Chapter 2: Understanding and Avoiding Security Risks
Identifying the Sources of Risk
Minimizing User-Input Risks
Not Revealing Sensitive Information
Summary
Chapter 3: PHP Best Practices
Best Practices for Naming Variables and Functions
Best Practices for Function/Method
Best Practices for Database
Best Practices for User Interface
Best Practices for Documentation
Best Practices for Web Security
Best Practices for Source Configuration Management
Summary
Part II
Chapter 4: Architecture of an Intranet Application
Understanding Intranet Requirements
Building an Intranet Application Framework
Creating a Database Abstraction Class
Creating an Error Handler Class
Creating a Built-In Debugger Class
Creating an Abstract Application Class
Creating a Sample Application
Summary
Chapter 5: Central Authentication System
How the System Works
Creating an Authentication Class
Creating the Central Login Application
Creating the Central Logout Application
Creating the Central Authentication Database
Testing Central Login and Logout
Making Persistent Logins in Web Server Farms
Summary
Chapter 6: Central User Management System
Identifying the Functionality Requirements
Creating a User Class
User Interface Templates
Creating a User Administration Application
Creating a User Password Application
Creating a Forgotten-Password Recovery Application
Summary
Chapter 7: Intranet System
Identifying Functionality Requirements
Designing the Database
Designing and Implementing the Intranet Classes
Setting Up Application Configuration Files
Setting Up the Application Templates
Intranet Home Application
Installing Intranet Applications from the CD- ROM
Testing the Intranet Home Application
Summary
Chapter 8: Intranet Simple Document Publisher
Identifying the Functionality Requirements
The Prerequisites
Designing the Database
The Intranet Document Application Classes
Setting up Application Configuration Files
Setting Up the Application Templates
The Document Publisher Application
Installing Intranet Document Application
Testing Intranet Document Application
Summary
Chapter 9: Intranet Contact Manager
Functionality Requirements
Understanding Prerequisites
The Database
The Intranet Contact Manager Application Classes
The Application Configuration Files
The Application Templates
The Contact Category Manager Application
The Contact Manager Application
Installing Intranet Contract Manager
Testing Contract Manager
Summary
Chapter 10: Intranet Calendar Manager
Identifying Functionality Requirements
Understanding Prerequisites
Designing the Database
The Intranet Calendar Application Event Class
The Application Configuration Files
The Application Templates
The Calendar Manager Application
The Calendar Event Manager Application
Installing the Event Calendar on Your Intranet
Testing the Event Calendar
Summary
Chapter 11: Internet Resource Manager
Functionality Requirements
Understanding the Prerequisites
Designing the Database
Designing and Implementing the Internet Resource Manager Application Classes
Creating Application Configuration Files
Creating Application Templates
Creating a Category Manager Application
Creating a Resource Manager Application
Creating a Resource Tracking Application
Creating a Search Manager Application
Installing an IRM on Your Intranet
Testing IRM
Security Concerns
Summary
Chapter 12: Online Help System
Functionality Requirements
Understanding the Prerequisites
Designing and Implementing the Help Application Classes
Creating Application Configuration Files
Creating Application Templates
Creating the Help Indexing Application
Creating the Help Application
Installing Help Applications
Testing the Help System
Security Considerations
Summary
Part III
Chapter 13: Tell-a-Friend System
Functionality Requirements
Understanding Prerequisites
Designing the Database
Designing and Implementing the Tell- a- Friend Application Classes
Creating Application Configuration Files
Creating Application Templates
Creating the Tell-a-Friend Main Menu Manager Application
Creating a Tell-a-Friend Form Manager Application
Creating a Tell-a-Friend Message Manager Application
Creating a Tell-a-Friend Form Processor Application
Creating a Tell-a-Friend Subscriber Application
Creating a Tell-a-Friend Reporter Application
Installing a Tell-a-Friend System
Testing the Tell-a-Friend System
Security Considerations
Summary
Chapter 14: E-mail Survey System
Functionality Requirements
Architecture of the Survey System
Designing the Database
Designing and Implementing the Survey Classes
Designing and Implementing the Survey Applications
Developing Survey Execution Manager
Setting Up the Central Survey Configuration File
Setting Up the Interface Template Files
Testing the Survey System
Security Considerations
Summary
Chapter 15: E-campaign System
Features of an E-campaign System
Architecting an E-campaign System
Designing an E-campaign Database
Understanding Customer Database Requirements
Designing E-campaign Classes
Creating Common Configuration and Resource Files
Creating Interface Template Files
Creating an E-campaign User Interface Application
Creating a List Manager Application
Creating a URL Manager Application
Creating a Message Manager Application
Creating a Campaign Manager Application
Creating a Campaign Execution Application
Creating a URL Tracking and Redirection Application
Creating an Unsubscription Tracking Application
Creating a Campaign Reporting Application
Testing the E-Campaign System
Security Considerations
Summary
Part IV
Chapter 16: Command-Line PHP Utilities
Working with the Command-Line Interpreter
Building a Simple Reminder Tool
Building a Geo Location Finder Tool for IP
Building a Hard Disk Usage Monitoring Utility
Building a CPU Load Monitoring Utility
Summary
Chapter 17: Apache Virtual Host Maker
Understanding an Apache Virtual Host
Defining Configuration Tasks
Creating a Configuration Script
Developing makesite
Installing makesite on Your System
Testing makesite
Summary
Chapter 18: BIND Domain Manager
Features of makezone
Creating the Configuration File
Understanding makezone
Installing makezone
Testing makezone
Summary
Part V
Chapter 19: Web Forms Manager
Functionality Requirements
Understanding Prerequisites
Designing the Database
Designing and Implementing the Web Forms Manager Application Classes
Creating the Application Configuration Files
Creating Application Templates
Creating the Web Forms Submission Manager Application
Creating the Web Forms Reporter Application
Creating the CSV Data Exporter Application
Installing the Web Forms Manager
Testing the Web Forms Manager
Security Considerations
Summary
Chapter 20: Web Site Tools
Functionality Requirements
Understanding Prerequisites
Designing the Database
Designing and Implementing the Voting Tool Application Class
Creating the Application Configuration Files
Creating the Application Templates
Creating the Vote Application
Installing the Voting Tool
Testing the Voting Tool
Summary
Part VI
Chapter 21: Speeding Up PHP Applications
Benchmarking Your PHP Application
Buffering Your PHP Application Output
Compressing Your PHP Application Output
Caching Your PHP Applications
Summary
Chapter 22: Securing PHP Applications
Controlling Access to Your PHP Applications
Securely Uploading Files
Using Safe Database Access
Recommended php.ini Settings for a Production Environment
Limiting File System Access for PHP Scripts
Running PHP Applications in Safe Mode
Summary
Part VII
Appendix A: What's on the CD-ROM
System Requirements
What's on the CD
Troubleshooting
Appendix B: PHP Primer
Object-Oriented PHP
Appendix C: MySQL Primer
Using MySQL from the Command- Line
Using phpMyAdmin to Manage MySQL Database
Appendix D: Linux Primer
Installing and Configuring Apache 2.0
Installing and Configuring MySQL Server
Installing and Configuring PHP for Apache 2.0
Common File/Directory Commands
Index
Wiley Publishing, Inc. End-User License Agreement
Nội dung
ACCESSFILENAME The AccessFileName directive defines the name of the per- directory access control configuration file. The default name .htaccess has a lead- ing period to hide the file in a normal directory listing under UNIX systems. The only reason to change the name to something else is to increase security by obscu- rity, which is not much of a reason. However, if you do change the file name to something else, make sure that you change the regular expression “^\.ht” to “^\.whatever”, where .whatever is the first view character of what you set AccessFileName to. FILES CONTAINER The following <Files . . .> container tells Apache to disal- low access to any file that starts with a .ht (that is, the .htaccess or .htpasswd). This corresponds to the default %AccessFileName%: <Files ~ “^\.ht”> Order allow,deny Deny from all </Files> TYPESCONFIG The TypesConfig directive points to the mime configuration file mime.types that resides in the default conf directory. You do not need to change it unless you have relocated this file. DEFAULTTYPE The DefaultType directive sets the Content-Type header for any file whose MIME type cannot be determined from the file extension. For example, if you have a file %DocumentRoot%/myfile, Apache uses the %DefaultType, which is set to text/plain, as the content type for the file. This means that when the Web browser requests and receives such a file in response, it will display the contents in the same way it displays a plain-text file. If you think most of your unknown file contents should be treated as HTML, use text/html in place of text/plain. IFMODULE CONTAINER The next <IfModule . . .> container tells Apache to enable the MIME magic module (mod_mime_magic) if it exists, and to use the %MIMEMagicFile% file as the magic information (bytes patterns) needed to identify MIME-type files. The default should be left alone unless you want to change the path of the magic file. Here’s an example: <IfModule mod_mime_magic.c> MIMEMagicFile conf/magic </IfModule> Appendix D: Linux Primer 801 34 549669 AppD.qxd 4/4/03 9:28 AM Page 801 HOSTNAMELOOKUPS The HostnameLookups directive tells Apache to enable DNS lookup per request if it is set to On. However, the default setting is Off, and therefore no DNS lookup is performed to process a request, which speeds up response time. Performing a DNS lookup to resolve an IP address to the host name is a time-consuming step for a busy server and should be done only using the logresolve utility. Leave the default as it is. ERRORLOG The ErrorLog directive is very important. It points to the log file ded- icated to recording server errors. The default value of logs/errors translates to %ServerRoot%/logs/error_log, which should work for you, unless you want to write a log in a different place. Generally, it is a good idea to create a log partition for keeping your logs. It also is preferable that your log partition be on one or more dedicated log disks. If you have such a hardware configuration, you might want to change the directive to point to a new log path. LOGLEVEL The LogLevel directive sets the level of logging that will be done. The default value of warn is sufficient for getting started. The LogFormat directives dic- tate what is logged and in what format it is logged. In most cases, you should be able to live with the defaults. CUSTOMLOG The CustomLog directive sets the path for the access log, which stores your server hits. By default, it uses the common log format (CLF), which is defined in the preceding LogFormat directive. Consider the advice about keeping logs on their own disk and partition, and make changes to the path if necessary. A good bit of advice for all logs, regardless of which directory you keep the logs in,is to make sure that only the parent server process has write access in that directory.This is a major security issue, because allowing other users or processes to write to the log directory can potentially enable someone unauthorized to take over your parent Web server process UID, which is nor- mally the root account. SERVERSIGNATURE The next directive is ServerSignature, which displays server name and version number and is a server-generated page such as dynamic directory index pages, error pages, and the like. If you feel uncomfortable about displaying your server information so readily to everyone, set it to Off. We do. ALIAS The Alias directive defines a new directory alias called /icons/ to point to /usr/local/apache/icons/ (that is, %ServerRoot%/icons/). The icon images stored in this directory are used to display dynamic directory listings when no %DirectoryIndex%-specified files are found in that directory. You should leave the 802 Part VII: Appendixes 34 549669 AppD.qxd 4/4/03 9:28 AM Page 802 alias alone unless you changed the path of the icons directory. The directory con- tainer that follows the alias definition sets the permission for this icon directory. We do not like the idea that it enables directory browsing (that is, dynamic direc- tory indexing) by setting Options to Indexes. You should change Options Indexes to Options -Indexes and not worry about the MultiViews option. SCRIPTALIAS The ScriptAlias directive is used to set a widely used CGI script alias directory /cgi-bin/ to point to /usr/local/apache/cgi-bin/ (that is, %ServerRoot%/cgi-bin/). If you plan to use CGI scripts from the main server, keep it; otherwise, remove this directive. Alternately, if you want to change the CGI script directory to another location, change the physical path given in the directive to match yours. Never set a CGI script path to a directory within your document root — that is, %DocumentRoot%/somepath — because keeping CGI scripts in your document root directory opens it to various security issues. Set your CGI script path and DocumentRoot at the same level. In other words, if you set DocumentRoot to /a/b/c/htdocs, then set ScriptAlias to point to /a/b/c/cgi-bin,not to /a/b/c/htdocs/cgi-bin or to /a/b/c/ htdocs/d/cgi-bin. Next, a directory container places a restriction on the %ScriptAlias% directory to ensure that no directory-level options are allowed. Here, the Options directive is set to None, which means that the contents of %ScriptAlias% cannot be browsed for security reasons and that symbolic links within the %ScriptAlias% directory are not followed. OTHER DIRECTIVES The rest of the directives— IndexOptions, AddIconByEncoding, AddIconByType, AddIcon, DefaultIcon, ReadmeName, HeaderName, IndexIgnore, AddEncoding, AddLanguage, AddCharset, BrowserMatch, are not required to get up and running, so they are ignored for now. You may want to consider changing two additional directives if necessary: LanguagePriority and AddDefaultCharset. AddType This directive allows you to add or override MIME configuration information stored in mime.types file. For example: AddType application/x-httpd-php .php Here the .php extension is associated with PHP scripts. Appendix D: Linux Primer 803 34 549669 AppD.qxd 4/4/03 9:28 AM Page 803 LanguagePriority By default, the LanguagePriority directive sets the default language to be en (English), which might not work for everyone in the world. You might want to change the default language to your native language, if it is supported. AddDefaultCharset AddDefaultCharset should be set to the character set that best suits your local needs. If you do not know which character set you should use, you can leave the default alone, find out which character set you should use, and change the default later. Starting and stopping Apache After you have customized httpd.conf, you are ready to run the server. For this section, we assume that you installed Apache in /usr/local/apache. If you did not, make sure that you replace all references to /usr/local/apache to whatever is appropriate for your system in the following discussion. Starting Apache Run the /usr/local/apache/bin/apachectl start command to start the Apache Web server. If apachectl complains about syntax errors, fix the errors in the httpd.conf file and retry. Check the %ErrorLog% log file (that is, /usr/local/apache/logs/error_log) for error messages (if any). If you see errors in the log file, you need to fix them first. Following are the most common errors: ◆ Not running the server as the root user. You must start Apache as the root user. After Apache is started, it will spawn child processes that will use the User and Group directives, specified UID and GID. Most people are confused by this issue and try to start the server using the user account specified in the User directive. ◆ Apache complains about being unable to “bind” to an address. Either another process is already using the port that you have configured Apache to use, or you are running httpd as a normal user but are trying to use a port below 1024 (such as the default port 80). ◆ Missing log file paths. Make sure that both the %ErrorLog% and %CustomLog% paths exist and are not writable by anyone but the Apache server. ◆ Configuration typo. Anytime you change the httpd.conf configuration file, run /usr/local/apache/apachectl configtest to verify that you do not have a syntax error in the configuration file. 804 Part VII: Appendixes 34 549669 AppD.qxd 4/4/03 9:28 AM Page 804 The quickest way to check whether the server is running is to try the follow- ing command: ps auxww | grep httpd This command uses the ps utility to list all the processes in the process queue and then pipes this output to the grep program. grep searches the output for lines that match the keyword httpd, and then displays each matching line. If you see one line with the word root in it, that’s your parent Apache server process. Note that when the server starts, it creates a number of child processes to handle the requests. If you started Apache as the root user, the parent process continues to run as root, while the children change to the user as instructed in the httpd.conf file. If you are running Apache on Linux, you can create the script shown in Listing D-2 and keep it in /etc/rc.d/init.d/ directory. This script allows you to auto- matically start and stop Apache when you reboot the system. Listing D-2: The httpd Script #!/bin/sh # # httpd This shell script starts and stops the Apache server # It takes an argument ‘start’ or ‘stop’ to receptively start and # stop the server process. # # Notes: You might have to change the path information used # in the script to reflect your system’s configuration. # APACHECTL=/usr/local/apache/bin/apachectl [ -f $APACHECTL ] || exit 0 # See how the script was called. case “$1” in start) # Start daemons. echo -n “Starting httpd: “ $APACHECTL start touch /var/lock/subsys/httpd echo ;; restart) Continued Appendix D: Linux Primer 805 34 549669 AppD.qxd 4/4/03 9:28 AM Page 805 . information stored in mime.types file. For example: AddType application/x-httpd -php .php Here the .php extension is associated with PHP scripts. Appendix D: Linux Primer 803 34 549669 AppD.qxd 4/4/03 9:28