Tag Archives: php

4 Best Chart Generation Options with PHP Components

Posted on by

Although it is JavaScript based, Google Charts has a couple of options to make your charts entirely in PHP. You can either use server-side code (in our case PHP) to get the data, or get one of the open-source wrappers to do it for you.

Source: 4 Best Chart Generation Options with PHP Components – SitePoint

Need to generate charts for the baseball-handbook.com website and looking into php options.  Google seems like the simplest solution right now.  The above site breaks down each option nicely.

Here’s more info about Google Charts.

Possible Exploit Vector for DarkLeech Compromises

Posted on by

The script attempted to exploit the Horde/IMP Plesk Webmail Exploit in vulnerable versions of the Plesk control panel. By injecting malicious PHP code in the username field, successful attackers are able to bypass authentication and upload files to the targeted server. These types of attacks could be one avenue used in the DarkLeech compromises. Although not as common as the Plesk remote access vulnerability (CVE-2012-1557) described in the report, it does appear that this vulnerability is being actively exploited. 

via Possible Exploit Vector for DarkLeech Compromises.

Using iptables and PHP to create a captive portal

Posted on by

There are various captive portal software packages available (both free and open source) that will allow you to setup an internet access facility that people have to logon to first. None of the packages I tried did what I wanted and they were not particularly customisable. Therefore I created my own, using a few iptables rules and PHP (along with a handful of other standard packages). This page details the steps that were taken. The key to this method as opposed to other iptables based solutions is that tracking information is removed after the user has signed up. Failure to do this will sometimes cause the user to still be redirected to your logon page even after they have signed up.

via Using iptables and PHP to create a captive portal – Andywiki.

Captive portals allow for a splash screen to be delivered to a user upon entering an open network such as free wifi hotspots at various establishments.  This portal typically shows terms of service and displays some branding.  The user hits OK and then they’re free to use the network.  I find this burdensome but in the world of branding and advertising I can understand why places may want this.  I found the above iptables only solution with some PHP interesting.  Here’s another site.

For Squid users it appears to be even easier by only requiring some configuration changes.  See  Portal Splash Pages for more information.

Malicious backdoor in open-source messaging apps not spotted for 3 months

Posted on by

For almost three months, versions of three widely distributed open-source applications from Horde.org contained a backdoor that allowed attackers to remotely execute malicious PHP code on systems that ran the programs.

via Malicious backdoor in open-source messaging apps not spotted for 3 months.

This is interesting…

“The impact through Linux distribution should be not so important,” Wednesday’s post went on to say. “Only users who have download the source code from FTP are mainly affected.”

Horde’s advisory said the releases were altered after unidentified hackers breached an FTP server used to distribute the installation packages.

PHP-based admin tool to manage SQLite databases

Posted on by

phpLiteAdmin is a web-based SQLite database admin tool written in PHP with support for SQLite2 and SQLite3. Following in the spirit of the flat-file system used by SQLite, phpLiteAdmin consists of a single source file, phpliteadmin.php, that is dropped into a directory on a server and then visited in a browser. There is no installation required. The available operations, feature set, interface, and user experience is comparable to that of phpMyAdmin.

via phpliteadmin – PHP-based admin tool to manage SQLite databases – Google Project Hosting.

Connecting to an external database from within a WordPress post

Posted on by

Connecting to an external database from within a WordPress post — Tyssen Design.

Hi Phil,

At the top of the post, I included:
<?php
include('/path/to/database/connection.php');
?

and that file looked like:
<?php
function runSQL($rsql) {
$rootpasswd='yourPasswordHere';
$user='yourUserHere';
$db='yourDBhere';
$dbcnx = @mysql_connect('localhost',$user,$rootpasswd,true);
if (!$dbcnx) {
echo '<p>Unable to connect to the database server at this time.</p>';
exit();
}
mysql_select_db($db, $dbcnx);
$result = mysql_query($rsql) or die ('test');
return $result;
mysql_close($connect);
}
}

Then to loop through the results:
$sql = "Your SQL statement goes here";
$result = runSQL($sql);
while ($row = mysql_fetch_array($result)) {
Do stuff;
}

Upgrade PHP 5.1/5.2 to 5.3 on CentOS

Posted on by

I’m finding that more and more software developers are being quite inconsiderate and are making code that requires PHP 5.3. Since many server-based and long-term support distros are still on PHP 5.2, this can make things difficult quickly.

via Upgrade PHP 5.1/5.2 to 5.3 on CentOS :: Chris Jean.

Here here!  I needed to do the following on CentOS 5.7:

#sudo yum erase php

#sudo yum erase php-commons

#sudo yum install php53

#sudo yum install php53-mysql

PHP Template Engine | Smarty

Posted on by

PHP Template Engine | Smarty.

Crash course here.

Smarty also has built-in caching capabilities to help speed up the page rendering. A copy of the template output is stored in a text file, then that is displayed upon subsequent calls to the request instead of dynamically rendering the page each time. This can speedup page rendering substantially, especially if there is a lot of processing involved to create the page such as database calls and variable assignments. You can also leave parts of a page dynamic just by marking them as nocache.