Archive for June, 2006
[老文章]SQLite数据库安全
相信使用PHP开发的人员一定不会对SQLite感到陌生了,PHP5已经集成了这个轻量型的数据库。SQLite�任何限制的授权协议以及支持大部分标准的SQL 92语句,相信会有越来越多的人使用这个数据库。作为WEB开发而言,PHP与SQLite的结合就如同当年的ASP与ACCESS结合一样,ACCESS可以遭遇被人下载,SQLite同样不能幸免,毕竟SQLite也是一个二进制文件,只要WEB能访问到的,就能被下载。ACCESS可以采用一些诡计来防止用户下载,SQLite同样可以,下面偶就将一些网上收集过来的解决方案贴在这里。
1、将SQLite放在WEB不能访问到的地方。
有些虚拟主机一般也都会提供一个单独目录,供用户放一些不想被下载或访问的文件,所以放在这个目录很安全。
2、如果PHP是作为CGI或者APACHE的单独进程运行,那么可以修改一下SQLite数据库文件的权限,比如0600。
3、假如WEB服务器是APACHE,并且支持自定义.htaccess,那么可在.htaccess文件中加入以下内容:
<FilesMatch ".sqlite$"> Deny from all </FilesMatch>
其中.sqlite即为他的数据库文件的扩展名。
4、Ilia<还提供了另一种,该方法有点类似ACCESS的做法。
就是将SQLite数据库文件扩展名改为.php,并在该数据库中使用如下方法建立一个表:
create table ‘
SQLite security
PHP-GTK Example: Splash
<?php class splash { var $gui = null; var $times = null; function splash() { $this->gui = array(); // 初始化 $this->times = 0; } /** * 运行主程序 */ function run() { $this->gui['splash'] = &new GtkWindow(GTK_WINDOW_POPUP); $this->gui['splash']->set_position(GTK_WIN_POS_CENTER); $this->gui['splash']->set_usize(365, 221); $this->gui['vbox'] = &new GtkVbox(false, 0); // load pixmap list($pixmap, $mask) = Gdk::pixmap_create_from_xpm($this->gui['splash']->window, null, 'splash.xpm'); $splash = &new GtkPixmap($pixmap, $mask); // add the image to the box $this->gui['vbox']->add($splash); // load loading label $this->gui['loading'] = &new GtkLabel(); // add the loading label to the box $this->gui['vbox']->add($this->gui['loading']); // add the box to the window $this->gui['splash']->add($this->gui['vbox']); $this->gui['splash']->show_all(); $this->loading(); Gtk::main(); } /** * Loging … */ function loading() { $this->times ++; $this->gui['loading']->set_text('Loading .' . str_repeat('.', $this->times)); // 刷新屏幕 while (gtk::events_pending()) gtk::main_iteration(); $loadingid = Gtk::timeout_add(1000, array(&$this, 'loading')); // 运行4次退出 if($this->times > 4) { Gtk::main_quit(); Gtk::timeout_remove($loadingid); } } } $splash = &new splash(); $splash->run(); ?>
[老文章 ]使用VC++开发PHP扩展注意事项
一、默认情况下,C++是使用.cpp作为扩展名的,而PHP是用C写的,因此必须使用C++提供的C连接交换指定符号extern “C”来解决这个问题,以下两部分语句必须被包含:
extern "C" { #include "php.h" #include "php_ini.h" #include "ext/standard/info.h" ... // 其他C头文件 }
和
extern "C" { #ifdef COMPILE_DL_MYEXT ZEND_GET_MODULE(myext) #endif }
[老文章]从PHP源代码修改phpinfo中的LOGO及彩蛋
1. 大家先来看一段PHP代码(gif2h.php):
< ?php // 将GIF转换为C语言中的H文件 $filename = "mylogo.gif"; $fp = f open($filename, "rb"); $buffer = f read($fp, filesize($filename)); f close($fp); $len = strlen($buffer); $fp = f open("mylogo.h", "wb"); f write($fp, "unsigned char php_logo[] = {"); for ($i=0; $i<=$len; $i++) { if($i % 10 == 0) { f write($fp, "\n\t\t"); } if($i == $len) { $str = str_pad(ord(substr($buffer, $i, 1)), 3, " ", STR_PAD_LEFT); } else { $str = str_pad(ord(substr($buffer, $i, 1)), 3, " ", STR_PAD_LEFT) . ", "; } f write($fp, $str); } f write($fp, " };\n"); f close($fp); ?>
上述代码的作用就是将一张GIF图片文件转换为C语言中的头文件(.h)。
Read more…
[老文章 ]PHP扩展中如何遍历数组?
PHP_FUNCTION(print_array) { zval *z_array; // 外部引入的数组 int count, i; zval **z_item; if (FAILURE == zend_parse_parameters(argc TSRMLS_CC, "a", &z_array)) { return; } // 获取数组大小 count = zend_hash_num_elements(Z_ARRVAL_P(z_array)); // 将数组的内部指针指向第一个单元 zend_hash_internal_pointer_reset(Z_ARRVAL_P(z_array)); for (i = 0; i < count; i++) { char* key; int idx; // 获取当前数据 zend_hash_get_current_data(Z_ARRVAL_P(z_array), (void**) &z_item); convert_to_string_ex(z_item); if (zend_hash_get_current_key(Z_ARRVAL_P(z_array), &key, &idx, 0) == HASH_KEY_IS_STRING) { // KEY为字符串 php_printf("array[%s] = %s", key, Z_STRVAL_PP(z_item)); } else { // KEY为数字 php_printf("array[%d] = %s", idx, Z_STRVAL_PP(z_item)); } // 将数组中的内部指针向前移动一位 zend_hash_move_forward(Z_ARRVAL_P(z_array)); } }
在PHP调用如下:
<?php $arr = array( 'id' => 'ezdevelop', 1 => "test number", 2 => "test number 2", 'name' => 'Wenlong Wu' ); print_array($arr); ?>
[老文章 ]quick lesson in using stream filters
Sara Golemon在新闻组发了一篇关于在PHP扩展中如何使用stream filters的文章 ,参考如下:
If all you want to do is use an already implemented one just do this:
php_stream *stream; php_stream_filter *filter; zval *arguments = NULL; /* Populate this with value(s) appropriate to the filter */ stream = php_stream_open_wrapper(.....blah blah blah.....); filter = php_stream_filter_create("filtername", arguments, php_stream_is_persistent(stream) TSRMLS_CC); /* Or &stream->writefilters as appropriate */ php_stream_filter_append(&stream->readfilters, filter);
/* Of course, in the real world you’ll want to check both stream and filter for NULL as they may have failed to instantiate */
That said, I don’t think iconv.* will be any help.� It only covers
base64_(en|de)code() and quoted_printable_(en|de)code().
Filter implementation is a bit trickier.� Take a look at
ext/standard/filters.c for more info on that.� If you come up with a UTF
converter, I’m sure it can be added to the standard set of filters.
-Sara
“L0t3k” <cshmoove@xxxxxxxxxxxxx> wrote in message
news:20040823142259.47665.qmail@xxxxxxxxxxxxxxx
> can anyone give a hint as to how to use stream filters from an extension ?
>
> i have to parse input files which may be in a variety of encodings (mainly
> UTF8), and processing is done internally in UTF16.
>
> i noticed that there is an iconv filter, but i havent a clue (even after
> googling) of how to use it.
>
> l0t3k
–
PHP Internals – PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Splitter without frame
<html>
<head>
<script language="javascript">
<!--
var bInDrag = false;
var iSplitHeight = 20;
var iBrowserHeight = 400;
function initDrag(obj) {
bInDrag = true;
obj.setCapture();
}
function freeDrag(obj) {
bInDrag = false;
obj.releaseCapture();
}
function doDrag() {
var iMoveHeight = 0;
if (bInDrag) {
iMoveHeight = event.clientY - document.getElementById('splitLine').style.pixelTop;
document.getElementById('head').style.pixelHeight += iMoveHeight;
document.getElementById('splitLine').style.pixelTop = document.getElementById('head').style.pixelHeight + (iSplitHeight/2);
document.getElementById('foot').style.pixelTop += iMoveHeight;
document.getElementById('foot').style.pixelHeight = iBrowserHeight - document.getElementById('foot').style.pixelTop;
}
}
-->
</script>
<style type="text/css">
<!--
body {
margin-left: 0px; margin-top: 0px;
}
-->
</style>
</head>
<body>
<div id="head" style="overflow:auto; height:100">
<table width="100%" height="100%" border="1" cellspacing="0" cellpadding="0">
<tr valign="top">
<td>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
</td>
<td> </td>
</tr>
</table>
</div>
<div id="splitLine" height="20">
<hr onmousedown="initDrag(this);" onmouseup="freeDrag(this);" onmousemove="doDrag();" style="cursor:row-resize" color="#c6d7ff" noShade size="5">
</div>
<div id="foot" style="overflow:auto; height:300">
<table width="100%" height="100%" border="1" cellpadding="0" cellspacing="0">
<tr valign="top">
<td>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
fgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg<br>
</td>
<td>gggggggggggggggggg</td>
</tr>
</table>
</div>
</body>
</html>
CVS server on Ubuntu 6.0.6
1. Edit /etc/apt/sources.list
# sudo vi /etc/apt/sources.listuncomment the following two lines:
deb http://cn.archive.ubuntu.com/ubuntu/ dapper universe
deb-src http://cn.archive.ubuntu.com/ubuntu/ dapper universe
update package:
# sudo apt-get update2. Install CVS
install CVS files:
sudo apt-get install cvs
install CVS server:
sudo apt-apt install cvsd
When prompted in the cvsd installation process for Repository, type in “/cvsroot“.
