Posts in category Web Development

PHP> Export simple MySQL query to .csv file

Aug08
2011 Written by Scott Rowley

The following will allow you to export your mysql queries from mysql to a csv file that can be opened in several spreadsheet softwares. You may need to change the , (comma) to a ; (semi-colon) depending on your software.

A note for those of you using my osTicket Reports MOD: This is not what I’m using for that.

<?php
$host = 'localhost';
$user = 'userName';
$pass = 'password';
$db = 'databaseName';
$table = 'tableName';
$file = 'export';
$link = mysql_connect($host, $user, $pass) or die("Can not connect." . mysql_error());
mysql_select_db($db) or die("Can not connect.");
$result = mysql_query("SHOW COLUMNS FROM ".$table."");
if (mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_assoc($result)) {
$csv_output .= $row['Field'].", ";
$i++;
}
}
$csv_output .= "\n";
$values = mysql_query("SELECT * FROM ".$table."");
while ($rowr = mysql_fetch_row($values)) {
for ($j=0;$j<$i;$j++) {
$csv_output .= $rowr[$j].", ";
}
$csv_output .= "\n";
}
$filename = $file."_".date("Y-m-d_H-i",time());
header("Content-type: application/vnd.ms-excel");
header("Content-disposition: csv" . date("Y-m-d") . ".csv");
header("Content-disposition: filename=".$filename.".csv");
print $csv_output;
exit;
?>
Posted in MySQL, PHP - Tagged csv, dev, development, excel, export, file, libre, MySQL, office, open, php, web

Web Dev> PHP created random password

Jul22
2011 Written by Scott Rowley 
<?php
// The letter l (lowercase L) and the number 1
// have been removed, as they can be mistaken
// for each other.
function RandomPass() {
// Comment the first line to exclude special characters
$chars = "!@#$%^&*";
$chars .= "abcdefghijkmnopqrstuvwxyz023456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
srand((double)microtime()*1000000);
$i = 1;
$pass = '' ;
// Number of digits we'd like to have our password be
$n = 8;
while ($i < $n) {
$num = rand() % strlen($chars);
$tmp = substr($chars, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
// Usage
$password = RandomPass();
echo "Random password is: $password";
?>
Tagged create, dev, development, microtime, password, php, rand, random, return, srand, substr, web, while

Joomla> Repair c99madshell hacked site

Jun07
2011 Written by Scott Rowley

This is information on removing the c99madshell hack that can get into some Joomla 1.5 sites. Most of this content is an original article of News Blog. I was only able to find one portion of this myself before finding their article, kudos and thanks go to them.

If you see the following Joomla error appearing on most Joomla pages including admin section

File Not Found The requested URL was not found on this server
OR
If you have a list of spam links

then your installation has likely been compromised. There is a security bug in Joomla 1.5 allowing a hacker to reset your admin password.

You should take the following steps to get rid of the error message and secure your Joomla:
READ MORE »

Posted in Joomla - Tagged button.gif, c99madshell, file, found, hack, Joomla, not, response.php, spam, tw4x

Web Dev> Password protect webpage(s) with PHP & LDAP

May27
2011 Written by Scott Rowley

The title says it all, this will allow you to restrict the access to a page or pages running php with access to LDAP. I’ve used this a few times for some internal things we don’t want everyone getting access to or similar scenarios. As always if it works for you, please leave a comment and if it doesn’t please leave a question and I’ll see what I can do to help you out.

Enable LDAP

First thing you’ll need to do is to install ldap for php & enable the needed mods, ldap.load & authnz_ldap.load

On Ubuntu:

apt-get update

apt-get install php5-ldap

cd /etc/apache2/mods-enabled

ln -s ../mods-available/ldap.load ldap.load

ln -s ../mods-available/authnz_ldap.load authnz_ldap.load

apache2ctl graceful

READ MORE »

Posted in Ubuntu - Tagged apache, apache2ctl, authnz_ldap.load, graceful, ldap, ldap.load, login, mods-available, mods-enabled, php, php5-ldap, restricted, secure, security

Web Dev> Meta-Redirect

Apr27
2011 Written by Scott Rowley

I keep forgetting this and I keep needing it — so I’m just finally going to make note of it here:

<meta HTTP-EQUIV="REFRESH" content="0; url=http://www.yourdomain.com/index.html">

The zero in this case is the amount of time before a reload (so if you wanted to you could say something like “This page is no longer here — redirecting you in 3 seconds” and then change it to a 3. This code needs to be placed within the <head> tags.

Tagged dev, development, meta, redirect, web

Web Dev> Allow users to upload multiple files

Apr12
2011 Written by Scott Rowley

In this particular example we are allowing users to upload up to 4 image files at a time (we will specify jpeg, jpg, gif, png, and bmp to be allowed). We will also restrict the size to less than 2mb (16777216 bits)

First we need the page containing our form for uploading the files:

file.php

<form enctype="multipart/form-data" action="upload.php" method="post">
Image1: <input name="file[]" type="file" /><br />
Image2: <input name="file[]" type="file" /><br />
Image3: <input name="file[]" type="file" /><br />
Image4: <input name="file[]" type="file" /><br />
<input type="submit" value="Upload" />
</form>

Now we need the file that will actually do all the work:

upload.php

<?php
$success = 0;
$fail = 0;
$uploaddir = 'images/';
for ($i=0;$i<4;$i++)
{
if($_FILES['file']['name'][$i])
{
// Allow only up to 2mb images
if($_FILES['file']['size'][$i] < 16777216){
$uploadfile = $uploaddir . basename($_FILES['file']['name'][$i]);
$ext = strtolower(substr($uploadfile,strlen($uploadfile)-3,3));
if (preg_match("/(jpeg|jpg|gif|png|bmp)/",$ext))
{
if (move_uploaded_file($_FILES['file']['tmp_name'][$i], $uploadfile))
{
echo " http://example.com/" . $uploadfile . "<br>";
$success++;
}
else
{
echo "Error Uploading the file. Retry after sometime.\n";
$fail++;
}
}
else
{
$fail++;
}
}else{echo "Error uploading file, file is too large";
$fail++;}
}
}
if($success > 0){
echo "<br>Number of files successfully uploaded: " . $success;
}else{
echo "<br>Number of files failed: " . $fail;
}
?>

Web Dev> HTML form ‘Back’ button

Apr07
2011 Written by Scott Rowley

It may be necessary at some point to send a user back to a previous page. This could be useful in cases such as errors or letting a customer review information and go back to change it.

<form><input type="button" value="Back" onClick="history.go(-1);return true;"></form>

The -1 indicates to go back a single page.

Tagged back, button, form, html

Web Dev> Password protect apache directory with LDAP & .htaccess

Apr06
2011 Written by Scott Rowley

First thing you’ll need to do is to enable the needed mods, ldap.load & authnz_ldap.load These come preloaded with most linux, you’ll just need to enable them.
On Ubuntu:

Enable LDAP Authentication

cd /etc/apache2/mods-enabled
ln -s ../mods-available/ldap.load ldap.load
ln -s ../mods-available/authnz_ldap.load authnz_ldap.load
apache2ctl graceful

.htaccess

You should now be able to implement the following wherever desired:
Example .htaccess file

Order deny,allow
Deny from All
AuthName "Restricted Page - login with LDAP credentials"
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPUrl ldap://ldap.example.com/ou=admins,o=LDAPROOT?adminUser
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require valid-user
Satisfy any
<Files .htaccess>
order allow,deny
deny from all
</Files>

Note that ‘?adminUser’ on the end of the AuthLDAPUrl line is whatever object you use in your configuration.

Apache Config

/etc/apache2/sites-available/default
Make sure the following is set (the default is AllowOverride AuthConfig)

AllowOverride All
Posted in Ubuntu - Tagged htaccess, ldap, password, protect, security, ubuntu

Web Dev> Force users from http to https

Apr05
2011 Written by Scott Rowley

Tested and verified working for *nix servers:

Add the following to your .htaccess file in the root of your website:

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{SERVER_PORT} =80
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI}

I don’t work with IIS so check the following link for information on setting up the redirect on IIS servers:
http://www.sslshopper.com/iis7-redirect-http-to-https.html

Posted in Ubuntu, Windows - Tagged apache, follow, force, htaccess, http, https, IIS, nix, options, rewrite, server, symlinks, user

Web Dev> Report on server script status using popen

Mar24
2011 Written by Scott Rowley

In your PHP page add something like the following:

$variable = popen("path/to/script.sh", 'r');
while (!feof($variable)) {
echo fgets($variable);
flush();
ob_flush();
}
pclose($variable);

Then in your script you can echo the output like normal — though I recommend modifying it to spit out HTML like so:

while [ 1 ]
do
read CURRENT_ACCOUNT || break
echo "Working with account $CURRENT_ACCOUNT…<br />";
done < list_of_accounts.txt

Then when you run the php page your webpage will be updated each time with the output of your script.sh until it is complete, then it will resume with the rest of your php code.

Posted in BASH
« Older Entries Newer Entries »

Corrections? Questions? Comments?

Find an error?
Everything work out great for you?
Have some feedback?
Like to see something added to the article?

PLEASE leave us a comment after the article and let us know how we are doing, or if something needs corrected, improved or clarified.

Thank you!
- The Management

Advertisement

Back to Top