September 2004 Meeting

Posted on by
It was a great meeting today. So many people showed up–I was very happy to have prepared something. You can download my presentation on Getting Started with PHP5. Please, send on any comments or questions.
If you are interested, I used OpenOffice.org’s Impress to create the presentation. It has a very handy Export to Shockwave Flash function, which was used to produce the .swf linked above.

July 2004 Meeting – PHP5 has arrived

Posted on by
July was a blast! Thank you to everyone who dropped by. We had a great mix of first-timers and return members. Of course, we discussed some of the new features of PHP 5 as well as how to start using it. All detailed in this month’s PUG.
[i]
EDITED: 20040107 – Cleaned up the markup to be more xoopish. And added \ marks to the configure example. They simply tell the shell that all of that is really the same command (or line). Note, all of this works with the now current 5.0.3…just so ya know.[/i]
If you are looking for the definitive source of changes in PHP5, look no further than [url=http://www.php.net/manual/en/migration5.php]The Migration Guide[/url]. In the [url=http://www.php.net/manual/en/]php documentation[/url], you will find a host of new features sprinkled throughout…but who has time to read all of those pages!

Fear not, their [url=http://www.php.net/manual/en/migration5.php]Migrating from PHP4 to PHP5[/url] document will certainly make for a great evening read. This helpful document will tour you through all the new features and (known) backwards incompatibilities in this amazing release.

After talking about the exciting new object model for a little while, we discussed to ways to install PHP on your own machine.

The first, using a Windows Installer called [url=http://www.wampserver.com/en/index.php[/url]WAMP5[/url]. If you are using windows and just want an easy to install setup of PHP5, mysql, mysqladmin and apache…look no further. It installs in no time, and seems to do the trick quite nicely. They even have a PHP4 add-on now, so that you can switch between 4 and 5 with ease.

Next, we walked through installing PHP5 as a CGI on an existing PHP4 enabled server. This allows me to continue my day job in PHP4, yet gives me a way to start playing with 5. If you are looking to do something similar in windows, you might check out the this [url=http://www.circle.ch/blog/p1387.html]weblog entry[/url] on circle.ch.

My process was very similar. Now again, this is in linux, and I like to keep the software that I compile seperate from the software that is installed by my Linux distribution. So, your pathnames may vary. ๐Ÿ˜‰

First, I pulled down the tar ball (php-5.0.0.tar.bz2) from php.net. Then, I went to my build directory and un-tarred it.

[code]$ tar -xvjf ~/php-5.0.0.tar.bz2[/code]

Then, I used the configure command to tell the PHP source a little bit about what I want built in, and where I would like it to go.

[i]You can find more information on [url=http://www.php.net/manual/en/configure.php]php configure options[/url] on php.net.[/i]

[code]$ cd php-5.0.0
$ ./configure \
–enable-force-cgi-redirect \
–prefix=/opt/php5.0.0-cgi \
–with-zlib \
–with-libxml-dir=/usr/ \
–with-xsl=/usr/ \
–disable-pear \
–with-gd \
–enable-gd-native-ttf \
–with-freetype-dir=/usr/lib \
–with-jpeg-dir=/usr/lib \
–with-png-dir=/usr/lib \
–with-zlib-dir=/usr/lib \
–with-gettext \
–with-curl \
–with-pspell \
–with-mysql=/usr/lib/mysql/ \
–enable-debug \
–with-pear=/opt/php5.0.0-cgi/php-lib/ \
–with-config-file-path=/apache/conf/ \
–with-config-file=/apache/conf/php-5-cgi.ini[/code]
[code]$ make
// a minute 14 seconds later…
$ make install[/code]

PHP then installs itself…no sweat. You can even run your new php on the command line. If you used the example above, you would run start it like so:

[code]$ /opt/php-5.0.0-cgi/bin/php[/code]

All that is left is to add a new vitual host to your apache.conf

[code]

ServerAdmin [email protected]
ServerName php5-demo
DocumentRoot “/u01/httpd_data/site/php5-demo/htdocs”

Options None
AllowOverride all
Order allow,deny
Allow from all

ErrorLog /u01/httpd_data/logs/php5-demo/error_log
CustomLog /u01/httpd_data/logs/php5-demo/access_log combined
DirectoryIndex index.php index.html
ScriptAlias /cgi-bin/ “/opt/php5.0.0-cgi/bin/”
Action php5-script /cgi-bin/php
RemoveType .php
AddHandler php5-script .php .html


[/code]
Last but not least, you will need to add an entry for your fake server to your /etc/hosts file.

[code]127.0.0.1 localhost tachyon www php5-demo[/code]
Now, just restart your apache and you should be in business.

Put a little index.php (with a [b][/b] or something in it) in /u01/httpd_data/site/php5-demo/htdocs and open your browser to http://php5-demo. You should be greeted by the PHP 5 information!

phpMyAdmin 2.5.7 vulnerable to remote attacks

Posted on by
many of us use phpMyAdmin to help us manage our MySQL databases. If left open to public access, phpMyAdmin is open to a remote attack allowing the attacker to run arbitrary php code.

The best way to protect yourself is to simply password protect phpMyAdmin. On apache, this can usually be done with a .htaccess and .htpasswd file. Hit google for more information on password protecting parts of your website.


The official white paper on the bug is located here:


http://www.packetstormsecurity.org/0407-exploits/phpMyAdmin257.txt

PHP 5 at the PUG

Posted on by

So, I’m going to try and put together a talk on PHP 5 for this weekend. Please add a comment on anything you would like to see covered and we will either get it in this month or in future talks.

To get you started, I’m looking to give a general overview and hopefully a small demo of installing PHP 5…including alongside of PHP 4!

See you at the PUG!!

PHP 5 is Released!!!

Posted on by
Remember the date: July 13, 2004. As of yesterday, PHP 5 has been released as production ready. Be sure to take a peek at www.php.net.

Go there, download it, run it as a CGI if you have to, but go try it out!! This is a great day for PHP and it’s users. A HUGE thank you to each of the thousands of people who helped to make this happen!

Now, go out there and get it!!

Posted in PHP

Q:So, what was with the wierd comments? A:SPAM

Posted on by
Last night a very kind person sent me an email that someone had started sending (shall we say) off-topic links in anonymous posts. I wish I didnโ€™t have to, but this morning I turned off the anonymous comments. My intent was to make the site as easy to post to as possible…even if you didn’t have an account. As of today though, that had to change.

I ended up deleting over 250 comments from the comments table. I had thought about just emptying the comment text, but I just wanted them gone (oops). Well, I ended up invalidating some of the comment threads…sorry about that. I will try to get them back if I can. The posts are all still in there, I just need to re-attach some of them.

A Funny Story

Posted on by
I was in my country working for an ISP as developer, i was working on a project on a sunday afternoon, the support office was closed for the weekend, but some person kept calling and calling, i could not bear the noise, so i picked up the phone. It was from one of the government office were we provide our service. The Guy on the phone said that is tea tray was not working on his computer. I was blank, i did not know what it meant, the guy said that he needs to work and needed me to fix this problem, i thought he was talking about java and the java icon is a cup.

I instructed him step by step all his configuration was right but also his tea tray was not working. He asked me if i could come to his office as it was just 10 miles away.

So i went to his office and folks you wont belive this, the tea tray he was talking about was none other then the CD-ROM, yup he was using his CD-ROM as a cup holder.

I told him that we are not his hardware support people he needs to call the company where the computer was brought from.

He was cursing the computer company and told me that he had 1 year garentee on that machine, so they have to replace his tea tray.

Hope you guys enjoyed it, a little bit of humor dose not hurt anybody, do tell me how did u like it

So, what was with the weird comments?

Posted on by

I’m noticing that some anonymous user (or script) has been adding the following comments…and I really don’t know why:

  • It’s nice here
  • Who fool the tricks of time
  • I’m searching for more
  • I agree with this

We get so few comments, that I don’t want to remove them if someone out there just uses a macro or something to comment on stories. ๐Ÿ˜‰ But, when I start seeing two of them on the same story, I’m getting ready to remove them. Anyone know the scoop?

Getting text from users.

Posted on by

I have been learning a lot from hanging out on sitepoint.com these days. Especially the PHP Blog run by Harry Fuecks (yes, the phppatters guy). Those of you who know me know of my completely biased opinion towards this man.

Anyway, my search for alternative ways of entering content into our content management system has led me here:
http://wiki.ciaweb.net/yawiki/

You may be interested in their Text_Wiki and Text_Diff pear packages. Text_Wiki is not yet in the pear system, but can be downloaded and installed using the pear command.

The site also sports a very nice template system called Savant. It is simple, clean and uses PHP as its template engine. No, it is not as feature filled as Smarty, but it seems to be a lot less confusing.

And, for what itโ€™s worth, we have currently ended up with the FCKEditor from http://www.fredck.com/fckeditor/ . It is windows/IE only for now, but degrades nicely into a text box for all other systems. Hmmm…a text box that uses Text_Wiki perhaps…

Anyone else have tools they like to use?

Happy PHPing.

– Dan

Oops…my bad (or, Pug has a new box to call home!)

Posted on by

My apologies for the little “outage” this week. KCPug had to move to a different server, as the old one was being retired. Everything is moved over, and there should be no more interruptions in service. Well, at least until I get off my duff and shell out some clams for a hosting provider. ๐Ÿ˜‰

See you on Saturday!!