I was just over at the PHPMyAdmin site and saw this quote:
Welcome to phpMyAdmin 2.11, which will probably be the last series supporting PHP 4.
Notice the ”probably” stuck in there. They are testing the waters.
If phpMyAdmin is dropping the whole PHP 4 line, it just might push the WordPress adoption time a bit further. Where phpMyAdmin goes, I have to think, the ISPs will not be slow to follow.
I have a number of sites that on which I want to use the VCL for PHP library components with Delphi for PHP creations. I don’t want to waste uneeded space for a bazillion copies of the VCL. As far as that goes, I don’t want to have to sit through the deployment wizard every time either.
You could edit PHP.ini and add the location to your include path, but the VCL for PHP is MORE than just a textual code libary. It includes image files as well, for things like the dropdown arrow in the combo boxes.
So what’s a person to do? Well, it’s simple. Create some symbolic links!
Just put the VCL in your root directory or at least one that can be accessed with a common path from the your website directories. I use the root since I can use ~ to get at it easily on linux. It could just as easily be /usr/local/lib/vcl or d:\VCL. Then in your directories you just put two symbolic links, one named vcl and the other named vcl-bin. Both pointing to the vcl directory you made.
Here’s the step by step for *nix systems:
That’s it (oh and just in case your font makes “ln” hard to readand that is a lower case “LN” as in link.)
On Windows, you should be able to do the same thing. If you have Vista you have native support for symbolic links. And in XP, you can use NTFS links. But I’ll leave it up to you to look up those technologies. With that sort of thing, if you aren’t able to find and digest how to do it, you’re probably better off just using the deploy tool.
Hope this helps someone! It’s made my life a little easier.
Kevin Berry came up with this windows implementation:
For my Windows 2000 webserver, which I have total acces to, below is how I followed Brian Layman’s advice to made this work.
1. Downloaded linkmagic.exe from
http://users.pandora.be/jbranders/linkmagic.exe2. Ran linkmagic.exe (setup program) on my webserver.
3. Launched Junction Link Magic program.
4. Created empty “vcl” folder in my clock project folder in my webserver root (c:\web\htdocs\clock\vcl) and selected this vcl folder as my junction folder.
5. Selected my true vcl folder loaded with vcl files as my destination folder (c:\web\vcl)
6. Clicked “create” button
Now my D4PHP clock sample program runs just fine in c:\web\htdocs\clock with only one main vcl installation on my webserver.
I suppose I could use the Junction Link Magic program to create new vcl junction folders in other vcl project subfolders on my webserver, but I discovered that once the first vcl junction folder is created, I can create more of these just by copying an existing vcl junction folder into a new project folder and choosing cancel when the file overwrite prompt appears. If I delete a vcl junction point folder, the real folder and its files don’t get deleted.
I for one don’t want different versions of my vcl all over my webserver in different folders (assuming I’ll have lots of web projects someday). For me it’s just simplest knowing the latest and greatest vcl library is always in one spot on my web server.
I don’t know if one could duplicate the directory structure of a windows hosted web from a remote server on one’s own computer to create the junction folder and then ftp that junction folder out to the remote server and preserve the redirection. If so, that would be great.
For my webserver, this is pretty nifty, Thanks again to Brian for the workaround until Codegear/Qadram figure out what I hope to be a better vcl deployment method.
David Plock also suggested another methot that uses a VCL-BIN alias. Jose Leon Serna provided the final fix to get this working. Kevin has done a great job of writing up these steps as well:
2. In my Apache httpd.conf file, I added the following alias line and directory permissions. For now, I just copied the permissions the icon
folder uses a few lines up. Anyone more enlightened is welcome to suggest a more appropriate permission set for the vcl folder. And of course, if you
put your vcl folder inside your web server’s root directory, you can skip the directory permissions.
Alias /vcl-bin “c:/web/vcl”
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
3. In my php.ini file I added the following so that php will know in which folder to find the vcl folder.
include_path = “.;c:\web”
If I had dropped my vcl folder into my root directory on my webserver, the entry would have been:
include_path = “.;c:\web\htdocs”
4. Jose added the final piece to make this work. In my vcl.inc.php file I modified a line so that the alias name gets passed properly to my webserver. The line that mentions vcl-bin needs a forward slash in front of vcl-bin so the final line appears like this:
if (!array_key_exists(’FOR_PREVIEW’,$_SERVER)) $http_path=’/vcl-bin’;
5. Make sure all configuration file changes above are saved and then restart the webserver.
Now you can drop D4PHP projects in any subfolders or even subfolders of subfolders of your root directory on your webserver and they work.
The nice thing about this solution in addition to it being a single vcl deployment is that it seems to me any web hoster can implement it once for
the entire web server and any subscribers can simply ftp D4PHP web files to their own folders on the server and they’ll work.
Thanks Brian, David, and Jose for two ways to make a single vcl deployment work!!!
If you want to see this solution in action, you can visit these links (on my slow webserver) for as long as my internet service provider leaves my ip address alone. The vcl folder is outside the web root and only clock.php, clock.xml.php, and background.gif are in each of these folders.
http://24.2.90.16/clock.php
http://24.2.90.16/clock/clock.php
http://24.2.90.16/clock/clock/clock.php
http://24.2.90.16/clock/clock/clock/clock.php
There you are. Two different methods proven successful in the field! Enjoy!
When I was first fiddling around with the beta test stuff for Delphi for PHP, and before I’d gotten BetaBlogger status, I’d put together a post with what history I’d been able to scrounge about D4PHP from the WayBack Machine and Google. I’d never gotten around to posting what I’d found. Before it disappears forever into the nether regions of my harddrive, I thought I would hit Paste and Publish.
I think I’ve gotten most of the details correct, but there are some guesses that might be inaccurate. Also, there are loads of links because I wanted to make it VERY clear that this info was gathered from the web and I was not breaking my NDA. That’s not a concern anymore, luckily. You might find some of the links interesting.
So, here’s the history of Delphi for PHP as I know it:
OK, I just got back from church and I am stuffed from the three bowls of soup and a huge salad. So, I am feeling lazy, but I still want to get a Delphi for PHP article out (since I have a limited exclusion from my NDA and am alowed to discuss such matters or so I must say in each of these articles.)
So, today you get treated with a video I made for the other Delphi for PHP testers. It isn’t too exciting, but it will show you a little bit about the underlying structure of the DB Demos in the beta releases of Delphi for PHP. I should say that it is entirely possible that the demos requiring the steps described in this video will be reworked for the final product. If that’s the case you likely won’t have to do much, or ANY of this process in the full blown 1.0 process.
If you are new to PHP programming, you can use this process to create a webserver on your local home computer. That’s downright handy for testing any web product. So, you’ll benifit that way even if the Delphi for PHP stuff isn’t too handy for ya.
OK here you go:
I was granted my Delphi for PHP BetaBlogger priveledges back on March 1. I was the first to have that priveledge, but it was done specificaly so that I could have discussions with the WordPress folks at Automattic regarding a possible joint CodeGear/WordPress project for the 2007 Google Summer of Code™. Unfortunately, with everyone crunching for possible product releases while the CodeRage conference was happening, the logistics could not be nailed down. (BTW, that’s no problem. What it REALLY means is that it openned the door for several other opportunities. The first of which I’ll announce tomorrow. Of course Matt’s and Lloyd’s readers already know all about it…)
Though I had the legal rights to discuss the Delphi for PHP project with you, the BetaBlogger program had not officially started and I didn’t want to approve my priviledges. So, while I did release one video and did another for the testers, I’ve kept mostly quiet until the full Beta Blogger program began. Well that day is almost here.
The WordPress for PHP BetaBlogger is about to start in earnest and I plan to be on top of this thing. And I need your help to pull that off. (Oh yeah, I should say in so-many-words that I am allowed to discuss this with you because I have a limited exclusion from my Delphi for PHP Non-Disclosure. You will now be returned to your regularly scheduled program, already in progress)
Here’s my proposal: I will inform you of EVERY new D4PHP BetaBlogger post I hear spoken about behind the closed doors, and you all, come back here to this post and leave a comment for every one YOU see. In return I’ll continue to put out Delphi for PHP videos and samples (as I have time) until you know this great new PHP tool inside and out.
Does that sound like a plan or what? Is it a deal?
Rumors have been flying around for the last month about Borland producing a PHP product. “PHP? Are they nuts?” some said, “Concentrate on what you know! Are you trying to create another Kylix just to have it fade away to nothing?” Needless to say, I was a bit more optimistic than that… I mean come on! RAD PHP development? How cool would that be? PHP has the EXACT same feel as Pacal did back in the late 80s. It’s a baby language just starting to grow up. Even the people in it have the same core “I’m gonna help you because I know later you will help me” attitude that Pascal and Delphi always had.
Plus, since the restructuring of Borland has sifted the chaff from the wheat, CodeGear seems have its act together and the people of CodeGear are really the cream of the crop. (Yes, I know. I just said that they are Cream of Wheat, let it go… just let it go.)
Well, dreams came true when I was invited to be a CodeGear field tester. And last Thursday morning, with the verbiage hot off the presses from the Borland legal department, I was granted a limited exemption from my NDA (Non-disclosure agreement) to pitch a possible Google Summer of Code 2007 joint D4p/WordPress project to Automattic (I’ll let you know later how that turns out…). That NDA exemption also gave me permission to post articles and write reviews of the product. So here we are today!
So, now I can show you tell you all about the cool stuff I’ve been doing and show you movies I’ve made of the product in action.
In my usual fashion, I’ve written a gargantuan article. Instead of posting huge thing, I’m splitting the sections off into separate articles. Today, I just want to give you walk through of the product and show you some of the stuff that makes it unique.
This video uses a pre-release version of Delphi for PHP. Components, look and feel, and features may change before release. THIS VIDEO HAS SOUND.
‘
If you have any problems with the video playback on any browser please let me know and I will try to get it to work.
Have you ever gotten an email asking if want certain parts of your body enlarged, parts that you might not even have? Was the next email you read one asking if you want to loose the inches you’ve recently gained? Did you ever notice how these emails are always from people that you are fairly certain have nothing to do with the contents of the email. Did MTeresa@Vatican.org really send that diet pill email? Have you ever gotten returned or rejected “can’t be delivered” emails from addressed you’ve never ever sent an email to?
I have.
SPAM. It’s HORRIBLE! My email box for Brian@TheCodeCave.com probably gets 3 to 1 spam over real email. I expected that. I put that address out everywhere and don’t protect it. It is meant to be my public address. But the FROM addresses on all that email never indicates who the email is really from. Even the company information inside the email header is faked. The spammers will grab someother name on their spam list and use it as their from address. I’ve had my name put into the from address of emails a few times. It’s an annoying problem, just ask the Nuclear Moose.
Why this can happen is a long story. It all relates back to the fact that SMTP and port 25 were never meant for submitting emails to email servers. SMTP was only meant for server to server communications. However, that’s for a different post. The long and short of it is that everything can be faked except for one thing: the IP address of the server that sent the email.
Because that IP address is accurate, you can use it to tell if the person that sent the email is a spammer. The post tells you a couple ways to do that. And because this is The Code Cave, you get a fully functional php routine to boot.
(more…)
I’ve added a new page that demonstrates ROT 13 encryption.
You can see it here:
http://ROT13.TheCodeCave.com
This is the story of a man who simply want to create a nice page describing the users of a few games servers for a Return to Castle Wolfenstein mod called The WildWest.
He was over joyed when he stumbled across a PEAR module called GameServerQuery. He’d spent hours and hours trying to get QStat to work on his 1and1.com server, but it never did work and no one could tell him why. He spent additional hours trying to find a PHP module that did the same thing, but everything he found was a wrapper for QStat. He’d given up on the search a full year before he stumbled across PEAR’s GameServerQuery. So, you can just imagine his joy.
Well, that joy was short lived…as the pain soon began. If you don’t want to know the whole sad story, feel free to jump ahead to the summary section where you can see the final results and decide what will best work for you.
Now, if you are on a shared server, chances are you cannot install cusotm modules until you gotten your own instance of PEAR up and running. Read about how to do that here. After you have done this you are ready to install the GameServerQuery module.
Here’s how an average user would install the GameServerQuery module:
pear install –alldeps Net_GameServerQuery
Except that for 1and1, it won’t work. That command asks PEAR to install the latest officially released version. Right now that’s version 0.2.0. An Alpha release. And by default, 1and1.com only allows stable versions to be installed in a generic request.
So you have to request a specific version. Here’s how you do that:
pear install –alldeps “channel://pear.php.net/Net_GameServerQuery-0.2.0″
BUUUUUT for 1and1.com, that won’t work. It gives you an error that Net_GameServerQuery requires PHP version 5 but the default version installed on 1and1.com is version 4.4.2. But as loyal readers of TheCodeCave.com know, all 1and1.com users can run php 5 with a 1 line change to .htaccess. However, even with that change, PEAR has no way of determining that, at runtime, php5 will be used instead of php4. So, you have to tell the module to install no matter what… To do this you override that option by adding the –force option. Just like this:
pear install –alldeps –force “channel://pear.php.net/Net_GameServerQuery-0.2.0″
AND THAT installs GameServerQuery!
Hooray!!!
Except…. that this version doesn’t work. It is all full of alpha version issues. For example, it was obviously written on a Windows Machine for all of the slashes are back slashes instead of forward slashes. That simply won’t work on a Linux server. It’s a novice PHP programmer mistake. Another problem is that as the code is written on 1and1.com, you would have to put a php.ini file in every PEAR GameServerQuery subdirectory. And that’s just not the way to do things!
Fortunately the newest version of GameServerQuery is available through CVS to install:
http://cvs.php.net/viewvc.cgi/pear/Net_GameServerQuery/?pathrev=RELEASE_1_0_4
However, my CVS program is royally messed up right now and I haven’t needed it for ages. So I wasn’t about to mess with it again. So I decided to build an htm file from the contents of the XML file
(http://cvs.php.net/viewvc.cgi/pear/Net_GameServerQuery/package.xml?revision=1.4&content-type=text%2Fplain&pathrev=1.4) that describes the source files in the repository.
I REALLY think that should have been the hard way to do it. But I could not figure out the url for the zip or tarball for that release. If you know of an easier way to download a zip of a specific version of a viewvc processed cvs archive, I’d REALLY like to hear from you!
But anyway, I did the old right-click-save-as dance for all of the files and put them in the appropriate directories. I’ll save you that work. Here’s a zip: GameServerQuery_1_0_4.zip
You can extract it to the PEAR/PHP directory or to your web directory…
I have zipped up the examples too:
GameServerQuery_1_0_4_examples.zip
They’ve been somewhat mutilated by me in my testing. You can get the real ones here:
http://cvs.php.net/viewvc.cgi/pear/Net_GameServerQuery/docs/examples/?pathrev=RELEASE_1_0_4
if those don’t work.
Version 1.0.4 is a working version (with one minor change) of GameServerQuery and produces very nice report of the server properties and reports.
BUUUUUT it won’t run 1and1.com. This one is not their fault. It won’t ANY shared server to the best of my knowledge. I have seen at least one reference saying that access to socket level communication is restricted to root level access on (all?) shared server environments. It makes some sense that it would be. There is only 1 machine and that one machine might have to try and leverage a common socket across many different virtual servers. 1and1 just won’t/can’t let a single server lock up a socket.
What will happen when you try to connect out on a port, is that you will set off all sorts of internal alarms and you’ll get an email from the Customer Compliance Operatives (I’m serious - that’s how they sign their emails: “Customer Compliance Operative - 1&1 Internet Inc.”), but that’s a tale for another time.
So, what do you do? Well, it is simple. You use XAmPP to create a server on your local windows machine. Don’t bother with the whole PEAR install thing, just extract the zip (with directories in tact) to the folder that contains your example files and all will work beautifully. Then you just need to modify the scripts to produce static files and upload the results to your 1and1.com account on a regular basis - say every 15 minutes or so. Easy Peasy!
While manually downloading the 1.0.4 version of GameServerQuery produces a functional report on dedicated webservers, for it will not work on vitual hosts, you get a basic array in return and must do all the needed formatting yourself. The example files show some simple ways to do that. As shown here:
Now that I knew the terms to search for, I was able to find another package on SourceForge that does this exact same thing in a much more professionally refined fashion. The package is called PHGStats. It includes an installation script that guides you through creating a configuration file for the servers you will monitor. It produces will formatted pages with special functions for each game, such as color code support in server and player names.
With very little configuration, you get nice server lists that look like this:
and player lists that look like this:
I think both tools have their place. I will probably use the QueryGameServer to create a program that monitors the servers and emails people when there is somene waiting around for a game. I’ll probably have it check the servers every 3 minutes or something like that. The second heavy weight tool will be used to generate pages every 15 minutes or so…
Well, I had a nice post about how I was distracted from posting more Delphi code because I was playing with a new pear module I’d found called GameServerQuery. I was finishing that post by asking if anyone had gotten it to work because I was pretty sure I had everything correct but it wasn’t working. Before I published the post I noticed someone had telneted into my account and run some bash commands. And I knew it was not me…
They searched for my local ip address and an example file I used for Game Server Query. Very odd…
Then I got an email from 1and1 saying I was hacked and that “Wordpress needed to be updated because it had many security holes”. Uhhhh, no it doesn’t.
Long story short - I wasn’t hacked my anyone but a 1and1 representitive and dumbing language down for the end user is a bad practice if you don’t also provide them with an explaination of what you REALLY mean.
I’ve got enough materials for four or five posts out of this whole thing, but if I combine all the detail here, this post will be 5 pages long and it won’t make any sense when read as a whole.
So, here’s a summary and some good things to know when working with 1and1.com shared host accounts -
1. They say: Don’t use your account to host a game server or simliar program.
They mean: We monitor and block outbound socket connections from your server. By doing this we lock out people looking for a cheap game server, and we protect our customers sites from several common attacks. We will allow FSocketOpen but the traffic is interupted and you will be contacted by a “Customer Compliance Operative”.
“Customer Compliance Operative”?!?!?!!? So, is that like one of the Men in Black or more like a Mafia enforcer? Will I be zapped by a blinky light and forget all the PHP code for openning sockets if I continue with this post?
UPDATE: I just found a reference that indicates that this is probably NOT 1and1.com fault.
Someone was investigating why Traceroute was not available on shared servers and discovered that socket traffic could not be accessed without root level access. Of course root level access cannot be givin on a shared server. If anyone can Confirm or Deny this, I’d appreciate the additional information…
2. 1and1 passwords should not be considered secure and therefore should only be used on 1and1. Any/all 1and1 account representatives have access to your root passwords and can login as you and for all intents and purposes impersonate you using your accounts. What bothers me most about this is that they don’t have a policy of notifying you that they have logged in as you to do something… That’s wrong…
3. 1and1 Support reps as a whole - as might be expected - have only general knowlege about the vast number of programs out there that could be running on your server. So they will look for alarm words and offer generic advice when they see one of these dangerous words. This could be considered a form of Red Zone Management, I guess. They get involved only when they need to and only know the hot topic of they day. So they will search for a file called XMLRPC.php since last year it had a hole in it. So, that means you were probably hacked. If they see WordPress, they know it had vulnerablities earlier in the year, so they can assume you were hacked. They will not research/know the versions of the files involved even if they are listed in the logs. Again, this is really to be expected. I would not want every customer support rep to be a $90,000 a year security expert. I sure would not be paying what I am paying right now for the service.
4. When working with support, if you want a good solid response help them give it to you. You can be in control of the calls and guiding the representative will make the call easier on both sides. This is true of any company any where in the world. Not every support rep will have the same level of training, the pressing calls of the moment can and will take priority to the detriment of other calls, if something is important to you trust but verify it has been done.
5. The latest version of the Pear module GameServerQuery is good and functional. The latest version is not what pear serves up. You have to retreive it manually. PhGStats is a MUCH more refined tool and produces more fully functional pages. There’s a place for both of these tools. That place, btw, is NOT 1and1.com - see point 1.
More on each of these topics later…
 |  |  |  |  |  |  |
 |  |  |  |  |  |  |
Powered by WordPress
