Category Archives: php

Thread Safety in php

Thread safety is a computer programming concept applicable in the context of multi-threaded programs. A piece of code is thread-safe if it only manipulates shared data structures in a manner that guarantees safe execution by multiple threads at the same time.

There have been a few options available for a while to get PHP performing well on linux or IIS.
One solution is to configure web service to use PHP in FastCGI mode which allows PHP processes to be recycled rather than killed off after each PHP request and also allows you to run several PHP processes at once, making PHP much much faster with the added bonus that as it is using the CGI interface there is little or no incompatibility issues with PHP extensions.

The utilization of non thread safe binaries does not allow to use FastCGI mode!

On debian/ubuntu
Thread Safety enable.
# aptitude install apache2-mpm-worker libapache2-mod-fcgid php5-cgi && a2enmod fcgid && /etc/init.d/apache2 restartThread Safety disable.
# aptitude install apache2-mpm-prefork libapache2-mod-php5 && a2dismod fcgid && /etc/init.d/apache2 restart

If your non thread safe binaries software not works, it was because installing apache2-dev package on my system automatically installs apache2-thread-dev whose apxs2 tells the PHP build system to build with thread-safety on. Therefore, the solution was to directly install apache2-prefork-dev package.

Reference: Wikipedia, Tnread Safety dis/able, Install/Purge package

phpSHIELD Loader

phpSHIELD is a premier php Encoder product. Loaders for phpSHIELD encoded scripts are free to download and install.

Check your servers PHP version. You do this by typing the command:
php -vCheck your system architecture. You do this by typing the command:
uname -i
The result will either be i386 or x86_64. You will need this information to download the correct PHPshield loaders.

Check your PHP extensions_directory. You do this by typing the command:
php -i|grep extension_dirMy path is
extension_dir => /usr/lib/php5/20090626 => /usr/lib/php5/20090626
You must first delete any loaders that may already be in your extensions directory
cd /usr/lib/php5/20090626
rm phpshield.*

Download PHPshield Loaders. You must now download the appropriate PHPshield loader, based on your system architecture. below is a list of the files we have available for download

  • Linux, i386, v5.2.x wget http://downloads.phpmotion.com/phpshield-loaders/32bit/phpshield.5.2.lin
  • Linux, x86_64, v5.2.x wget http://downloads.phpmotion.com/phpshield-loaders/64bit/phpshield.5.2.lin
  • Linux, i386, v5.3.x wget http://downloads.phpmotion.com/phpshield-loaders/linux/i386/ixed.5.3
  • Linux, x86_64, v5.3.x wget http://downloads.phpmotion.com/phpshield-loaders/linux/x86_64/ixed.5.3

v5.2.x
mv phpshield.5.2.lin /usr/lib/php5/20090626/
v5.3.x
mv ixed.5.3 /usr/lib/php5/20090626/
First you need to find out the location of your main php.ini file. This file is the main configuration file for PHP on your server.
You do this by typing the command belowphp -i|grep php.iniYou should get a result that shows something like thisLoaded Configuration File => /etc/php.ini
In the case of our example above, the path we want it /etc/php.ini (others, /etc/php5/apache2/php.ini)
Now run the command below. Remember to use your own php.ini directoy path in the command above
echo "extension=ixed.5.3" >> /etc/php.ini

Restart your web server
/etc/init.d/apache restart
OR
/etc/init.d/apache2 restart

Reference: phpSHIELD PHP encoder, Loaders

PHP PEAR installation and configuration

PEAR is short for “PHP Extension and Application Repository” and is pronounced just like the fruit. The purpose of PEAR is to provide:

  • A structured library of open-source code for PHP users
  • A system for code distribution and package maintenance
  • A standard style for code written in PHP, specified here
  • The PHP Extension Community Library (PECL), see more below
  • A web site, mailing lists and download mirrors to support the PHP/PEAR community

Installation
There is not important what it is your OS: you could download http://pear.php.net/go-pear to begin installation.
wget http://pear.php.net/go-pear
mv go-pear go-pear.php
php go-pear.php

or simply:
aptitude install php-pear (Debian / Ubuntu)
yum install php-pear (Fedora / Centos)

Verifying the include path
To use PEAR and PEAR compatible packages in your applications, you normally include them into your PHP scripts using require_once(). For this to work, PEAR’s php_dir must be a part of PHP’s include path.
1. First, check where PEAR installs .php files:
pear config-get php_dir
mine output is:
/usr/local/php/pear/
This directory will contain System.php.
2. Now it’s time to find which configuration file is used by your PHP installation. On command line, execute:
php --ini | grep Loaded
mine output is:
Loaded Configuration File: /etc/php.ini
To see which php.ini is used by PHP on your web server, create a file with only as the contents, and save it in your local web root as check_php.php. Open the file in your browser as http://localhost/check_php.php, to find the path to the php.ini file your web server is using.
3. include_path about php.ini must include php pear directory:
grep include_path /etc/php.ini | egrep "^[^;]"
mine output is:
include_path = ".:/usr/local/php/pear/"
If your include_path does not contain php pear directory, then you must add it modifying php.ini.
Modifying php.ini
To get PEAR working properly, you need to adjust PHP’s include_path. After you found php.ini, open it in an editor.
Search for the line include_path.
Now that you found it, you probably will see a semicolon ; at the beginning. This means the line is a comment. Add a new line below it.
In this line, write:
include_path="."
Depending on your operating system, add a : (Unix/Linux/FreeBSD/Mac OS X) or a ; (Windows) after the dot. Add PEAR’s php_dir after it. (The directory System.php is located in!)
The result should look like that:
; Unix
include_path=".:/usr/local/php/pear/"

or
; Windows
include_path=".;C:\php\pear\"

Checking if PEAR works
Now that this is done, try including a file. Create a new check_pear.php file with the following contents:

require_once 'System.php';
var_dump(class_exists('System'));
?>

System.php is shipped with every PEAR installation and thus should be on your computer, too. Open the file with the browser from your web server, and also try it on command line:
php check_pear.php
The only output should be
bool(true)
A message like:
Warning: require_once(System.php): failed to open stream:
No such file or directory in /path/to/check_pear.php on line 2

means that your include path is not correct. (So go and fix it!)
Installing packages
After getting PEAR working on your machine you most likely want to install some packages. This guide shows people new to the PEAR command line installer how to get started. The general command to install a PEAR package named “foo” is
pear install foo
Typing this and pressing return, the package will be downloaded and installed on your computer. It does not matter if you write the package name in lowercase, UPPERCASE or MixedCase – the installer will find the package by lowercasing the name.
When a package is already installed, you will get the following message:
pear install foo
Output is:
Ignoring installed package pear/foo
Nothing to install

This happens even if there is a newer version of the package! The correct command to upgrade to the lastest version is
pear upgrade foo
Output is:
upgrade ok: channel://pear.php.net/Foo-1.2.3
If the package already has the lastest version, you will get a message similar to the following:
Ignoring installed package pear/Foo
Nothing to upgrade

In the case you deleted some file and really really want to re-install the package, you have two choices:

  • Uninstall the package, and reinstall it afterwards
  • Force the installation

Forcing an command should only be done when you absolutely know what you are doing – you might in some circumstances break PEAR otherwise. Forcing something should always be the last option.
pear install -f foo
pear upgrade -f foo

Unstable alpha/beta packages
Now and then, you will get error messages like

Failed to download pear/foo within preferred state "stable",
latest release is version 0.1.2, stability "beta",
use "channel://pear.php.net/foo-0.1.2" to install
Cannot initialize 'channel://pear.php.net/foo', invalid or missing package file
Package "channel://pear.php.net/foo" is not valid
install failed

Reason for this is that PEAR by default installs stable packages only. When a package is in state devel, alpha or beta it will refuse to install them. You can easily persuade it by adding either the version number or the stability you are willing to accept:
pear install Foo-beta
pear install Foo-alpha

You can also install a specific version, or upgrade to a specific version regardless of the state:
pear install Foo-1.2.3
pear upgrade Foo-1.2.3

Verifying the open basedir
It may happen that from the command line php pear works and via browser no. In the apache configuration file of domain may need to add:

php_admin_value open_basedir "/var/www/domain.my/httpdocs:/usr/local/php/pear/:/tmp"
php_admin_value include_path ".:/usr/local/php/pear/"

Reference: about PEAR, getting started, installing packages, checking if PEAR works, mediatemple.net.

open_basedir restriction in effect

PHP open_basedir protection tweak is a Safe Mode security measure that prevents users from opening files or scripts located outside of their home directory with PHP, unless the folder has specifically excluded. PHP open_basedir setting if enabled, will ensure that all file operations to be limited to files under certain directory, and thus prevent php scripts for a particular user from accessing files in unauthorized user’s account. When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified or permissible directory-tree, PHP will refuse to open it and the following errors may occur:
Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File ...
The above error message appears on a Apache httpd web server error log (error_log). However, the problem may happen to all system or websites that use PHP as scripting language.
The solution or workaround to open_basedir restriction problem is that disable the PHP open_basedir protection altogether, or to exclude the protection for certain privileged user accounts, or to allow access to the additional directory for PHP scripts.

If you’re using cPanel WebHost Manager (WHM), you can easily disable PHP open_basedir protection or exclude certain users from the protection with WHM. Simply go to “Tweak Security” under the “Security” section, then select “Configure” link for “Php open_basedir Tweak”. Inside it, you can enable or disable php open_basedir Protection, or exclude and include hosts from the protection.

If you’re using Plesk hosting control panel, you may need to manually edit Apache configuration file of vhost.conf and vhost_ssl.conf, and add in or edit the following php_admin_value open_basedir lines to the following:

php_admin_value open_basedir none


php_admin_value open_basedir /full/path/to/dir:/full/path/to/directory/httpdocs:/tmp

Note: For SSL hosts in the vhost_ssl.conf file, the Directory path will end with “httpsdocs” instead of “httpdocs”.

The paths (above is example only and to be replaced with real path) that behind open_basedir are the directories that specifically allowed for the PHP scripts in the vhost domain account to access, so you can add in more directories that files are been stored and needed to be opened by PHP, each seperated by color “:”. But be careful as it might expose your system to security fraud.

Once done, restart Apache httpd web server (apache2ctl restart or httpd restart). If you have to manually edit the Apache configuration file to disable PHP open_basedir protection, simply open up the httpd.conf file, and search for the lines that starts with the following characters:
php_admin_value open_basedir …..
Replace the whole line under the virtual host for the domain user account that you want to disable protection with the following line to disable it:
php_admin_value open_basedir none
You can also opt to allow your PHP scripts to access additional directory instead without disabling the protection. Additional directory can be added to the line, separated with color “:”. For example, to add /new_directory to the allow list:
php_admin_value open_basedir “/home/user_account/:/usr/lib/php:/usr/local/lib/php:/tmp”
php_admin_value open_basedir “/home/user_account/:/usr/lib/php:/usr/local/lib/php:/tmp:/new_directory”

Restart the Apache after finished editing. Note that the directory allowed list restriction above is actually a prefix, not a directory name. This means that “open_basedir = /dir/incl” also allows access to “/dir/include” and “/dir/incls” if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: “open_basedir = /dir/incl/”.

Reference: mydigitallife.info

php5 update on CentOS

If you have CentOS v5.2 then you have PHP v5.1.6. Any PHP5 systems need PHP5 > v5.2.
The php-sqlite2 library has a problem to update so that you must delete it:
yum erase php-sqlite2
Now, you have got any solutions:

    Update PHP5 to last stable version and create /etc/yum.repos.d/CentOS-Testing.repo with this content:

    [c5-testing]
    name=CentOS-5 Testing
    baseurl=http://dev.centos.org/centos/$releasever/testing/$basearch/
    enabled=1
    gpgcheck=1
    gpgkey=http://dev.centos.org/centos/RPM-GPG-KEY-CentOS-testing
    includepkgs=php*

    Update PHP5 to last beta version and create /etc/yum.repos.d/utterramblings.repo with this content:

    [utterramblings]
    name=Jason's Utter Ramblings Repo
    baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/
    enabled=1
    gpgcheck=1
    gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka

Now, you could update system:
yum update

Reference: wiki.centos.org and jasonlitka.com

php-mcrypt installation on CentOS

Updating/Installing mcrypt
If you have php-mcrypt for PHP 5.1.x installed you’ll want to remove it:
Note: Your version number maybe different. Alter below command accordingly.
rpm -e php-mcrypt-5.1.6-15.el5.centos.1
Download php-mcrypt for PHP 5.2.x and install it. You can find a 32-bit php-mcrypt package here FedoraJunkies.
Note: You’ll notice the “–nodeps” flag in the example. When you try to install php-mcrypt without it you get an error that php-common-5.2.6-2.el5s2 is missing even though it is installed.
wget -c http://sourcemirrors.org/scotth/centos/5/php/php-mcrypt-5.2.6-2.i386.rpm
rpm -i --nodeps php-mcrypt-5.2.6-2.i386.rpm

Restart Apache and you should now see mcrypt information on your testing.php page.

System installs library and creates /usr/lib/php5/../mcrypt.so
Check if mcrypt.ini file exists or create it in /etc/php5/conf.d and added this one liner:
extension=mcrypt.so

Reference: wiki.centos.org, php.net