php-general Digest 21 Jul 2009 05:37:03 -0000 Issue 6241
Topics (messages 295607 through 295616):
Re: Internal PHP caching methodology
295607 by: Eric Butera
pre-screening pages before served?
295608 by: Chris Payne
295610 by: Per Jessen
295611 by: Chris Payne
295612 by: Daevid Vincent
295613 by: Bastien Koert
295614 by: Chris Payne
295615 by: Bastien Koert
Re: PHP and FoxPro
295609 by: Matt Neimeyer
require/include fails with APC enabled
295616 by: Ian Maddox
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
On Sat, Jul 18, 2009 at 7:14 AM, Daniel Kolbo<kolb0...@umn.edu> wrote:
> Daniel Kolbo wrote:
>> Eric Butera wrote:
>>> On Thu, Jul 16, 2009 at 5:50 PM, Daniel Kolbo<kolb0...@umn.edu> wrote:
>>>> Hello,
>>>>
>>>> Call me a dreamer...but I got to ask.
>>>>
>>>> Is there any software for helping speed up PHP by utilizing internal PHP
>>>> caching?
>>>>
>>>> I am not talking about the external php cache/header control. Smarty
>>>> caching doesn't give me the control I need either.
>>>>
>>>> I would like to cache to a finer level than page by page, but rather on
>>>> a module by module basis. Each of my pages contains a subset of
>>>> modules. The content of these modules changes based upon certain
>>>> criteria (link, time, session data, but is sometimes static across the
>>>> site). I would like to be able to cache individual "modules"
>>>> (preferably based upon frequency and time to generate).
>>>>
>>>> I am trying to develop a way to do this, but I have to think a brighter
>>>> mind has come before me and hopefully arrived at a solution.
>>>>
>>>> As always any help/thoughts are much appreciated, except for that one
>>>> guy's comments (you all know who I am talking) ~ jk ;)
>>>>
>>>> Thanks,
>>>> `
>>>>
>>>> --
>>>> PHP General Mailing List (http://www.php.net/)
>>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>>
>>>>
>>> Have you actually profiled your code to see where the pain points are
>>> vs saying 'module?' Are you also running an opcode cache? From there
>>> you can use data, block, or full page caching. Finally you can figure
>>> out if you want to store it in flat files or memory. I'd start by
>>> knowing what is actually the slow part using Xdebug and nail a few
>>> down.
>>>
>>> There is no end all solution. Some pages really don't have a lot
>>> going on and are hardly updated so full page is fine. Others might
>>> have something that is hard to generate on a sidebar, so block caching
>>> would be more suitable for that. As previously mentioned, Zend_Cache
>>> is up to the task. There is also a PEAR package called Cache_Lite
>>> which would work to if you're interested in file based caching.
>>>
>>
>> So dreams do come true...
>>
>> Thank you for the wonderful insight. I've been reading about the
>> memcached and Xdebug and Zend_Cache. I've got lots to learn, but it is
>> exactly the type of material i was trying to find.
>>
>> I am not currently running an opcode cache. I may be doing "premature
>> optimization", but i want to design the entire system intelligently from
>> the get go rather than having to rebuild later. you know 'work smarter
>> not harder'....
>>
>> Is it possible to run xdebug on a virtual host server on which i do not
>> have shell access? I can modify php.ini via cgi, but I don't know if
>> i'd be able to view the results of xdebug on the machine. Your opinion
>> would be appreciated.
>>
>> Thanks so much, i feel like i've just been shown a whole new world.
>> dK
>> `
>
> I still have to (fully) rtfm. But i was wondering if the following
> scenario(s) is(are) possible.
>
> -Does memcached store the same data under different keys in the same spot?
>
> From my reading so far, i do not think so.
> My understanding is that currently memcached goes like as follows:
> key->key_hash->server->data_value
> but this approach could conceivably store the same data_value under
> different keys (thus consuming unneeded memory)
>
> What i'd like it to do is the following:
> key->key_hash->server->data_hash->server->data_value
>
> That is, each key has the data_hash as its value. Then one uses this
> data_hash as the new key which has the data_value as its value.
> This way the only data that is replicated would be the relatively small
> data_hash, but the (larger) data itself would not be replicated.
>
> This would allow for the user to use different keys to access the same
> data. This would be needed when seemingly different keys happen to
> share the same data, but would be too costly to recognize, predict, and
> accommodate such associations
>
> This doubles the number of calls to the server, but could conceivable
> save a great deal of memory for more cached objects. What would be even
> slicker is if the programmer could use either approach within the same
> script. For example, if the programmer new for (almost) certain that a
> certain key would never have the same data signature as any other key,
> she could then use the original method and save on the overhead of
> storing key_hash to data_hashes pairs.
>
> Also, I really like the idea behind zend_cache that I can use memcache/d
> as the backend. That's pretty modular!
>
> I have three direct questions:
> 1) Is the above approach wise or have i violated some basic caching
> principle?
>
> 2) Is the php memcache/memcached class extendable (so that I can
> implement 1 above)?
>
> 3) If 2) is yes, can I use this extendable class as the backend for
> zend_cache?
>
> Thanks,
> dK
> `
>
>
The fact you said you haven't used Xdebug or have an opcode cache
means you're starting from the wrong end. I'm pretty sure using
Zend_Cache with a flatfile backend would be more than adequate for
your needs.
As for your questions, if you think that is the way to use it that
would benefit your program the best, then go ahead. I use caching
inside method calls so that I can cache the result of my expensive
method call and it is transparent to the rest of the app.
--
http://www.ericbutera.us/
--- End Message ---
--- Begin Message ---
Hi everyone,
Is it possible to have the system pre-screen a page before it is sent
to a user? What I mean is, if someone requests index.php could I have
a script scan the file before I serves it? The reason I ask is this
way I could check for patterns on the script to make sure the page
hasn't been tampered with live, so to speak.
Chris
--- End Message ---
--- Begin Message ---
Chris Payne wrote:
> Hi everyone,
>
> Is it possible to have the system pre-screen a page before it is sent
> to a user? What I mean is, if someone requests index.php could I have
> a script scan the file before I serves it?
Yes, apache has an output filter that can be set up as the last stage
just before serving a page.
/Per
--
Per Jessen, Zürich (19.8°C)
--- End Message ---
--- Begin Message ---
On Mon, Jul 20, 2009 at 12:30 PM, Per Jessen<p...@computer.org> wrote:
> Chris Payne wrote:
>
>> Hi everyone,
>>
>> Is it possible to have the system pre-screen a page before it is sent
>> to a user? What I mean is, if someone requests index.php could I have
>> a script scan the file before I serves it?
>
> Yes, apache has an output filter that can be set up as the last stage
> just before serving a page.
>
>
> /Per
>
> --
> Per Jessen, Zürich (19.8°C)
Thank you, i'll look into that this evening as it would solve some
problems i've had. I want my system to check local copies of a page
against a cache I have of the same page and if they are different it
won't serve the page and will automatically send me a copy of the page
via email and restore it to what it should be. A way of protecting
against attacks. Just 1 stage but I want to be pro-active and always
be ontop of things.
Chris
--- End Message ---
--- Begin Message ---
> -----Original Message-----
> From: oxygene...@gmail.com [mailto:oxygene...@gmail.com] On
> Behalf Of Chris Payne
> Sent: Monday, July 20, 2009 12:58 PM
> To: php-gene...@lists.php.net
> Subject: Re: [PHP] pre-screening pages before served?
>
> On Mon, Jul 20, 2009 at 12:30 PM, Per Jessen<p...@computer.org> wrote:
> > Chris Payne wrote:
> >
> >> Hi everyone,
> >>
> >> Is it possible to have the system pre-screen a page before
> it is sent
> >> to a user? What I mean is, if someone requests index.php
> could I have
> >> a script scan the file before I serves it?
> >
> > Yes, apache has an output filter that can be set up as the
> last stage
> > just before serving a page.
> >
> >
> > /Per
> >
> > --
> > Per Jessen, Zürich (19.8°C)
>
> Thank you, i'll look into that this evening as it would solve some
> problems i've had. I want my system to check local copies of a page
> against a cache I have of the same page and if they are different it
> won't serve the page and will automatically send me a copy of the page
> via email and restore it to what it should be. A way of protecting
> against attacks. Just 1 stage but I want to be pro-active and always
> be ontop of things.
Really? This is an actual problem for you? It sounds too me that you have a
malicious user on your server and if so, fire them. If you suspect you've
been hacked from externally, then I would format and re-install -- or use a
backup from a known good date. I've been coding PHP since 1996, and have
NEVER heard of a man-in-the-middle attack like this. It just sounds like you
have other problems and this isn't a solution, it's a band-aid.
http://daevid.com
--- End Message ---
--- Begin Message ---
On Mon, Jul 20, 2009 at 4:25 PM, Daevid Vincent<dae...@daevid.com> wrote:
>
>
>> -----Original Message-----
>> From: oxygene...@gmail.com [mailto:oxygene...@gmail.com] On
>> Behalf Of Chris Payne
>> Sent: Monday, July 20, 2009 12:58 PM
>> To: php-gene...@lists.php.net
>> Subject: Re: [PHP] pre-screening pages before served?
>>
>> On Mon, Jul 20, 2009 at 12:30 PM, Per Jessen<p...@computer.org> wrote:
>> > Chris Payne wrote:
>> >
>> >> Hi everyone,
>> >>
>> >> Is it possible to have the system pre-screen a page before
>> it is sent
>> >> to a user? What I mean is, if someone requests index.php
>> could I have
>> >> a script scan the file before I serves it?
>> >
>> > Yes, apache has an output filter that can be set up as the
>> last stage
>> > just before serving a page.
>> >
>> >
>> > /Per
>> >
>> > --
>> > Per Jessen, Zürich (19.8°C)
>>
>> Thank you, i'll look into that this evening as it would solve some
>> problems i've had. I want my system to check local copies of a page
>> against a cache I have of the same page and if they are different it
>> won't serve the page and will automatically send me a copy of the page
>> via email and restore it to what it should be. A way of protecting
>> against attacks. Just 1 stage but I want to be pro-active and always
>> be ontop of things.
>
> Really? This is an actual problem for you? It sounds too me that you have a
> malicious user on your server and if so, fire them. If you suspect you've
> been hacked from externally, then I would format and re-install -- or use a
> backup from a known good date. I've been coding PHP since 1996, and have
> NEVER heard of a man-in-the-middle attack like this. It just sounds like you
> have other problems and this isn't a solution, it's a band-aid.
>
> http://daevid.com
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Sounds like XSS to me. Likely a better validation and sanitation
routine would help to clear the issue
--
Bastien
Cat, the other other white meat
--- End Message ---
--- Begin Message ---
> Really? This is an actual problem for you? It sounds too me that you have a
> malicious user on your server and if so, fire them. If you suspect you've
> been hacked from externally, then I would format and re-install -- or use a
> backup from a known good date. I've been coding PHP since 1996, and have
> NEVER heard of a man-in-the-middle attack like this. It just sounds like you
> have other problems and this isn't a solution, it's a band-aid.
Hi There,
There were MANY servers this past month had the same attack. At the
end of every index page on the website some malicious PHP code was
added linking to an iframe etc ..... first thing i did (Of course) was
change all FTP and user account passwords on my server and LUCKILY it
hasn't happened since even though friends of mine have had it happen a
couple of times on their servers since.
I just want to have an extra layer of protection in place and i'm also
going to go through every single script I have written and lock them
down tightly as I don't know if they did this with FTP or some other
way to be honest.
Chris
--- End Message ---
--- Begin Message ---
On Mon, Jul 20, 2009 at 4:47 PM, Chris Payne<chris_pa...@danmangames.com> wrote:
>> Really? This is an actual problem for you? It sounds too me that you have a
>> malicious user on your server and if so, fire them. If you suspect you've
>> been hacked from externally, then I would format and re-install -- or use a
>> backup from a known good date. I've been coding PHP since 1996, and have
>> NEVER heard of a man-in-the-middle attack like this. It just sounds like you
>> have other problems and this isn't a solution, it's a band-aid.
>
> Hi There,
>
> There were MANY servers this past month had the same attack. At the
> end of every index page on the website some malicious PHP code was
> added linking to an iframe etc ..... first thing i did (Of course) was
> change all FTP and user account passwords on my server and LUCKILY it
> hasn't happened since even though friends of mine have had it happen a
> couple of times on their servers since.
>
> I just want to have an extra layer of protection in place and i'm also
> going to go through every single script I have written and lock them
> down tightly as I don't know if they did this with FTP or some other
> way to be honest.
>
> Chris
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
This could be the result of hole in the security somewhere of some
package on the server. Worth checking into.
--
Bastien
Cat, the other other white meat
--- End Message ---
--- Begin Message ---
> We currently use the Easysoft ODBC Bridge to connect to a remote FoxPro
> database. The problem is that the bridge, after a while, starts consuming a
> ton of system resources and we have to reboot the machine. Afterwards, it
> can take upwards to two hours before everything is running quickly again.
> We need another solution. Does anyone know of a any other way to connect
> to a remote FoxPro database (or any ODBC source that isn't a database
> server)?
We've had a LOT a luck using ODBTP. Which can be found at
http://odbtp.sourceforge.net
Here's the rough outline...
1. Install Visual FoxPro odbc driver (or whatever drivers you want) on
a Windows machine.
2. Install the ODBTP Server on the windows machine
3. Install a PHP module in your php. (Common ones included in the download)
4. Once you connect the functions are ALMOST exactly the same in usage
as the mysql_xyz functions.
A couple gotchas:
1. If you need to compile the PHP ODBTP module from source on x64 (OS
X Leopard at least) it can be a pain.
2. The VFP 6.0 ODBC driver (not sure about higher versions) does not
allow more than 250 odd characters to be inserted at a single time so
memo's can be a PAIN.
3. It does require a port be opened on the Windows machine's
firewall... (Uses TCP/IP for communication)
4. By default the ODBTP server can use up to 32 threads. The VFP ODBC
driver is by nature single threaded. We've never had a problem with
that directly but I assume it is what causes threads to slowly hang
and disappear... eventually a message comes up "Unable to create
thread". At that point you simply need to restart the ODBTP service in
the Windows Services Control Panel. The bigger the tables and the more
heavily used it is the more often this will happen.
Other than that... Works like a charm. Looking forward, once you bite
the bullet and convert to MySQL (at least for us) you can almost
change odbtp_ to mysql_ and be up and running. (Assuming you limit
yourself to "pure" SQL and not invoke VFP functions.)
Matt
--- End Message ---
--- Begin Message ---
I have one server that is acting up whenever I try to enable APC. PHP
scripts execute normally as long as there are no calls to include(),
include_once(), require(), or require_once().
Any file (no matter the size) that can be included while APC is disabled
will cause the script to silently fail at the point of include when APC is
enabled. There is no output in the PHP error_log, even when logging all
message types.
This feels like it's probably a really simple fix, but we're stumped. Any
help you can provide would be greatly appreciated.
Server software combinations:
PHP 5.2.9 with APC 3.0.18 and ZTS
PHP 5.2.6+lenny3 with APC 3.1.2
PHP 5.2.6+lenny3 with APC 3.0.18
Apache 2.2.9 in all cases
APC is configured for pthread mutex locks. mmap disabled.
--- End Message ---
