headers
zeus | 1 Jul 2004 01:14
Picon

RE: Protecting database passwords


> argh. just make the file readable by root and the user that runs
> apache/php and you're done.

Which unfortunately is installation specific.  I.e., if I am distributing a program
and want to install a file which the user modifies to contain the passwords, I have to direct
the user to manually update the permissions of that file to suit his site.

> p.s. btw hashes will help you (keep the contents of the file secure
> which is your ultimate goal is it not?).

How can I use a password hash to log on to a database server (or for any other login
for that matter)?

-Bob

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Permalink | Reply | 0 comments |
headers
Chris W. Parker | 1 Jul 2004 01:25

RE: Protecting database passwords

zeus <at> ix.netcom.com <mailto:zeus <at> ix.netcom.com>
    on Wednesday, June 30, 2004 4:15 PM said:

> How can I use a password hash to log on to a database server (or for
> any other login for that matter)?

i apologize. i completely misunderstood your original post.

in which case, i can think of only two things (not to say there aren't
more): 1. restricting access to the file via permissions, and 2. putting
the file outside of the web root so that it can not be requested via the
web.

chris.

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Permalink | Reply | 1 comment |
headers
Curt Zirzow | 1 Jul 2004 02:20
Picon

Re: install/config error - please help

* Thus wrote Nguyen, Long P (Mission Systems):
> I tried what you suggested and got the following:
> 
> [root <at> seahawk root]# "main(){return(0);}" > test.c
> -bash: main(){return(0);}: command not found

You missed the 'echo'..

bash$ echo "main(){return(0);}" > test.c

Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Permalink | Reply | 0 comments |
headers
Curt Zirzow | 1 Jul 2004 02:35
Picon

Re: Earliest PHP/FI

* Thus wrote Jeff Loiselle:
> Does anyone know where I would be able to find the earliest version of 
> PHP/FI or PHP possible? I am looking for the earliest possible version 
> for academic reasons.

You can checkout php/fi from the cvs

  http://cvs.php.net/phpfi/

Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Permalink | Reply | 0 comments |
headers
Curt Zirzow | 1 Jul 2004 02:41
Picon

Re: Is PEAR worth the effort?

* Thus wrote Will Merrell:
> I don't mean to start a flame war here, but I have been working in PHP for a
> while now and am about to start a more extensive aplication. Some of the
> PEAR modules look good and I just wanted to hear what the collected wisdom
> out here thinks about it.

Since '97 i've yet to use PEAR in any one of my applications.

> 
> When I try to read the installation instructions my eyes glaze over and roll
> up into my head. Before I fight my way through this learning curve I want to
> know if its worth it? Is this the wave of the future or just a flash in the
> pan?

The basic pear installation is installed with php by default, if
you want another package its as easy as:

  pear install <packagename>

see pear --help for other options, like the nifty upgrade feature.

Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
(Continue reading)

Permalink | Reply | 0 comments |
headers
Curt Zirzow | 1 Jul 2004 02:52
Picon

Re: Regular Expression Help

* Thus wrote Pablo Gosse:
> 
> Here's the working regular expresssion:
> 
> /^[a-zA-Z0-9\(\)]{1}[ a-zA-Z0-9\(\)_\,\.\-\'\"]{1,999}$/

for starters, that doesn't give me a warning at all.

also, all those escapes arn't needed:

  $reg = '/^[a-zA-Z0-9()]{1}[ a-zA-Z0-9()_,.\'"-]{1,999}$/';

The ' is only escaped for php, not the expression. And moving the -
to the end or beginning, you don't need to escape it.

Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Permalink | Reply | 0 comments |
headers
Curt Zirzow | 1 Jul 2004 02:56
Picon

Re: Messages to List Being Truncated

* Thus wrote John W. Holmes:
> Red Wingate wrote:
> 
> Sorry I've been absent from the list for a while guys and gals. Now I 
> see what I've been missing!! :)

And well missed :)

I can't always come up with those nifty code tricks like you do :D

Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Permalink | Reply | 1 comment |
headers
Curt Zirzow | 1 Jul 2004 03:09
Picon

Re: Problem with pspell module

* Thus wrote Shannon Werb:
> Hi all, I filed a PHP bug related to others I found online, but thought I
> would throw it by the list also...
> You can find the bug at:
> http://bugs.php.net/bug.php?id=28967

You're going to need to get some sort of backtrace, either from the
core dump or ran interactivly.

Curt
-- 
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about.  No, sir.  Our model is the trapezoid!

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Permalink | Reply | 1 comment |
headers
Shannon Werb | 1 Jul 2004 03:34

RE: Problem with pspell module

Curt, how do I do this?
I have the httpd.core that apache produced, how should I send it in?

Regards,
Shannon 

> -----Original Message-----
> From: Curt Zirzow [mailto:php-general <at> zirzow.dyndns.org] 
> Sent: Wednesday, June 30, 2004 8:10 PM
> To: php-general <at> lists.php.net
> Subject: Re: [PHP] Problem with pspell module
> 
> * Thus wrote Shannon Werb:
> > Hi all, I filed a PHP bug related to others I found online, but 
> > thought I would throw it by the list also...
> > You can find the bug at:
> > http://bugs.php.net/bug.php?id=28967
>  
> You're going to need to get some sort of backtrace, either 
> from the core dump or ran interactivly.
> 
> 
> Curt
> --
> First, let me assure you that this is not one of those shady 
> pyramid schemes you've been hearing about.  No, sir.  Our 
> model is the trapezoid!
> 
> --
> PHP General Mailing List (http://www.php.net/) To
(Continue reading)

Permalink | Reply | 0 comments |
headers
Shannon Werb | 1 Jul 2004 04:05

RE: Problem with pspell module

Following is my backtrace, I found how to do it at:
http://bugs.php.net/bugs-generating-backtrace.php

BACKTRACE:
batt3# gdb /usr/local/apache/bin/httpd /usr/local/apache/httpd.core
GNU gdb 4.18 (FreeBSD)
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
(no debugging symbols found)...
Core was generated by `httpd'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libcrypt.so.2...(no debugging symbols
found)...
done.
Reading symbols from /usr/lib/libc.so.4...(no debugging symbols
found)...done.
Reading symbols from /usr/local/lib/php/phpa/php_accelerator_1.3.3r2.so...
(no debugging symbols found)...done.
Reading symbols from /usr/libexec/ld-elf.so.1...(no debugging symbols
found)...
done.
#0  0x0 in ?? ()
(gdb) bt
#0  0x0 in ?? ()
#1  0x28519319 in _init ()
(Continue reading)

Permalink | Reply | 0 comments |

Gmane