From the Chaos Tools release notes for version 1.6 for Drupal 6:
The 1.5 release was botched: only some of the changes listed on the release notes were actually included. This release (1.6) includes all changes that were supposed to be in 1.5.
See for yourself and feel your confidence in the codebase rise with each word.
I ran into some trouble installing the Fileinfo extension for PHP on CentOS. I tried installing the extension using yum and all went well until I saw these errors:
PHP Warning: PHP Startup: fileinfo: Unable to initialize module Module compiled with module API=20050922, debug=0, thread-safety=0 PHP compiled with module API=20060613, debug=0, thread-safety=0 These options need to match
Like I said, I installed the extension using yum, so I checked out what I had installed:
$ yum list installed | grep "php-pecl-Fileinfo" php-pecl-Fileinfo.x86_64 1.0.4-3.el5.centos installed
Oh crap, I always forget to pull these things from the Atomicorp repository because my php is from there.
$ yum list installed | grep "php.x86_64" php.x86_64 5.2.13-1.el5.art installed
Well, the bad news is that the Fileinfo extension is not available on the Atomicorp repo. Hmm. Ok, so my next step is to remove the thing and install it with PECL.
$ sudo yum erase php-pecl-Fileinfo.x86_64 ... Running Transaction Erasing : php-pecl-Fileinfo 1/1 warning: /etc/php.d/Fileinfo.ini saved as /etc/php.d/Fileinfo.ini.rpmsave Removed: php-pecl-Fileinfo.x86_64 0:1.0.4-3.el5.centos Complete! $ sudo rm /etc/php.d/Fileinfo.ini.rpmsave $
I didn’t need that config file, because I never got it to work!
Before anything else, here is the system I’m using:
$ cat /etc/redhat-release CentOS release 5.4 (Final) $ php -v PHP 5.2.13 (cli) (built: Mar 2 2010 18:08:48) Copyright (c) 1997-2010 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies $ pecl -V PEAR Version: 1.9.0 PHP Version: 5.2.13 Zend Engine Version: 2.2.0 Running on: Linux system.local 2.6.18-028stab064.7 #1 SMP Wed Aug 26 13:11:07 MSD 2009 x86_64
If the PHP extension that I’m after is not in the yum repo then I usually just install it with PECL. It is fairly painless.
$ sudo pecl install fileinfo audit_log_user_command(): Connection refused WARNING: "pear/Fileinfo" is deprecated in favor of "channel://php-src/ext/fileinfo/in php sources" downloading Fileinfo-1.0.4.tgz ... Starting to download Fileinfo-1.0.4.tgz (5,835 bytes) .....done: 5,835 bytes 3 source files, building running: phpize ...lotsa crap... build process completed successfully Installing '/usr/lib64/php/modules/fileinfo.so' install ok: channel://pear.php.net/Fileinfo-1.0.4 $
The PECL warning is trying to let you know that Fileinfo is bundled with PHP 5.3 and you don’t need to install if you are running PHP 5.3, but I’m running 5.2 so that warning is not for me. Okay, now we turn on the extension by putting “extension=fileinfo.so” somewhere in the /etc/php.ini file.
$ sudo vim /etc/php.ini $
And make the change…
640 | extension=fileinfo.so |
Now restart apache…
$ sudo /sbin/service httpd restart audit_log_user_command(): Connection refused Stopping httpd: [ OK ] Starting httpd: [ OK ] $
Okay, let’s find out if it is in the phpinfo…
$ php -r "phpinfo();" | grep "fileinfo" fileinfo fileinfo support => enabled
Yay!!!
PHP 5.2.12 has a bug that will stop your installation:
/bin/sh /Users/kelvin/phpsource/php-5.2.12/libtool --silent --preserve-dup-deps --mode=compile gcc ...includes redacted... -no-cpp-precomp -I/usr/local/php5/include -g -O2 -c /Users/kelvin/phpsource/php-5.2.12/ext/standard/dns.c -o ext/standard/dns.lo
In file included from /usr/include/arpa/nameser.h:59,
from /Users/kelvin/phpsource/php-5.2.12/ext/standard/dns.c:62:
/usr/include/arpa/nameser8_compat.h:304: error: conflicting types for ‘HEADER’
/usr/include/arpa/nameser_compat.h:99: error: previous declaration of ‘HEADER’ was here
make: *** [ext/standard/dns.lo] Error 1
Trinity:~ kelvin$ Two header files (nameser8_compat.h & nameser_compat.h) both try to define a struct named HEADER. No can do. According to the PHP bug tracker, “NEVER ever include nameser_compat.h, it’s included in various ways in different OSes by nameser.h if needed”
Doh!
So how do we go about fixing this? The easiest thing to do is to install the older PHP 5.2.11 or the HEAD from the 5.2 branch. If you are adventurous or obsessive-compulsive you can also replace these two files with the patched copies:
I had to install mcrypt on a new virtual private server running CentOS 5.3 and Plesk 9.2. We didn’t want to do compile it, so we used yum to install it. The libmcrypt library is used to provide cryptographic functions and we are planning to use them in our php scripts. Let’s try to install it…
[root@nechi etc]# cat /etc/redhat-release
CentOS release 5.3 (Final)
[root@nechi etc]# uname -a
Linux nechi.local 2.6.18-028stab064.7 #1 SMP Wed Aug 26 13:11:07 MSD 2009 x86_64 x86_64 x86_64 GNU/Linux
[root@nechi etc]# php -v
PHP 5.2.11 (cli) (built: Oct 7 2009 08:45:24)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
[root@nechi etc]# yum repolist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* atomic: www5.atomicorp.com
* base: mirror.nic.uoregon.edu
* updates: mirror.chpc.utah.edu
* addons: centos.mirror.nac.net
* extras: mirror.stanford.edu
plesk | 951 B 00:00
atomic | 951 B 00:00
base | 2.1 kB 00:00
updates | 1.9 kB 00:00
addons | 951 B 00:00
extras | 1.1 kB 00:00
repo id repo name status
addons CentOS-5 - Addons enabled : 0
atomic CentOS / Red Hat Enterprise Linux 5 - at enabled : 709
base CentOS-5 - Base enabled : 3,348
extras CentOS-5 - Extras enabled : 290
plesk Plesk Server Administrator enabled : 193
updates CentOS-5 - Updates enabled : 363
repolist: 4,903
[root@nechi etc]#
The easiest way to do this is to use the php-mcrypt rpm package. That package has some dependencies. Earlier, I had installed libmcrypt so I figured I could just install the php-related rpm and I’d be done:
[root@nechi etc]# yum install php-mcrypt
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* atomic: www5.atomicorp.com
* base: mirror.nic.uoregon.edu
* updates: mirror.chpc.utah.edu
* addons: centos.mirror.nac.net
* extras: mirror.stanford.edu
Excluding Packages from Plesk Server Administrator
Finished
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package php-mcrypt.x86_64 0:5.2.11-2.el5.art set to be updated
--> Processing Dependency: libltdl.so.3()(64bit) for package: php-mcrypt
---> Package php-mcrypt.i386 0:5.2.11-2.el5.art set to be updated
--> Processing Dependency: libltdl.so.3 for package: php-mcrypt
--> Processing Dependency: libc.so.6(GLIBC_2.4) for package: php-mcrypt
--> Processing Dependency: libc.so.6 for package: php-mcrypt
--> Processing Dependency: libmcrypt.so.4 for package: php-mcrypt
--> Processing Dependency: libc.so.6(GLIBC_2.1.3) for package: php-mcrypt
--> Processing Dependency: libc.so.6(GLIBC_2.0) for package: php-mcrypt
--> Running transaction check
---> Package libtool-ltdl.i386 0:1.5.22-6.1 set to be updated
---> Package php-mcrypt.i386 0:5.2.11-2.el5.art set to be updated
--> Processing Dependency: libmcrypt.so.4 for package: php-mcrypt
---> Package glibc.i686 0:2.5-42 set to be updated
---> Package libtool-ltdl.x86_64 0:1.5.22-6.1 set to be updated
--> Finished Dependency Resolution
php-mcrypt-5.2.11-2.el5.art.i386 from atomic has depsolving problems
--> Missing Dependency: libmcrypt.so.4 is needed by package php-mcrypt-5.2.11-2.el5.art.i386 (atomic)
Error: Missing Dependency: libmcrypt.so.4 is needed by package php-mcrypt-5.2.11-2.el5.art.i386 (atomic)
[root@nechi etc]#
Oh great, it’s 1am on a Saturday night and my new OS hates me (digression: this speaks volumes).
[root@nechi etc]# yum list installed | grep mcrypt
libmcrypt.x86_64 2.5.8-4.el5.centos installed
[root@nechi etc]# ldconfig -p | grep libmcrypt.so.4
libmcrypt.so.4 (libc6,x86-64) => /usr/lib64/libmcrypt.so.4
[root@nechi etc]# find / -name libmcrypt.so.4
/usr/lib64/libmcrypt.so.4
[root@nechi etc]# ls -la /usr/lib64/libmcrypt.so.4
lrwxrwxrwx 1 root root 18 Dec 6 00:25 /usr/lib64/libmcrypt.so.4 -> libmcrypt.so.4.4.8
[root@nechi etc]# yum install libmcrypt-devel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* atomic: www5.atomicorp.com
* base: mirror.nic.uoregon.edu
* updates: mirror.chpc.utah.edu
* addons: centos.mirror.nac.net
* extras: mirror.stanford.edu
Excluding Packages from Plesk Server Administrator
Finished
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package libmcrypt-devel.x86_64 0:2.5.8-4.el5.centos set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=========================================================================================================================================
Package Arch Version Repository Size
=========================================================================================================================================
Installing:
libmcrypt-devel x86_64 2.5.8-4.el5.centos extras 10 k
Transaction Summary
=========================================================================================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 10 k
Is this ok [y/N]: y
Downloading Packages:
libmcrypt-devel-2.5.8-4.el5.centos.x86_64.rpm | 10 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : libmcrypt-devel [1/1]
Installed: libmcrypt-devel.x86_64 0:2.5.8-4.el5.centos
Complete!
[root@nechi etc]# yum install php-mcrypt
So can you guess what happened next? The library was found the next time I tried to install it, right? Of course not. It still couldn’t find the stupid library. So Google and I had a talk and it turns out that you need to be really specific about your package (a good general rule in most situations) if you have a 64-bit machine.
[root@nechi etc]# yum install php-mcrypt.x86_64
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* atomic: www5.atomicorp.com
* base: mirror.nic.uoregon.edu
* updates: mirror.chpc.utah.edu
* addons: centos.mirror.nac.net
* extras: mirror.stanford.edu
Excluding Packages from Plesk Server Administrator
Finished
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package php-mcrypt.x86_64 0:5.2.11-2.el5.art set to be updated
--> Processing Dependency: libltdl.so.3()(64bit) for package: php-mcrypt
--> Running transaction check
---> Package libtool-ltdl.x86_64 0:1.5.22-6.1 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=========================================================================================================================================
Package Arch Version Repository Size
=========================================================================================================================================
Installing:
php-mcrypt x86_64 5.2.11-2.el5.art atomic 27 k
Installing for dependencies:
libtool-ltdl x86_64 1.5.22-6.1 base 37 k
Transaction Summary
=========================================================================================================================================
Install 2 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 64 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): php-mcrypt-5.2.11-2.el5.art.x86_64.rpm | 27 kB 00:00
(2/2): libtool-ltdl-1.5.22-6.1.x86_64.rpm | 37 kB 00:00
-----------------------------------------------------------------------------------------------------------------------------------------
Total 76 kB/s | 64 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : libtool-ltdl [1/2]
Installing : php-mcrypt [2/2]
Installed: php-mcrypt.x86_64 0:5.2.11-2.el5.art
Dependency Installed: libtool-ltdl.x86_64 0:1.5.22-6.1
Complete!
[root@nechi etc]#
OMFG. Hey, did I mention that it is a Saturday night?
[root@nechi etc]# php -r "echo phpinfo();" | grep "^mcrypt"
mcrypt
mcrypt support => enabled
mcrypt.algorithms_dir => no value => no value
mcrypt.modes_dir => no value => no value
[root@nechi etc]#
Nov 27
4am: editing crufty code. lots of logic mixed up in the html old school style. Across the room a pile of three HP servers that need OSes catcalling: “I think I need a rebooty…”
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | // TODO: Clean this input //$tpar= $_GET[parent]; $tpar= intval($_GET['parent']); // TODO: Why are we putting a date into the server array??? $SERVER['$today']= date('y-m-d'); // TODO: Why are we storing a negative integer value as a string??? $colname_res_fillContent = "-1"; if (isset($_GET['parent'])) { // TODO: Check this input //$colname_res_fillContent = (get_magic_quotes_gpc()) ? $_GET['parent'] : addslashes($_GET['parent']); $colname_res_fillContent = intval($_GET['parent']); } // TODO: Why are we storing a negative integer value as a string again??? $today_res_fillContent = "-1"; if (isset($SERVER['$today'])) { // // TODO: didn't we set this??? why are we doing this??? why not set the date here??? // $today_res_fillContent = (get_magic_quotes_gpc()) ? $SERVER['$today'] : addslashes($SERVER['$today']); } |
So President Obama has finally moved whitehouse.gov over to Drupal. Launching Live HTTP Headers tells us the following (emphasis added):
HTTP/1.x 200 OK
Last-Modified: Sat, 07 Nov 2009 05:10:20 GMT
Etag: "b878176b01d8ede48b51ca5b4ede04cf"
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8956
Cache-Control: must-revalidate, max-age=0
Expires: Sat, 07 Nov 2009 07:01:03 GMT
Date: Sat, 07 Nov 2009 07:01:03 GMT
Connection: keep-alive
Server: White House
P3P: CP="NON DSP COR ADM DEV IVA OTPi OUR LEG"Downloading me some of that right now!
One of my clients got hacked last week. They had been running a copy of Wordpress 2.5 (WP) that was installed in May of 2008 and never updated. Although Wordpress 2.5.1 was released 25 April 2008 and included an important security fix, the Client software was never upgraded.
So how do you keep your WP install up to date?
Since WP 2.7, you can upgrade from the dashboard. This is by far the easiest way to stay up-to-date, but there have been some problems reported when running on some hosts so find the right host.
You can also do a manual upgrade of the software. Wordpress has a mailing list and an RSS feed which all WP admins should subscribe to.
Pay someone to keep it all up to date.
And lastly, if you don’t want to have to be bothered with all this, then don’t run your own blogging software. Run a hosted solution.
Aug 8
PHP4 passed away today. It was old and stinky and had to go.
I’m still working through my emotions right now.
Meebo is a web-based instant messaging client that allows users to integrate their instant message clients into one easy-to-use web interface. Rather than chatting from the MSN, AIM or Yahoo desktop clients, Meebo allows you to chat from a lightweight Ajax interface. You can also generate Meebo widgets that allow IM interaction from web sites or blogs.
The problem is that the code generated by Meebo’s widget factory is non-valid XHTML. This can be a problem for people who build web sites that require valid HTML. The Meebo widget factory produces a Flash container based on the embed tag which is not part of the XHTML 1.0 Transitional specification. I was able to build a valid container based on the object tag which will pass automatic validation.
Rather than get into the messy details, I have created a simple application that extracts the important bits of information from the embed tag and builds a new object tag. It is still kind of temperamental, but it works well as long as you don’t try to feed it bad code. Give MeeboMaker a try and let me know what you think.
Dec 9
I was making a module the other day that had some dependencies on PEAR and GD. So I cobbled together a test for GD and PEAR from some GPL‘d code I found online. I thought that I’d share the code snips (it is all GPL licensed code by the way).
/**
* check if GD is installed and is version 2 or higher
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*/
if (! extension_loaded('gd')) {
echo "The GD extension was not found!";
} else {
if (function_exists('gd_info')) {
// use gd_info if possible...
$gd_ver_info = gd_info();
preg_match('/\d/', $gd_ver_info['GD Version'], $match);
if ($match[0] < 2) {
echo "This program needs GD version 2 or higher to run properly.";
}
} else {
// ...otherwise use phpinfo().
ob_start();
phpinfo(8);
$info = ob_get_contents();
ob_end_clean();
$info = stristr($info, 'gd version');
preg_match('/\d/', $info, $match);
if ($match[0] < 2) {
echo "This module requires the GD Library version 2 or higher.";
}
}
}/**
* check if PEAR is installed
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*/
if (!class_exists('PEAR') || !(@include 'PEAR.php')) {
echo "This module requires the PEAR Library.";
}