This is part third and final part in my PHP command line tutorial series. If you didn’t see parts 1 and 2:

Command Line PHP: Part 1

Command Line PHP: Part 2

This post is continuing on my three-part series on command line PHP programming. Missed part one? It’s right behind you. This part will go over command execution and processes.

PHP isn’t just for websites anymore. In fact, almost every script I’ve written to perform server-side functions is either written in bash or PHP, rather than Perl or Python as preferred by my colleagues. It’s a common belief that PHP isn’t suited for CLI programming since it’s mainly used in web applications, but PHP has over a hundred functions specifically intended for system management.

These kinds of posts can be rather lengthy, so I’m making this into a series with three parts.  Part 1 will go over the basic filesystem functions. You can find a complete listing here, but I’ll just go over a few of the more important and common ones.

This was a particularly annoying error message that was occurring for one of my legacy plugins that I refuse to get rid of. There are a lot of sites that indicate the problem is with a failed upgrade or misnamed database tables,but for me it was simply an issue with an old plugin and wasn’t happening anywhere else.

My fix was to edit the plugin file and change instances of admin_head to admin_menu . It’s apparently just a compatibility issue with newer WP versions.

Quick quiz: What does a hosting provider do when they know they’ve messed up and don’t want to deal with the fallout?

You apparently blame WordPress.

Don’t get me wrong here – being behind the scenes of server management for a webhosting company makes you the target of a lot of accusations.  And yes, most of the time when a user’s site gets hacked it’s their own damn fault. But in this case, Network Solutions is apparently trying to push their issues off on WordPress because they don’t want to admit they f***cked up.

Well, WordPress is pissed.  I logged into my dashboard today and the first thing I see in my news feed is:

A web host had a crappy server configuration that allowed people on the same box to read each others’ configuration files, and some members of the “security” press have tried to turn this into a “WordPress vulnerability” story.

To highlight the best part:

I’m not even going to link any of the articles because they have so many inaccuracies you become stupider by reading them.

P.S. Network Solutions, it’s “WordPress” not “Word Press.”

Burned.

In short, Network Solutions acknowledged that most of the problem was due to users’ public_html and wp-config.php files being readable by other users on the server – something which could have easily been caused by the users setting the permissions of those files insecurely. But they took a shot in the dark and said that the problem was caused by WordPress putting cleartext database credentials in the wp-config.php file – something that just about every software developer does, as WordPress states:

WordPress, like all other web applications, must store database connection info in clear text. Encrypting credentials doesn’t matter because the keys have to be stored where the web server can read them in order to decrypt the data. If a malicious user has access to the file system — like they appeared to have in this case — it is trivial to obtain the keys and decrypt the information. When you leave the keys to the door in the lock, does it help to lock the door?

Good point. They also went on to say that a properly configured web server will not allow users to access the files of another user, regardless of file permissions. This is why most hosts have switched to using suPHP or phpsuexec, a technology which Network Solutions was apparently left in the dark on. At least now they seem to be taking responsibility for the problem and are attempting to handle it.

I’m also going to state, based on comments in popular blogs from users that don’t know what the hell they’re talking about, that unless someone has access to view the source of a PHP file, they can’t see the database credentials. PHP files are executed server-side, and only their output is sent to the browser. Since the username and password are stored as variables and are not echoed out anywhere, someone simply calling wp-config.php from a browser can’t access your login data.

You’re probably going to find all kinds of fixes on various sites that this story is covered on, but I’m going to give the same advice I do for all my customers that have had sites hacked:

• Change your FTP and MySQL user passwords
• Replace all files on your site from a ‘clean’ backup
• Make sure the software on your site is up to date
• Scan your PC for viruses
• Choose a secure host

Remember that your site can get hacked regardless of who your host is or how secure they are, though your host has to take some level of responsibly for hacks that are caused by their own bad configuration, such as in the case with Network Solutions.

BlogSell

BlogSell is the next generation of managing blog income.  There are dozens of services out there that assist with buying and selling ads, but this one actually helps you keep track of all your banners and affiliate links, as well as various sources of blog income such as paid reviews, banners, and text links. Definitely a must-have for bloggers needing a more flexible platform for keeping track of their income sources, who want to do it all in one place.

Yola

Yola is offering something that most other web hosts and template services do not – free site hosting AND design for basic usage. The templates offered are actually very nice, but you can also purchase a series of upgrades based on what you actually need.  The price of custom design may be a bit steep for some people, but is still a lot less than hiring a freelancer.

FitClick

Move aside, Sparkpeople. No one really needs you anymore. FitClick is a free online weight loss service offering free weight loss programs, diet tips, and fitness/calorie trackers, with reportedly a much better user interface than Sparkpeople.  I’m not trying to call you fat, but umm…maybe you should take a look at this site.

MyPunchBowl

Party planning has never been sexier. MyPunchBowl is a free online party planner that lets you plan an event by recommending vendors, helping you to prepare lists, send out invitations, and shop for party favors and supplies. It even has a link to Facebook to help you promote your event.

ProjenyPM

This one was developed by a customer of IMH and introduced to me a couple months ago. It’s an online project management tool that goes above and beyond most other project management solutions out there, including the ability to manage employee timesheets, performance, and scheduling. This service is free for personal use, and moderately priced for business use.

I’d like to announce that my boyfriend of exactly 5 months has proposed to me…and of course I said yes!  We’re planning on getting married in mid-2011.

Working in the web hosting industry, I come across a lot of interesting sites and not surprisingly, I’ve found that a good number of new site owners have at least one of two goals in mind – to become well-known on the Internet, or to make money…sometimes even both.  It’s also not surprising to find out that less than an eighth of the people that have these goals will never meet them.

One of the more common trends I’ve noticed is the creation of free services.  No individual wants to pay for using things on the Internet nowadays, and anyone who has a choice between a paid and a free service will consider the free choice first.  Offering a free service also may mean big bucks for you in the long run, so if you were thinking about enhancing your presence on the Internet by offering a service, here are some tips to help get you started.

1) Come up with a solution

People turn to using services because they provide some kind of value that can help or solve a real-life issue. For instance, Mint.com offers free financial planning services. Facebook and MySpace offer social networking to help you keep in touch with other people. These services were unique to their time, which is why they are so popular – and now millions of people use them.  The first thing you should think about when starting any new service is what you can offer for people that may have a dilemma or need for efficiency. Stuck?  Carry a mini notebook around and jot down things that you do on a daily basis, then look back and think: Is there something on this list that would be easier to do or track if there was a something out there to help me out?  Also, don’t waste your time trying to clone free services that already exist unless you’re prepared to offer something that they don’t.  Instead, focus on coming up with something unique.

2) See what’s already out there

When I was in technical support, I would come across at least two customers every week that appeared to be starting some kind of social networking site, and some even admitted that they’re trying to launch the next MySpace.  Let’s get a reality check here – most of the popular social networking sites out there have been around for years and by now have millions of users, and are endorsed by multi-billion dollar companies.  You’re not going to have the next eBay or Youtube, so don’t waste your time trying.   When there are already hundreds of services offering the one that you’re trying to launch, you really need to know what you’re doing if you plan on being successful at reaching your target audience.  Your best bet at success is offering something that no one else does.

Instead, again, focus on bringing something new to the table or improving a service that isn’t as readily available.  One of the best ways to get attention for a free service is basing it off a paid one that is at least moderately successful.  The simple concept of something being free will entice your targeted audience to at least try it.

3) Figure out how you’re going to do it

Listen here, dreamer – if you want people to use your service, you have to do some a lot of technical planning.  Depending on what kind of service you’re starting, you may end up needing a design and custom content management software for your website, neither of which comes easy or cheap.  If you’re tech-savvy, expect to spend at least 10 hours a week for several months on development alone. If you’re not a technical person when it comes to programming and site design, well, let’s hope you have quite a bit of money saved up.

But – don’t just start throwing a bunch of junk together. You need to site down with a pencil and paper and plan out all the major aspects of your website before you get started.  This tends to be the most time-consuming part of the entire process if you’re doing this all yourself, because you have to think about how everything is going to tie together as far as programming, layout, and security.  Then there’s the actual doing of all this, which takes even more time.  Be aware of exactly what you’re needing and how long it’s actually going to take. Once you have a plan, start on it as soon as possible.  It helps to make an outline of what needs to get done, and then set deadlines for those items.

4) Think about maintenance

Running a service doesn’t end at its launch, that is, if you want your users to continue using it.  You need to think about how you’re going to support and maintain your service – your users may try to contact you every so often if they need help, or the site itself may eventually need maintenance and updates performed.  If you don’t think you’re going to be able to maintain the site yourself, see if you have any friends that will be willing to help out. Depending on how successful your service ends up, you may eventually need to hire staff members to help you maintain the site.

5) Make it free for them, but profitable to you

You’ll want to make all this worth your time, otherwise you’ll probably end up giving up.  Free services are almost always supported by paid ads, which offer a per-click or per-sale incentive for you.  Always consider putting ads or endorsements on the site that will bring in money, but make sure they are relevant to what your service is offering and they don’t affect the usability of the site.  Search places like Commission Junction for affiliate programs or other services that you think your users will find helpful. Either way, find ways to make your site profitable, whether it be supported by ads, or giving the option for users to upgrade to a paid service that offers a few more features.

6) Cover your ass

Believe it or not, people can pretty much be sued for anything nowadays, regardless of how stupid it is.  I’m not saying that you need to hire a lawyer, but you need to make sure your bases are covered when it comes to dealing with people that are either just out for money, or want to take things to the extreme by holding you accountable for their problems. Anytime you offer a service, you’re going to have people who are not satisfied.  Therefore, you’ll want to draft a Terms of Use and/or legal document on your site specifically stating that you’re not responsible for what your users do, or how your service works.  Basically, don’t offer any kind of guarantee, and let your users know that they are using your service at their own rish.  The exception is in cases where personal information is stolen, as if you obtain and store such information on your site you are responsible for its security.  That also brings up the point that you should avoid obtaining personal information for your members that isn’t necessary for then to use your site.  If you do have to obtain such information, take a few extra steps to secure it and cover yourself against liability by encrptying information and getting PCI certified by a trusted provider.

7) Make it known

You need to get the word out about what you’re trying to do, and set it up far enough in advance to where people are actually looking forward – and waiting anxiously – to using your service. This means using Twitter, Facebook, and other social media networks to tell everyone about the site, and reach out to other blog owners that may be interested in posting about it.  You’ll want to start letting people know about it at least 2-4 weeks before your expected launch date.  Your site should have a visually-friendly page up indicating what services and features you will offer, when they will be available, and that it’s free.  It may also be worth setting up a mailing list that people can opt into so they are notified of updates, and purchasing ad space on more popular sites, which can eventually pay off if your service is a success.

8) Stick with it

One of the hardest parts of starting anything is sticking with it. In this case, you may be looking at a project lasting six months to well over a year.  If you think about giving up, motivate yourself by thinking about how much money you’re going to make, or how you’re going to be helping people.  If you find yourself in a bind, consider getting help or making your goals a little more realistic.

Those of you who are regular readers of my blog know that I’m a huge fan of open source software. I don’t think it’s smart for people to drop upwards to thousands of dollars on software unless they have that kind of money to waste, or have a need that isn’t being met by the open source community.  And then there are the less legal alternatives, which I’m not against, but then again I can’t promote them here, either =)

So here’s a nice list of open source alternatives for people who want to save money by using open source software.

1) Use Linux instead of Windows

The transition from Windows to Linux is not as hard as you may think it is. When people think Linux, they think of an ugly black and white command prompt. This may be true if you’re thinking of running Linux as a server, but as a desktop you have a GUI similar to Windows and Mac, in the form of KDE or Gnome.  If you have applications that require Windows, you can usually run them by installing a program called Wine.  It can take a little getting used to, but for those buying a new PC or refurbishing an old one, Linux is the route to go if you want to save money and get better performance, security, and stability than you’ll ever get with Windows.  For newbies, I’d recommend Ubuntu or Fedora.

2) Use Gimp instead of Adobe Photoshop

Adobe Photoshop will run you between $700 and $1000, maybe less if you purchase from an independent software distributor. If that’s a little steep for you, consider using Gimp instead. It has a lot of the same functionality of Photoshop, and can read files created in Photoshop (.PSD) as well.  My sister is a photographer and just when she thought she was used to Photoshop, I introduced her to Gimp so she can do her photo editing outside of school, and she said it does as good of a job as Photoshop does. Similarly, I hear that Inkscape makes an excellent alternative to Adobe Illustrator.

3) Use OpenOffice instead of Microsoft Office

My Dad, who has headed the IT department of his company for years, didn’t believe me when I told him that the thousands his company was spending on Microsoft Office licenses every couple years could be a waste of money, since OpenOffice has the same kind of functionality. The base package of OpenOffice contains alternatives to Word, Excel, PowerPoint, and Access, all of which have the same familiar interfaces and support for files created in their proprietary alternatives, but without the expensive licensing costs and resource requirements. The  software in OpenOffice also has a number of features that the other does not.

4) Use Thunderbird or Evolution instead of Outlook

Outlook sucks. I can’t tell you how many calls I got about it when I was in technical support, where email would suddenly stop working and the customer wouldn’t want to believe that their beloved Outlook was the problem. It usually comes bundled as part of the Microsoft Office suite, but you can buy it standalone. Why would you want to? Thunderbird is free, and a lot more efficient, feature-rich, stable, and secure than Outlook. Love the Outlook feel? Evolution is the Linux alternative to Outlook, only it doesn’t suck as much.

5) Use ClamAV or AVG Instead of Norton, TrendMicro, or McAfee

I’ve heard from many people that even though ClamAV is free, it’s better than its leading enterprise alternatives. It also works on Windows (Via ClamWIN) and Linux. Need a firewall too, but don’t want the steep cost of Norton Personal Firewall? Consider APF or Smoothwall.

6) Use Turbocash instead of Quickbooks or Microsoft Money

I personally haven’t used Quickbooks before, but I heard it’s comparable to Turbocash, which is perfect for smaller organizations or individuals needing software for finance management.

7) Use VirtualBox  instead of Microsoft Virtual PC, VMWare, or Parallels Desktop

I generally used Virtual PC in the past to play with other operating systems, but you may find a use for it if you’re a software developer or you have applications that work on one OS but not another. Virtual PC usually ends up being free quite some time after its initial release, but it only runs on Windows. VirtualBox is open source and runs on Linux, Mac, and Windows, and supports a large variety of guest operating systems.

8) Use OpenVZ instead of Virtuozzo

Virtualization with something like Virtuozzo isn’t the same as using something like VirtualBox in terms of mass-management of virtualized servers. If you’re offering VPS hosting or need to run multiple servers on one, you’ll want to use something like Virtuozzo.  Virtuozzo may be the best, but OpenVZ doesn’t fall far behind at all…and it doesn’t carry the multi-thousand dollar licensing costs.

9) Use OpenWorkBench instead of Microsoft Project

I’ve always found web-based software like dotProject to be more effective for project management, but if you need a more local solution for your PC, try Workbench instead of spending dough on Microsoft Project.

10) Use Partimage instead of Norton Ghost

Norton Ghost will generally cost around $70, but Partimate is free and essentially does the same thing. I’ll mention though that Norton Ghost only works on Windows, and Partimage only works on Linux. So Partimage is something you’d consider using if you’re switching from Windows to Linux and can’t use Norton Ghost anymore.

That was my question all through HostingCon last year. Almost every pillar seminar had some mention about “the cloud” outside of any context that meant anything other than finding an excuse to talk about cloud hosting.  But really, who cares about cloud hosting?

No really — I’d like to know who thinks cloud hosting is really worth its hype and would benefit a hosting provider offering shared hosting services.

You need special hardware and software to efficiently support a cloud hosting platform. It’s not like a cPanel server you can turn on and set up – and I so far haven’t come across any [good] user-side control panels available for cloud hosting. That means that you’re going to have to find a way to come up with your own.  Since the hardware is also specialized, I’m sure the scope of vendors is limited, and those vendors probably take full advantage of that by cranking up their prices.

And…

The purpose of cloud hosting is expandability and reliability. You have multiple servers working in tandem serving sites, so if one server has a problem, the others pick up the slack. Then if you plan on doing what other hosting providers so, you’ll charge your clients based on how much system resources they are using instead of changing their hosting plan every time they have a burst of traffic. The part about the stability is great – but the same can be achieved by load balancing.  And not limiting a user’s resources but charging them for what they actually use is great too – until they use too much, especially in conjunction with other users on the system who are coincidently “overusing” resources as well.  But you’re probably losing money, and fooling those customers into thinking that they can get away with running that junk on a shared server.  Thank you, Mr. Over-Cloudy Shared Hosting Provider, for providing a false sense of need to your customers so they cause a problem for the rest of us when they decide to switch hosts.  

I don’t know how they do it in the cloudy wonderland up there, but in the real world of hosting, if one of my customers is burning an excessive amount of CPU cycles, they’re not going to be on one of my shared servers – they’re moving to a dedicated server.  If a site gets enough traffic to warrant VPS or Dedicated hosting, why would you willingly keep them on a shared server? You’re stunting your revenue by 1) allowing high resource customers to pay for shared hosting, even if the cost fluctuates based on their usage, and 2) decreasing your shared server capacity so you end up needing more servers to accommodate users that shouldn’t be on them to begin with.When a server runs out of resources it runs out of resources – whether it’s one server or 10 servers “clouded” together.

Cloud hosting tends to only beneficial to the customer, who is certainly getting the better end of the deal by costing you money.  I’m just going to put it out there that while customers probably like the concept of cloud hosting, most probably have no idea what it actually is, and wouldn’t notice any change in hosting quality from that of a standalone or clustered hosting solution.  So I’m sure you could actually just run their site off a crap dedicated server with 100 other customers and randomly change their hosting bill every month to make it look like they’re getting cloud hosting, then laugh while they talk about how awesome it is to be on the cutting edge of technology.  Heh.

That also brings up a customer service point about cost.  I checked a few pricing points for cloud hosting providers, most of which charge on a percentage of RAM and CPU cycles used per month.  To me, that just screams customer service problems. Most of the time when I try to tell a customer that they are using too much CPU on a shared server, the first thing they do is either deny it, or blame it on us.  You can imagine what would happen if a customer’s traffic quadrupled one month and they look at their bill, suddenly realizing that they were charged more.  A majority of your customers are likely non-technical and therefore not going to understand why their hosting charges changed.

Don’t get me wrong – I’m not against cloud hosting, I just don’t care for it, and I’m tired of hearing about.  If you’re a hosting consumer and looking for hosting and your site is as massive as Google, you could benefit from a dedicated cloud hosting solution. But otherwise, just stick with the simple stuff. Standalone and clustered servers have been used for years, and tend to be very reliable if managed efficiently.

I mean, people thought the iPad was going to be the next best thing but it turned out to be a piece of shit.