|
|
| PHP4IT.com - Information Technology Solutions via PHP!
Welcome to PHP4IT where you'll find php code samples & php scripts geared towards solving common (& not so common) problems in IT. Any comments/corrections are 100% welcome so please feel free to speak up!
|
|
Guide to Getting PHP 5 to work with IIS 6 with custom identity
Posted by: David on Friday, April 04, 2008 - 02:50 PM
Windows Php
|
When you want PHP running in IIS to be able to read/write files on a Windows network share, you could run into a myriad of errors and problems. Hopefully this article will help you get everything working smoothly.
Here what we want is to have IIS run as a Domain user who has the proper access to the network share. After you have installed PHP (in ISAPI mode), go to the IIS Manager, Application Pools, right-click on DefaultAppPool (or the name of your application pool), and select Properties. Go to the Identity tab and type in the User name and Password for the Domain user. Don't forget to prefix the username with the Domain. For instance (and for our example's sake):
MY_DOMAIN\my-user
Click OK and you will be asked to confirm the password again.
Now you'll want to make sure that you go to the server that has the target directory share and make sure all the permissions are set so that that MY_DOMAIN\my-user has the proper read or read/write permissions to that share.
Now back on the IIS server, go to Administrative Tools, Computer Management, expand Local Users and
Groups, go to Groups, and double-click on IIS_WPG (IIS Worker Process Group). You must add MY_DOMAIN\my-user to the group or else you may end up with the "Service Unavailable" message when you try to load the website.
Next go to Administrative Tools, Local Policies, and User Rights Assignment. Add MY_DOMAIN\my-user to the following policies of "Access this computer from the network", "Act as part of the operating system", and "Log on as a service".
Now go to the Properties of your website ("Default Web Site"), go to the Directory Security tab, and click on the Edit button for "Authentication and access control". If you have enabled anonymous access, make sure that the user name is set to MY_DOMAIN\my-user and the password is inputted correctly.
Restart IIS and voila, everything should work. If not make sure you check the Event Viewer on the destination server and see if the error messages there give you any clue as to why it's not working. If it doesn't work and you see Microsoft Authentication Security Account Logon Failure, then it's an issue with the user name and password specified there.
In your PHP script make sure that you escape backslashes for the network share you're trying to get to. For instance if you're tring to do a "opendir" on "\\my_server\my_files", you would do:
$dh = opendir("\\\\my_server\\my_files");
If you get PHP undefined function errors such as:
Fatal error: Call to undefined function mysql_connect() in C:\Inetpub\wwwroot\your_script.php
make sure you enabled the module (in this case extension=php_mysql.dll) in php.ini. If you did, it could well be that PHP is not reading the php.ini for some reason. You can make sure by looking at the output of php_info() and look for "Loaded Configuration File". If it says "(none)", then there's a problem. Make sure that "MY_DOMAIN\my-user" (in our example) has read permissions to the php.ini file AND the directory in which it resides- whether it be C:\PHP or C:\Windows.
If you have trouble executing commands using exec(), passthru(), etc, and the script seems to hang, make sure you have given the proper permissions to cmd.exe. So make sure that c:\windows, c:\windows\system32, and cmd.exe all can be read and executed by, in our example, MY_DOMAIN\my-user.
Good luck and I hope this guide helps. These instructions could work for other PHP and Microsoft Internet Information Server (IIS) versions as well, though I used PHP 5.2 and IIS 6.
|
Discuss/Submit Comment |  Email This
|
|
Securing the Recommend Us feature in PostNuke/PHP Nuke
Posted by: David on Friday, March 28, 2008 - 04:00 PM
Php Security
|
I've noticed some oddball email bounces stemming from the Recommend_Us module trying to send email to non-existent email addresses. A lot of them would contain spam words which I won't list here. I came to the conclusion that this is a malicious attack on a PostNuke/PHP Nuke site trying to blacklist the server hosting the site as a source of spam. Therefore I think it is important that if you run a PostNuke or PHPNuke site that you take steps to secure the "Recommend Us" module. Since I am running PostNuke, the solution here is based for that CMS, but the same concepts apply for PHP Nuke.
Basically we want to make sure that a user is logged in before he/she can recommend the site/story from the site.
Here are the steps:
head over to your root PostNuke directory, go to modules, and Recommend_Us.
Make a backup copy of index.php
Edit the file index.php.
Look for instances of:
if (pnUserLoggedIn()) {
and in the else portion, put in something like the following:
die("You must be a member and logged in to send a recommendation.");
Note that some already have the "else" and some you will have to add yourself.
Next I would recommend changing the text input boxes for "Your name" and "Your email" into hidden inputs instead. For instance, change:
echo "
<table>
<tr>
<td><span class=\"pn-normal\"><label for=\"YOURNAME\">"._FYOURNAME."</label></span></td>
<td><input type=\"text\" name=\"yname\" value=\"$yn\" SIZE=\"25\" maxlength=\"25\" id=\"YOURNAME\" tabindex=\"0\" /></td>
</tr>
<tr>
<td><span class=\"pn-normal\"><label for=\"YOUREMAIL\">"._FYOUREMAIL."</label></span></td>
<td><input type=\"text\" name=\"ymail\" value=\"$ye\" size=\"25\" id=\"YOUREMAIL\" tabindex=\"0\" /></td>
</tr>
to
echo "<table>
<input type=hidden name=\"yname\" value=\"$yn\"> <input type=hidden name=\"ymail\" value=\"$ye\">
And voila you have just secured the recommendation feature from anonymous malicious users.
|
|
Discuss/Submit Comment | Email This
|
|
Adding the DBF dbase extensions in Red Hat Linux/Fedora
Posted by: David on Tuesday, February 07, 2006 - 07:40 PM
Php Db Conversion
|
|
The previous two articles showed how to convert and import data from DBF files into MySQL. It's simple enough to enable the dbase extension for PHP for Windows, but if you're using Red Hat/Fedora, this is not as simple. There's no rpm that you can simply install to enable the extension, so you have to recompile and build the PHP Redhat/Fedora RPM. Here are the steps to do this (note that this can work with other extensions that you can't find the rpm for):
1) download the source rpm for PHP, usually it'll have the word "src" in the file name
2) install it - e.g. "rpm -Uvh php_src.rpm"
3) edit the php.spec file, usually located in
/usr/src/redhat/SPECS/php.spec, and add "--enable-dbase"
4) run rpmbuild - "rpmbuild -ba php.spec"
5) Go to the directory of the newly created RPMs (e.g. /usr/src/redhat/RPMS/i386/) and install them (note the --force):
rpm -Uvh --force php-4.3.8-1.1.i386.rpm php-devel-4.3.8-1.1.i386.rpm php-imap-4.3.8-1.1.i386.rpm php-ldap-4.3.8-1.1.i386.rpm php-mysql-4.3.8-1.1.i386.rpm php-pgsql-4.3.8-1.1.i386.rpm php-odbc-4.3.8-1.1.i386.rpm php-snmp-4.3.8-1.1.i386.rpm php-domxml-4.3.8-1.1.i386.rpm php-xmlrpc-4.3.8-1.1.i386.rpm php-mbstring-4.3.8-1.1.i386.rpm php-debuginfo-4.3.8-1.1.i386.rpm
That should get the job done!
|
|
Discuss/Submit Comment | Email This
|
|
Import/Convert DBF files into MySQL - Part 2
Posted by: David on Friday, January 20, 2006 - 04:31 PM
Php Db Conversion
|
|
Here in part 2 we focus on reading from the DBF file (addresses.dbf) and then inserting the data into the MySQL table (in this case a table called "addresses") created from the CREATE TABLE statement generated in part 1.
Before continuing note that you will need the DBase extensions compiled/loaded. In Windows you simply uncomment out the line:
;extension=php_dbase.dll
In Linux and other *nix you will have to compile PHP with the "--enable-dbase" option.
The code will look for matching field names as it loops through the entire file and generate & execute INSERT statements in MySQL. Note that I start with record 1 as record 0 doesn't seem to contain actual data when using the dbase_get_record_with_names() function. Here it goes:
<?php
//by David @ PHP4IT.com 1/20/2006
//support for importing multiple DBF files at a time
//the key is the location of the DBF file & the value is the table to import
$dbf_files = array('/home/dbfs/addresses.dbf' => 'addresses');
$db_uname = '';
$db_passwd = '';
$db = 'test';
$conn = mysql_p_connect($db_uname, $db_passwd, $db);
foreach ($dbf_files as $key => $val){
import_dbf2($db, $val, $key);
}
function import_dbf2($db, $table, $dbf_file)
{
global $conn;
if (!$dbf = dbase_open ($dbf_file, 0)){ die("Could not open $dbf_file for import."); }
$num_rec = dbase_numrecords($dbf);
$num_fields = dbase_numfields($dbf);
$fields = array();
for ($i=1; $i<=$num_rec; $i++){
$row = @dbase_get_record_with_names($dbf,$i);
$q = "insert into $db.$table values (";
foreach ($row as $key => $val){
if ($key == 'deleted'){ continue; }
$q .= "'" . addslashes($val) . "',";
}
if (isset($extra_col_val)){ $q .= "'$extra_col_val',"; }
$q = substr($q, 0, -1);
$q .= ')';
//if the query failed - go ahead and print a bunch of debug info
if (!$result = mysql_query($q, $conn)){
print (mysql_error() . " SQL: $q<br>\n");
print (substr_count($q, ',') + 1) . " Fields total.<p>";
$problem_q = explode(',', $q);
$q1 = "desc $db.$table";
$result1 = mysql_query($q1, $conn);
$columns = array();
$i = 1;
while ($row1 = mysql_fetch_assoc($result1)){
$columns[$i] = $row1['Field'];
$i++;
}
$i = 1;
foreach ($problem_q as $pq){
print "$i column: {$columns[$i]} data: $pq<br>\n";
$i++;
}
die();
}
show_status($i, $num_rec);
}
}
//this function outputs the current progress of the import
function show_status($i, $max, $precise_mode=FALSE){
if ($i == floor($max/4)){ print "...25%"; flush(); }
if ($i == floor($max/2)){ print "...50%"; flush(); }
if ($i == floor($max*0.75)) { print "...75%"; flush(); }
if ($i >= $max) { print "...100%<br>\n"; flush(); return; }
if ($precise_mode){
print '...' . (round($i/$max * 100)) . "%";
flush();
}
}
?>
|
|
Discuss/Submit Comment | Email This
|
|
Import/Convert DBF files into MySQL - Part 1
Posted by: David on Tuesday, January 17, 2006 - 08:13 PM
Php Db Conversion
|
|
If you've been presented with the task of having to import a Dbase/DBF - here's a two step way to approach the problem. First the Mysql table structure needs to be created, and then the DBF is then read and inserted into the table.
I'll present step 1 today, which involves the conversion the output from the "disp stru" command in FoxPro into a MySQL create table statement.
Consider a DBF file called "addresses.dbf"- and the "DISP STRU" of the file looks like this:
1 HNAME1 Character 30
2 ADDRESS Character 30
3 EXTRA Character 30
4 CITY Character 28
5 STATE Character 2
6 ZIP Character 10
The convert function would convert that to this:
HNAME1 char (30)
ADDRESS char (30)
EXTRA char (30)
CITY char (28)
STATE char (2)
ZIP char (10)
Here's the script:
<?php
$ddf = ' 1 HNAME1 Character 30
2 ADDRESS Character 30
3 EXTRA Character 30
4 CITY Character 28
5 STATE Character 2
6 ZIP Character 10
';
print process_it($ddf);
//takes in string
function process_it($str)
{
$new_line = '';
$lines = explode("\n", $str);
foreach($lines as $line){
$line = substr($line, 7);
$line = str_replace('Character', 'char', $line);
$line = str_replace('Numeric', 'int', $line);
$elements = explode(' ', $line);
foreach ($elements as $key => $val){
if (!strlen(trim($val))){ continue; }
if (is_numeric($val)){
$newline .= "($val),";
}else{
$newline .= "$val ";
}
}
$newline .= "\n";
}
return $newline;
}
?>
|
|
Discuss/Submit Comment | Email This
|
|
|
|
| PHP News from Around the Net | |
|
|
|
