at
· Tags: PHP, rsyslog, syslog
Configure (r)syslogd
vim /etc/rsyslog.d/99-custom-logging.conf
if $syslogfacility-text == 'local6' and $programname == 'log1' then /var/log/log1.log
if $syslogfacility-text == 'local6' and $programname == 'log1' then ~
if $syslogfacility-text == 'local7' and $programname == 'log2' then /var/log/log2.log
if $syslogfacility-text == 'local7' and $programname == 'log2' then ~
The logging code in PHP
openlog("gateway", LOG_PID|LOG_NDELAY, LOG_LOCAL6);
syslog(LOG_INFO, "Test message");
The logging results
tail -f /var/log/log1.log
May 25 21:23:35 thor log1[4354]: test3
Related posts:
- jsLogger: JavaScript logging utility
- SMTP Telnet Session
- Apache2 deflate setup
- Simple RADIUS XML dump PHP script
- Automatic Generate JUnit Tests
- PHP Professional Tip #1 – Type Hinting
Permalink
at
· Tags: apache, C++, compile, facebook, gcc, hiphop, LAMP, llvm, performance, PHP, Ubuntu, Zend
HipHop is a source code transformer which transforms PHP source code into highly optimized C++ and then compiles it using g++.
Required packages
sudo apt-get install cmake g++ libboost-dev flex bison re2c libmysqlclient-dev libxml2-dev libmcrypt-dev libicu-dev openssl binutils-dev libcap-dev libgd2-xpm-dev zlib1g-dev libtbb-dev libonig-dev libpcre3-dev git-core autoconf libtool libcurl4-openssl-dev libboost-system-dev libboost-program-options-dev libboost-filesystem-dev
Get the HipHop source-code
mkdir hiphop
cd hiphop
git clone git://github.com/facebook/hiphop-php
cd hiphop-php
export CMAKE_PREFIX_PATH=`/bin/pwd`/../
export HPHP_HOME=`/bin/pwd`
export HPHP_LIB=`/bin/pwd`/bin
git submodule init
git submodule update
cd ..
Building third-party libraries
libevent
wget http://www.monkey.org/~provos/libevent-1.4.13-stable.tar.gz
tar -xzvf libevent-1.4.13-stable.tar.gz
cd libevent-1.4.13-stable
cp ../hiphop-php/src/third_party/libevent.fb-changes.diff .
patch < libevent.fb-changes.diff
./configure --prefix=$CMAKE_PREFIX_PATH
make
make install
cd ..
ICU4
wget http://download.icu-project.org/files/icu4c/4.2.1/icu4c-4_2_1-src.tgz
tar -xvzf icu4c-4_2_1-src.tgz
cd icu/source
./configure --prefix=$CMAKE_PREFIX_PATH
make
make install
cd ../../
libCurl
wget http://curl.haxx.se/download/curl-7.20.0.tar.gz
tar -xvzf curl-7.20.0.tar.gz
cd curl-7.20.0
cp ../hiphop-php/src/third_party/libcurl.fb-changes.diff .
patch -p0 < libcurl.fb-changes.diff
./configure --prefix=$CMAKE_PREFIX_PATH
make
make install
cd ..
Build HipHop
cd hiphop-php
cmake .
make
Related posts:
- Howto: Install Ruby and Rails on Debian or Ubuntu
- Ubuntu Howto: Install Oracle
- Ubuntu Howto: Install Sun Java
- Ubuntu Howto: Install Xen
- Howto Install Carwhisperer on Ubuntu 9.10
- Howto: Install Windows Vista Fonts in Ubuntu
- Ubuntu Howto: Install Ruby and Ruby on Rails
- Howto install Java on Debian Sarge
- Howto Install Oracle on Debian
- Howto Install Fedora From a USB Flash Key Drive
Permalink
at
· Tags: Debian, Linux, MySQL, optimization, performance, PHP, slow query log analyzer, web application
From time to time I’m doing some experiments on my server that is hosting this blog. Recently I found out that my blogging software used here, WordPress, missed some indexes in the MySQL database.
This article from MySQL Performance Blog explains how to log slow queries and how to identify queries, which do not use indexes.
MySQL has simple but quite handy feature – slow query log, which allows you to log all queries which took over define number of seconds to execute. There is also an option to enable logging queries which do not use indexes even if they take less time (–log-queries-not-using-indexes)
Slow query log is great to spot really slow queries which are often good candidates for optimization but it has few serious problems which limits extent to which it is helpful. First – it only allows you to set slow query time in seconds, having 1 second minimum value. For most of interactive applications this is way too large – if you’re developing Web application you probably want whole page to be generated less in 1 second, which issues many queries during generation. Second – if you enable option to log queries which do not use indexes it well can be flooded with fast and efficient queries, which just happen to do full table scans – for example if you would be having drop down list of states in your application and use SELECT * FROM STATES for that it would trigger and log the query.
Related posts:
- Optimize MySQL Performance With MySQLTuner
- Troubleshooting PHP Sqlite Query Error: Unable to open database
- MySQL Performance Monitoring and Optimization Tools
- Windows Developers Begin Slow Defection to Linux
- Optimize MySQL for Low Memory Use
- MDB Tools to export (migrate) from mdb (Microsoft Access format) to MySQL
- Howto: How to Reset the MySQL Root Password
- Simple RADIUS XML dump PHP script
- PHP 5.2 and APC (Alternative PHP Cache) Performance
- MySQL Concatenate: Adding String At The End Of Field Data
Permalink
at
· Tags: apache, google, GWT, internal tools, Java, JavaScript, PHP, security, software license, sql, web, Web App Security Tool, Web Application Security Consortium, web applications, web-based applications, XSS
Slashdot | Google Gives Away Web App Security Tool
Google has released for free one of its internal tools used for testing the security of Web-based applications. Ratproxy, released under an Apache 2.0 software license, looks for a variety of coding problems in Web applications. A 2006 survey by the Web Application Security Consortium found that 85.57 percent of 31,373 sites were vulnerable to cross-site scripting attacks, 26.38 percent were vulnerable to SQL injection and 15.70 percent had other faults that could lead to data loss.
Related posts:
- Awareness: Web Application Security
- PHP Source Code Security Audit Tool
- Voices That Matter: GWT – Security
- Test your environment’s security with BackTrack
- Dalvik: How Google routed around Sun’s IP-based licensing restrictions on Java ME
- Germany warns users against Internet Explorer
- Track file downloads and outgoing links with Google Analytics
- Google sitemaps
- Experimenting with Google Web Toolkit (GWT)
- Google Gmail on your own domain
Permalink
at
· Tags: gmail, mail server, PHP, PHP Gmail, php send mail gmail, PHPMailer, phpmailer gmail, phpmailer sendmail, phpmailer smtp ssl, SMTP, ssl
This short guide explains how to use gmail as mail server using PHP and PHPMailer.
Download PHPMailer
Download PHPMailer from http://phpmailer.sourceforge.net – direct link.
Extract and upload
Extract the PHPMailer-packages to a folder named phpmailer2 or any other folder name. Afterwards upload the folder to a PHP-enabled webserver.
Implement into code
Implement the PHPMailer function into the existing E-Mail-code as shown in the included examples.
Gmail specific settings
The following settings are needed in order to use Gmail as mail-hub and SMTP server.
$mail->Mailer = "smtp";
$mail->Host = "ssl://smtp.gmail.com";
$mail->Port = 465;
$mail->SMTPAuth = true; // turn on SMTP authentication
$mail->Username = "username@gmail.com"; // SMTP username
$mail->Password = "password"; // SMTP password
My experience using Gmail as SMTP server
So far I haven’t got any problems. Their service is always online and available, which is quite opposite to what I have experienced with my low budget hosting provider so far.
Related posts:
- S/MIME for Gmail
- Google Gmail on your own domain
- GMAIL from Linux CLI interface
- Crack Windows Password
- Jailbreak iPhone 3GS Using redsn0w (Windows)
- OpenSSH: Disabled Reverse DNS Lookup
- SMTP Telnet Session
- Howto: Convert an OpenSSL key to a public/private OpenSSH key-pair
- Howto Crack Rar, 7z, and zip files in Linux
- Howto: How to Reset the MySQL Root Password
Permalink
at
· Tags: .Net, AJAX, apache, django, Firefox, GWT, howto, insecure and vulnerable web applications, Internet Explorer, Java, JavaScript, Open Source, Opera, OWASP, PCI, PCIDSS, PHP, Python, RoR, Ruby, Ruby on Rails, Safari, security, Tutorial, up-coming web developers, web application, web application security, web applications, web-based applications, XSS
Developing a web applications is often articulated as easy and a good thing for new programmers to start with. Many books and tutorials have been written on the subject, and many frameworks and programming languages have been built to facilitate quick construction of web applications. Just one thing bothers me about this, many of the books and tutorials ignore many of the security issues that are related to building web applications. This fact might explain why we do have such a huge number of insecure and vulnerable web applications around on the net.
Anyway, it is not just bad – a number of initiatives have been formed to communicate the need for security and web-based applications. One of these initiatives is OWASP, which is an open-source application security project. The OWASP community includes corporations, educational organizations, and individuals from around the world. This community works to create freely-available articles, methodologies, documentation, tools, and technologies.
OWASP’s most successful documents include the book-length OWASP Guide and the widely adopted OWASP Top 10 awareness document. The most widely used OWASP tools include their training environment WebGoat, their penetration testing proxy WebScarab, and their OWASP .NET tools. OWASP includes roughly 100 local chapters around the world and thousands of participants on the project mailing lists. OWASP has organized the AppSec series of conferences to further build the application security community.
Hopefully initiatives like OWASP will provide up-coming web developers with a awareness of the security issues related to development of web application and enable them to avoid the classic pitfalls in web application security. At least so far I have learned a lot from OWASP articles and guides.
Related posts:
- Google Gives Away Web App Security Tool
- PHP Source Code Security Audit Tool
- 68 Linux Related Free E-books
- Voices That Matter: GWT – Security
- Test your environment’s security with BackTrack
- Popular Photoshop Tutorials
- Firefox Flash Interaction Bug: I Cannot Click In Flash Application e.g. Youtube
- soapUI: Easy Webservice Invocation and Testing Application
- Top 15 Free SQL Injection Scanners
- Slow Query Log Analyzes Tools
Permalink
at
· Tags: AJAX, Links, Linux, Open Source, open source tool, PHP, php code audit, php security audit, php security tools, security auditing tool, web applications
Security in applications and security in web applications has come into prominence. One way to enhance security is by reviewing the code with a security auditing tool, which is a new open source tool to do static analysis of php code for security exploits.
Download the Spike PHP Security Audit Tool here.
Howto use the Spike PHP Security Audit Tool
Unzip and install
unzip spike_phpSecAudit.zip
Execute the run.php, passing the file name or directory to audit. Note that the –src option is mandatory.
php /path/to/spike_phpSecAudit/run.php --src test_file.php
or
php /path/to/spike_phpSecAudit/run.php --src dir_name
Get Help
php run.php --help
Related posts:
- Google Gives Away Web App Security Tool
- Awareness: Web Application Security
- Card Security Code (CSC) and Card Verification Value (CVV)
- Test your environment’s security with BackTrack
- Executing SQL Statements from a Text File
- Syntax Highlight Code in WordPress Posts
- Howto Install Ruby and Ruby on Rails on Debian Etch 4.0
- Voices That Matter: GWT – Security
- Howto PHP / Java bridge on Debian
- Hack Wireless WEP Network
Permalink
at
· Tags: AJAX, http, Open Source, Open Standards, PHP, SOA, soap ui client, soap ui interview questions, soapui debian, soapui interview questions, soapUI ubuntu, web services
Permalink
« Previous entries Next Page » Next Page »