php-general Digest 30 Sep 2006 21:34:00 -0000 Issue 4377
Topics (messages 242418 through 242438):
Re: moving file from one server to another
242418 by: Google Kreme
242419 by: Nick Wilson
242423 by: Tony Di Croce
242425 by: Nick Wilson
Re: How to effectuate translations
242420 by: Tony Marston
242429 by: Mário Gamito
242430 by: Mário Gamito
242435 by: Stut
Re: Rapid application development
242421 by: Tony Marston
exec returns no output?
242422 by: Nick Wilson
242424 by: Ray Hauge
242426 by: Nick Wilson
242427 by: Colin Guthrie
242428 by: Nick Wilson
242431 by: Colin Guthrie
242432 by: Nick Wilson
242433 by: Colin Guthrie
242434 by: Nick Wilson
242436 by: Stut
242438 by: Nick Wilson
Hotmail and junk mail
242437 by: eqla3.com eqla3.com
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
On 30 Sep 2006, at 03:29 , Nick Wilson wrote:
I need to let users upload to the regular LAMP box, but then copy the
image over to the custom image server (which does not have php or any
kind of cgi capability).
I was considering using exec() and scp to do this, but thought i'd ask
and see if anyone had any better suggestions?
Ah... well, does the copy need to be interactive, or does it need to
be automatic?
I'd probably use rsync to copy the upload tree to the image server
myself, without involving php at all.
--
Three tomatoes are walking down the street- a poppa tomato, a momma
tomato, and a little baby tomato. Baby tomato starts lagging behind.
Poppa tomato gets angry, goes over to the baby tomato, and smooshes
him, "Catch up."
--- End Message ---
--- Begin Message ---
* and then Google Kreme declared....
> On 30 Sep 2006, at 03:29 , Nick Wilson wrote:
> >I need to let users upload to the regular LAMP box, but then copy the
> >image over to the custom image server (which does not have php or any
> >kind of cgi capability).
> >
> >I was considering using exec() and scp to do this, but thought i'd ask
> >and see if anyone had any better suggestions?
>
> Ah... well, does the copy need to be interactive, or does it need to
> be automatic?
>
> I'd probably use rsync to copy the upload tree to the image server
> myself, without involving php at all.
yes. i'd considered rsync but the file needs to be available on the
image server immediately. scp'ing it should work, but of course imnow
having fun with the apache user and try9ing to work out how to give it
an ssh profile :)
--
Nick Wilson
http://performancing.com/user/1
--- End Message ---
--- Begin Message ---
How about nfs mounting a directory from the image server to a directory on
the lamp server.
This way, the files are never really on the LAMP server...
td
On 9/30/06, Nick Wilson <[EMAIL PROTECTED]> wrote:
* and then Google Kreme declared....
> On 30 Sep 2006, at 03:29 , Nick Wilson wrote:
> >I need to let users upload to the regular LAMP box, but then copy the
> >image over to the custom image server (which does not have php or any
> >kind of cgi capability).
> >
> >I was considering using exec() and scp to do this, but thought i'd ask
> >and see if anyone had any better suggestions?
>
> Ah... well, does the copy need to be interactive, or does it need to
> be automatic?
>
> I'd probably use rsync to copy the upload tree to the image server
> myself, without involving php at all.
yes. i'd considered rsync but the file needs to be available on the
image server immediately. scp'ing it should work, but of course imnow
having fun with the apache user and try9ing to work out how to give it
an ssh profile :)
--
Nick Wilson
http://performancing.com/user/1
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Publish technical articles @ skilledwords.com and get 100% of the
ad-revenue!
http://www.skilledwords.com
--- End Message ---
--- Begin Message ---
* and then Tony Di Croce declared....
> How about nfs mounting a directory from the image server to a directory on
> the lamp server.
>
> This way, the files are never really on the LAMP server...
yeh, that had ocurred to me, and may be a good solution Tony. The only
thing that worried me was not knowing (ie having to research..) whether
that would cause any significant overhead on the image server. It's not
like it's an under spec'd machine, but the point of course is to have as
small a server load as possible -- so we dont need to start dropping
aditioonal boxes in too soon.
I run nfs at home and we make good use of it on the local network where
the actual application is for shared files under the laod balancer, but
this would be another data center entirely.
It may be that it's a trivial thing, the reason ive not done it is Im
just not 100% sure on it is all, whereas simply scp/sftp'ing files into
the image server dir is about as simple as it gets right?
--
Nick Wilson
http://performancing.com/user/1
--- End Message ---
--- Begin Message ---
Take a look at
http://www.tonymarston.net/php-mysql/internationalisation.html which
documents the solution which I have adopted.
--
Tony Marston
http://www.tonymarston.net
http://www.radicore.org
"AR" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi,
>
> I'm coding this software that has several files for several languages,
> so that users can chose the one that suits him.
>
> My question is what is the best way to integrate this in the PHP code,
> i. e., to make it work.
>
> Any help would be appreciated.
>
> Warm regards,
> Augusto Reis
--- End Message ---
--- Begin Message ---
Hi,
But this allows users to choose the language or is it an automatic
process from the browser language ?
Regards,
Mário Gamito
Tony Marston wrote:
> Take a look at
> http://www.tonymarston.net/php-mysql/internationalisation.html which
> documents the solution which I have adopted.
>
--- End Message ---
--- Begin Message ---
Hi,
Yes, but what i was looking for is the best solution for the users to
choose their language.
Thanks for the useful link anyway.
Best Regards,
Mário Gamito
Tony Marston wrote:
> If you read
> http://www.tonymarston.net/php-mysql/internationalisation.html#determine.use
> r.language you will see that it determines the user's language from
> $_SERVER["HTTP_ACCEPT_LANGUAGE"] which is taken from settings in the
> client's browser. It is also possible for this to be overridden in the
> Control Record or the MNU_USER record.
>
> Tony Marston
>
> http://www.tonymarston.net
> http://www.radicore.org
>
>
>
>> -----Original Message-----
>> From: Mário Gamito [mailto:[EMAIL PROTECTED]
>> Sent: 30 September 2006 16:11
>> To: Tony Marston
>> Subject: Re: [PHP] Re: How to effectuate translations
>>
>>
>> Hi Tony,
>>
>> But this works automagiacaly from the browser language or the
>> users can choose ?
>>
>> Regards,
>> Mário Gamito
>>
>> Tony Marston wrote:
>>> Take a look at
>>>
>> http://www.tonymarston.net/php-mysql/internationalisation.html which
>>> documents the solution which I have adopted.
>>>
>>
>
>
--- End Message ---
--- Begin Message ---
Mário Gamito wrote:
Yes, but what i was looking for is the best solution for the users to
choose their language.
The same principals apply as to how you organise the customised strings.
Whether the language selection is automatic or manual is surely
peripheral to the point.
-Stut
Tony Marston wrote:
If you read
http://www.tonymarston.net/php-mysql/internationalisation.html#determine.use
r.language you will see that it determines the user's language from
$_SERVER["HTTP_ACCEPT_LANGUAGE"] which is taken from settings in the
client's browser. It is also possible for this to be overridden in the
Control Record or the MNU_USER record.
Tony Marston
http://www.tonymarston.net
http://www.radicore.org
-----Original Message-----
From: Mário Gamito [mailto:[EMAIL PROTECTED]
Sent: 30 September 2006 16:11
To: Tony Marston
Subject: Re: [PHP] Re: How to effectuate translations
Hi Tony,
But this works automagiacaly from the browser language or the
users can choose ?
Regards,
Mário Gamito
Tony Marston wrote:
Take a look at
http://www.tonymarston.net/php-mysql/internationalisation.html which
documents the solution which I have adopted.
--- End Message ---
--- Begin Message ---
If you are developing an administrative CRUD application - with lots of
screens to maintain the contents of lots of database tables - then take a
look at RADICORE (http://www.radicore.org/) which allows you to develop
components within your application without writing any HTML or SQL.
--
Tony Marston
http://www.tonymarston.net
http://www.radicore.org
""Ahmad Al-Twaijiry"" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Hi Everyone,
>
> I need your feedback in this
>
> What is the best RAD (Rapid application development) do you use for
> PHP to develop an *advance* application in few days or weeks ?
>
> I like programming but one this that I hate is the first stage of
> programming when you start creating the basic code (db connection,
> interface, insert,update,....etc), this is why I'm looking for a good
> RAD tool that can speed up my programming.
>
>
>
> --
>
> Ahmad Fahad AlTwaijiry
--- End Message ---
--- Begin Message ---
hi all,
i've searched and racked my brains, checked config files and all sorts
but cannot work out why the following command would give me an empty
array (and certainly not actually perform the requested command...)
exec('scp -v -i /id_dsa file.txt [EMAIL PROTECTED]:/target/dir/', $argh);
print_r($argh);
I can only surmise there is some setting todo with ssh/scp that im
unaware of?
any ideas welcomed, thanks!
--
Nick Wilson
http://performancing.com/user/1
--- End Message ---
--- Begin Message ---
On Saturday 30 September 2006 7:22 am, Nick Wilson wrote:
> hi all,
>
> i've searched and racked my brains, checked config files and all sorts
> but cannot work out why the following command would give me an empty
> array (and certainly not actually perform the requested command...)
>
> exec('scp -v -i /id_dsa file.txt [EMAIL PROTECTED]:/target/dir/', $argh);
> print_r($argh);
>
> I can only surmise there is some setting todo with ssh/scp that im
> unaware of?
>
> any ideas welcomed, thanks!
> --
> Nick Wilson
> http://performancing.com/user/1
Do you use generated keys without a password for logging in? Otherwise exec()
is just going to sit there while the scp command waits for a password.
--
Ray Hauge
Application Development Lead
American Student Loan Services
www.americanstudentloan.com
1.800.575.1099
--- End Message ---
--- Begin Message ---
* and then Ray Hauge declared....
> On Saturday 30 September 2006 7:22 am, Nick Wilson wrote:
> > hi all,
> >
> > i've searched and racked my brains, checked config files and all sorts
> > but cannot work out why the following command would give me an empty
> > array (and certainly not actually perform the requested command...)
> >
> > exec('scp -v -i /id_dsa file.txt [EMAIL PROTECTED]:/target/dir/', $argh);
> > print_r($argh);
> >
> > I can only surmise there is some setting todo with ssh/scp that im
> > unaware of?
> >
> > any ideas welcomed, thanks!
> > --
> > Nick Wilson
> > http://performancing.com/user/1
>
> Do you use generated keys without a password for logging in? Otherwise
> exec()
> is just going to sit there while the scp command waits for a password.
Tha'ts exactly what i think it's doing. The -i specifies an identity
file according to the man page for scp so i would have hoped that would
take care of it (as i cant work out how to generate an identity for the
apache user itself) but i guess it is doing exactly as you say..
--
Nick Wilson
http://performancing.com/user/1
--- End Message ---
--- Begin Message ---
Nick Wilson wrote:
>> Do you use generated keys without a password for logging in? Otherwise
>> exec()
>> is just going to sit there while the scp command waits for a password.
>
> Tha'ts exactly what i think it's doing. The -i specifies an identity
> file according to the man page for scp so i would have hoped that would
> take care of it (as i cant work out how to generate an identity for the
> apache user itself) but i guess it is doing exactly as you say..
Nick I think you are misunderstanding what Ray is asking.
scp (without the -i <keyfile> arg) will ask you for your SSH password.
BUT, the keyfile itself can be generated to have a password also!
On the SSH server as the user you want to scp from apache as, run
"ssh-keygen -t dsa" and it will generate a key file in the current users
~/.ssh/ folder named id_dsa and id_dsa.pub
As part of this generation, it will ask you for a password for the KEY,
this is NOT the SSH password. If you want to run SCP without any
passwords, you need to just hit return at the password prompt so that it
will generate the keys without a password.
You will want to put the id_dsa.pub file on the web server and make it
readable by Apache.
Test it yourself as a normal user on the webserver and double check that
it doesn't require a password.
Hope that helps
Col.
--- End Message ---
--- Begin Message ---
* and then Colin Guthrie declared....
> Nick Wilson wrote:
> >> Do you use generated keys without a password for logging in? Otherwise
> >> exec()
> >> is just going to sit there while the scp command waits for a password.
> >
> > Tha'ts exactly what i think it's doing. The -i specifies an identity
> > file according to the man page for scp so i would have hoped that would
> > take care of it (as i cant work out how to generate an identity for the
> > apache user itself) but i guess it is doing exactly as you say..
>
> Nick I think you are misunderstanding what Ray is asking.
>
> scp (without the -i <keyfile> arg) will ask you for your SSH password.
>
> BUT, the keyfile itself can be generated to have a password also!
Right, im with you. The keyfile is mine though, and i know i can ssh
from this box to that without any problem.
I've made a test script for htis and it's returning some very weird
stuff now. The actual file it outputs (stdout and stderr) is the actual
image im trying to send!
<?php
$file = '/stat/data/drupal/image.png';
exec("/usr/bin/scp -v -i /home/troot/.ssh/id_dsa $file [EMAIL
PROTECTED]:/var/www/images/ 1>&2
/var/www/html/test/out", $ack);
print_r($ack);
?>
--
Nick Wilson
http://performancing.com/user/1
--- End Message ---
--- Begin Message ---
Nick Wilson wrote:
> Right, im with you. The keyfile is mine though, and i know i can ssh
> from this box to that without any problem.
>
> I've made a test script for htis and it's returning some very weird
> stuff now. The actual file it outputs (stdout and stderr) is the actual
> image im trying to send!
>
> <?php
> $file = '/stat/data/drupal/image.png';
> exec("/usr/bin/scp -v -i /home/troot/.ssh/id_dsa $file [EMAIL
> PROTECTED]:/var/www/images/ 1>&2
> /var/www/html/test/out", $ack);
> print_r($ack);
> ?>
Could it be a permissions problem? your ~/.ssh folder should has to be
nailed now permissions wise otherwise SSH will complain. Also the id_dsa
file is usually only readable by the user and nothing else (e.g. mode 0600)
I'd suggest you check permissions. Also I'd add a new key for this
rather than user your own. If the apache process can read your private
key this is quite a security risk....
Col.
--- End Message ---
--- Begin Message ---
* and then Colin Guthrie declared....
> Nick Wilson wrote:
> > Right, im with you. The keyfile is mine though, and i know i can ssh
> > from this box to that without any problem.
> >
> > I've made a test script for htis and it's returning some very weird
> > stuff now. The actual file it outputs (stdout and stderr) is the actual
> > image im trying to send!
> >
> > <?php
> > $file = '/stat/data/drupal/image.png';
> > exec("/usr/bin/scp -v -i /home/troot/.ssh/id_dsa $file [EMAIL
> > PROTECTED]:/var/www/images/ 1>&2
> > /var/www/html/test/out", $ack);
> > print_r($ack);
> > ?>
>
> Could it be a permissions problem? your ~/.ssh folder should has to be
> nailed now permissions wise otherwise SSH will complain. Also the id_dsa
> file is usually only readable by the user and nothing else (e.g. mode 0600)
>
> I'd suggest you check permissions. Also I'd add a new key for this
> rather than user your own. If the apache process can read your private
> key this is quite a security risk....
I think you're on the right track Col. I did a whole bunch more
searching and the one thing I kept hearing was that no matter what you
try, you just cant get the webserver to exec the script as another user
-- so even if im saying '[EMAIL PROTECTED]' in both parts of the scp command,
it's still being exec'd as apache, and apache has no home, and no .ssh
dir.
i've tried putting the perms on that dsa file directly as the apache
user and even putting it eleshwere in teh filesystem but nothing seems
to work
As i dont have the ssh2 ext on this setup, and have no desire to go
messin with new extensions it looks like im going to have to go gthe nfs
route on this problem unless anyone has done this before and knows an
answer?
thanks for the help!
--
Nick Wilson
http://performancing.com/user/1
--- End Message ---
--- Begin Message ---
Nick Wilson wrote:
> I think you're on the right track Col. I did a whole bunch more
> searching and the one thing I kept hearing was that no matter what you
> try, you just cant get the webserver to exec the script as another user
> -- so even if im saying '[EMAIL PROTECTED]' in both parts of the scp command,
> it's still being exec'd as apache, and apache has no home, and no .ssh
> dir.
The program on the webserver will always be executed as the user that
runs the webserver. The nick@ bit is purely the syntax used by the
program in question, in this case scp.
I'm sure it will be possible to get the apache user to run SCP, even if
the user does not have a home directory specified.
> i've tried putting the perms on that dsa file directly as the apache
> user and even putting it eleshwere in teh filesystem but nothing seems
> to work
>
> As i dont have the ssh2 ext on this setup, and have no desire to go
> messin with new extensions it looks like im going to have to go gthe nfs
> route on this problem unless anyone has done this before and knows an
> answer?
Assuming you have root on the box in question, you could write a shell
script that does what you need then run it from apache via the sudo
command. Provided you configure /etc/sudoers to allow the apache user to
run your script without a password, it should work. As it's only allowed
to run that one script, it is also fairly secure.
E.g.
/usr/bin/transfer_image.sh:
#!/bin/bash
if [ -z "$1" ]; then
echo "No input file."
exit 1
fi
scp "$1" [EMAIL PROTECTED]:/var/www/images/
And then in apache:
exec("sudo -u nick /usr/bin/transfer_image.sh $file");
(obviously escape $file with the escape_shell_cmd() func.)
/etc/sudoers should contain something like:
apache ALL = (/usr/bin/transfer_image.sh) NOPASSWD: ALL
Col.
--- End Message ---
--- Begin Message ---
* and then Colin Guthrie declared....
> Nick Wilson wrote:
> > I think you're on the right track Col. I did a whole bunch more
> > searching and the one thing I kept hearing was that no matter what you
> > try, you just cant get the webserver to exec the script as another user
> > -- so even if im saying '[EMAIL PROTECTED]' in both parts of the scp
> > command,
> > it's still being exec'd as apache, and apache has no home, and no .ssh
> > dir.
>
> The program on the webserver will always be executed as the user that
> runs the webserver. The nick@ bit is purely the syntax used by the
> program in question, in this case scp.
>
> I'm sure it will be possible to get the apache user to run SCP, even if
> the user does not have a home directory specified.
>
> > i've tried putting the perms on that dsa file directly as the apache
> > user and even putting it eleshwere in teh filesystem but nothing seems
> > to work
> >
> > As i dont have the ssh2 ext on this setup, and have no desire to go
> > messin with new extensions it looks like im going to have to go gthe nfs
> > route on this problem unless anyone has done this before and knows an
> > answer?
>
> Assuming you have root on the box in question, you could write a shell
> script that does what you need then run it from apache via the sudo
> command. Provided you configure /etc/sudoers to allow the apache user to
> run your script without a password, it should work. As it's only allowed
> to run that one script, it is also fairly secure.
>
> E.g.
> /usr/bin/transfer_image.sh:
> #!/bin/bash
>
> if [ -z "$1" ]; then
> echo "No input file."
> exit 1
> fi
> scp "$1" [EMAIL PROTECTED]:/var/www/images/
>
>
> And then in apache:
> exec("sudo -u nick /usr/bin/transfer_image.sh $file");
>
> (obviously escape $file with the escape_shell_cmd() func.)
>
> /etc/sudoers should contain something like:
> apache ALL = (/usr/bin/transfer_image.sh) NOPASSWD: ALL
That makes a lot of sense. I wasnt aware sudoers could be used for
individual tasks. im not having much luck with it, I suspect it's cos
what apache really needs permission to do is to 'sudo -u nick' right?
--
Nick Wilson
http://performancing.com/user/1
--- End Message ---
--- Begin Message ---
Nick Wilson wrote:
That makes a lot of sense. I wasnt aware sudoers could be used for
individual tasks. im not having much luck with it, I suspect it's cos
what apache really needs permission to do is to 'sudo -u nick' right?
Is it important that the transfer happens immediately? If not then a
better solution is to drop the images in a folder that is then
transferred by a script cron'd by the user that has everything required
to do the scp.
To be frank, anything is better than giving the user that Apache runs as
any more permissions than you have to.
-Stut
--- End Message ---
--- Begin Message ---
* and then Colin Guthrie declared....
> /usr/bin/transfer_image.sh:
> #!/bin/bash
>
> if [ -z "$1" ]; then
> echo "No input file."
> exit 1
> fi
> scp "$1" [EMAIL PROTECTED]:/var/www/images/
>
>
> And then in apache:
> exec("sudo -u nick /usr/bin/transfer_image.sh $file");
>
> (obviously escape $file with the escape_shell_cmd() func.)
>
> /etc/sudoers should contain something like:
> apache ALL = (/usr/bin/transfer_image.sh) NOPASSWD: ALL
Success!
After lots of messing around with visudo, i got this line working right:
apache ALL=(user2runAs) NOPASSWD: /usr/bin/scp-image.sh
Thanks for the help Col, seems it all turned out good -- shame to spend
the whole damn day on something so small though heh..
--
Nick Wilson
http://performancing.com/user/1
--- End Message ---
--- Begin Message ---
hello every one :)
what ever i do emails i sent got in the junk mail
i fixed the header
add spf record to the domain
using mail server with specific IP
fix all dns error
nothing work
any one get it correct ?
--- End Message ---
