[PHP] PHP 4.1.0 uses much RAM compiled --with-mm
Hi, I'm experiencing strange PHP memory usage on a Sun SPARC machine running Solaris 8: I when I compile PHP 4.1.0 --with-mm to store session variables in memory the resulting Apache (1.3.22) process(es) immediately uses 138 MB of RAM. One can also observe an immediate significant reduction of available swap-space. Compiled --without-mm, memory-usage of the Apache process(es) is normal. with-mm: % ls -l libphp4.so -rwxr-xr-x 1 root root 2408468 Dec 11 23:27 libphp4.so % /usr/ucb/ps auxwww | grep http root 8670 0.9 1.0 138832 4848 ? S 18:44:34 0:00 /usr/apache/bin/httpd nobody8671 0.1 0.3 138848 1440 ? S 18:44:35 0:00 /usr/apache/bin/httpd without-mm: --- % ls -l libphp4.so -rwxr-xr-x 1 root root 2330076 Dec 26 17:01 libphp4.so % /usr/ucb/ps auxwww | grep http root 8817 0.8 1.0 7656 4800 ?S 18:45:47 0:00 /usr/apache/bin/httpd nobody8818 0.1 0.3 7672 1440 ?S 18:45:48 0:00 /usr/apache/bin/httpd In both versions (with-mm/without-mm) I've also enabled GD-, TTF-, DB3-, MySQL-Support and several more. Any hints how to reduce memory-consumption when using libmm? Thanks. Regards, Markus PS: The configure command-line ./configure \ --prefix=/usr/apache/php \ --with-apxs=/usr/apache/bin/apxs \ --with-config-file-path=/usr/apache/php \ --with-gd \ --with-jpeg-dir=/opt/sfw/lib \ --with-png-dir=/opt/sfw/lib \ --with-xpm-dir=/opt/sfw/lib \ --with-ttf \ --enable-gd-native-ttf \ --with-mysql \ --with-ttf \ --with-mm \ --enable-sockets \ --with-zlib=/usr \ --with-xml \ --with-db3=/opt/sfw \ --enable-sysvshm=yes \ --enable-sysvsem=yes \ --with-config-file-path=/etc/apache \ --enable-debug=no \ --enable-safe-mode=yes \ --with-exec-dir=/usr/apache/php/bin \ --enable-shared \ --enable-force-cgi-redirect=yes \ --enable-discard-path=yes \ --enable-inline-optimization -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Really weird problem: cross-server databasing *g*
Forgot to mention ... the only way to access the database on B is to connect to "localhost" there. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Really weird problem: cross-server databasing *g*
Hi folks!
Let's say you have two servers, on the first one ("A") you have your website
containig all those nice php scripts and co but only a crazy small database
(2 megs), on the second one ("B") you have a really big database available
but the problem, that the provider won't allow you to access the database
from any other place than from your account on B. That wouldn't be the
problem, but B opens pop ups each time, you open a website there - and that
couldn't be the solution.
Has anyone an idea how to access the database on B without opening a webpage
there (and with this, without opening a popup) from server A?
ANY help much appreciated!
Markus Mayer
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] mail() on *nix using ssmtp or an external smtp server?
Hello all! I have a frustrating problem with PHP and am hoping someone on the list might know a solution. I need to set up an apache server with php on Linux and AIX machines, and it all has to be in a chrooted environment. Most things work very well except for the mail() function. It appears that PHP on *nix systems is hard coded so that it is incapable of using an external smtp server instead needing a locally installed sendmail, however if php is built on a windows machine, it is hardcoded so it can only use an external smtp server. There seems to be no way around this. In terms of the design of PHP, I think this is a serrious error. As a result of the above problem, I have been looking for alternatives to sendmail, postfix, exim, and qmail because I need to not have any kind of full featured MTA in the chrooted environment. I found ssmtp[1] and esmtp[2], both of which would be satisfatory alternatives to sendmail and crew. Despite having both of these working from the command line in the chrooted environment, neither works with PHP when setting them with the "sendmail_path" option in php.ini. So my questions: - Does anyone know of a way to make PHP on *nix use an external smtp server without having to hack around in the source code of PHP? - Has anyone got either ssmtp or esmtp working with PHP? I would greatly appreciate if someone could offer a solution to me. best reagrds Markus [1]. http://packages.debian.org/stable/mail/ssmtp.html [2]. http://esmtp.sourceforge.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mail() on *nix using ssmtp or an external smtp server?
Hi Stephan, On Monday 16 August 2004 15:16, Stephan Fiedler wrote: > do I get you right, you can't invoke mail() because php can't find the > sendmail executable? Indeed you get me right. As I said in my post, alternatives such as qmail, exim, postfix and similar full featured MTA's in the chrooted environment are considered not acceptable because of the extra security risk in the case of a system compromise. I have to minimise as much as possible the scope for damage in case there is some kind of compromise. Your script is nice, but seems to rely on a full MTA inside the chrooted environment which I can't have. I tried something similar where I opened sockets on the external smtp server and wrote the mail into the socket, and this worked. The main problem with this is every script that uses a mail() function call has to be changed, and given that there are a lot of people who have and are supposed to be allowed to write such scripts on the servers, it's far from an ideal solution, and difficult to make those people use such a script. Second problem is I have to be able to handle failures in delivery, meaning implementing at least part of the smtp standard in a php script. It's all rather messy. > If this does not help you at all have a look at the sources and hack 'em > 'till they fit your needs # I've been worried about this kind of answer. Best, and I think quite a sensible step, would be if the PHP team changed the design of PHP and allowed *nix systems to use an external smtp server. best regards Markus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [OFF] - Fraudulent web orders - any ideas?
Hi Brian, One possibility is to use a MySQL database which records all failures with the credit card verifications, the IP address of the failure, and when the failure was. Write a script which looks at the failures and if it detects three or more failures from any IP in a set time frame (24 hours?), that address is blocked by the script for 24 hours from making any order. Your MySQL database should include at least the card number, time of failure, IP of failure. Then query the database based on the just attempted order, and if the count of failures from that IP address is greater than three (especially with different card numbers), refuse the order, and continue the block of that IP for 24 hours after the last failure. In particular, you could also check if the credit card numbers are different, and if they are, you know your dealing with a bad person and can take some steps to deal with them. While its maybe not an ideal solution, I can't think of anything better off hand. best regards Markus On Monday 16 August 2004 16:26, Brian Dunning wrote: > I have a simple PHP store, and it appears that someone is using it to > test credit card numbers. I'm getting a very high number of small [snip...] > I wonder if anyone has any experience with this, and if so, can you > suggest a way to deal with it? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [OFF] - Fraudulent web orders - any ideas?
Hi Brian, One possibility is to use a MySQL database which records all failures with the credit card verifications, the IP address of the failure, and when the failure was. Write a script which looks at the failures and if it detects three or more failures from any IP in a set time frame (24 hours?), that address is blocked by the script for 24 hours from making any order. Your MySQL database should include at least the card number, time of failure, IP of failure. Then query the database based on the just attempted order, and if the count of failures from that IP address is greater than three (especially with different card numbers), refuse the order, and continue the block of that IP for 24 hours after the last failure. In particular, you could also check if the credit card numbers are different, and if they are, you know your dealing with a bad person and can take some steps to deal with them. While its maybe not an ideal solution, I can't think of anything better off hand. best regards Markus On Monday 16 August 2004 16:26, Brian Dunning wrote: > I have a simple PHP store, and it appears that someone is using it to > test credit card numbers. I'm getting a very high number of small [snip...] > I wonder if anyone has any experience with this, and if so, can you > suggest a way to deal with it? - This is a second try, my previous mail seems to have not come through... Sorry if people get this twice - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [OFF] - Fraudulent web orders - any ideas?
On Monday 16 August 2004 17:03, Brian Dunning wrote: > I think I may have solved it by an even simpler method: I emailed the > perpetrator to "thank him for all of his orders" to see what he'd say. :-) Great idea! (me shows the thumbs up) > Anyone know who the "proper authorities" are, to whom I could give my It doesn't matter where the fraud comes from, its worth following up because my guess is you could be dealing with a small part of some organised credit card fraud group. My best suggestion is to give the FBI a quick call or look at their web site. Although the orders may be foreign (what location comes back when you put the IP address into http://www.geobytes.com/IpLocator.htm), as far as I know, this is something the FBI can handle, and if they don't, I would expect they know who does. Hope this helps. best regards Markus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mail() on *nix using ssmtp or an external smtp server?
I've been trying further to get ssmtp working with apache/php in a chrooted envrionment and have had some success on Linux, so I'm sharing it with everyone else. I've also come to understand quite well how the mail() function is implemented in php too, and actually it's quite simple. All directories that I speak of below are relative to the new root directory in the chrooted environment. First thing is ssmtp expects to find its config files in /etc/ssmtp/, so that needs to be created inside the chrooted environment. The real killer for this whole thing however, and seemingly where everything was falling over, is that I had to put ssmtp in the /usr/sbin/ directory. For reasons that totally illude me, if ssmtp is in the /bin directory or anywhere else, mail() fails!?!?! The php.ini file needs to be in the usual /usr/local/lib/ location, and the sendmail parameter in the php.ini file needs to be set to "/usr/sbin/ssmtp -t". Do not try any other flags, otherwise mail() fails. The attempts I've made today have brought results and are reproducible. This also works in a normal (that is not chrooted) environment. The demanded location of the ssmtp binary is by far the most bizarre thing I have had in this whole exercise, and I would appreciate it if someone else might be able to take the time to confirm my findings. What I also don't understand is that if I have ssmtp in the /bin directory (or anywhere else for that matter) and invoke it from the command line in a chrooted environment, it works happily. It also worked happily when I wrote my own short C program that emulated what is done in the PHP mail delivery procedures. For what ever reason, it just refused to work through PHP if it was anywhere other than /usr/sbin/ssmtp. So ssmtp in a chrooted environment, provided it's in /usr/sbin/, works well on a Linux box, but on AIX machines, it still fails completely and I don't yet know why. As I have done this time, if I have any success, I will post to the list so other people can know. If anyone else has some success with this on AIX, I would greatly appreciate knowing about it. best regards Markus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mail() on *nix using ssmtp or an external smtp server?
Just an addennum to my previous post 10 minutes ago: For ssmtp to work with apache/php in a chrooted environment, some kind of shell needs to be present in the /bin directory. This seems to be a limitation of PHP rather than some kind of deficiency with ssmtp. This in itself is a kind of security risk since one of the main reasons of putting things in a chrooted jail is to minimise as much as possible the scope for an attacker to do anything if they do make it into the machine. best regards Markus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] [OFF] - Fraudulent web orders - any ideas?
It may well be that they're using anonymous proxies. I know of a couple that spread the visiting IP addresses over a wide range of IP addresses, although everything does make it back eventually. Also possible is that they are using infected Windows machines and proxies. In the case of anonymous proxies, it should be possible to get the full range of IP addresses from somewhere and block all access through anonymous proxies - serious customers won't wast time going through such proxies, only people who really have something to hide go through such proxies. In the case of infected windows machines, you have a different problem because there are millions of such machines which act as spam relays, virus distributors, ... Keeping in mind that you want to make sales on your site as easy as possible, the best I can think of is to create a session cookie for the visitor which contains their IP address and check that IP address against one that you have stored locally for that session. If the IP address differs, blow the whistle on that visitor. To conceal that you are checking their IP address, call the cookie something like 'SaleID' or 'ItemID' and run the IP address through md5sum to get an md5 checksum and use that instead of the IP address itself. It wont get all of them, but it will make a difference, and make them have to work harder to get around the security on your site. In a case like this, you would also have to keep a database entry of what credit card number came from what IP address. If that card tries and fails more than twice and comes from different iP addresses every time, block that card number. Does Amex keep an online database of stolen/disabled credit cards? Maybe being able to query something like that in real time would be of advantage (actually I think some idea like this was presented very early in the thread). At the moment I don't have any other ideas. Hopefully what I've suggested here helps. best regards Markus On Monday 23 August 2004 23:33, Brian Dunning wrote: > The plot thickens. I added AVS *and* CVM to the site - and the Amex > orders are still going through. Amex ignores CVM, and the address was > correct, so the thieves must have gotten ahold of printed statements > that show the billing address. Any idea how to combat THAT? They are > using fake IP addresses now so I can't keep up by blocking IP's. > > Your clever ideas appreciated. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Where clause
The answer to this is quite simple if you look in a manual. mysql_query returns a resource id from which you extract the results using things like mysql_result() or mysql_fetch_object() or mysql_fetch_row(). Look up the manual on those commands. On Tuesday 24 August 2004 13:24, Phpu wrote: > Hi, > I have a table with 2 fields: id_from and id_to. > I want to interogate the database and to display the results if the id_to > is equal to some current id OR id_from id_from is equla to saame current > id. > > I use this but doesn't work > > $sql = "SELECT id_from, id_to FROM ids WHERE id_from ='$current_id' OR > id_to='$current_id' "; $result = mysql_query($sql); > > How can i do? > > Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] making sure sendmail function is on and running
This one is rather annoying as I have found out in the last couple of weeks. Depending on if your apache/php is on Windows or Unix, one or the other of the configurations you mentioned is relevant. If you have Windows, PHP can only use an extrenal smtp server, so you have to open that server up to connections from your web server to your mail server. That could be on the same physical machine as your web server, in which case the mail server will have to be configured to accept connections from localhost. In this case, you use the SMTP and smtp_port paramaters, and the sendmail parameter is ignored. If you are on Unix, PHP can only use a locally installed and callable MTA (Mail Transport Agent). That defaults to Sendmail, but Postfix, Exim, Qmail, and a few other MTA's that simulate Sendmails' functionality are acceptable. In this case, you use the sendmail parameter, which should be executable and configured, and the two parameters for Windows (which would actually be quite useful on Unix systems too) are ignored. You shouldn't need to do any port forwarding as long as both your Web and Mail servers are freely accessible to each other, say behind the firewall. Hope this sheds some light for you. regards markus. On Tuesday 24 August 2004 15:47, [EMAIL PROTECTED] wrote: > Background: > Server-Apache 1.3.31 > OS-Windows XP > PHP-5 > Problem-I'm trying to run eFiction, a story/fanfiction archive script. On > this, people self register, and they are supposed to get an e-mail with > their password. However, I and one other attempted signing up, and neither > of us got our password-email. After doing research, I heard I needed to > make sure that my sendmail function was activated. > > How do I make sure that my sendmail function is on and running? I read the > documentation and checked my php.ini, but I have some doubts. > > 1. My php.ini doesn't seem to include everything that should be either. In > the documentation, it shows your mail section having four parts: SMTP, SMTP > Port, sendmail_from, sendmail_path. However, php.ini looks like this > (windows section): > > [mail function] > ; For Win32 only. > SMTP = localhost > smtp_port = 25 > > ; For Win32 only. > ;sendmail_from = [EMAIL PROTECTED] > > There is a sendmail_path down below, but it is under the For Linux > Only section. What's with that? > Also, I have a router. Do I need to port-forward port 25 to get > sendmail to work? > Thanks in advance. > > -Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] download filesize problem with IE
At the moment you're talking about two different things - uploading and downloading. Your IE download problem has nothing to do with the php.ini settings for uploaded file sizes. There is nothing you can do with PHP to resolve the download problem. I have experienced the same problems with files over about 32Mb with the last batch of IE updates. It simply isn't capable of downloading such files any more. My employer (name withheld) has *very* recently decided that the officially supported browser is Mozilla, and support for IE will be dropped quite soon simply because Mozilla works and IE causes too many problems. regards Markus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Power failure = php failure: HELP!
I had a similar problem myself 1 1/2 weeks ago when my system locked up through an IDE bus lock up after 560 days uptime (system still ran, but no access to anything on the IDE drives, scsi was ok). There was significant file system damage, which for me took out my web pages, MySQL, a number of executables, and a few other files. Your whole problem sounds like file system damage to me. I'm assuming you've run something like fsck to examine your file systems, been through the lost+found directories on the various partitions and put together again as much as you can. Just because a program still kind of runs doesn't mean it or its files escaped the crash undamaged. I think your only two reasonable options here are to reach for you backups (you did make them, didn't you???), or to rebuild the failing components. If you need further help, you can contact me directly as this thread doesn't really belong on the PHP list. regards Markus On Wednesday 15 September 2004 08:14, Justin Rietz wrote: > I am running Apache. Xoops, and Squirrelmail on a > Fedora 2 server. I recently had a power failure - my > daughter turned off my power strip :-( The network > card was fried. Anyway, PHP does not seem to be > working now. Apache serves static html pages fine, > squirrelmail loads in the browser but can't read > mailboxes, and the Xoops home page pulls up VERY > slowly but doesn't post any graphics. > > I have spent 2 days trying to find the solution. If > anyone has any ideas, it would be much appreciated! > > Thanks, > > -JR -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] mysql_connect does not connect
On Thursday 16 September 2004 05:06, Sam Hobbs wrote: > It is my understanding that the firewall is not supposed to be relevant. I It is our experience at my employer that the firewall in XP-SP2, as well as other firewalls that are available, are very relevant. > have not seen anything saying it is supposed to be. We also have not seen any documentation about "problems" with such things after installing SP2, but we have problems. Things that worked before don't work any more, especially client side things. Our three small Windoze servers have given our Windoze administrator more than enough work recently. > If it is true that it > is not supposed to be relevant, then simply saying it is just causes > confusion. If you had said that the firewall is not supposed to be > relevant, but try disabling it anyway, then I would say that I am totally > able to think like that too. It is reasonable to try things like that to > diagnose a bug. flame blocked by firewall. > If you can find something in the MySQL documentation saying that the > firewall needs to be disabled eventhough the server and client are the same > system, then that would sure help. I am not asking you to; I am saying that > that is what would help. SP2 is so new that its effects are still being evaluated by a lot of people. At the moment, I think the best place to get information about its effects is forums like this one. Formal documentation will be updated in time as more experience is gained. The info I got from our Windows admin is that with SP2, the MS SQL server on one machine was apparenty unaffected, but the MySQL on another was. Dropping the MS Firewall in SP2 allowed connections again. Client side, SP2 has caused nothing but problems for us to the point where we as administrators are now saying to our users "it was working before you installed SP2, and after you installed SP2 it stopped working, so it's your problem". IE is especially problematic, and when someone calls up and says they have a problem with IE and have installed SP2, our response is that we no longer support IE and tell the users to install Mozilla, and if they still have problems when they try Mozilla, they can call us back. We haven't heard from any of them again, and our help desk girls have always been able to quickly sort out the problems users have when they first try Mozilla. I looked back in this thread and saw that you used Zone Alarm as a firewall. You need to allow MySQL connections to localhost, and that regardless of which firewall you use. If you filter such connections out, PHP scripts will not be able to connect to your MySQL server. This is because PHP makes a TCP connection to the MySQL server, also when it is running on the same machine as you PHP/Apache (at least this is my understanding). You can of course continue refuse all external (that is not from localhost) connections to whatever service is running on your machine. I think something to this effect has already been said in this thread, but at the moment I don't want to search for the post. While the flame war in this thread has been amusing to read, it's amusement value for me has more or less run out. My impression is that you still don't have the thing working, and the only solution left is to configure your firewall to allow connections to your MySQL server from localhost. If you would do this, and it works, please post to the list to reflect this. My experience as an administrator tells me with a 99% certainty that this is your problem. regards Markus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP slowness
I'm a little bit late in on this one, and asking questions after the problem is solved is a bit academic, but I am curious about one thing - Does the debian package do reverse lookups to try to get a name for the visiting IP address? Every page request taking 5 seconds sounds like a name lookup failure to me. regards Markus On Tuesday 01 March 2005 13:45, Gerard wrote: > > It looks like you are using Debian and probably did an apt-get install > > php. Why don't you try compiling php by hand without all the extra > > crap that I'm sure you don't need then try it. I think you will be > > much happier. Debian is great software, but when it comes to things > > like web services and php it is much better to compile by hand to get > > the best performance. > > Thanks for that one! After a manual compile it all works fine :D > > - Gerard -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] patch to php 4.3.10 to disabling URL wrappers in include like statements
Correct me if I'm wrong, but isn't this already available in the standard PHP? In the php.ini file, you can refuse the inclusion of url's : allow_url_fopen = Off I think also Hardened PHP offers additional similar protections. Markus On Wednesday 02 March 2005 08:57, Tom Z. Meinlschmidt wrote: > Hi, > > I've experienced a lot of attacks in my hosting server due to silly users > and their scripts with holes. So I prepared this little patch to 4.3.10, > which disables using url wrappers in > include/include_once/require/require_once statemens (switchable in > php.ini). See readme.security from patch > > patch is there: > > http://orin.meinlschmidt.org/~znouza/php_patch.txt > > comments are welcome > > /tom > > -- > === > Tomas Meinlschmidt, SBN3, MCT, MCP, MCP+I, MCSE, NetApp Filer & > NetCache gPG fp: CB78 76D9 210F 256A ADF4 0B02 BECA D462 66AB 6F56 / $ID: > 66AB6F56 GCS d-(?) s: a- C++ ULHISC*$ P+++> L+++$> E--- W+++$ > N++(+) !o !K w(---) !O !M V PS+ PE Y+ PGP++ t+@ !5 X? R tv b+ !DI D+ G > e>+++ h r+++ z+++@ > === > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Mail with acknowledgement of delivery
The mail() function allows you to specify additional headers that go into the mail. Delivery acknowledgement is done using specific headers, the exact format of which I don't know off hand. You will have to find the exact formatting information yourself, however this is the way to go. Markus On Wednesday 30 March 2005 17:31, marc serra wrote: > Hi, > > I got a problem with mail function. I want to know if it's possible to > send a email in php and to get back an acknowledgement of delivery. My > problem is that i want to know if my emails are delivered successfully > to recipients. > > Can you please tell how to do this if there is a solution. > > thank you in advance, > > Marc. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Problems with HPHP on AIX and Solaris
Hi All,
I have interesting problems with PHP/Hardened PHP 4.3.11 on Apache 2.0.54 on
AIX 5.1 and 5.2, and on Solaris 9.
I have a directory permissions scheme which has the absolute minimum of rights
for the web server to work, that is a directory gets the permissions
drwx--s--x (711) with the suid bit set. This is done because many users have
ftp access to the system and for some directories in the system it should not
be possible for those users to do a directory listing. Changing the
permissions to include read permission is one solution that works, but in
this environment it is unacceptable for us. It's also unacceptable because
this was working with previous versions of HPHP.
My first problem is the behaviour of Hardened PHP in PHP 4.3.10 and 4.3.11 on
AIX. This was built using gcc 3.3.3 from the AIX toolbox. Everything was
fine with Hardened PHP 4.3.9. For what ever reason, with the above directory
permissions, HPHP is not able to read files within that directory structure
if they are included relative to the working directory of a script running
within a subdirectory (see the example scripts and associated directory
structure I have given later on). If I run this on Linux with HPHP, it works
fine, as does the normal PHP on AIX. Strangely enough, if I use the absolute
path to the included file, the file is included without problems.
My second problem is HPHP on Solaris 9 on a Blade 1500 - it just doesn't work
with the apache process seg faulting aparently during the initialisation
stage. If I use the normal PHP everything runs fine. These were built using
gcc 3.3.2 from sunfreeware.com. I have tried running it in gdb, but gdb
itself seg faults. So then (genius here) I ran apache inside gdb inside gdb
which caught gdb's own seg fault and indicated a problem with libc.so.1.
Applying the latest Solaris 9 patch cluster from Sun and rebuilding apache
and HPHP did not change anything. At the moment I'm one step away from
opening a bug report at Sun.
I would like to know if any one else with similar systems has similar problems
and maybe a solution. I would bother Steffan Esser, the creator of HPHP,
with this problem but I've bothered him enough already and really need to
know if I'm the only one with such problems. I also don't want to open a bug
report at Sun if the problem is somewhere else.
If anyone has any questions about this problem, please ask. I will be most
grateful for any help anyone can give me.
Markus
A test directory structure to recreate this is as follows:
htdocs/test:
drws--S--x 3 user users512 Dec 28 17:37 .
drwxr-xr-x 14 user users 1536 Apr 20 12:27 ..
drwxr-xr-x 2 user users512 Dec 28 17:39 subdir
-rw-r--r-- 1 user users 48 Dec 28 17:37 includeme.inc
htdocs/test/subdir:
drwxr-xr-x 2 user users512 Dec 28 17:39 .
drws--S--x 3 user users512 Dec 28 17:37 ..
-rw-r--r-- 1 user users511 Apr 20 11:37 scripttest.php
the file htdocs/test/includeme.inc contains the script
";
?>
the file htdocs/test/subdir/scripttest.php contains the script
";
include '../includeme.inc';
echo "Done...";
$included_files = get_included_files();
echo "These are the included files as returned by get_included_files():";
foreach ($included_files as $included_file)
{
echo " $included_file";
}
echo "";
echo "Now I will try to get my current working directory using getcwd()";
$cwd = getcwd();
echo "getcwd() returned $cwd ";
echo "Test end.";
?>
Solaris Hardened PHP seg faults.
Solaris รข PHP 4.3.11 standard and AIX PHP 4.3.11 standard output the
following:
I will now try to include the file ../includeme.inc.
I am the included file!
Done...
These are the included files as returned by get_included_files():
/usr/local/htdocs/test/subdir/scripttest.php
../includeme.inc
Now I will try to get my current working directory using getcwd()
getcwd() returned
Test end.
AIX PHP 4.3.11 with Hardened PHP Patches 0.2.7 for PHP 4.3.11 outputs the
following:
I will now try to include the file ../includeme.inc.
Warning: main(../includeme.inc): failed to open stream: Permission denied
in /usr/local/htdocs/test/subdir/scripttest.php on line 5
Warning: main(): Failed opening '../includeme.inc' for inclusion
(include_path='.:/usr/local/lib/php')
in /usr/local/htdocs/test/subdir/scripttest.php on line 5
Done...
These are the included files as returned by get_included_files():
/usr/local/htdocs/test/subdir/scripttest.php
Now I will try to get my current working directory using getcwd()
getcwd() returned
Test end.
Linux: The output of the scripts on both standard PHP 4.3.11 and PHP 4.3.11
with Hardened PHP patches version 0.2.7 for PHP 4.3.11 is the same:
I will now try to include the file ../includeme.inc.
I am the included file!
Done...
These are the included files as returned by get_included_files():
/usr/local/htdocs/test/subdir/scr
[PHP] Help with strange include problem in PHP 5.2.0
Hi all, I have a strange problem including files in PHP 5.2.0 running on Unix. If I try to include a file using include 'filename.inc';, everything is fine. As soon as I try to put a "." in front of the file name, for example include './filename.inc';, I get a "failed to open stream: No such file or directory" error. Does anyone have any suggestions as to what is going wrong?` This all works with php 4.4.4 built with the same environment and compiler on the same system. thanks Markus The files I am testing are: include.php: filename.inc: # ls -l total 6 -rw-r--r-- 1 root webservd 44 Nov 30 13:45 filename.inc -rw-r--r-- 1 root webservd 265 Nov 30 13:45 include.php drwxr-sr-x 2 root webservd 512 Nov 30 13:44 include_test_dir # ls -l include_test_dir/ total 2 -rw-r--r-- 1 root webservd 21 Nov 30 13:45 filename.inc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Help with strange include problem in PHP 5.2.0
Hi Richard, Hi all, The include path is correct. That was one of the first things I played around with. At the moment, it's include_path = ".". I also tried renaming the php.ini file to php.ini.off so that it wasn't found and took all the defaults, but with no success. Last night I built PHP 5.1.6 and took the same php.ini file. Everything worked. The build environment was the same, the configure arguments were the same, only the php version was different. I'm guessing that I've done something wrong somewhere because I haven't found any references to this problem from any one else. I just have no idea what it could be. I don't know if it's any help in locating the problem, my build environment is Solaris 10, Sun Studio 10 with the Sun C and C++ compilers. # cc-V Sun C 5.7 2005/01/07 # CC -V CC: Sun C++ 5.7 2005/01/07 LDFLAGS=-L/opt/sfw/lib -L/usr/sfw/lib -L/usr/lib -R/opt/sfw/lib:/usr/sfw/lib:/usr/lib:/opt/oracle/instantclient_10_2 CPPFLAGS=-I/opt/sfw/include -I/usr/sfw/include/openssl -I/usr/local/BerkeleyDB/include -I/usr/include -I/opt/oracle/instantclient_10_2/sdk/include CFLAGS=-I/opt/sfw/include -I/usr/sfw/include/openssl -I/usr/local/BerkeleyDB/include -I/usr/include -I/opt/oracle/instantclient_10_2/sdk/include And to your "rant" about the code developers make - I totally agree with you. As the administrator of a server with close to 600 users who all put their own applications in their own accounts up, then ask me why it "doesn't work", I get annoyed at such things too. regards Markus On Thursday 30 November 2006 19:04, Richard Lynch wrote: > On Thu, November 30, 2006 6:49 am, Markus Mayer wrote: > > I have a strange problem including files in PHP 5.2.0 running on Unix. > > If I > > try to include a file using include 'filename.inc';, everything is > > fine. As > > soon as I try to put a "." in front of the file name, for example > > include './filename.inc';, I get a "failed to open stream: No such > > file or > > directory" error. Does anyone have any suggestions as to what is > > going > > wrong?` This all works with php 4.4.4 built with the same environment > > and > > compiler on the same system. > > What is your include path in PHP 5.2.0? > > I'm going to go out on a limb and bet a dollar that the PHP 4.4.4 > include_path has "." as one element within the list and that the PHP > 5.2.0 include_path does NOT have "." within the list. > > I.e.: > 4.4.4 include_path ".:include_test_dir" > 5.2.0 include_path "include_test_dir" > > In the first case, 4.4.4, you've got . in there, so . combined with ./ > will "find" the file you want. > > In the second case, 5.2.0, you've got no . in there, so ./ is looking > in a directory, not the directory you expect, and it ain't finding the > file because it's not there. > > Rant #24, not directed at Markus, but the world at large :-) > PHP developers should understand and use include_path instead of > hacking up their source with hard-coded paths and weird sub-directory > / parent-directory hacks in include/require statements. > > It drives me nuts when I install nice software packages, but I can't > put their components where I want them. > > End result: > rm -rf [insert your nifty project directory name here] > > -- > Some people have a "gift" link here. > Know what I want? > I want you to buy a CD from some starving artist. > http://cdbaby.com/browse/from/lynch > Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Help with strange include problem in PHP 5.2.0
On Thursday 30 November 2006 19:04, Richard Lynch wrote: [snip...] And of course I forgot to put in the configure arguments './configure' \ '--without-pear' \ '--with-apxs2=/usr/local/apache2/bin/apxs' \ '--enable-mm=shared' \ '--with-mysql=/usr/local/MySQL/mysql-standard-5.0.27-solaris10-sparc' \ '--with-ldap=/usr/local/open-ldap' \ '--with-openssl=/usr/sfw/' \ '--with-zlib' \ '--enable-inline-optimization' \ '--enable-mm=shared' \ '--with-libxml-dir=/usr/local/lib/libxml-2.6.27' \ '--with-oci8=/opt/oracle/instantclient_10_2' \ "$@" -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Help with strange include problem in PHP 5.2.0
Hi Richard, I think I've identified the problem. It appears to be a problem with PHPMyAdmin rather than PHP itself. The directory permissions we have are the minimum we need, usually 710, file permissions are 640. The group part of the permissions is how the apache gets to the files in the directories. This time I did the installation of PMA and changed all the directory and file permissions according to the standards here. As it turns out, PMA demands read permission on the directory in which it's distribution directory is installed. That is: /usr/local/htdocs# ls -la pma/ total 16 drwxr-x--- 4 root webservd 512 Dec 6 10:48 . drwxrwx--- 17 rootwebservd 2048 Dec 6 10:22 .. drwxr-xr-x 9 root webservd2048 Nov 30 14:06 phpMyAdmin-2.8.1 drwx--x--- 10 root webservd2560 Dec 1 12:36 phpMyAdmin-2.9.1.1-all-languages If the permission of this directory listed above has 710 instead of 750, PMA falls over! /usr/local/htdocs# ls -la pma/ total 16 drwx--x--- 4 root webservd 512 Dec 6 10:48 . drwxrwx--- 17 rootwebservd 2048 Dec 6 10:22 .. drwx--x--- 9 root webservd2048 Nov 30 14:06 phpMyAdmin-2.8.1 drwx--x--- 10 root webservd2560 Dec 1 12:36 phpMyAdmin-2.9.1.1-all-languages It took quite a bit of scratching my head until I found this out. In particular, PMA 2.9.1.1 really falls over with the 710 permissions that are currently set. I think now I need to file a PMA bug report. thanks for the suggestions you made, they did help me find this problem. regards Markus On Friday 01 December 2006 22:27, Richard Lynch wrote: > Try running it under some kind of debugger and see if you can figure > out what directories it's even checking when it doesn't find the > file... > > I dunno if Zend IDE (or whatever it's called now) or Komodo or XDebug > or whatnot will do that, but it's definitely sounding very odd if your > include_path has "." in it... > > Oooh... > What does PHP think your cwd is? > echo 'cwd: ', cwd(), "\n"; > right before the include. > > On Fri, December 1, 2006 3:47 am, Markus Mayer wrote: > > Hi Richard, > > Hi all, > > > > The include path is correct. That was one of the first things I > > played around > > with. At the moment, it's include_path = ".". I also tried renaming > > the > > php.ini file to php.ini.off so that it wasn't found and took all the > > defaults, but with no success. > > > > Last night I built PHP 5.1.6 and took the same php.ini file. > > Everything > > worked. The build environment was the same, the configure arguments > > were the > > same, only the php version was different. > > > > I'm guessing that I've done something wrong somewhere because I > > haven't found > > any references to this problem from any one else. I just have no idea > > what > > it could be. I don't know if it's any help in locating the problem, > > my build > > environment is Solaris 10, Sun Studio 10 with the Sun C and C++ > > compilers. > > # cc-V > > Sun C 5.7 2005/01/07 > > # CC -V > > CC: Sun C++ 5.7 2005/01/07 > > > > LDFLAGS=-L/opt/sfw/lib -L/usr/sfw/lib -L/usr/lib > > -R/opt/sfw/lib:/usr/sfw/lib:/usr/lib:/opt/oracle/instantclient_10_2 > > CPPFLAGS=-I/opt/sfw/include -I/usr/sfw/include/openssl > > -I/usr/local/BerkeleyDB/include -I/usr/include > > -I/opt/oracle/instantclient_10_2/sdk/include > > CFLAGS=-I/opt/sfw/include -I/usr/sfw/include/openssl > > -I/usr/local/BerkeleyDB/include -I/usr/include > > -I/opt/oracle/instantclient_10_2/sdk/include > > > > And to your "rant" about the code developers make - I totally agree > > with you. > > As the administrator of a server with close to 600 users who all put > > their > > own applications in their own accounts up, then ask me why it "doesn't > > work", > > I get annoyed at such things too. > > > > regards > > Markus > > > > On Thursday 30 November 2006 19:04, Richard Lynch wrote: > >> On Thu, November 30, 2006 6:49 am, Markus Mayer wrote: > >> > I have a strange problem including files in PHP 5.2.0 running on > >> > >> Unix. > >> > >> > If I > >> > try to include a file using include 'filename.inc';, everything is > >> > fine. As > >> > soon as I try to put a "." in front of the file name, for example > >> > include './filename.inc';, I get a "failed to open stream: No such > >> > file or > >> > directory" err
[PHP] perl to php translation tool?
Hello everyone! I've searched for a tool that would translate, or at least mostly translate, perl scripts into php, unfortunately with no success. I didn't even find a reference in the archives of this list to this subject, which surprises me. Does anyone know of any tool that can handle this type of thing? regards Markus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] perl to php translation tool?
I was afraid of such answers. My intention was to get rid of a fewperl scripts on our server that were written by external companies, and those companies are pressing to continue to use perl for their cgi's. /dev/brain would be nice, if I could get that node made at those companies but it seems like I'm dealing with more like /dev/braindead Such is life... Thanks for the info though! regards Markus On Monday 22 November 2004 14:48, Christophe Chisogne wrote: > Markus Mayer wrote: > > I've searched for a tool that would translate, or at least mostly > > translate, perl scripts into php, unfortunately with no success. > > It's simply impossible. By example, a Perl script handling file uploads > cant be translated automatically : php4 handles file uploads _before_ > the php script gets executed (choosing tmp filename, filling $_FILES etc). > AFAIK PHP can't do everything Perl can (ex download progress), > so automatic translations are not possible unless very simple/specific > cases. > > Some translation problems are > > - very different OO models > - different handling of references > - and, as suggested by Raditha, in Perl, TIMTOWTDI >-- There Is More Than One Way To Do It > > > Does anyone know of any tool that can handle this type of thing? > > /dev/brain :-) > > Christophe -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
