IRC Logs

Network: freenode Channel: #php

	Enter your search terms Submit search form
	Web www.irclog.org

[15:23]<mrejg>so I need to validate the session id cookie, before calling session_start
[15:23]<mrejg>because session_start triggers the above error, that my error handler handles
[15:23]<dsv>but you arent managing your own sessions, so you don't have anything to validate against it
[15:23]<mrejg>ideally, I'd just recreate the id
[15:23]<dsv>(fix your error handler?)
[15:23]<mrejg>I can just check that the session id is valid
[15:24]<mrejg>a-z, A-Z, 0-9
[15:24]<mrejg>and its not my error handlers fault
[15:24]<txzzzzdjdzvzzzzz>Mazon: Ah, then you can just use a regex to validate it. if (!preg_match('/^[a-z0-9]*$/i', session_id())) { die("Uh oh!"); }
[15:24]<mrejg>I'd actually say that it was an error that session_start always return true
[15:25]<mrejg>TRA: aye something like that
[15:25]<mrejg>and then call recreate_session_id ?
[15:25]<dsv>sure, has nothing to do with how you implemented your error handling
[15:25]<mrejg>the error handling gets called regardless, whcih is the issue
[15:26]<mrejg>if session_start had a return value, I could work around it
[15:26]<mrejg>but instead it always "succeed"
[15:26]<txzzzzdjdzvzzzzz>Mazon: Yeah. My example will *only* fail when there is a session_id and it contains invalid characters, empty sessions will not trigger it
[15:26]<mrejg>I'll check for that too
[15:27]<dsv>Mazon, it returns true because it does always succeed. If the claimed session ID is invalid, it will try assigning a new one. At least that's the way it behaved 3 years ago.
[15:27]<mycnmu2>is there an better way to say: if ($same_var = 'diff val 1' || $same_var = 'diff val 2' ) { .. }
[15:28]<dsv>if (in_array($var, array('value1', 'value2'))).. if you wanna call that 'better'
[15:28]<vd-d>mikedub: switch
[15:28]<mrejg>mst, well it would still be nice to have a return value other than true, instead of poking trhe error handler
[15:28]<mycnmu2>nah, not a switch
[15:28]<dsv>Mazon, what's the point? The return value reflects the reality; the session's been started.
[15:29]<txzzzzdjdzvzzzzz>Mazon: It would return false if you have sharedmem and are out of memory or cannot access the folder that sessions are saved
[15:29]<txzzzzdjdzvzzzzz>... in
[15:29]<mrejg>"This function always returns TRUE."
[15:29]<_fgwgffdg>except when it doesn't, of course!
[15:29]<mycnmu2>i was just looking for a way to say something like.. if ($same_var = 'diff val 1' || 'diff val 2' ) { .. }
[15:29]<txzzzzdjdzvzzzzz>Then I suppose that it returned false one time ... or may eventually return false
[15:29]<mycnmu2>but whatever.
[15:30]<txzzzzdjdzvzzzzz>mikedub: Nope, || is a boolean operator
[15:31]<txzzzzdjdzvzzzzz>It would work if $same_var == true, but writing == true is just easier
[15:31]<mycnmu2>yeah
[15:31]<mycnmu2>oh well
[15:37]<mrmndn>any idea how to get multi dimentional array in this code working ? http://phpfi.com/125925
[15:38]<ajfmnz>what are you trying to do ?
[15:38]<suv9w9>disable_function seems to throw errors. I need a directive where PHP will ignore (no errors) certain functions. Is it possible?
[15:38]<suv9w9>colder, me?
[15:39]<ajfmnz>suv4x4, nope, not really. What would be the point though ?
[15:39]<cpugnzm>jfgfi
[15:39]<mrmndn>colder, in the for loop I'm creating the $array array and then I want to put each created array inside multidimentional array inside $array2
[15:39]<suv9w9>colder, to optionally exclude from compilation a set of debug-only routines (for production run of a code)
[15:40]<ajfmnz>Madeye, you would use $array2[] = array(...
[15:40]<ajfmnz>suv4x4, do the exlusion on userbase then, using constants for example
[15:43]<avavgv2>wobbles my good helper
[15:43]<mrvnajmns>its me :)
[15:46]<dejjd>where can i get a workable php encoder eg. ioncube?
[15:46]<cm2nzmrm>turk-mmcache?
[15:46]<mrmndn>thanks dude
[15:47]<cm2nzmrm>the developer of it is work at ioncube right now
[15:48]<mrvnajmns>can anyone teach me what is this error?
[15:48]<mrvnajmns>Error:
[15:48]<mrvnajmns>Query: INSERT INTO feedback (user, email, comments) VALUES ('mark cruz','davecodes_xp@yahoo.com.ph','its great!')
[15:48]<z2juxxxxtrpp>#mysql ?
[15:48]<ajfmnz>davecodes, #mysql
[15:48]<mrvnajmns>no, im using php script
[15:49]<mrvnajmns>im adding a sample feedback tru PHP
[15:49]<z2juxxxxtrpp>but this isn't php code; that's a query mysql
[15:49]<ajfmnz>so tell us the php error.
[15:49]<suv9w9>colder, you mean like if (CONSTANT) {...}
[15:49]<ajfmnz>suv4x4, for example, yes
[15:49]<mrvnajmns>i wrote code in php, i want to add that 3 fields in my database
[15:49]<suv9w9>colder, but then I still have superfluos "if" in my production code :P
[15:50]<ajfmnz>suv4x4, so you prefer using a magic thing to unregister functions so they get silented on a production server ? baad idea.
[15:51]<ajfmnz>you can simply check the constant the debug functions' definitions
[15:51]<dggvr>umm after the installation of php, can i enable the func mime_content_type() ?
[15:52]<ajfmnz>menta, http://php.net/fileinfo
[15:54]<suv9w9>colder, that bad idea is how assert functions are excluded from compilation for production C++ code
[15:56]<suv9w9>colder, actually here's what I exactly want: I want nothing unregistered or silented. I want a switch where calls to certain functions never get compiled.
[15:56]<suv9w9>and I'll take the remaining measures to never include those functions, of course
[15:57]<dggvr>colder i know about fileinfo
[15:57]<dggvr>i have it installed too
[15:57]<dggvr>but
[15:57]<ajfmnz>well, such features are not implemented into php.
[15:57]<dggvr>Fatal error: Call to undefined function mime_content_type() in
[15:57]<dggvr>see ?
[15:58]<ajfmnz>don't use mime_content_type(), use the fileinfo extension instead
[15:58]<dggvr>avastfax uses it :P
[15:58]<dggvr>avant even
[15:59]<ajfmnz>I don't really care who use it and who don't, it's bloated and deprecated.
[15:59]<dggvr>...
[16:00]<mrejg>right, fixed my session id like this:
[16:00]<mrejg>http://hashphp.org/pastebin.php?pid=7259
[16:00]<dggvr>yes but it should be a way to enable the functionality
[16:00]<mzvzzzjjvn>hi room, intermediate to advanced question: one of my classes has 20+ private vars, each var corresponds to a field in a db table. Id like to query the db table and use a foreach loop to assign each field in the mysql_fetch_array result to the coresponding var.. any ideas?
[16:01]<mrejg>I tried overwriting $_COOKIE['PHPSESSID'] = '' but that didn't seem to work for the request made
[16:01]<mrejg>so I redirect to the same page
[16:02]<ajfmnz>datagroove, foreach(mysql_fetch_assoc($resource) as $field => $value) { $this->{'_'.$field'} = $value; }
[16:02]<mrejg>not sure its entirely safe tho, with regards to a user that ignores my request to delete the cookie
[16:02]<ajfmnz>I assume you named your private vars like that : $_fieldname
[16:02]<mzvzzzjjvn>i am getting caught up with the syntax $this->$key = $var (while trying to use foreach($row as $key => $var){...}
[16:02]<mzvzzzjjvn>hm.. colder.. i will try that..
[16:02]<ajfmnz>datagroove, foreach(mysql_fetch_assoc($resource) as $field => $value) { $this->{'_'.$field} = $value; } // little typo fixed
[16:06]<mzvzzzjjvn>ooops, thanks colder that worked, but what i was trying worked too( $this->$field = $value)... i just had a syntax error further down that was doubling my output
[16:07]<mzvzzzjjvn>and i was confused
[16:07]<ajfmnz>$this->$field is correct, but you should prefix private/protected properties with _
[16:07]<mzvzzzjjvn>i heard that too
[16:07]<mzvzzzjjvn>is there a reason outside of just good standards?

Back to #php
Or go to some related logs:
#blender
#iptables
#gentoo
#gentoo
#netbsd