Re: [PHP] PHP Supremacy...
Richard Davey wrote: Hello Trevor, Thursday, November 18, 2004, 4:55:50 PM, you wrote: GT Roughly 1/3 of the web servers on the internet these days run IIS GT Roughly 2/3 run Apache in some fashion I know you said roughly, but it's less than 1/3 running IIS, quite a bit less infact. The latest Nov. 2004 Netstat survey puts it at well under a quarter (21.25% to be exact) with Apache at 67.77% http://news.netcraft.com/archives/2004/11/01/november_2004_web_server_survey.html What's more, the IIS figure is down from a high of 35% in 2002 and is continuing to shrink. Apache is continuing to grow. There are reasons for this... GT Roughly 40-50% of the Apache guys were running PHP as their GT primary scripting language (at least for web authoring). Ok, for the sake of argument let's assume it's 40%. I don't believe for a second it is that high, but anyway.. that would be approx. 15.2 million sites running PHP. There's a Netcraft survey based graph at php.net that shows about 17 million PHP-powered sites. And we don't need to make assumptions about ASP either: PHP overtook classic in 2002 and ASP.Net powers fewer than 3 million sites. [snip] GT ASP and ASP.NET are free, just like PHP.. If you already run MS GT servers. The good development tools might be another story, That's a four-figure if, though, in practice. Not much in the budget for most serious sites or hosting infrastructures, but still needs to be factored in. It's a few missing features on any ASP site with a fixed budget, compared to the equivalent Open Source OS/Apache alternative. Development tools? OK, but you can develop on any platform and there are some great free tools. Oh, you want to use MS? Let me take that back. Want to make sense of the logs? That's more spondulicks. What's your database backend going to be? And so on. It's the total cost of ownership though. And this includes the use of extensions to the languages. PHP extensions are free, ASP ones invariably cost. This has implications for the future of any project as well as the starting point: extending an ASP site could cost...well, it's impossible to know right now. Depends what direction we need to take in the future. But PHP extensions will be free. Then there are the license terms which in the case of ASP extensions are, er... we don't know yet. Depends on the extension. Bit of a no-brainer, really. GT but if you have Windows XP (Pro I believe), then you have IIS and GT can run ASP and maybe ASP.NET. If you have Windows 95 or Windows GT 98, you have Personal Web Server which will do ASP. Hell of a waste of perfectly good hardware, though. If you want to run a web server, Linux or FreeBSD will run rings round any of the above. You do need a MS server OS for reasonable performance and security if you want to go the MS route. MS is great for some things. And there are things only MS can do (COM objects spring to mind). But in the main, it's a bad choice for hosting. I haven't even mentioned security - take a look at the server uptime charts sometime. That's almost entirely a function of security. It's great to be able to set up a FreeBSD server (the top 50 are almost always all *BSD) and leave it running/earning for three years without even a reboot. That's why the figures are as they are. Regards, Peter. -- the circle squared network systems and software http://www.circlesquared.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[Fwd: Re: [PHP] PHP Supremacy...]
Whoops, didn't include the list. -- the circle squared network systems and software http://www.circlesquared.com ---BeginMessage--- Pedro Irán Méndez Pérez wrote: Hello my friends, I need your help in convince to my boss in adopt php for development of a tool for intranet in my office, he told me that php is open source and we don´t know if will disappear in a year, or if php have a support like .net. what arguments can I show for convince him to try PHP? Maybe point out to your manager that the internet is, essentially, open source software. That, as others have pointed out, the whole essence of Open Source is that it can't disappear. This is a question to be asked about proprietary software, not open source. The biggest problem might be tact: he's not being terribly bright. Regards, Peter. -- the circle squared network systems and software http://www.circlesquared.com ---End Message--- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] List Etiquette
- Edwin - wrote: On Sun, 19 Sep 2004 06:11:17 +0800 Jason Wong [EMAIL PROTECTED] wrote: On Sunday 19 September 2004 05:37, Andre Dubuc wrote: [...] Seems to me much easier to scan the Subject, see how it's developing by reading the reply on the top, rather than have to wade through even snipped old material. This is certainly true for some active subscribers to this and many other lists. But it isn't the point. And if you jumped into the middle of the thread, how would you know what was going on without scrolling down to find out? Just want to add/emphasize one thing regarding this point: When I try to find out something, I usually spend time googling and reading the archives, This is the point. Note that pro top-posters generally say it's more convenient for them whereas people who advocate appropriate posting (normally threaded, sometimes bottom, rarely top) say it works better when using the posts as a reference. If you google for a solution before wasting the time of volunteers over a frequently answered question, and choose the concluding post in a relevant thread, it's a far better reference if some discipline has been observed while the thread has been developing. The point of lists like this is twofold - to answer questions now and to provide a reference archive for the future. Top posters seem to neglect this aspect entirely in favour of immediate personal convenience. And even that is arguable. The conventional reply on this topic is along the lines of: Because it destroys the flow of an argument. Why is top posting bad? Peter. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] access a file
Curlys wrote: -rwxr-xr-x1 root root 133 Aug 13 15:48 zeed.php group and owner like this , how does it workable plz help chown www /path/to/zeed.php Peter. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] The Y2038 bug
Justin French wrote: Hi all, Is anyone giving much thought to the Y2038 bug/issue in relation to Unix Timestamps? From what I read, they have a range of 1970-2038 (or earlier than 1970 on *nix). Either you or I misunderstand this issue... There's this limit because the start point is Jan 1 1970 and 32 bit storage only permits a number large enough to count in seconds from then until 2038. 64 bit storage, however, will permit this to be extended vastly. No backwards compatibility issues will arise, because in both cases the time stamp is just counting up from a given date. So if we have 64 bit systems by 2038, which is reasonably likely, there will be no problem. Peter. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] which user is a script executing as?
Matt M. wrote: How do I determine with which user's permissions PHP scripts are executing? I am experimenting with suEXEC and running PHPs as CGIs; I need to know with which user's permissions PHP scripts are executing. I've tried using getmyuid() and get_current_user(), but these only report the owner of the script - not necessarily whether the script is actually executing as this user or not. I couldn't find this information in phpinfo(). Suggestions much appreciated! Do you have User and Group (apache1.3) or UserGroup (apache2) lines in your httpd.conf or virtual host include file? These specify which user to run as under suexec. Once that is in place, I generally just create a file from the script to see the uid. Peter. Thanks! on linux $user = `whoami`; print $user; you might need to get rid of \n -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] editor for remote files using ssh
I have been using emacs/tramp for editing files on remote machines, but I find it can be flaky - no doubt I am doing something wrong. Can anyone suggest a good programmers' text editor that at least has syntax highlighting and can use ssh for accessing files directly on remote machines? I need a Unix program, preferably a FreeBSD port, but am happy to compile something myself if it will work consistently or at least give some kind of error message if it has difficulty, and not just hang. TIA. Peter. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Protecting database passwords
Bob Hockney wrote: Gerben wrote: I think he is talking about the password that is written inside the script in the mysql_connect statement. I think he is worried that someone could access it's code and find out the DB password. What I am concerned about is a local user on the server machine, not access through the web server. It sounds like it can be done if there is a separate user or group for the web server process, but this site specific. It would be difficult to distribute a program and use a generalized install routine to install the file containing the passwords to be edited by the site admin. -Bob The only way I know to achieve this is to install apache with the suexec option. This has no effect on mod_php but does on the cgi version. So then install the cgi version of php. A virtual host can run with the effective uid and gid of the account holder (user). Scripts can then be installed in the cgi-bin, owned by that user with permissions 0700. No other user can see them yet apache will be able to execute them. The database password can be in your script or in an include file with these permissions. If you want to distribute a program, there are obvious problems - apache is not always installed suexec and the cgi version of php is rarely installed (it doesn't conflict in any way with mod_php, though. You can have both). Bear in mind that this issue affects every distributed php application, including horde, php groupware and so on. Most shared servers run a form of ftp that chroots users into their home directories, and this helps. The main thing is to keep the file with the password out of the webspace (an include path can be anywhere), or make an apache configuration file part of your distribution, to be included in httpd.conf (viz horde), that restricts access to a directory that is intended for configuration files. Peter. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php as CGI and $_POST
David T-G wrote: Peter -- ...and then Peter Risdon said... % % David T-G wrote: % % bash-2.05a$ /usr/local/bin/php -v % PHP 4.3.4 (cli) (built: Jan 6 2004 15:27:52) % % You probably need the cgi version - not the command line one you % actually have. Ooohhh... Ouch. So there are *three* possible PHP compiles: module, CGI, and CLI? So far as the php binary in /usr/local/bin is concerned there are two - cli and cgi. The module consists of different files (see the AddModule and LoadModule bits of httpd.conf). You can have both (I have made that my standard build for multi-homed machines) but need to muck about a bit for this. OK. To save us the cost of rebuilding at this host, is there any way to pass args to the CLI version of the script running as a CGI? You might find you start getting odd problems with http headers if you use the cli version. In general you're better off using the cgi one. But you can get this by recompiling but not installing php cgi, then copy the php executable to, say, /usr/local/bin/php-cgi and prefacing your scripts with this in the shebang. That would mean zero disruption for users on the machine. Peter. Thanks HAND :-D -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] php as CGI and $_POST
David T-G wrote: Curt, et al -- ...and then Curt Zirzow said... % % * Thus wrote David T-G ([EMAIL PROTECTED]): % % My code is as simple as % %#!/usr/local/bin/php % % What does '/usr/local/bin/php -v' show? Doesn't seem to scary to me: bash-2.05a$ /usr/local/bin/php -v PHP 4.3.4 (cli) (built: Jan 6 2004 15:27:52) You probably need the cgi version - not the command line one you actually have. Peter. Copyright (c) 1997-2003 The PHP Group Zend Engine v1.3.0, Copyright (c) 1998-2003 Zend Technologies % % % Curt TIA HAND :-D -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions simply do not work?
Michael R. Wayne wrote:
In my continuing efforts to actually get sessions to work, I upgraded
to PHP 4.3.6 and apache 1.3.31. This did not make the slighest
difference.
So, does ANYone have ideas of how to debug this? Or is PHP simply
broken and no longer able to maintain sessions?
/\/\ \/\/
I've just been debugging some session problems. Successfully, but there
is something rather brittle in there somewhere and almost zero
portability between mod_php and PHP CGI with anything but the simplest
code. Perl develops a rosy glow under such circumstances. It would have
been quicker for me to set cookies explicitly and manage my own
sessions. However...
Have you tried a trivially simple sessions script? There's one in the
manual to increment a counter. Assuming mod_php:
?php
session_start();
if (!isset($_SESSION['count'])) {
$_SESSION['count'] = 0;
} else {
$_SESSION['count']++;
}
echo htmlhead/headbody;
echo $_SESSION['count'];
echo /body/html;
?
If this doesn't work, there's a problem with your computer setup. If it
does, there's a problem with your code. But then it would give you a
base from which to build complexity, heading back to your code as is
now, until something breaks...
PWR.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Now I can't start the session either...
Brian Dunning wrote:
On May 25, 2004, at 9:06 AM, Craig wrote:
It doesnt necessarily mean the error occured on that line, that may have
been the last executed statement
post a few more lines or we cant help you.
?php
// Start the session
if (! session_id()) session_start();
if (not is_string($_SESSION['login_status']))
try
if (!is_string($_SESSION['login_status']))
{
$_SESSION['login_status'] = 'false';
}
if ($_SESSION['login_status'] == 'false')
{
echo nbsp;nbsp;Sign In;
} else {
echo nbsp;nbsp;Sign Out;
}
?
Which looks OK to me, but it returns:
Parse error: parse error, unexpected T_STRING in
c:\inetpub\wwwroot\palms\htdocs\start-selling.php on line 3
What's going on here??
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] apache suexec, CGI PHP and filesystem stuff
I posted a few days ago about problems with filesystem commands like copy(), move_uploaded_file(), backticked shell commands and so on while using CGI PHP under apache suexec. It seems that these only work in directory trees starting in the directory in which the script itself resides. So if the script is in, say, /usr/home/user/website/cgi-bin then none of these will work except on (executable) files and directories in this directory or its sub-directories. So an attempt to move_uploaded_file() to /usr/home/user/website/pages/images/ will fail but will succeed if aimed at /usr/home/user/website/cgi-bin/images Symbolic links provide a workaround in cases like the one I've been looking at, where I want to provide a form in a website control panel to upload images for display in the site. I'm posting this so it's available to others, because I haven't found any mention of this (or any other) solution when googling. PWR. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] php cgi, apache suexec, filesystem problems
Hi, I am having a lot of problems with any PHP routines that have to access the filesystem - things like exec(), shell_exec(), system(), backticked shell commands, copy(), move_uploaded_file() and so on. I have a non-standard setup with CLI, CGI and mod_php all installed. These scripts are using the cgi php executable and the webserver is running suexec. I have confirmed that it isn't permissions issues both by running identical commands to those in the scripts from the uid in use by the suexec'd apache virtual host, and by blowing open permissions to 777 temporarily. No difference. Example code from the manual also fails. Before I post a specific example to see if anyone can spot a problem in my code, does anyone know whether there's a fundamental problem with my server setup? TIA. PWR. FreeBSD 4.9-STABLE #/usr/local/bin/php -v PHP 4.3.4 (cgi) (built: Feb 28 2004 13:43:25) Copyright (c) 1997-2003 The PHP Group Zend Engine v1.3.0, Copyright (c) 1998-2003 Zend Technologies #tail /var/log/httpd-error.log [Wed May 19 10:34:43 2004] [notice] Apache/1.3.29 (Unix) mod_perl/1.28 PHP/4.3.4 mod_ssl/2.8.16 OpenSSL/0.9.7c configured -- resuming normal operations [Wed May 19 10:34:43 2004] [notice] suEXEC mechanism enabled (wrapper: /usr/local/sbin/suexec) [Wed May 19 10:34:43 2004] [notice] Accept mutex: flock (Default: flock) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Where to change upload_tmp_dir ini setting
Hi, This page: http://www.php.net/manual/en/function.ini-set.php tells me that upload_tmp_dir is of level PHP_INI_SYSTEM and can therefore only be altered in php.ini or httpd.conf I want to be able to set this by virtual host. My httpd.conf includes a directory which contains seperate files for each virtual host and in one of these I have added: IfModule mod_php4.c AddType application/x-httpd-php .php3 AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps php_admin_value upload_tmp_dir /path/to/upload/directory/ /IfModule ... and it has absolutely no effect. I have restarted apache using apachectl graceful and stop/start but it makes no difference. Files uploaded using POST get put in /var/tmp I also tried it with php_value instead of php_admin_value. Any guidance would be appreciated. PWR. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Where to change upload_tmp_dir ini setting
Peter Risdon wrote: Hi, This page: http://www.php.net/manual/en/function.ini-set.php tells me that upload_tmp_dir is of level PHP_INI_SYSTEM and can therefore only be altered in php.ini or httpd.conf I want to be able to set this by virtual host. My httpd.conf includes a directory which contains seperate files for each virtual host and in one of these I have added: IfModule mod_php4.c AddType application/x-httpd-php .php3 AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps php_admin_value upload_tmp_dir /path/to/upload/directory/ /IfModule ... and it has absolutely no effect. I assume that PHP_INI_SYSTEM means this is a system-wide variable, and so can only be set in the default host settings in httpd.conf or in php.ini. If this is right, is it documented anywhere? I'd be grateful for a steer. PWR. I have restarted apache using apachectl graceful and stop/start but it makes no difference. Files uploaded using POST get put in /var/tmp I also tried it with php_value instead of php_admin_value. Any guidance would be appreciated. PWR. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
