MySQL Developing And Programming Blog

NOTEThe disable_functions setting is independent of the safe_mode directive, which meansthat it does not matter whether safe_mode is on or off. disable_classesDefault: Empty not definedAllowed: Comma-delimited list of class namesThis setting enables you to disable specified classes. NOTEThe disable_classes setting is independent of the safe_mode directive, which meansthat it does not matter whether safe_mode is on or off. expose_phpDefault: OnAllowed: On, OffThis setting enables you to hide PHP from the header output and web server signature. If you do not want anyone to know that you are running PHP (other than by seeing the .php in your filenames), you can do so by disabling this directive. This feature will at least allow you to hide which version of PHP you are running in case you are on vacation when a major security exploit is found. max_execution_timeDefault: 30Allowed: Number of secondsThis is the number of seconds you will allow a PHP script to run before it dies. WARNINGIf you set max_execution_time to zero (0), your scripts might run forever and potentiallytake all of your server resources, and your server might become inaccessible. Be careful. max_input_timeDefault: 60Allowed: Number of secondsThis is the number of seconds a script can take to parse requested data. WARNINGIf you set max_input_time to zero (0), your scripts might run forever and potentially takeall of your server resources, and your server might become inaccessible. Be careful.

Hint: If you are looking for very good and affordable webspace to host and run your j2ee hosting application check Virtualwebstudio j2ee web hosting services

mode_exec_dirDefault: Empty not definedAllowed: Path to directory (/directory/path) This setting defines a specific path of files that are allowed to be executed by exec family functions: exec, shell_exec, and so on. safe_mode_allowed_env_varsDefault: PHP_ Allowed: Colon-delimited list of prefixesThis setting allows only the listed environment variables to be modified. WARNINGUsing the default PHP_ setting allows any environment variable to be modified, which caninduce a security risk. safe_mode_protected_env_varsDefault: LD_LIBRARY_PATHAllowed: Path or environment variable pathA colon-delimited list of environment variables that the user will not be able to modify by using the putenv function. These variables will be protected even if the safe_mode_allowed_ env_vars setting is set to allow changes to them. open_basedirDefault: Empty not definedAllowed: Path to directory (/directory/path) This setting limits all file changes to the defined directory. This setting should really be used in a virtual hosting or directory configuration. NOTEThe open_basedir setting is independent of the safe_mode directive, which means that itdoes not matter whether safe_mode is on or off. disable_functionsDefault: Empty not definedAllowed: Comma-delimited list of function namesThis setting enables you to disable specified functions.

Hint: If you are looking for very good and affordable webspace to host and run your j2ee hosting application check Virtualwebstudio j2ee web hosting services

Security and Safe ModeThe PHP INI file enables you to crack down on the security settings if you would like. You can hide PHP, limit memory usage and execution times, and enable safe-mode operation. Safe mode is ideal for virtual hosting environments. It enables you to lock down the way PHP operates for the system. This prevents users from doing many malicious things such as opening system core files, reading other client s files, tampering with system information, or executing certain functions. safe_modeDefault: OffAllowed: On, OffThis is the master safe mode setting. If enabled, the rest of the safe mode settings will be enforced with their default values. If you are not running a virtual hosting client system, you can opt to leave this setting disabled and disregard the rest of the safe mode settings. WARNINGIf you are a security-conscious server administrator and make these settings effective ina virtual hosting environment, be prepared for a barrage of complaints from your PHP users, especially when using third-party PHP scripts. Most third-party PHP scripts are not devel- oped with these settings in mind and might fail when they are executed. safe_mode_gidDefault: OffAllowed: Group ID/User IDThis setting allows access to files owned by the user running the script. NOTEYou should define this setting in an Apache virtual host configuration and use the User IDfor that virtual host file to this setting. safe_mode_include_dirDefault: Empty not definedAllowed: Path to directory (/directory/path) This setting defines a specific path of files to be included, and the security checks (safe_mode_ gid) are bypassed.

Hint: If you are looking for very good and affordable webspace to host and run your j2ee hosting application check Virtualwebstudio j2ee web hosting services

y2k_compliance = OnDefault: OnAllowed: On, OffThis setting enforces the Year 2000 compliance, which can cause problems on non-Y2K- compliant web browsers. output_bufferingDefault: OffAllowed: On, Off, size limit in bytes (for example, 1024), max bytes: 4096Output buffering enables you to send header lines even after you send body content with a trade-off in system performance. Using output buffering causes PHP to run slower. It is recommended to leave this setting off and to instead call the output buffering functions within your PHP scripts only when you need them. output_handlerDefault: Disabled by a comment mark (;) Allowed: mb_output_handler or ob_iconv_handlerWARNINGYou cannot use both ob_gzhandler (this setting) and the zlib.output_compression set- ting together. The output_handler setting enables you to redirect the output of your PHP scripts to a func- tion for handling. You might have the option to change the encoding of the output by using this setting. You can use only the mb_output_handler or the ob_iconv_handler, not both at the same time. NOTEWe do not recommend that you utilize the output_handler setting; instead use the outputbuffering functions within your script and then pass them through the handler function. zlib.output_compressionDefault: OffAllowed: On, Off, specific buffer size in bytes (default: 4) The zlib.output_compression setting enables transparent compression by using the zlib library.
Note: If you are looking for good and quality webspace to host and run your java application check Actions java hosting services

output_handlerDefault: Disabled by a comment mark (;) Allowed: Any zlib output handler functionThis setting enables you to enable additional zlib output handler functions if available. By default, this setting is disabled. implicit_flushDefault: OffAllowed: On, OffThis setting tells PHP to flush itself after every output block instead of waiting until the engine is done parsing the code before the flush. Enabling this will dramatically reduce system performance. TIPIf you want to display a script s output as it is generated, enable this setting for that script. Anexample is running the ping command and showing the output as it would display in the con- sole instead of waiting for the command to complete and then displaying all output at one time. unserialize_callback_funcDefault: Empty not definedAllowed: Function nameThis setting is used to call a function when PHP unserializes an object it does not recognize. Unserialization is the unpacking of an object that you have serialized. This enables you to store arrays and pass them through other objects. serialize_precisionDefault: 100Allowed: IntegerThis setting is similar to the precision setting except it is used to define the number of preci- sion digits after the floating point to store a serialized float or double. allow_call_time_pass_referenceDefault: OnAllowed: On, OffThis setting allows forcing of values to be passed by reference at function call time. This setting is deprecated and might not be supported by future versions of the Zend engine.
Note: If you are looking for good and quality webspace to host and run your java application check Actions java hosting services

PHP INI FileDuring the installation process, you copied an INI file to the /usr/local/lib directory of your server. This file, although optional, handles the default server-wide configuration directives for PHP. Let s break down the important elements of this INI file for better understanding. If we do not cover a section it is because that section is rarely modified and more than likely com- mented in detail of the php.ini file. engineDefault: OnAllowed: On, OffThis setting enables or disables the PHP engine under Apache. This configuration directive can be useful for disabling PHP on certain Apache virtual hosts by using the Off setting. short_open_tagDefault: OnAllowed: On, OffThe short open tag enables you to abbreviate the open tag that starts the PHP engine. The open tag normally consists of . Why you would use these with PHP is beyond us and the PHP developers, so this setting is turned off by default. precisionDefault: 12Allowed: Any integerThe precision setting displays the number of significant digits in floating-point numbers. The default setting is sufficient for everyday use; however, if you want your floating-point numbers to be less precise, you can lower this setting and vice versa for more precise numbers.
Note: If you are looking for good and quality webspace to host and run your java application check Actions java hosting services

to place the test script into your virtual host s document root; otherwise you will place it into the default document root. We re going to assume that you did not configure any virtual hosts and so will place the test script into /www/htdocs for the default document root. Follow these steps: 1.Make a file located at /www/htdocs/info.php and add the following contents to it: 2.Additionally, you can follow the trend of creating a Hello World script such as /www/ htdocs/hello.php with the following contents: 3.Access these scripts in your web browser by going to the web address of the script and check the output. The output of our phpinfo() function is depicted in Figure 10.1. The output for the Hello World script would simply be the text Hello World, PHP Rocks! FIGURE 10.1 phpinfo() function output4337Book.

Note: If you are looking for good and affordable webspace to host and run your servlet application check Virtualwebstudio servlet hosting services

Apache to Handle PHPNow that PHP is installed, you need to configure Apache to handle PHP files by passing them to the PHP engine for processing. You do this by adding some information into your Apache configuration file, httpd.conf. Here are the steps: 1.At the very end of your httpd.conf file, add the following line: AddType application/x-httpd-php .php .php32.If you wish to enable the source code highlight extension (.phps) for your files, add the fol- lowing below the previous line: AddType application/x-httpd-php-source .phpsNOTEIf you are using mod_ssl with your Apache installation, you might want to find the line thatsays AddModule mod_php5.c and move it below the regular AddModule list instead of allow- ing it to remain in the section. Depending on which version of PHP you areinstalling, this might have already been done for you. 3.Next, there is a directive in Apache called DirectoryIndex and it should be modified to add PHP index files. Locate the following line: DirectoryIndex index.htmlAnd change it to the following: DirectoryIndex index.php default.php index.html index.htm4.Now you are all set to test PHP. First, you need to completely stop and then start Apache to ensure that the PHP module was successfully loaded: apachectl stopapachectl start5.If you are using Apache with mod_ssl, you need to start Apache as follows: apachectl startsslNow your PHP installation should be complete, and all you have to do is test it. Testing the PHP InstallationTo test your PHP installation, you are going to create a simple script that will display the PHP information. If the script is executed and parsed properly, it will display a nice HTML page that is generated by PHP. If it is not executed and parsed properly, it will display the code that you typed into the script. Depending on how much of Chapter 8, Apache Web Server: Installation and Configura- tion, you followed, you might have a virtual host configured. If this is the case, you will need

Note: If you are looking for good and affordable webspace to host and run your servlet application check Virtualwebstudio servlet hosting services

This configure script utilizes the Apache SAPI extension for Dynamic Shared Object (DSO) and the system MySQL installation. The script also enables FTP support and transparent ses- sion ID support for PHP. TIPIf you Linux distribution uses RPM packages and you are having problems getting a featurecompiled, you may go to rpm.pbone.net and download the development package for thefeature you are trying to install. Example: if you are enabling the foo package with PHP (–with-foo) and you get a complaint from PHP during compile, simply go do the RPM web- site and download RPMs for your platform for foo and foo-devel. Install these RPMs and tryto compile again. This is a basic set of options that do not require anything but Apache and MySQL installed on your system, so at this point your system should be configured to run this installation with- out any problems. NOTEDepending on which MySQL installation type you performed, you might need to modify the–with-mysql directive to the correct path of libmysqlclient located on your machine. In Chapter 9, MySQL: Installation and Administration, you performed a manual installa- tion; the path is /usr/local/mysql. With a pre-built package such as RPM, it might be /usr/mysql. If you want to enable additional extensions or features, you can do so by adding the directives for them in this script. Make sure that the last line of the script does not have a trailing back- slash but that all lines before the last do contain the trailing backslash. 1.Change the permissions on this script to enable you to execute and run it: chmod 755 php_install2.Run the installation script and watch for errors: ./php_install3.At this point, you should see the message Thank you for using PHP in the last portion of output in your console. If this is the case, you are ready to move on to the make process: cd php-5.0.0make4.Now you wait a little while and enjoy the show during the make process. If you do not see any error messages on the last few lines of output, you are clear to proceed with the make install: make install5.Your next small task is to copy the php.ini example file to the correct location: cp php.ini-dist /usr/local/lib/php.ini4337Book.

Note: If you are looking for good and affordable webspace to host and run your servlet application check Virtualwebstudio servlet hosting services

with-xsl[=DIR]This adds support for the Extensible Stylesheet Language format. –with-yaz[=DIR]By using this extension, you can easily implement a Z39.50 origin (client) that searches or scans Z39.50 targets (servers) in parallel. –enable-ypThis enables network management of important administrative files; Yellow- Pages (YP) is also known as NIS. Downloading and PreparationNow that we have explained the important configuration directives and extensions, it is up to you to determine which ones you want to use with your installation. Because we want to ensure that you will be able to get up and running as smoothly as possible, we are going to show you how to do a basic PHP installation that will work. Let s get started by downloading the packages: 1.In the previous chapters of this book, you created a directory for downloading and install- ing your source files. Move to that directory now: cd /usr/local/src/webserver2.Go to www.php.net/downloads.php and select the PHP 5 tarball under the Complete Source Code section. PHP.net uses a mirroring system, so you will have to choose the mir- ror that is closest to you for downloading your file. After you find a mirror (the closest is usually highlighted for you), copy the URL to the files and use the single-quotes in wget to follow the redirect: wget http://us3.php.net/get/php 5.0.0.tar.gz/from/this/mirror 3.Unpack the tarball: tar zxpf php-5.0.0.tar.gzA new directory will be created for you with the contents of the tarball. Compiling and Installing PHPThe next step is to create your installation script. As we mentioned in previous chapters, it is always a good idea to create a script that has the configure options for your compilation in case you need to install again later. Your script is named php_install and contains the following: cd php-5.0.0./configure –with-apxs=/www/bin/apxs –with-mysql=/usr/local/mysql –enable-ftp –enable-trans-sid
Note: If you are looking for cheap and inexpensive provider to host and run your tomcat application check Actions tomcat hosting services