Latest Entries »

As any decent developer knows, register_globals was a terrible idea, a security risk, and turned ON by default in old versions of PHP!

Thankfully it was removed in PHP 5.4. However, if you are stuck developing on a site that used register_globals, you may find yourself in a situation where seemingly you can’t upgrade beyond PHP 5.3.

However, it’s not all bad news, we can put a piece of code in place which emulates register_globals. This will let us turn it off. It still means your code is less than secure, but of course that’ll be fixed in time as you upgrade and refactor the site, right?

To emulate register_globals, just add the following code to one of your initialisation/bootstrap scripts:

// Emulate register_globals on
if (!ini_get('register_globals')) {
    $superglobals = array($_SERVER, $_ENV,
        $_FILES, $_COOKIE, $_POST, $_GET);
    if (isset($_SESSION)) {
        array_unshift($superglobals, $_SESSION);
    }
    foreach ($superglobals as $superglobal) {
        extract($superglobal, EXTR_SKIP);
    }
}

Now you can turn it off in php.ini. Why is it so bad though? Well, have a look at this:

code

Looks like nothing should happen on that page, right? nothing has been defined.

WRONG! try adding ?loggedIn=anything to the end of the URL:

loggedin

Advertisements

I was looking for a CSV plugin for PHPStorm, but it turns out there is no need. Open your CSV (which you associate with a plain text file), right click, and select edit as table!

Notice how much better that looks!

table

Just a quick one! We all know and love Firebug, but you might get annoyed when you right click to inspect element, only to find you clicked on ‘Inspect Element (Q)’ instead of ‘Inspect Element with Firebug’. So lets get rid of the one we don’t use!

inspect

It’s real easy. Browse to about:config, and proceed past the warning.

config

Set extensions.firebug.hideDefaultInspector to true.
Set devtools.inspector.enabled to false.
Problem solved!

inspect

DATE

“Seriously, I can’t get anything done in this office thanks to their draconian proxy configuration, everything is blocked!”

Sound familiar? If you are a web developer, you need unrestricted access, right? So let’s sort that out. I’m assuming you have a linux web server that isn’t locked down outwith the network that you can putty into.

Open Putty! Choose SSH > Tunnels. Add a dynamic port 7777 (or whatever) (ignore the 10139, that’s my debugger port) and save the settings.

putty

Now go into Chrome settings, click advanced, Change Proxy Settings, LAN Settings, Advanced.
Then in Socks, enter localhost and your port (7777).

chrome

You can now browse every web site again! 😀

Need IRC too? same deal. I use Pidgin. Open Pidgin, then click the Accounts menu, Manage Accounts, click on your account, click modify, click Proxy, choose SOCKS5 as the proxy type, then enter localhost and 7777, as below:

pidgin

You are now on IRC again!

Now, Git. All that is required to get git working is to add the socks5 proxy:

git config --global http.proxy 'socks5://127.0.0.1:7777'

And now you can clone repositories with no problem!

UPDATE:
Okay, I finally got everything unrestricted in the CLI too, by using a piece of software called ProxyCap. Check it out:

proxy

proxy2

 connection works

Just a quick note here, if you are running out of space on your Linux machine and need to find the files taking up the most room, try this command!

du -hsx * | sort -rh | head -10

3.9G    logs
85M     vendor
79M     utils
71M     sales
43M     products
27M     src
23M     classes
15M     images
14M     forms
12M     yui

Now that my VM is completely configured through puPHPet’s puphpet/files/exec-once shell scripts, I had to change PHP settings for the legacy 5.3 install. At first I echoed the setting out and concatenated it onto the end of the string, however the setting was already uncommented above.

The answer is to use sed to find and replace the line of text, like this!

cat /etc/php.ini | sed -e "s/short_open_tag = Off/short_open_tag = On/" >> /etc/php.ini

As you readers probably know, I can’t stand XAMPP and MAMP, being two steaming piles of crap, and have long advocated that you set up VirtualBox & Vagrant, then head over to http://www.puphpet.com, fill in the forms to configure your VM,  generate the config.yaml, and then unzip it and run ‘vagrant up’ to install it. Brilliant so far.

Yesterday I had a total downer of a day, trying to run an old legacy PHP 5.3 app. PuPHPet doesn’t have the EOL PHP 5.3, so at first I settled as a one off for MAMP, but it was slow and horrible.

Then I thought, wait! If I don’t configure Apache or PHP in puphpet, I could get a box up and install 5.3 myself. That’s when I discovered the awesomeness of the puphpet/files folder.

The only thing I used in there was the ssh keys. But there are empty folders waiting for .sh files (shell scripts) to be dropped in.

So for this box, I created exec-once/install-stuff.sh which contained the following:

#!/bin/bash
yum -y install httpd php
yum -y install php-mysql php-devel php-gd php-pecl-memcache php-pspell php-snmp php-xmlrpc php-xml

Then upon running vagrant provision, it not only looked for changes in config.yaml, but it checks for changes in these files too!

I then made set-vhosts.sh, and import-database.sh, which look like these:

#!/bin/bash
echo "
===========================================
Adding vhosts to /etc/httpd/conf/httpd.conf
===========================================
"
echo "
<VirtualHost *:80>

   DocumentRoot /var/www/fife/web
   ServerName fife
   ErrorLog /var/www/fife/log/error.log

   <Directory "/var/www/fife">
      Options -Indexes +FollowSymLinks
      Order allow,deny
      Allow from all
      AllowOverride All
  </Directory>

</VirtualHost>
" >> /etc/httpd/conf/httpd.conf

And …

#!/bin/bash
mysql -u root --password=123 --database=fortdev < /var/www/fife/data/sql_scripts/symf_fortdev.sql

I take it by now you get the idea! So now you can totally destroy your VM, and put any customisations in these shell scripts, so your full setup can be back up in 5 minutes flat with a vagrant up and vagrant provision!!!

You can then also start thinking about using puPHPet for deploying your setup to your production server 🙂 There’s a vagrant plugin called Vagrant Managed Servers, which will take care of that for you. https://github.com/tknerr/vagrant-managed-servers . I haven’t looked at it yet, but of course you can expect a blog post on it here when I figure it all out!!

Git tree view in CLI

Easy. Create an alias:

git config --global alias.tree "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset%n' --abbrev-commit --date=relative —branches”

then just run

git tree

Screen Shot 2016-02-09 at 15.49.21

cat ~/.ssh/id_rsa.pub | ssh user@host ‘cat >> .ssh/authorized_keys’

fix puphpet bind error

The bind command `bindfs --perms=u=rwX:g=rwX:o=rD --user=www-data --group=www-data /mnt/vagrant-vflsf_hshd6x5eenjw /var/www` failed to run!

I still don’t know exactly why it’s happening, it’s like deprecation warnings or something! I am using too new a version of something.

Until I do know for certain, this is what I do to fix it:

sudo bindfs --perms=u=rwX:g=rwX:o=rD --force-user=www-data --force-group=www-data /mnt/vagrant-vflsf_hshd6x5eenjw -o nonempty /var/www