February 15th, 2005

Variable names

I looked through the manual but I did not find a function to help me out.

Two questions
1)
How do I print the name of a variable?
For instance I have a variable name $name

$name = "bob";

I want to print out

print "$name = bob
";

and have the output

$name = bob

2)
I have an upload file form that handles multiple files. When I get the file array from $_FILES each array has the name of the upload field from the form. I want to insert that name into the database as part of the record. I am probably missing something obvious but I cant figure out how to get the name as a string.
  • Current Music
    Fu Manchu - Mongoose
Zoe annoyed
  • kriona

where to store images?

Because xinu is too busy working in production environments, I spent about 15 minutes reading through different articles Google found on the subject. Here's a brief result:

extremeexperts article summary: if the images are small and need security, use a DB. If the images are big or requested frequently, use the filesystem. The article also has a link regarding the TerraServer, which stores all its images (8 terabytes) in a database.

Here are some fetch statistics, too.

Community memories would come in handy, if the admin ever felt so inclined. *hinthint*

How secure is this?

Okay, I wrote a authorization class using cookies to access certain pages based on their category.
Now, not being the security god or anything, I wanted to check it's validity as far as a valid way to grant or deny access.

Basically, it does a DB call on every page request, based off the cookie info, but Im willing to put up with the performance hit just because you can update access permissions on the fly, and not have to worry about page cache's, etc.

But the natural language explination is this:
Get the user permissions from the table field, and put them in an array.
If you cant get an array from the information in the cookie, go to the deny message page.
If the current category ($_GET[cat]) isnt in the permissions array, go to the deny message page.
If the current page isnt in the allowed pages array, go to the deny message page.
If any part of the cookie array isnt set, go to the deny page

Here is the method that I wrote. Any and all criticisms, help, etc is much appreciated...

function authorize($page_cat){

$page_base = basename($_SERVER['PHP_SELF']);
$page = $_SERVER['REQUEST_URI'];
$ip = $_SERVER['REMOTE_ADDR'];
$date = date("m/d/y - h:iA");
$exceptionpages = str_replace(" ", "", $this->ExceptionPages);
$exceptionpages = explode(",", $exceptionpages);

$allowedpages = str_replace(" ", "", $this->AllowedPages);
$allowedpages = explode(",", $allowedpages);


if(isset($_COOKIE[$this->UserIDfield]) && isset($_COOKIE[$this->Usernamefield]) && isset($_COOKIE[$this->Passwordfield]) && isset($_COOKIE[$this->Emailfield])){



$auth = $this->getUserArray();

if (!$auth){

header("Location: $this->LogoutPageRedirect");

}

$permissions = $auth[$this->PermissionsField];

if (($page_base == $this->EntryPage) && ($_GET['action'] !== "logout")){
header("Location: $this->LoginPageRedirect");
}
if ($this->PermissionsType == "category") {

$permissions = explode(", ", $permissions);

if (in_array($this->DisabledMarker, $permissions) && $page_base !== "misc.php"){

if ($this->RecordHacks == 1){

$this->insertHack();

}

header("Location: $this->DisabledPageRedirect");
}
if (isset($page_cat)){



if (!in_array($page_cat, $permissions)) {

if ($this->RecordHacks == 1){

$this->insertHack();

}

header("Location: $this->DeniedPageRedirect");

}
}

}
}

if(!$_COOKIE[$this->UserIDfield] || !$_COOKIE[$this->Usernamefield] || !$_COOKIE[$this->Passwordfield] || !$_COOKIE[$this->Emailfield]) {

if ($page_base !== "$this->EntryPage"){

if ($this->RecordHacks == 1){

$this->insertHack();

}
header("Location: $this->LogoutPageRedirect");
}
}
}