CruzIT
Thursday June 01, 2023 - 9:08:29 AM

Registered Linux User #440901    


 
Login    Register
Login Required

PHP Information

This area is for examples of PHP scripting with links for the source code and general information on PHP server sided scripting. The two most recent versions are PHP4 & PHP5. The main focus here will be PHP5.
If you are a C++ (Object Oriented) person and are interested in learning a web language, then PHP is for you.

Please Note: Any code provided that writes out HTML entities like line breaks, images or forms is formatted to use valid XHTML format. This means, if you are not using XHTML, you will need to edit those tags accordingly.
For instance, if the code has “<br />” then change it to read “<br>”

Please Note 2: Most of the PHP code available on this site (so far) is for Linux or BSD based servers running some form of Apache web server.

If you would like some information on how to do something use the Contact Page. Someone will get back with you with an answer.

The PHP manual has information on just about everything you can do with PHP.
A great place that place to learn a wide variety of computer languages is W3 Schools.
This is a great place to get information on almost any computer programming language. Here's a link on their site specifically for PHP.

A quick word about safety --- DO NOT trust user input --- EVER.

Whenever user input is accepted, you should lock it down as much as you can. You only want to take in expected data and data-types to process.
escapeshellarg() is one quick way to escape some of the headaches associated with system shell commands. If you are not running your own server, you may not even have access to run shell commands from within php. There are good reasons for locking that off. It also limits some functionality. If you have an ISP or Hosting provider, you may have to ask very nicely to get that part turned on. Be prepared to show how your code will be protected.

Here' a quick example of how to use escapeshellarg().
Usage:

string escapeshellarg(string $argtoescape)

So for example you have a directory to get the listing of and asign it the variable of "$dirz".

<?php
$dirz="/var/www/statistics";
system(`ls `.escapeshellarg($dirz));
?>

This simple example makes the command run as binary safe. Note: The backtick operator (NOT single quotes) is a shortcut to shell_exec()
This is by no means the only way to lock down php and should not be considered the only thing you do to protect from things like XSS and XXS cracking attempts. Eventually we will have a section for that.

 

HowTo display dynamic text based on last modified time

This is a function to make it easy to display the highlighted text: new when a page was modified within the last fourteen (14) days.

This method requires a file that will be included in the page to be displayed.

First: Right click on this link and save it as “newtime.php” to your main directory. The original filename on this server is "newtime.code" If you left click on it, you will see the source code.
Second: Once included, just add a small addition to the link.
As an example, if you want to show when the home page named index.php is newer than fourteen days:

<p><a href="../index.php">HOME<?php echo newtime("index.php");?></a></p>

Remember, take a look at the source code if you want this to look exactly as we are doing on this site, you will need to add the CSS somewhere, (preferably in your .css file). The css to add is in the source code.

 

Howto deal with system commands in PHP

A couple of different ways to deal with system commands.

The first is to run a command and display the output. We'll be using the “ping” command. Remember, in a non-windbloze environment you would normally want to tell it how many times to ping something. Windbloze defaults to 4 pings.

<?php
echo '<pre>';
$pingsyscmd = system("ping www.live.com -c 14");
echo '</pre>';
?>

This should produce something like the following on a web page:

PING a134.g.akamai.net (96.17.110.66) 56(84) bytes of data. 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=1 ttl=54 time=35.6 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=2 ttl=54 time=35.2 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=3 ttl=54 time=35.3 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=4 ttl=54 time=35.3 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=5 ttl=54 time=35.2 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=6 ttl=54 time=35.7 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=7 ttl=54 time=35.5 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=8 ttl=54 time=35.2 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=9 ttl=54 time=35.4 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=10 ttl=54 time=36.0 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=11 ttl=54 time=35.4 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=12 ttl=54 time=35.1 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=13 ttl=54 time=35.4 ms 64 bytes from a96-17-110-66.deploy.akamaitechnologies.com (96.17.110.66): icmp_seq=14 ttl=54 time=35.2 ms --- a134.g.akamai.net ping statistics --- 14 packets transmitted, 14 received, 0% packet loss, time 13052ms rtt min/avg/max/mdev = 35.169/35.431/36.028/0.251 ms

That's fine if you want to only display the output. What if you need to do something with the output?
That's where you would want to use “shell_exec()”. The output of shell_exec() is a string.

An example would look something like this:

<?php
echo '<pre>';
$pingshell = shell_exec("ping www.google.com -c 3");
$linez = substr($pingshell, -82, 300);
print $linez;
echo '</pre>';
?>

This should produce something like the following on a web page:

0% packet loss, time 2000ms
rtt min/avg/max/mdev = 35.951/36.034/36.133/0.172 ms

This is just an example of how to deal with the command output as a string. Basically just assign the command as a variable and do what you want with the output. There will be another example of shell_exec() shortly.

 

Howto disk space information

Total available space on this partition: 38195 MB
Total free space: 19440 MB
Total used space: 18756 MB
% used space: 49 %

Collecting For A Server Upgrade  

Howto Linux System Information

Uptime:
 09:08:29 up 175 days, 24 min,  0 users,  load average: 0.00, 0.01, 0.00

System Information: Linux www01 4.15.0-194-generic #205-Ubuntu SMP Fri Sep 16 19:49:27 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Memory Usage (MB): total used free shared buff/cache available Mem: 15530 2317 1227 3 11985 12828 Swap: 2047 2 2045
Disk Usage: Filesystem Size Used Avail Use% Mounted on /dev/vda1 38G 17G 19G 47% / udev 12G 0 12G 0% /dev tmpfs 7.8G 0 7.8G 0% /dev/shm tmpfs 2.3G 780K 2.3G 1% /run tmpfs 5.0M 0 5.0M 0% /run/lock tmpfs 7.8G 0 7.8G 0% /sys/fs/cgroup
CPU Information: processor : 0 model name : QEMU Virtual CPU version 2.0.0 processor : 1 model name : QEMU Virtual CPU version 2.0.0 processor : 2 model name : QEMU Virtual CPU version 2.0.0 processor : 3 model name : QEMU Virtual CPU version 2.0.0 processor : 4 model name : QEMU Virtual CPU version 2.0.0 processor : 5 model name : QEMU Virtual CPU version 2.0.0 processor : 6 model name : QEMU Virtual CPU version 2.0.0 processor : 7 model name : QEMU Virtual CPU version 2.0.0 processor : 8 model name : QEMU Virtual CPU version 2.0.0 processor : 9 model name : QEMU Virtual CPU version 2.0.0 processor : 10 model name : QEMU Virtual CPU version 2.0.0 processor : 11 model name : QEMU Virtual CPU version 2.0.0 processor : 12 model name : QEMU Virtual CPU version 2.0.0 processor : 13 model name : QEMU Virtual CPU version 2.0.0 processor : 14 model name : QEMU Virtual CPU version 2.0.0 processor : 15 model name : QEMU Virtual CPU version 2.0.0

“Windows - Just Say No”

Time since last reboot: 175 days, 0 hours, 24 minutes, 10 seconds

Page generated in zero point five six (0.56) seconds.

@ Active Member Project Honeypot  email addresses

This page was last modified on 09/1/18 @ 10:33:49:pm
This file name: info_php.php

Questions, Comments, Suggestions or Requests should be sent to:  ronnie@cruzit.com 

There have been  56517  Unique Visitors (IP Addresses) to this site.

Current users online : 19
Maximum users at a time : 26
Last 25 attacks have come from:
134.209.99.103
179.43.180.18
86.48.28.141
43.133.35.4
37.187.76.13
3.75.170.117
193.29.13.232
154.6.95.4
103.187.106.15
43.128.168.129
37.187.158.97
43.156.39.167
45.88.223.160
66.249.73.46
185.225.74.169
43.156.120.16
137.116.141.77
154.221.16.86
68.178.200.242
43.156.44.99
43.134.131.113
139.99.61.204
179.43.142.43
4.236.144.116
43.156.39.87

There are currently 25 unique IP addresses blacklisted.

Public cruzit.com Server Status
server offline dbc001  db cluster service
 Aw Crap!, It's Off-Line
server online www03  web service
 Is On-Line
server online www  web service
 Is On-Line
server online mx 08  mail service
 Is On-Line
server online www ha  F/O web service
 Is On-Line
server online mx 11  mail service
 Is On-Line
server online Primary  Client DNS
 Is On-Line
server online Secondary  Client DNS
 Is On-Line

©Copyright 2004-2023 - cruzit.com - Redd Enterprises™, Inc.,  All Rights Reserved.
Ubuntu® is a registered trademark of Canonical Ltd.
Linux® is a registered trademark of Linus Torvalds.
Apache® is a registered trademark of The Apache Software Foundation.
PHP® is a registered trademark of The PHP Group.
The MariaDB® a registered trademark of the MariaDB Corporation Ab.
MySQL® is a registered trademark of the Oracle Corporation Inc.
All other product and service names mentioned are the trademarks of their respective companies.

 

pretrial
pretrial
pretrial
pretrial
Let us know what you think! finance@homelandcomputersecurity.com