PHP

Warning message

JQuery Cycle must be installed in order to run the slideshow. Please go to Status Report for instructions.

Here we will provide posts related to PHP.

Sometimes you receive an error "The content on this page has either been modified by another user, or you have already submitted modifications using this form. As a result, your changes cannot be saved." .

The above error means

1) Either the problem is related to two users editing the same node
2) Or it can be related to max_input_vars in your php.ini

Solutions:

1) Clear cache of your browser
2) Edit php.ini file. Usually its located on /etc/php5/apache5/apache2/php.ini. Then find max_input_vars and increase it. Dont forget to restart the Apache server. If you are using suhosin then you also needs to change its values.

You can also change it with .htaccess file so that you dont need to restart the server:

php_value max_input_vars 2000 

If you are using suhosin you also need to add few more lines:

php_value suhosin.get.max_vars 2000
php_value suhosin.post.max_vars 2000
php_value suhosin.request.max_vars 2000

If you encode with base64 and provide in URL, its not user friendly because they will not appear as proper link. By default it produces a string which contains characters like "+", "=" and "/" which will not let it become a URL with underline. Even you use to generate in emails, only the sub part of your URL will appear as URL with underline and rest will be ignored and appeared as weird characters.

If you want to use it in URL string and get the values as $_GET or even use it in email, you need to make two custom functions for encoding and decoding:

// For Encoding
function base64url_encode($data) { 
  return rtrim(strtr(base64_encode($data), '+/', '-_'), '='); 
} 

// For Decoding
function base64url_decode($data) { 
  return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT)); 
}

Settings file protection by password encryption

Settings.php was criticized for storing the plain text MySQL username and password. This procedure will let us remove the username and password from the settings.php and let us put that credentials outside of the website directory and store into another folder which can be taken care by security team or server managing people.

To do this, include a line at the top of settings.php file:

require_once '../secure_mysite/secure_credentials.php';

This line specify that include a script called “secure_credentials.php” and if it’s not found, stop the script from further running. For now, we have created a secure folder called “dbpw” which we have stored outside of website directory. We stored our php script into this folder and call that script using above line inside settings.php.
This secure_credentials.php contain two function i.e. one for encryption and one for decryption.

secure_credentials.php

function encrypt_credentials($username, $password, $encrypted_key = NULL, $iv = NULL) {
  $method = "AES-256-CBC";
  $password_file = "/www/htdocs/secure_mysite/pass.txt";
  $key_file = "/www/htdocs/secure_mysite/key.txt";
  $wasItSecure = true;
  $ivlen = openssl_cipher_iv_length($method);
  $iv = openssl_random_pseudo_bytes($ivlen, $wasItSecure);

  if (!file_exists($key_file)) {
  	if(!$fh = fopen($key_file, "w")) { die("

Could Not Open Key File"); } $encrypted_key = openssl_random_pseudo_bytes(32); $result = fwrite($fh, $encrypted_key); fclose($fh); } $encrypted_data = openssl_encrypt($password, $method, $encrypted_key, 0, $iv); //create a file handler by opening the file if(!$fh = fopen($password_file, "w")) { die("

Could Not Open Password File"); } $txt = $username . ":" . $encrypted_data . ":" . $iv; $result = fwrite($fh, $txt); if($result) echo "Username and Password successfully encrypted and stored\n"; fclose($fh); } function decrypt_credentials($param) { $password_file = "/www/htdocs/secure_mysite/pass.txt"; $key_file = "/www/htdocs/secure_mysite/key.txt"; $method = "AES-256-CBC"; $filecontents = file_get_contents($key_file); $all_words = preg_split('/[\s]+/', $filecontents, -1, PREG_SPLIT_NO_EMPTY); if(!$fh = fopen($password_file, "r")) { die("

Could Not Open Password File"); } while(!feof($fh)) { $line = fgets($fh, 4096); $from_file = explode(":", $line); } $decrypted_pass = openssl_decrypt($from_file[1], $method, $all_words[0], 0, $from_file[2]); fclose($fh); return ($param == 'username') ? $from_file[0] : $decrypted_pass; }

Encryption Function:

function encrypt_credentials($username, $password, $rand_pass = NULL, $iv = NULL) {}

This function takes 4 parameters in which 2 are optional, but username and password is required. This function used AES-256-CBC encryption method to encrypt the password. To use the encryption properly I have used:

string openssl_encrypt ( string $data , string $method , string $password [, int $options = 0 [,string $iv = "" ]] )

For making this script more automatic and independent I have generated 3rd argument $encrypted_key in above function by using an inbuilt function openssl_random_pseudo_bytes(). This key will be stored in a separate key file called “key.txt”. The key will be generated only once when the program runs first time. If you want to generate a new or different key you have to delete key.txt file. The openssl_encrypt() function require one more parameter which is “iv” (initialization vector) as the 5h parameter. The “iv” is generated automatically in this script by PHP inbuilt function openssl_random_pseudo_bytes(). Then all these parameters passed into openssl_encrypt() function to generate the encrypted data. The generated data will be stored inside “pass.txt” file. This text file contain 3 parameters as well which are separated by “:” parameter.
Username: Encrypted Data: IV

To run the above function we need to run this command by CD into the folder and then run the command from the command line:

 php -r 'require "secure_credentials.php";encrypt_credentials("superman", "makeitsecure!#2");' 

Where superman is example of username and makeitsecure!#2 is the password.

You will only need to run this command with username and password. With this command it will call the encrypt_credentials() function inside the secure_credentials.php file and store the results in pass.txt file. File pass.txt will look something like this:

 superman:cmWK+ymPjL7vB5v4+FM39A==:°ß™™ÊÏ s߈ÜÄVë 

When the settings file will run it will call the decrypt function.
The two statements inside the settings file will call the decrypt function in the secure_credentials.php file.
decrypt_credentials('username')
decrypt_credentials('pass')

$databases = array (
  'default' => 
  array (
    'default' => 
    array (
      'database' => 'yourdb',
      'username' => decrypt_credentials('username'), //Note this statement
      'password' => decrypt_credentials('password'), //Note this statement
      'host' => 'localhost',
      'port' => '',
      'driver' => 'mysql',
      'prefix' => '',
    ),
  ),
);

When this function is called, it looks for the pass.txt, opens it and decrypt the password and send the password in the decrypted format to the Drupal back again.
By above process we are not storing the plain password anywhere and the password will be only known by the Person who will run the command line function. If he forgots the password, this command line function needs to be run once again.

By using the -r parameter we can run a script in-line.

php -r "require 'mylocation.php'; callmyfunc(143);"

where -r Run PHP without using script tags <?..?>

The above line will call callmyfunc() function with numeric argument 143 inside a mylocation.php file.
To run the above command you chould be in the directory where mylocation.php resides.

http://php.net/manual/en/features.commandline.options.php

Get the value of UTC time and convert it into unix timestamp and then convert that timestamp to date will give you exact local date and time.

$time = strtotime($dateInUTC.' UTC');
$LocalDate = date("Y-m-d H:i:s", $time);
// *convert array to object* 
// Array([id]=> 123 [username]=>techrappers)
$object = (object) $array_name;

//now it is converted to object and you can access it.
echo $object->username;

To increase your PHP Memory Limit (memory_limit) in your php.ini file. If you dont know where is your php.ini file, you can look at this post
http://techrappers.com/post/28/creating-custom-phpini-file-shared-server
Then look for the word memory_limit, default memory limit is 64 MB. Now you can increase it to either 128 MB or bigger number like 512 MB.

memory_limit = 128M  ;

You can also use :

ini_set('memory_limit','64M'); 

in your PHP script for example in index.php to increase the memory limit.

This error occurs when PHP requires more memory to execute a process than it is currently allocated.The above error tells that it requires more memory but currently having only around 64 MB of memory allocated.

To solve this issue you have to increase your PHP Memory Limit (memory_limit) in your php.ini file. If you dont know where is your php.ini file, you can look at this post
http://techrappers.com/post/28/creating-custom-phpini-file-shared-server
Then look for the word memory_limit, default memory limit is 64 MB. Now you can increase it to either 128 MB or bigger number like 512 MB.

memory_limit = 128M  ;

You can also use :

ini_set('memory_limit','64M'); 

in your PHP script for example in index.php to increase the memory limit.

Sometimes we use array_search for finding the value present in array and get the place(key) of that value. It is good to use that unless you are using the array which starts from 0th position . As array search returns the KEY of the matched value. Suppose if the Key if present on 0th position, then key is returned as 0 in the IF condition and IF understand 0 as FALSE, so that condition will never be executed because it will never pass the condition .

Solution : Use is_numeric() function inside the IF condition, so even the array_search functions returns 0, it will be still treated as TRUE by is_numeric.

For example :


/* Process IF condition on 0th key if evaluates TRUE */
  if (is_numeric($key = array_search($value_to_search, $array_to_search))) {
         // Your logic          
  }

 

To get all information about PHP :

 php -i 

To get only specific version of PHP

 php -v 

Pages

Subscribe to RSS - PHP