[phplib] Few questions about PHP From: Danny Tuppeny / Web Fever (Danny.Tuppeny <email protected>)
Date: 07/06/00

*** Sorry for the long mail, but I'm new to PHP, and some sites just don't
explain it very well. I appreciate any help I get ***

Hi everyone!
I'm pretty new to this list, (and in fact, PHP), so I'm just diving in here.
If there's any rules we're meant to stick to on this list, please point them
out before I make a fool of myself :-)

Anyway, a few ?s

I'm using mycgiserver.com (free cgi, 3mb), not bad, and on the server is:

Java 1.2.2-6

Apache Element Construction Set 1.3.2 (ecs-1.3.2.jar) - java.apache.org
Apache Xalan-J 1.0.1 (xalan.jar, bsf.jar, bsfengines.jar) - xml.apache.org
Apache Xerces (xerces.jar) - xml.apache.org
com.oreilly.servlet 19.03.2000 (cos.jar) - www.servlets.com
IBM XML Parser (xml4j.tar) - alphaworks.ibm.com
JAF - JavaBeans Activation Framework 1.0.1 (activation.jar) -
www.javasoft.com
Java Servlet Development Kit 2.1 - www.javasoft.com
JavaMail 1.1.3 (mail.jar) - www.javasoft.com
POP3 protocol provider 1.1.1 (pop3.jar) - www.javasoft.com
XML (experimental technology release) (jaxp.jar) - www.javasoft.com

Perl 5.004_04

Class-MethodMaker-0.95
Data-Dumper-2.101
DBD-CSV-0.1022
DBI-1.13
Digest-MD5-2.09
Exceptions-0.01
FCGI-0.48
GD-1.18
HTML-Parser-3.05
Image-Size-2.901
IO-stringy-1.211
libnet-1.0607
libwww-perl-5.47
MIME-Base64-2.11
Msql-Mysql-modules-1.2210
SQL-Statement-0.1016
Text-CSV_XS-0.20
Time-HiRes-01.20
URI-1.05

PHP 4.0RC2

--enable-magic-quotes
--enable-track-vars
--enable-xml
--with-gd

(just copied & pasted - don't have a clue about half of it!).

Anyway, the say they're getting MySQL soon, which I know (or think!) is to
connect to databases.

Well, question one. I was reading about using basic http authentication,
having a .htaccess and .htpasswd file, but I read that the .htpasswd file
should be in a folder not accesible via the internet, which is kinda hard as
it's not my server, but shouldn't it be secure anyway as it's encrypted with
a one way alogrithm?

Second question... I'm writing an updates page for my site, where only my
webmasters can post (there's about 12 people on my site), so I created a
folder called 'team', put .htaccess and .htpasswd in there, and there's a
script that writes out to ../updates.txt (in my root folder), and then the
updates page loads from this file. I haven't set up and access rights in my
root folder (so people can visit my pages!), but is it at all possible for
people to also write into this folder? (mycgiserver doesn't deal with
setting file privaliges, there's no cgi-bin folder, it's all apparently set
up as needed.). Also, if I moved this file into the 'team' folder (the
protected one), can the server still read from the file from scripts outside
the folder without needing to be logged in?

Third, I read that it's not safe having passwords in files, and that
'wrapping' should be used, and if my host doesn't provide it, I should move.
I thought putting a password in a .php3 file was secure, as any requests for
it would only be passed the results, and as I don't (think I) have anonymous
ftp, people can't get my scripts. So, is this safe or not?

Fourth, file uploads. I've seen soo many different ways that people have
managed file uploads, eg Exec ("cp $file $file"), Exec("copy $file $file"),
copy($file, $file), opening and reading, and opening and writing, and all
sorts. I can't seem to get any to work!!! I don't have access to any config
files, so I don't know where the temp folder is, but should'nt the variable
(eg. $file) passed from the upload page include the full path anyway?

Fifth question (any other mycgiserver users out there?). When I log in, it
gives me my absolute url, which is /members/[a big long string of crap]/,
and my other url as mycgiserver.com/~webfever. I don't have a clue why the
absolute URL is so weird, and the only thing I can think, is that anyone
that knows this url can write files into my area using it, and therefore I
shouldn't broadcast it, does anyone know if this is right?

6th! Loads of programs go on about chmod [number], which I assume is setting
privaliges to the file. Do I need to do this on mycgiserver.com (they say
all access rights should be fine as they are), and also what are the
commonly used numbers?

Well, I'll stop here, as I've seen how much mail this list gets, and I've
only been on here less than a day!!

btw, my website (Web Fever) is still looking for webmasters to help with
various sections. It's a teen site, including Music (Steps, S Club 7,
Britney etc.), Games (cheats & reviews), Jokes, Film Reviews, TV (Buffy,
South PArk etc.), Free Stuff, and loads more. If anyone's interested, please
let me know!!

Also, if anyone want's their site putting on the links page, send me your
url. Also, we have a SiteRing which is open for youth/teen-related sites, go
to http://WebFever.cjb.net and scroll down to the Rampant Ring Panel to
join. (btw, the site isn't being updated yet, as we're now moving over to
PHP - a very easy way to keep our navbar on every page with easy updates!
(there's over 10 webmasters - was quite difficult, we did it using
JavaScript, but search engines wouldn't follow links as well!))

I reall appreciate any help I get (just reply to whichever parts you can!)..

Oh, one last thing. I saw that php.net have a mailing list, but they're on
150 - 200 mails per day. Anyone know if they have a digest feature? (one
email per day including all postings).

D <email protected> Tuppeny
======================================
Join The Web Fever Discussion
List at http://www.topica.com/lists/WebFever!
Don't forget to enter Danny <email protected>
as the refferrer when you sign up!
======================================
Danny Tuppeny
Email: Danny.Tuppeny <email protected>
Web: http://WebFever.cjb.net
FREE MP3 Player: http://MP3.WebFever.cjb.net
Voice/Fax: 07092-103640
======================================
Latest survey shows that 3 out of 4 people make up 75% of the world's
population.

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>