65bit

Thanks VERY much for your help! html_entity_decode before the eval did it.

Thanks very much sasa. I'm able to repeat what you've done IF I hard code the setting of $vcondition, but not if I initialize it from my mysql table. $vcondition = '$row_dsee[\'field1\']>0 and $row_dsee[\'field2\']==0'; eval('$xxx = ('.$vcondition. ');'); echo 'set vcondition in PHP code makes vcondition = ', $vcondition,"<br />\n"; echo 'after eval, a var_dump of $xxx = ', var_dump($xxx); echo "<br />\n"; Beautifully Outputs set vcondition in PHP code makes vcondition = $row_dsee['field1']>0 and $row_dsee['field2']==0 after eval, a var_dump of $xxx = bool(false) But if I set $xcondition by doing $xcondtion = $row_cond["condition"]; it looks like it should work, but doesn't $xcondition = $row_cond["condition"]; eval('$yyy = ('.$xcondition. ');'); echo 'set xcondition from table makes xcondition = ', $xcondition,"<br />\n"; echo 'after eval, a var_dump of $yyy = ', var_dump($yyy); echo "<br />\n"; Yields set xcondition from table makes xcondition = $row_dsee['field1']>0 and $row_dsee['field2']==0 after eval, a var_dump of $yyy = NULL The echo of the $vconditoin and $xcondition appear to be identical, but must not be ?? as hard code correctly evaluates to false, while setting from the table evaluates to NULL.

That gives this: while($row_cond=mysql_fetch_array($cond)) { $vcondition = $row_cond["condition"]; // placing echo $condition here yields // $row_dsee['field1']>0 and $row_dsee['field2']==0 for record 3 // $row_dsee['field1']>0 and $row_dsee['field2']>0 for record 4 eval('$xxx = ('.$vcondition. ');'); // echo $xxx yeilds 'nothing' for record 3 when field1 = 420 and field2 = 0 // echo $xxx yeilds 'nothing' for record 4 when field1 = 420 and field2 = 0 // echo $xxx yeilds 'nothing' for record 3 when field1 = 1481 and field2 = 2459 // echo $xxx yeilds 'nothing' for record 4 when field1 = 1481 and field2 = 2459 if ($xxx)) { $passed++; } } I don't actually see the word 'nothing', it's just blank. Likewise, $passed is now not incrementig for any of the 4 conditions. If I change scenario x to have one simple rule of field10 != "" and populate field10 with "just some text", it behaves as expected and $passed increments by 1. An excho of $xxx in that situation yeilds "1", which I assume represents true. Still fighting with my 'real' conditions. Thanks

Thanks sasa. Unfortunately, I'm still getting the same results. If I add a couple of echos this is what I'm seeing: while($row_cond=mysql_fetch_array($cond)) { $vcondition = $row_cond["condition"]; // placing echo $condition here yields // $row_dsee['field1']>0 and $row_dsee['field2']==0 for record 3 // $row_dsee['field1']>0 and $row_dsee['field2']>0 for record 4 eval('$xxx = '.$vcondition. ';'); // echo $xxx yeilds $0 for record 3 when field1 = 420 and field2 = 0 // echo $xxx yeilds $0 for record 4 when field1 = 420 and field2 = 0 // echo $xxx yeilds !4 for record 3 when field1 = 1481 and field2 = 2459 // echo $xxx yeilds !4 for record 4 when field1 = 1481 and field2 = 2459 if ($xxx)) { $passed++; } } Seems to be strange results for the value of $xxx. I would have thought I'd get true or false or 0 or 1? btw - I dropped the extra right ) in if($xxx))

Sorry - - I typed my post in Word and then copied and pasted, so it's just a Word thing. I'm actually doing this: record 1; varchar field named condition = $row_dsee['field1']==0 and $row_dsee['field2']==0 record 2; varchar field named condition = $row_dsee['field1']==0 and $row_dsee['field2']>0 record 3; varchar field named condition = $row_dsee['field1']>0 and $row_dsee['field2']==0 record 4; varchar field named condition = $row_dsee['field1']>0 and $row_dsee['field2']>0 And this: while($row_cond=mysql_fetch_array($cond)) { $vcondition = $row_cond["condition"]; if (eval("return " . $vcondition . ";")) { $passed++; } } And getting the results previously mentioned. Thanks

I'm pretty much a PHP novice ... I understand the security concerns with eval, but this is for a process that only I use and have access to. Can someone please help guide me on how to make this work? I have 4 conditions I want to test, where the conditions can vary from scenario to scenario. With that, I’ve stored them in a table. I have the following 4 records where each condition is in its own record for “scenario x”: record 1; varchar field named condition = $row_dsee['field1’]==0 and $row_dsee[‘field2’]==0 record 2; varchar field named condition = $row_dsee['field1’]==0 and $row_dsee[‘field2’]>0 record 3; varchar field named condition = $row_dsee['field1’]>0 and $row_dsee[‘field2’]==0 record 4; varchar field named condition = $row_dsee['field1’]>0 and $row_dsee[‘field2’]>0 My code: while($row_cond=mysql_fetch_array($cond)) { $vcondition = $row_cond[“condition”]; if (eval("return " . $vcondition . ";")) { $passed++; } } Even when field1 = 50 and field2 = 50 (both > 0), $passed goes up as a result of both record 3 AND record 4. It’s behaving as if it isn’t considering the part after the ‘and’, but I’m guessing there's more to it than that and I’m missing something with what eval is doing. Any help would be greatly appreciated. Thansk, David

I'm new to PHP & MySQL (which we have running on IIS6) and am looking for some ideas / concepts on how I might go about controlling user and account based access to PDF files. Our current directory structure has a folder for each account number, with many individual PDF files (one per user) under each account. I need to be able to (1) limit a “regular user” who has authenticated against the MySQL db to only viewing their PDF file and (2) limit access to an “account manager” user to only viewing that account’s PDF’s. I’d like to not have to use any of Window’s security, instead relying on MySQL. Among other things, the user table record currently contains a user id, their PDF file name and the account number they belong to. An account manager table contains the account number and the manager’s id. In playing around, I can login as a user, grab the name of their PDF file from the user table and present it in the browser. Unfortunately, the current PDF naming convention is just a static set of characters followed by an incrementing number. If I simply ratchet the number up or down, I’m looking at someone else’s PDF. I’ve considered naming each physical PDF file and its reference name in the table to some random 30 – 40 characters. The chances of anyone guessing another valid link should be extremely small (but not 0). There’s part of me though that thinks all that does is make it hard to guess and not really secure. Maybe I should be thinking ‘hard to guess’ = secure? I’ve also considered storing the PDF file as binary data in a blob and presenting it from there. Then the actual PDF files wouldn’t even exist on the web server. Each user would only get theirs and I can see a path to allow the account manager to see of their PDF’s as appropriate. But, much most of what I read seems to say to stay away from storing data in blobs for db performance reasons. I’ve searched about everything I can think of, but can’t seem to hit on standard approaches for this kind of issue. Can anyone point me in the right direction on how to go about this or where I might learn more on it? Thanks

Interestingly, it only seems to send the email the first time the event happens. The alert boxes keep popping up, so doWork() is being called, but the .php won't send the email again after the first time unless I close the tab / browser and go back in.

It even looks logical after you point it out. Thanks very much, it now works like I was hoping it would. Pretty cool stuff.

I'm trying to get my first AJAX action to work. I'd like to fire a .php script on the server to send an email and don't need any response sent back to the calling page. Maybe not too real world, but seems it should work? I plucked the mail portion for one of my pages where it's actually working, so don't think that's the issue. And, my js alert boxes are popping up in dowork(), so I know it's making it that far. I commented the last 2 lines of dowork() out, as it seems I don't need them for what I'm trying to do, but have tried it with them as well with the same results. send_mail.php sits in the same folder as the .js I'm new to php and web stuff as well, so unfortunately, my mis-understanding could be about anywhere. Here's my my .js file: var xmlHttp; function GetXmlHttpObject() { xmlHttp=null; if (window.XMLHttpRequest) { // code for all new browsers xmlHttp=new XMLHttpRequest(); } else if (window.ActiveXObject) { // code for IE5 and IE6 xmlHttp=new ActiveXObject("Microsoft.XMLHTTP"); } else if (xmlHttp=null) { alert("Your browser does not support XMLHTTP."); } return xmlHttp; } function doWork() { httpObject = GetXmlHttpObject(); if (httpObject != null) { alert("xmlHttp has been set according to the browser type ..."); httpObject.open("GET", "send_mail.php", true); alert("after the http object calls the php script ... "); //httpObject.send(null); //httpObject.onreadystatechange = setOutput; } } and here's send_mail.php <? mail("jdoe@comcast.net", "Test Message From PHP Script", "AJAX has worked!!", "From: jdoe@comcast.net" . "\r\n"); ?> Any pointers are appreciated! Thanks

Ending up moving the logfile write location and can now read it without problem. Thanks for the help.

You're correct, the random file I mentioned that I could open was sitting in c:\ I've discovered error reporting since my post and have added this to my code ini_set('display_errors', 1); error_reporting(E_ALL); It confirms a permission problem. Unfortunately, such that it won't even let me copy the file. Warning: copy(C:\WINDOWS\system32\LogFiles\FTP\MSFTPSVC2016890665\ex090330.log) [function.copy]: failed to open stream: Permission denied in d:\inetpub\testsite.com\s\sftp.php on line 105 I'm going to ask that the log file be written elsewhere and see what that does for this process. If that resolves my issue (it should??), I'll come back and mark it solved. Thanks for the input

Hi, I'm a longtime programmer, but new to PHP and the forums. I wondered if I should post this in the IIS area, but talked myself into this being the right place, so my apologies if that's incorrect. My environment is PHP 5, IIS 6 and MySQL 5. We just added ftp to our site and I want to put a script together to interrogate the log file as the visitor is coming out of the "transfer page". Unfortunately, while I can go to Windows Explorer and open the file, my script doesn't seem to be able to do even a basic "count the lines". I'm guessing it's a permission issue of some type, but like I said, I'm totally new. <? $date = date('ymd'); $todays_log = "C:\WINDOWS\system32\LogFiles\FTP\MSFTPSVC2016890665\ex" . $date . ".log"; $lines = count($todays_log); print($lines); ?> echos 1, even though there are hundreds of lines in the file. If I change the value of $todays_log to a random text file located elsewhere in the file system, it shows the correct number of lines. Trying to understand the permissions (I might be going in the wrong direction here ??), I've done this <? print($todays_log . "<br>"); print("directory permission "); print substr(sprintf('%o', fileperms('"C:\WINDOWS\system32\LogFiles\FTP\MSFTPSVC2016890665')), -4); print("<br>"); print("file permission "); print substr(sprintf('%o', fileperms($todays_log)), -4); print("<br>"); ?> which shows permission of 0 for both the directory and the file. The "windows permissions" are the same for the folders for both the file I can read and the one I can't. But, the permission shown with the above on the file I can read is "0777". When I try to chmod() to 0777 for the logfile, it seems to have no effect. On the other hand, it could be something altogether different. You'd think accessing a logfile shouldn't be that hard Any input is appreciated. Thanks