box with some strange settings and paths. For 
example, the mysql binaries are not owned by the mysql user! And 
Apache's configuration files are split into a million different 
includes. And when SuSe does things like that, it might compiling PHP as 
an Apache 2 module very problematic : 
http://www.trachtenberg.com/blog/programming/apache/apxs2-bug.html


Best regards,

- Jay


From mitch.pirtle at gmail.com  Wed Dec 29 19:30:59 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Wed, 29 Dec 2004 19:30:59 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
In-Reply-To: <41D34870.2060802@ceruleansky.com>
References: <41D34870.2060802@ceruleansky.com>
Message-ID: <330532b6041229163069dd7302@mail.gmail.com>

Hey Jay,

>  Correct me if I am wrong, but I think there are no RPMs for PHP5 ? So I
> had to do this by hand.

Fedora has them available now, not touched SuSE since 8.0 so I'm rusty
in the YAST2 department ;-)

Take a look at this, it may provide some help:

http://www.artima.com/forums/flat.jsp?forum=271&thread=70581

> Also - I wanted PHP 5 with specific extensions. (After much compiling,
> the phpinfo file would still not show that mcrypt and mhash were
> installed. Must be some voodoo magic required to make it work.)

Yeah, those two are the biggest sticklers to deal with IMHO; but I
can't remember how I got around it on the last install :-(

Best of luck with getting PHP5 on your SuSE box though!

-- Mitch


From mitch.pirtle at gmail.com  Wed Dec 29 19:36:13 2004
From: mitch.pirtle at gmail.com (Mitch Pirtle)
Date: Wed, 29 Dec 2004 19:36:13 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
In-Reply-To: <41D34A3A.6060601@ceruleansky.com>
References: <41D34A3A.6060601@ceruleansky.com>
Message-ID: <330532b6041229163670c0884@mail.gmail.com>

On Wed, 29 Dec 2004 19:22:18 -0500, Jayesh Sheth
<jayeshsh at ceruleansky.com> wrote:
>
> I think there must be XAMPP version for Linux with PHP 5, but I did want
> to install it on top of my existing setup which had Apache 2, PHP 4 and
> MySQL 4.0 already installed. So then I would need uninstall all of those
> (AMP) and then install XAMPP. Another thing is that XAMPP is a
> distribution meant for local development, as opposed to server
> deployment. So it bundles every possible library, and leaves settings
> wide open. I think I read once that there is a secure settings script,
> but still there would hand tuning / human sanity checks required.

I just got yet another replacement laptop from my fun-loving,
prozac-popping friends at Acer; and with a clean XP I installed SP2,
then apache2 (from apache.org), then mysql 4.1 (from mysql.com), then
php5 (from php.net).  Then I installed PostgreSQL 8.0 RC3, and then
enabled the client DLL for php.

I'm not a windows guy by any stretch of the imagination, but it was
dead simple - anything with the registry or paths and I would have
gone down in flames. Isn't it easier this way, so you can change
versions of any/all of the components of the system?

> Note to Mitch (I forgot to mention this in my last reply to him)
> SuSe also comes out of the box with some strange settings and paths. For
> example, the mysql binaries are not owned by the mysql user! And
> Apache's configuration files are split into a million different
> includes. And when SuSe does things like that, it might compiling PHP as
> an Apache 2 module very problematic :
> http://www.trachtenberg.com/blog/programming/apache/apxs2-bug.html

Hehe I just sent you a link to a continuation of that thread.  Yeah,
that is tough, but I believe FreeBSD has a much higher 'hair-pulling'
score in my book :-D

-- Mitch


From nyphp at aumcomputers.com  Thu Dec 30 01:31:18 2004
From: nyphp at aumcomputers.com (Anirudh Zala)
Date: Thu, 30 Dec 2004 12:01:18 +0530
Subject: [nycphp-talk] help needed
References: <200412281618.21019.henry@beewh.com><003d01c4ed17$b9fca6f0$6400a8c0@ERENTR><8d9a4280041228123572e198dc@mail.gmail.com><200412281740.52216.henry@beewh.com>
	<8d9a4280041228151642d5783b@mail.gmail.com>
Message-ID: <010f01c4ee39$40928ff0$10cc000a@aum1>

Please check your ISP doesn't cache pages at their level. Such problem is
prevailing in countries where internet connection is costly in terms of
speed and bandwidth, so ISPs cache many websites and pages so that they can
deliver them directly from their cache server instead of calling original
server to server data. Ask for dedicated IP if possible where there is not
any cache server in between.

Some browser like Opera, and Firefox gives little protection by their in
built mechanism of making pages "expired", so you might see such websites
working properly (bcoz pages are now coming directly from server) in these
browsers, but not all so you may face problems in those browsers.

 Hope this will help :)

Anirudh Zala

----- Original Message -----
From: "Joseph Crawford" <codebowl at gmail.com>
To: "NYPHP Talk" <talk at lists.nyphp.org>
Sent: Wednesday, December 29, 2004 4:46 AM
Subject: Re: [nycphp-talk] help needed


> it could be latency issues, give it time might just be in the middle
> of an internet hiccup or something :D glad i could have helped.
>
> --
> Joseph Crawford Jr.
> Codebowl Solutions
> codebowl at gmail.com
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
>







From henry at beewh.com  Thu Dec 30 08:11:47 2004
From: henry at beewh.com (Henry Ponce)
Date: Thu, 30 Dec 2004 10:11:47 -0300
Subject: [nycphp-talk] help needed
In-Reply-To: <010f01c4ee39$40928ff0$10cc000a@aum1>
References: <200412281618.21019.henry@beewh.com>
	<8d9a4280041228151642d5783b@mail.gmail.com>
	<010f01c4ee39$40928ff0$10cc000a@aum1>
Message-ID: <200412301011.48023.henry@beewh.com>

Thank you Anirudh. I will check into this.

Good Luck,
Henry


From jlacey at att.net  Thu Dec 30 12:38:31 2004
From: jlacey at att.net (John Lacey)
Date: Thu, 30 Dec 2004 10:38:31 -0700
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
In-Reply-To: <41D34A3A.6060601@ceruleansky.com>
References: <41D34A3A.6060601@ceruleansky.com>
Message-ID: <41D43D17.2020609@att.net>

Jayesh Sheth wrote:
> 
> I think there must be XAMPP version for Linux with PHP 5, but I did want 
> to install it on top of my existing setup which had Apache 2, PHP 4 and 
> MySQL 4.0 already installed. So then I would need uninstall all of those 
> (AMP) and then install XAMPP. Another thing is that XAMPP is a 
> distribution meant for local development, as opposed to server 
> deployment. So it bundles every possible library, and leaves settings 
> wide open. I think I read once that there is a secure settings script, 
> but still there would hand tuning / human sanity checks required.

a few thoughts:

One of the things I like most about the way XAMPP is "installed" on 
Windows is that it's not really installed (ala registry entries), but 
puts everything in C:\xampp (assuming the default).  As you know, you 
can either install Apache and MySQL as services or just run them with 
the ...start.bat files and keep the dos cmd windows open.

The same holds true for XAMPP on Linux.  If you take the default it 
wants to "install" into /opt/lampp (as opposed to say, /usr/bin/blah...) 
So, you don't really have to uninstall Apache PHP4, MySQL, but merely 
stop those services.  Of course, as you've stated, XAMPP is not meant 
for production, security-wise, but for development [and learning]. For 
example, it sets register_globals to "On", etc.

To that end, I've used XAMPP [on Windows] in both PHP5 and PHP4 "mode" 
by using the php_switch.bat "feature".  XAMPP on Linux can also be 
switched back and forth:

By the following command you can switch "back" to PHP 4.3.x:
/opt/lampp/lampp php4
And with the following command you can switch back to PHP 5.0.x:
/opt/lampp/lampp php5


> 
> I figured it would easier just to add PHP 5 as a CGI binary mapped to a 
> specific subdirectory of my htdocs folder, so that I could continue to 
> use PHP 4 while also using PHP 5-specfic apps.

As to running them both --from a previous talk post re: John's note on 
running PHP4 and PHP5 on the same box...

Here's the August post John Coggeshall wrote with regard to mod_proxy:
http://lists.nyphp.org/pipermail/talk/2004-August/011613.html

and the link to the instructions from the above post:
http://wiki.coggeshall.org/Main/RunningPHP4AndPHP5Concurrently


HTH,
John




From jayeshsh at ceruleansky.com  Thu Dec 30 12:52:13 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Thu, 30 Dec 2004 12:52:13 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied by
	server configuration
Message-ID: <41D4404D.10300@ceruleansky.com>

Hello John,

thanks a lot for links, I will take a look at them.

I finally did get it to work although not with all the extensions I 
wanted. I guess when I have a bit more time (one of these weekends) I 
will try the compiling again.

Best regards,

- Jay


From hans at nyphp.com  Thu Dec 30 14:19:23 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Thu, 30 Dec 2004 11:19:23 -0800
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client denied
	byserver configuration
Message-ID: <41EE526EC2D3C74286415780D3BA9F8707348D30@ehost011-1.exch011.intermedia.net>


> > <rant>
> > Xampp for Windows really spoils you. Once you have downloaded the
> > sources for 10 different libraries from 10 different sites, built
them
> > using 10 distinct set of ./configure directives, located the
settings,
> > binaries, log files, libary, source directories for Apache andMySQL
-
> > all in different places -, then built PHP three different times
using
> > different configure directives, and then fought with Apache over one
> > Apache directive overriding another, then wondering why  your
particular
> > distribution moved some configuration file from
some/obscure/directory
> > to someother/obscure/directory, you realize how wonderful Windows
DLLs
> > are. If you need a particular extension on Windows, all you have to
do
> > is uncomment it in php.ini and restart XAMPP. But no, on Linux you
have
> > to first go through the whole compile song and dance - first for the
> > libraries you want, then again for PHP. I may not have said this
before,
> > but Thank God for Bill Gates and Microsoft for have spared me this
> > misery of compilation so far! (If only Windows weren't so easily
> > hackable, WAMP would be an AWESOME platform.)
> > </rant>

Of course, there's the FreeBSD ports system...

> Even gentoo was just an emerge away, and the most primitive system I
> know of (FreeBSD) has packages available...  What distro you using,
> jurrassic linux?  Did it come on floppies?

Whow... never heard that.  The FreeBSD ports system is probably the most
advanced, and all that Gentoo has made a feeble attempt at copying.  I
generally compile all key components/libs from source anyway, but
there's nothing worse than getting caught up in a web of RPMs, except
maybe apt-gets.  But then there's no sense getting into a
my-package-system-is-better-than-yours discussion, since there's never
an answer :)


---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org




From ajai at bitblit.net  Thu Dec 30 14:50:44 2004
From: ajai at bitblit.net (Ajai Khattri)
Date: Thu, 30 Dec 2004 14:50:44 -0500
Subject: [nycphp-talk] trouble with PHP5 CGI Suse 9.1 - client
	denied	byserver configuration
In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8707348D30@ehost011-1.exch011.intermedia.net>
References: <41EE526EC2D3C74286415780D3BA9F8707348D30@ehost011-1.exch011.intermedia.net>
Message-ID: <41D45C14.5000104@bitblit.net>

Hans Zaunere wrote:

>
>Whow... never heard that.  The FreeBSD ports system is probably the most
>advanced, and all that Gentoo has made a feeble attempt at copying.
>
And in some ways improved upon, but if you've never used it you wouldn't 
know...

>But then there's no sense getting into a
>my-package-system-is-better-than-yours discussion, since there's never
>an answer :)
>

Right, so tell us why you started?

-- 
Aj.
Systems Administrator / Developer



From hans at nyphp.com  Thu Dec 30 19:27:29 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Thu, 30 Dec 2004 16:27:29 -0800
Subject: [nycphp-talk] NYPHP.org Server Upgrade
Message-ID: <41EE526EC2D3C74286415780D3BA9F8707348E95@ehost011-1.exch011.intermedia.net>


Hey folks,

The servers will be offline for about 30 minutes while I do a standard
upgrade of the base system.  This includes all jails that the underlying
system provides.

I'll post out another message when things are back online to ensure
everything is kosher.

Regards,


---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org




From hans at nyphp.com  Thu Dec 30 21:52:12 2004
From: hans at nyphp.com (Hans Zaunere)
Date: Thu, 30 Dec 2004 18:52:12 -0800
Subject: [nycphp-talk] RE: [nycbug-talk] NYPHP.org Server Upgrade
Message-ID: <41EE526EC2D3C74286415780D3BA9F8707348EC9@ehost011-1.exch011.intermedia.net>


Everything is back online and should be functioning without a problem.
If there are any issues, contact me offlist.



> -----Original Message-----
> From: talk-bounces at lists.nycbug.org
[mailto:talk-bounces at lists.nycbug.org] On Behalf Of Hans Zaunere
> Sent: Thursday, December 30, 2004 7:27 PM
> To: NYPHP Talk; nycbug List
> Cc: Ben Ramsey
> Subject: [nycbug-talk] NYPHP.org Server Upgrade
> 
> 
> Hey folks,
> 
> The servers will be offline for about 30 minutes while I do a standard
> upgrade of the base system.  This includes all jails that the
underlying
> system provides.
> 
> I'll post out another message when things are back online to ensure
> everything is kosher.
> 
> Regards,
> 
> 
> ---
> Hans Zaunere
> President, Founder
> New York PHP
> http://www.nyphp.org
> 
> 
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month


From susan_shemin at yahoo.com  Thu Dec 30 21:55:53 2004
From: susan_shemin at yahoo.com (Susan Shemin)
Date: Thu, 30 Dec 2004 18:55:53 -0800 (PST)
Subject: [nycphp-talk] [OT] recommend laptop repair place/Windows XP
	fixer-upper?
Message-ID: <20041231025553.53107.qmail@web53704.mail.yahoo.com>

I've been trying to fix my laptop for over a month now with RAM chip problems which have corrupted my XP Pro.  I am quite subborn and was determined to fix it, but I guess it's time to ask for outside help besides from Microsoft which has been of little help.
 
I'm looking for a place either in Manhattan or Westchester county.
 
Thank goodness I haven't gotten my new site up yet, or I would have had to walk away from my computer and start with a blank new computer.  The PHP files are safely on a web server, but all my recent Fireworks pngs are on the corrupted XP drive!
 
Thanks,
 
Susan

		
---------------------------------
Do you Yahoo!?
 Yahoo! Mail - now with 250MB free storage. Learn more.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041230/bcfb712c/attachment.html>

From webmaster at localnotion.com  Thu Dec 30 21:38:51 2004
From: webmaster at localnotion.com (Matthew Terenzio)
Date: Thu, 30 Dec 2004 21:38:51 -0500
Subject: [nycphp-talk] PEAR on shared servers
Message-ID: <1AFBAA57-5AD5-11D9-B3B3-0003938BDF32@localnotion.com>

A web hosting company is telling me they don't install PEAR (third 
party software) because of security reasons?
I showed them a number of installed packages they already had and said.

"you mean except these?"

But how can most of these packages be less secure than the hundreds of 
PHP scripts running all over the server.
Most likely the contrary right?

MT



From 1j0lkq002 at sneakemail.com  Thu Dec 30 23:04:58 2004
From: 1j0lkq002 at sneakemail.com (inforequest)
Date: Thu, 30 Dec 2004 23:04:58 -0500
Subject: [nycphp-talk] [OT] recommend laptop repair place/Windows
	XP	fixer-upper?
In-Reply-To: <20041231025553.53107.qmail@web53704.mail.yahoo.com>
References: <20041231025553.53107.qmail@web53704.mail.yahoo.com>
Message-ID: <23697-81790@sneakemail.com>

Susan Shemin susan_shemin-at-yahoo.com |nyphp dev/internal group use| wrote:

> I've been trying to fix my laptop for over a month now with RAM chip 
> problems which have corrupted my XP Pro.  I am quite subborn and was 
> determined to fix it, but I guess it's time to ask for outside help 
> besides from Microsoft which has been of little help.
>  
> I'm looking for a place either in Manhattan or Westchester county.
>  
> Thank goodness I haven't gotten my new site up yet, or I would have 
> had to walk away from my computer and start with a blank new 
> computer.  The PHP files are safely on a web server, but all my recent 
> Fireworks pngs are on the corrupted XP drive!
>  
> Thanks,
>  
> Susan
>
> ------------------------------------------------------------------------

I would not trust any Windows repair to not lose files that are on the 
disk. If you need those files I suggest you boot a Knoppix Live CD and 
read them off the hard drive onto a USB drive or out over the network 
connection.  Knoppix will boot from the CD and leave your current HDD in 
"read only" state, so you can read the files off even if XP is hosed. 
Get knoppix here: http://www.knopper.net/knoppix/index-en.html

Sorry I can't suggest a repair center.

-=john andrews







From tgales at tgaconnect.com  Fri Dec 31 07:15:47 2004
From: tgales at tgaconnect.com (Tim Gales)
Date: Fri, 31 Dec 2004 07:15:47 -0500
Subject: [nycphp-talk] [OT] recommend laptop repair place/Windows
	XPfixer-upper?
In-Reply-To: <20041231025553.53107.qmail@web53704.mail.yahoo.com>
Message-ID: <000e01c4ef32$75dbd140$e98d3818@oberon1>

Susan Shemin writes:

"I've been trying to fix my laptop for over a month now with 
RAM chip problems which have corrupted my XP Pro"

Do you mean you have hardware problems, or software 
(O/S) problems, or both?

Can you at least bring up Windows in 'Safe Mode'?

T. Gales & Associates 
Helping People Connect with Technology 
http://www.tgaconnect.com 



From nasir81 at gmail.com  Fri Dec 31 10:07:10 2004
From: nasir81 at gmail.com (Nasir Zubair)
Date: Fri, 31 Dec 2004 10:07:10 -0500
Subject: [nycphp-talk] PEAR on shared servers
In-Reply-To: <1AFBAA57-5AD5-11D9-B3B3-0003938BDF32@localnotion.com>
References: <1AFBAA57-5AD5-11D9-B3B3-0003938BDF32@localnotion.com>
Message-ID: <40fcda730412310707fdf94e9@mail.gmail.com>

I have found that many hosts do not know what PEAR is. Some are lazy
to look into it and some are paranoid, as you suggested :-) And there
is usually not much you can do to change their attitude.

I usually place the package file in a "lib" folder and change the
include path to look for proper files there.


On Thu, 30 Dec 2004 21:38:51 -0500, Matthew Terenzio
<webmaster at localnotion.com> wrote:
> A web hosting company is telling me they don't install PEAR (third
> party software) because of security reasons?
> I showed them a number of installed packages they already had and said.
> 
> "you mean except these?"
> 
> But how can most of these packages be less secure than the hundreds of
> PHP scripts running all over the server.
> Most likely the contrary right?
> 
> MT
> 
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
>


From jayeshsh at ceruleansky.com  Fri Dec 31 10:36:23 2004
From: jayeshsh at ceruleansky.com (Jayesh Sheth)
Date: Fri, 31 Dec 2004 10:36:23 -0500
Subject: [nycphp-talk] PEAR on shared servers
Message-ID: <41D571F7.9080201@ceruleansky.com>

Hello Matthew,

In the past I have done "local installs" of PEAR libraries on shared 
servers. For examples, if you need the Auth package, you first find all 
its dependencies from its download page ( 
http://pear.php.net/package/Auth/download ). You then look up which 
libraries those dependencies depend on, and so on.

So, if you need to include 'DB.php', you just install it to the 
directory you are working in. This is somewhat quick-and-dirty, but 
sometimes it is the only thing that works.

You could also use the PEAR command line installer if you have SSH 
access, but I prefer to "hand install" my PEAR libraries, especially 
since I often have to "hand edit" them to get them to work on shared 
servers.

The funny thing is that you are (theoretically) supposed to be able to 
set the include_path using the ini_set() function, but that has rarely 
worked for me. So theoretically, you are supposed to be able to install 
all PEAR libraries to a new directory and then set the include_path 
setting to point to that setting at the top of your script. But that 
often does not work and I do not know why. (PEAR uses the include_path 
setting in php.ini to determine where to find PEAR library files.)

Best regards,

- Jay



From susan_shemin at yahoo.com  Fri Dec 31 19:18:02 2004
From: susan_shemin at yahoo.com (Susan Shemin)
Date: Fri, 31 Dec 2004 16:18:02 -0800 (PST)
Subject: [nycphp-talk] [OT] recommend laptop repair place/Windows
	XPfixer-upper?
In-Reply-To: <000e01c4ef32$75dbd140$e98d3818@oberon1>
Message-ID: <20050101001802.45397.qmail@web53704.mail.yahoo.com>

Hey, Tim,
 
It began months ago with a RAM problem, sometimes the computer read one RAM chip and when I popped the chips out and then popped them back in, it rebooted fine with the whole amount.
 
Then a month ago Windows started saying there were corrupt files.  In the meantime I had one of my RAM chips replaced at Crucial.  Now I cannot even get it up in Safe Mode.
 
Susan

Tim Gales <tgales at tgaconnect.com> wrote:
Susan Shemin writes:

"I've been trying to fix my laptop for over a month now with 
RAM chip problems which have corrupted my XP Pro"

Do you mean you have hardware problems, or software 
(O/S) problems, or both?

Can you at least bring up Windows in 'Safe Mode'?

T. Gales & Associates 
Helping People Connect with Technology 
http://www.tgaconnect.com 

_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org

		
---------------------------------
Do you Yahoo!?
 Meet the all-new My Yahoo! ? Try it today! 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041231/1c23ba79/attachment.html>

From susan_shemin at yahoo.com  Fri Dec 31 19:24:41 2004
From: susan_shemin at yahoo.com (Susan Shemin)
Date: Fri, 31 Dec 2004 16:24:41 -0800 (PST)
Subject: [nycphp-talk] [OT] recommend laptop repair place/Windows XP
	fixer-upper?
In-Reply-To: <23697-81790@sneakemail.com>
Message-ID: <20050101002441.46504.qmail@web53704.mail.yahoo.com>

Thanks for the link--I'll certainly check it out!


inforequest <1j0lkq002 at sneakemail.com> wrote:
Susan Shemin susan_shemin-at-yahoo.com |nyphp dev/internal group use| wrote:

> I've been trying to fix my laptop for over a month now with RAM chip 
> problems which have corrupted my XP Pro. I am quite subborn and was 
> determined to fix it, but I guess it's time to ask for outside help 
> besides from Microsoft which has been of little help.
> 
> I'm looking for a place either in Manhattan or Westchester county.
> 
> Thank goodness I haven't gotten my new site up yet, or I would have 
> had to walk away from my computer and start with a blank new 
> computer. The PHP files are safely on a web server, but all my recent 
> Fireworks pngs are on the corrupted XP drive!
> 
> Thanks,
> 
> Susan
>
> ------------------------------------------------------------------------

I would not trust any Windows repair to not lose files that are on the 
disk. If you need those files I suggest you boot a Knoppix Live CD and 
read them off the hard drive onto a USB drive or out over the network 
connection. Knoppix will boot from the CD and leave your current HDD in 
"read only" state, so you can read the files off even if XP is hosed. 
Get knoppix here: http://www.knopper.net/knoppix/index-en.html

Sorry I can't suggest a repair center.

-=john andrews





_______________________________________________
New York PHP Talk
Supporting AMP Technology (Apache/MySQL/PHP)
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org

		
---------------------------------
Do you Yahoo!?
 Meet the all-new My Yahoo! ? Try it today! 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20041231/8f7ff8d5/attachment.html>

From prusak at gmail.com  Fri Dec 31 21:01:27 2004
From: prusak at gmail.com (Ophir Prusak)
Date: Fri, 31 Dec 2004 21:01:27 -0500
Subject: [nycphp-talk] php bulletin boards
Message-ID: <f1dc81bb04123118017bf60f72@mail.gmail.com>

Hi all,

I'm looking to install a bulletin board system on a site I run.
I know this subject was discussed a while back. I was wondering what
the current lowdown on my options are.

Of course free is good but I'm willing to consider other options.
When I checked a couple of years ago, the "big three" were phpbb, ipb
and vbulletin.

Can anyone share their bulletin board experiences ??

Thanx
Ophir


From codebowl at gmail.com  Fri Dec 31 22:43:58 2004
From: codebowl at gmail.com (Joseph Crawford)
Date: Fri, 31 Dec 2004 22:43:58 -0500
Subject: [nycphp-talk] php bulletin boards
In-Reply-To: <f1dc81bb04123118017bf60f72@mail.gmail.com>
References: <f1dc81bb04123118017bf60f72@mail.gmail.com>
Message-ID: <8d9a42800412311943219cc987@mail.gmail.com>

there is also woltlab burning board.... i havent used it though.  as
far as i know those are still the 3 big one's

my friend wrote a board for php5 called k4 it's pretty good and you
can see it in action on dotgeek.org in thier forums section.

if you want to check it out i believe it's at newmediums.net if not
lemme know and i will get you the url


On Fri, 31 Dec 2004 21:01:27 -0500, Ophir Prusak <prusak at gmail.com> wrote:
> Hi all,
> 
> I'm looking to install a bulletin board system on a site I run.
> I know this subject was discussed a while back. I was wondering what
> the current lowdown on my options are.
> 
> Of course free is good but I'm willing to consider other options.
> When I checked a couple of years ago, the "big three" were phpbb, ipb
> and vbulletin.
> 
> Can anyone share their bulletin board experiences ??
> 
> Thanx
> Ophir
> _______________________________________________
> New York PHP Talk
> Supporting AMP Technology (Apache/MySQL/PHP)
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
> 


-- 
Joseph Crawford Jr.
Codebowl Solutions
codebowl at gmail.com


From danielc at analysisandsolutions.com  Fri Dec 31 23:44:09 2004
From: danielc at analysisandsolutions.com (Daniel Convissor)
Date: Fri, 31 Dec 2004 23:44:09 -0500
Subject: [nycphp-talk] php bulletin boards
In-Reply-To: <f1dc81bb04123118017bf60f72@mail.gmail.com>
References: <f1dc81bb04123118017bf60f72@mail.gmail.com>
Message-ID: <20050101044409.GA24129@panix.com>

On Fri, Dec 31, 2004 at 09:01:27PM -0500, Ophir Prusak wrote:
> phpbb

All I can say is avoid that like the plague.

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409