It’s useful for ISP’s and email service providers to run occasional RBL checks against their IPs to know when they are being blacklisted by populate CBL services. I’ve written a simple script that utilizes the DNSBL pear library to check against common blacklists, when given a list of IPs in a file.

First, you need to download or install the NET_DNSBL pear module. (Command: pear install NET_DNSBL)

<?php
require_once('Net/DNSBL.php');

$iplist = file("/path/to/iplist");

foreach ($iplist as $ip){

$dnsbl = new Net_DNSBL();

$dnsbl->setBlacklists(array(
'sbl-xbl.spamhaus.org',
'dnsbl.sorbs.net',
'bl.spamcop.net',
'dnsbl-1.uceprotect.net',
'dnsbl-2.uceprotect.net',
'dnsbl-3.uceprotect.net',
'isps.spamblocked.com',
'zen.spamhaus.org'
));

if ($dnsbl->isListed($ip)) {

echo "IP $ip is blacklisted!\n";

}

else {
echo "IP $ip not listed\n";
}
}

?>

Of course, this script can be very easily modified to pull IPs from a database, or assign the $ip variable from a GET or POST request (like from a form or API).  Here’s an exclusive list of some RBL’s you can check against using this script, by adding them to the array shown:

asiaspam.spamblocked.com
bl.deadbeef.com
bl.emailbasura.org
bl.spamcop.net
blackholes.five-ten-sg.com
blacklist.woody.ch
bogons.cymru.com
cbl.abuseat.org    cdl.anti-spam.org.cn
combined.abuse.ch
combined.rbl.msrbl.net
db.wpbl.info
dnsbl-1.uceprotect.net
dnsbl-2.uceprotect.net
dnsbl-3.uceprotect.net
dnsbl.abuse.ch
dnsbl.ahbl.org
dnsbl.cyberlogic.net
dnsbl.inps.de
dnsbl.njabl.org
dnsbl.sorbs.net
drone.abuse.ch
duinv.aupads.org
dul.dnsbl.sorbs.net
dul.ru
dyna.spamrats.com
dynip.rothen.com
eurospam.spamblocked.com
fl.chickenboner.biz
http.dnsbl.sorbs.net
images.rbl.msrbl.net
ips.backscatterer.org
isps.spamblocked.com
ix.dnsbl.manitu.net
korea.services.net
lacnic.spamblocked.com
misc.dnsbl.sorbs.net
noptr.spamrats.com
ohps.dnsbl.net.au
omrs.dnsbl.net.au
orvedb.aupads.org
osps.dnsbl.net.au
osrs.dnsbl.net.au
owfs.dnsbl.net.au
owps.dnsbl.net.au
pbl.spamhaus.org
phishing.rbl.msrbl.net
probes.dnsbl.net.au
proxy.bl.gweep.ca
proxy.block.transip.nl
psbl.surriel.com
rbl.interserver.net
rdts.dnsbl.net.au
relays.bl.gweep.ca
relays.bl.kundenserver.de
relays.nether.net
residential.block.transip.nl
ricn.dnsbl.net.au
rmst.dnsbl.net.au
sbl.spamhaus.org
short.rbl.jp
smtp.dnsbl.sorbs.net
socks.dnsbl.sorbs.net
spam.dnsbl.sorbs.net
spam.rbl.msrbl.net
spam.spamrats.com
spamlist.or.kr
spamrbl.imp.ch
t3direct.dnsbl.net.au
tor.ahbl.org
tor.dnsbl.sectoor.de
torserver.tor.dnsbl.sectoor.de
ubl.lashback.com
ubl.unsubscore.com
virbl.bit.nl
virus.rbl.jp
virus.rbl.msrbl.net
web.dnsbl.sorbs.net
wormrbl.imp.ch
xbl.spamhaus.org
zen.spamhaus.org

PHP has a couple DNS functions you can use to perform record lookups.

Most of us are familiar with the two basic ones – gethostbyname() and gethostbyaddr(), both of which perform a single function – returning a hostname or IP address. Here’s an example of both:

<?php

$ip = gethostbyname("v-nessa.net");
$host = gethostbyaddr("69.174.114.71");

echo "v-nessa.net has the IP $ip, which reverses to $host";
?>

The above will return:

v-nessa.net has the IP 69.174.114.71, which has a PTR of server.v-nessa.net

Similarly to gethostbyname, there’s gethostbynamel which is useful for hostnames with multiple A records:

$ips = gethostbynamel("test.v-nessa.net");
foreach ($ips as $ip => $value){
echo $value . "\n";
}

Will return:

69.174.114.71
69.174.115.243

A more advanced function is dns_get_record, which can pull any valid record for a hostname or IP.  Think about the dig command you use in Unix to find DNS records:

nessa@nessa-desktop:~$ dig +short v-nessa.net A
69.174.114.71

The dns_get_record function works in a similar way, and can obtain the following DNS record types:

DNS_A, DNS_CNAME, DNS_HINFO, DNS_MX, DNS_NS, DNS_PTR, DNS_SOA, DNS_TXT, DNS_AAAA, DNS_SRV, DNS_NAPTR, DNS_A6, DNS_ALL or DNS_ANY.

The following will give you a similar result:

$recs = dns_get_record("v-nessa.net", DNS_A);
print_r($recs);

Will return:

Array
(
[0] => Array
(
[host] => v-nessa.net
[type] => A
[ip] => 69.174.114.71
[class] => IN
[ttl] => 13728
)
)

If you want to obtain multiple DNS types, you can do so by separating the record types with a plus sign:

$recs = dns_get_record("v-nessa.net", DNS_A + DNS_MX);

Will return:

Array
(
[0] => Array
(
[host] => v-nessa.net
[type] => A
[ip] => 69.174.114.71
[class] => IN
[ttl] => 13736
)

[1] => Array
(
[host] => v-nessa.net
[type] => MX
[pri] => 0
[target] => v-nessa.net
[class] => IN
[ttl] => 14145
)

)

You’ll notice that the output is a double array, so to call individual values you can do either of the following:

// will return the IP for array 0 ( A record)

echo $recs[0]['ip'];

// will return results for common records

foreach ($recs as $type => $value){
echo $value[ip] . "\n";
}

Similar to the example above, you can use the DNS_ALL type to show any records available for the hostname, and use a minus sign to exclude certain record types. For example, the below code will return all DNS results for v-nessa.net, but exclude NS records:

$recs = dns_get_record("v-nessa.net", DNS_ALL - DNS_NS );

foreach ($recs as $type => $value){
echo $value[type] . "\n";
}

The following records were returned:

A
SOA
MX
TXT

Here’s a more practical example – a simple PHP DNS lookup script. Say you have a form on your site that allows a user to type in a hostname and select a type of record: A, MX, NS, and TXT. The passed form values are $host and $type, and the below script will accept the variables and output the results according to the record type:

HTML Form:

<form action="dns.php" method="POST">
Hostname: <input type="text" name="host" />
Type: <select name="type">
<option value="a">A</option>
<option value="mx">MX</option>
<option value="ns">NS</option>
<option value="txt">TXT</option> </select>
</form>

PHP Script (dns.php):

<?php

if(!empty($_POST['host']) && !empty($_POST['type'])){

    // Grab variable from form and define valid types

    $host = $_POST['host'];
    $type = strtoupper($_POST['type');
    $validtypes=array("A","MX","NS","TXT");

    // Check that dns type is defined or allowed

    if(!defined("DNS_" . $type) or !in_array($type,$validtypes)){
       echo "Invalid DNS Type!";
    }else{

       $type = constant("DNS_" . $type);
       $rec = dns_get_record($host, $type);

       // Set result types - can be modified by using available elements from $rec array

       switch($type){
             case DNS_A:
                    $recvals=array("Hostname" => "host","Type" => "type", "IP" => "ip");
                    break;
             case DNS_MX:
                    $recvals=array("Hostname" => "host","Type" => "type", "Target" => "target", "Priority" => "pri");
                    break;
             case DNS_NS:
                    $recvals=array("Hostname" => "host","Type" => "type", "Target" => "target");
                    break;
             case DNS_TXT:
                    $recvals=array("Hostname" => "host","Type" => "type", "Record" => "txt");
                    break;
        }

      // Output results

      foreach ($rec as $arr => $num){
             foreach ($recvals as $title => $value){
                    echo $title . " : " . $num[$value] . "\n";
             }
      }

    }
} else {

     echo "Either hostname or record type is missing";
}

It’s of course easy to modify the above code accordingly, and I’m sure there may be better ways to do this. Feel free to post your own code snippets or comments.

This is part third and final part in my PHP command line tutorial series. If you didn’t see parts 1 and 2:

Command Line PHP: Part 1

Command Line PHP: Part 2

More File and Disk Functions

Getting Disk Space and Usage

The disk_total_size and disk_free_space functions can tell you how much disk space you have and how much is available, respectively:

$disksize = disk_total_space("/");
$size = round(number_format($disksize / 1024 / 1024 / 1024, 2));

$diskfree = disk_free_space("/");
$freesize = round(number_format($diskfree / 1024 / 1024 / 1024, 2));

echo "Total Disk Size: $size GB\n";
echo "Free Disk Space: $freesize GB";

Finding Files

A little-known function called glob works sort of like the locate command, in that it will find files that match a certain string, but it only looks in the current folder and is not recursive. For example, the below code will search for all files in the current folder that end with .txt:

foreach (glob("*.txt") as $file) {
echo "$file size " . filesize($file) . "\n";
}

You can also use something like this example to run as a loop and recursively search through folders.

Getting File Path Information

The famous pathinfo function can give you information about a file on your system:

$file = "/etc/php5/cli/php.ini";
if(file_exists($file)){
$info = pathinfo($file);
print_r($info);
}

This will print out an array like below:

Array
(
[dirname] => /etc/php5/cli
[basename] => php.ini
[extension] => ini
[filename] => php
)

Which you can echo out values to and use in your scripts, for example:

$file = "/etc/php5/cli/php.ini";
if(file_exists($file)){
$info = pathinfo($file);
$dir = $info[dirname];
chdir($dir);
echo "Changed directory to" . getcwd();
}

There are also similar functions that will provide the same information, individually:

$file = "/etc/php5/cli/php.ini";

echo "Absolute File Name: " . realpath($file) . "\n";
echo "File Name: " . basename($file) . "\n";
echo "File path: " . dirname($file) . "\n";

This will return:

Absolute File Name: /etc/php5/cli/php.ini
File Name: php.ini
File path: /etc/php5/cli

Some Random Script Fragments and Functions

Prompt a user for input:

fwrite(STDOUT, "Hello...\nWhat is your name? ");
$name = trim(fgets(STDIN));
fwrite(STDOUT, "Hello, $name!\n");

Print out your username and date:

$me = exec('whoami');
echo "Hello, " . $me . " The time is currently " .date("r") . "\n";

Generate random strings and passwords:

echo crypt("mypassword","randomsalt");
echo md5("mypassword");

Random password, variable length:

function randomPass($length) {

$chars = "abcdefghijkmnopqrstuvwxyz023456789";
srand((double)microtime()*1000000);
$i = 0;
$pass = '' ;

while ($i <= $length) {
$num = rand() % 33;
$tmp = substr($chars, $num, 1);
$pass = $pass . $tmp;
$i++;
}

return $pass;
}

$password = randomPass(10);

echo "Your random password is: $password";

List loaded PHP extensions, check is specific extension is loaded:

$extensions = get_loaded_extensions();
foreach ($extensions as &$value) {
echo $value . "\n";
}

if (!extension_loaded('gd')) {
echo "GD extension is not loaded";
exit;
}

Get Server’s CPU Load:

$load = sys_getloadavg();
echo "Current: " . $load[0] . "\n";
echo "5-min: " . $load[1] . "\n";
echo "15-min: " . $load[2] . "\n";

Get PHP memory limit and convert to human-readable format:

function convert($size)
{
$unit=array('b','kb','mb','gb','tb','pb');
return @round($size/pow(1024,($i=floor(log($size,1024)))),2).' '.$unit[$i];
}
echo convert(memory_get_usage(true));

Some Useful Links/Tutorials

Command Line PHP Tutorial
Simple System Maintenance with PHP-CLI – Simple System Maintenance with PHP-CLI
Command Line PHP (IBM)
Running Daemons in PHP
PHP Class for Coloring Command Line Output
PHP Command Line Progress Bar

This post is continuing on my three-part series on command line PHP programming. Missed part one? It’s right behind you. This part will go over command execution and processes.

Command Execution

Let’s start with the basics – you need to execute an arbitrary command from your PHP script. The exec, shell_exec, passthru, and system functions will take care of this for you:

exec("/usr/bin/perl /scripts/myscript.pl");

will do about the same thing as:

system("/usr/bin/perl /scripts/myscript.pl");

and

shell_exec("/usr/bin/perl /scripts/myscript.pl");

So what’s the difference between the three? A little, but not much. The system function will place the output of the command in an output stream, and display the results whether you tell it to or not. However, it’s mostly useful to return a yes or no output (in the form of 1, 0, or -1) based on the exit code of the command it was executing. For example, the below script views the /proc/cpuinfo file and outputs a boolean value on whether the command executed:

$cpuinfo = system("cat /proc/cpuinfo",$exitcode);
echo $exitcode;

I could then use the boolean value to write an if statement, which is more accurate because I’m basing the condition on the output of the command itself rather than PHP returning output based on the fact that the command ran, ignoring errors the command may have posted:

if($exitcode == 1){
echo "Command executed, but finished with errors";
}

The annoying part with the system function though is that it doesn’t suppress the output of the command itself, but rather sends it directly to the output stream. What if you want to format the output of the command? Then you would use exec. Below is an example of using the exec command to list the contents of a folder and only output .tar files (using substr to split the string)

$dir = exec("ls .",$output);
foreach ($output as $file)
{
if (strtolower(substr($file, -4)) == '.tar')
echo "$file\n";
}

The shell_exec function allows you to emulate a shell environment. For example, in Linux you have a choice of shells like sh, bash, and ksh that, allow you to do things such as while loops. Using shell_exec is about the same as using the backtick operator, which is generally how you’re run commands within a Perl script:

$output = shell_exec('ls nonexistentfile 2>&1 1> /dev/null');

// Does the same as

$output = `ls nonexistent file 2>&1 1> /dev/null`l

Finally, there’s the passthru function which, when invoked, immediately displays raw ouput of the command being executed. This is intended for browsers, to display binary data such as images, and not necessarily something you’re use on the command line:

header('Content-Type: image/jpg');
passthru('cat /home/user/public_html/images/image.png');


A Word on Security

A lot of hosts block command execution functions with the disable_functions setting in php.ini or by using safe mode, and for good reason. A lot of malicious scripts contain code with executable functions, and especially when the value of command or argument is passed as a variable, the results can be destructive. Here’s an example of a simple script that lists files, that accepts a folder name as a argument:

$folder = $argv[1];
exec("ls $folder");

We’d have a security problem if someone passed this as the first argument for $folder:

myfolder && cat /etc/shadow

To prevent this, PHP has built-in functions to escape shell arguments and commands, in order to prevent things that could be dangerous:

escapeshellarg: Encloses command arguments in single quotes so the argument is passed as one string:

exec('ls '.escapeshellarg($folder));

escapeshellcmd: Escapes characters that can be used to trick a shell command (like the && I used to execute cat)

Process Management & POSIX

PHP has internal  functions that allow you to manage processes, such as proc_open, proc_close, etc. However, I admit that these tend to be difficult to learn an understand, while posix functions tend to do the job with less hassle.  Posix functions are basically system-level functions. In the below script, I’m going to change the user that the script runs as, view simple information about the process, then start a counter to 1 million but kill it when it reaches 50:

$user = posix_getpwnam($vnessa5);
posix_setuid($user['uid']);
posix_setgid($user['gid']);
$pid = getmypid();

print_r(posix_times());
echo "Script owner: ". get_current_user() . "(" . getmyuid() . ")\n";
$i=0;
while( $i < 10000000 ){
$i++;
if($i == 50){
echo "Reached 50 - killing!";
posix_kill($pid,1);
}
}

Similarly, posix_getpid and getmypid do the same thing. If the script is a child of another process, you can get the parent process’s ID with posix_getppid. The getrusage function can also be used to get more informative information than posix_times. To kill a process, you can see I used posix_kill, with the process ID and exit code as arguments. This is what happened when I ran the script:

Array
(
[ticks] => 1279790432
[utime] => 0
[stime] => 0
[cutime] => 0
[cstime] => 0
)
Script owner: root(0)
Reached 50 - killing!Hangup

Keep in mind that in most situations, using die() to bail out of a script is more appropriate that using kill. I could rewrite that part of the code to say this instead:

die("Reached 50 - Bailing out!);

I also found a nice post on running background processes, that you might want to check out here.

Environmental Variables

Environmental variables tend to be a major part of command line scripting, and is something that is part of PHP as well. Let’s start with defining an environmental variable with putenv and retrieving it with getenv:

putenv("PATH=/fakebin");

if(!exec("test testdir")){
echo "Could not execute test - path is " . getenv('PATH') ;
}

In the above script, I set the $PATH environmental variable to /fakebin, so when I went to execute the ‘test’ command (which is a valid Linux command located in /usr/bin/test), the scirpt could not find it since the command was not in /fakebin. This is about the same as setting the $PATH environment in a user’s .bashrc file. Keep in mind that the variable change lasts as long as the script does – after the script exits, the environmental variable is returned to its normal state. You can use getenv to pull any environmental variable, similar to the $_SERVER superglobal.

A nice function for getting information about the current server is php_uname. You use it about the same way as the uname command in Linux:

echo php_uname();

Will return:

Linux server.v-nessa.net 2.6.18-028stab064.7 #1 SMP Wed Aug 26 13:11:07 MSD 2009 x86_64

You can further filter the output using the same arguments as uname, for instance, if I only need the server name:

echo php_uname(n);

PHP 5.3 also introduces a void function called gethostname which will get the hostname of your machine as well.

The Server Superglobal

The $_SERVER superglobal is used to get environmental variables pursuant to the server and environment for the script you are running.  While it’s normally used in web applications, some of the values can be used for command line scripts as well:

echo "This file's name is " . $_SERVER['PHP_SELF'];

So you’ve made it part two of the series. Stay tuned for part three, which will go over specific system-level tasks and functions, with useful code snippets.

Next: Command Line PHP: Part 3

PHP isn’t just for websites anymore. In fact, almost every script I’ve written to perform server-side functions is either written in bash or PHP, rather than Perl or Python as preferred by my colleagues. It’s a common belief that PHP isn’t suited for CLI programming since it’s mainly used in web applications, but PHP has over a hundred functions specifically intended for system management.

These kinds of posts can be rather lengthy, so I’m making this into a series with three parts.  Part 1 will go over the basic filesystem functions. You can find a complete listing here, but I’ll just go over a few of the more important and common ones.

The hashbang

As with any CLI script, the first line of your PHP script should contain the executable binary for PHP. You can usually find this by running:

which php

On my server the location is /usr/bin/php, so here’s the first line of my script:

#!/usr/bin/php

If you installed PHP in a custom location, you’ll need to specify that binary instead. You can also specify command line options like -f, -c, etc.  Then set the permissions of your script to 755 to allow it to execute.

Accepting arguments with PHP

A major part of CLI scripting is the ability to accept arguments. For this, we’ll write a simple script called asl.php which will parse my name, sex, and location as arguments:

[nessa@server] ./test.php 23 female virginia

Here’s the script:

#!/usr/bin/php
<?php

print_r($argv);

?>

The $argv variable is native, and parses as an array. So running this script will produce the following output:

Array
(
[0] => ./asl.php
[1] => 23
[2] => female
[3] => virginia
)

So if I only wanted to echo out my age, I can use the following code:

echo $argv[1];

If you notice, there are four values instead of the three that I passed. As with most scripting languages, PHP considers the filename as the first (0) variable. To remove the first variable, use the array_shift function:

array_shift($argv);

This means now that using value #1 as shown in the example above will output “female” instead of 23, making the command line order more correct, but this tends to be confusing for some people since it makes the first value 0 instead of 1. I usually prefer NOT to shift the array unless having the file name in there is going to adversely affect the intended functionality of the script.

From here ( keeping in mind that I’m not shifting the array anymore), I can assign the arguments to variables and access them from the script:

$age = $argv[1];
$gender = $argv[2];
$location = $argv[3];
// echo out the values
echo "Hello, I am $age-year-old $gender from $location";

In some cases you may want to validate the number of arguments passed, or what they contain. For instance, the below example is requiring that all three variables are passed (however, the code says four, since you have to include the script name as the first “argument”, as mentioned before):

if ($argc != 4) {
die("Usage: asl.php <age> <gender> <location>\n");
}

You can of course specify less than (<) or greater than (>) values operators.  In the next example, I want to make sure that the “age” argument is a number:

if (!is_numeric($age)){
die("$age is not a number");
}

I’m sure by now you get the idea =)

PHP File and Folder Management

Creating files and folders, and checking their accessibility

Continuing my above example, I want to end up with a file in /opt/app/users called “users.txt” that contains a list of all the output of asl.php. I first need to see if  /opt/app/users exists using the is_dir function, and if it doesn’t, create it with mkdir, then enter into that directory with chdir:

$dirname = "/opt/app/users;
if(!is_dir($dirname)){
mkdir($dirname, 0755);
}
chdir($dirname);

What if /opt/app doesn’t exist and I need to create the entire structure? The mkdir function has a recursive flag that is set to false by default, but can be enabled as so:

$dirstructure = "/opt/app/users";

if (!mkdir($dirstructure, 0, true)) {
die('Failed to create folders!');
}

Now that the folders are created and verified, I use file_exists and is_readable to make sure that my users.txt file is there and can be seen. If not, we’ll use one of the file functions to create it:

$cwd = getcwd();
$filename = $cwd . "/users.txt;
if(file_exists($filename) && is_readable($filename)){
echo "File Exists and is readable";
}else{
echo "File does not exist or is not readable";
touch($filename);
}

If you notice, I added the getcwd function to look for a file called users.txt in my current directory. If you need to see whether a file is executable instead of readable, you can simply use the is_executable function, or to see if it’s writable, use is_writable:

$filename = '/opt/app/users/users.txt';

if (!is_executable($filename)) {
echo $filename.' is not executable';
}
if (!is_writable($filename)) {
echo $filename.' is not writable';
}

Note that the result of these commands is based on the user running them. For instance, if the file is owned by the user root and is set to 600 permissions (root read/write only), but the user ‘user1′ is running the script, the tests in the above lines of code will fail since that user does not have permissions to the file in question.

Creating and deleting files

There are a few functions you can use to create files with PHP. Here are the most commonly used: fopen, file_put_contents, touch, If you want to delete a file, simply use unlink.  In the below example

$filename = "/opt/app/users/users.txt";
unlink($filename);


Unlink is not to be confused with the opposite of symlink, which creates a symbolic link  (shortbut) between files:

symlimk("/opt/app/users/users.txt", "/home/nessa/Desktop/users.txt-shortcut");

And rmdir will remove a folder:

if (!is_dir('temp')) {
mkdir('temp');
}
rmdir('temp');

Writing to files

The most common way to write to files is using the fopen function. Using my original example, asl.php is going to write the values of the arguments to a file called users.txt:

$filename = "/opt/app/users/users.txt";
$fh = fopen($filename, 'w') or die("can't open file");
$data = $age . $gender . $location;
fwrite($fh, $date);
fclose($fh);

Reading contents of a file

If you want the script to read the file, you can use a number of function such as readfile, file_get_contents, fopen, fread, and file. The actual function you would use depends on what you’re planning on doing with the data. If you simply want to display the contents of the file as a string:

$filename = "/opt/app/users/users.txt";
$data = file_get_contents($filename);
echo $data;

Will display:

23 female virginia

If you need a more programmatic way of displaying the data, such as reading each column as a set of values (like if you’re inserting all this into a database), you’d use the file() function which will load the contents of the file into an array. Here’s a simple loop that echoes out each line in the file:

$filename = "/opt/app/users/users.txt";
$lines = file($filename);

foreach ($lines as $line_num => $line)
{
print "{$line_num} : " . $line . "\n";
}

Reading contents of a folder

You can use the opendir function to run a loop and read the contents of a folder:

// open the current directory by opendir

$dirname = "/opt/app";
$handle=opendir($dirname);

while (($file = readdir($handle))!==false) {
echo "$file \n";
}

closedir($handle);

Changing permissions and ownership:

In the above example where I was checking to see if the file was readable, I didn’t actually specify anything to address permissions – instead, I just created the file. To change the permissions or ownership of files, you can use the chmod and chown functions.

$filename = "/opt/appf/users/users.txt";
$username = posix_getpwuid(fileowner($filename));

// Get the octal value of permissions
$perms = substr(sprintf('%o', fileperms($filename')), -4);

if($username[name] != "nessa" && $perms != "0755" ){
chmod($filename, 0755);
chown($filename, "nessa");
echo "Permissions fixed";
}else{
echo "Permissions are correct";

If you want to change the umask (that is, the default permissions of files created by the script), you can use the umask function – which actually revokes permissions instead of setting them.

Copying, moving, and renaming

Say I want to rename the /opt/app folder to /etc/app. I’d use the rename function as so, validating on whether of not it was renamed successfully:

if(!rename("/opt/app","/etc/app")){
echo "Rename failed";
}

You can also use the copy function to copy files, noting that if the “new” file or folder already exists, it will be overwritten.

if(!copy("/opt/app","/etc/app")){
echo "Copy failed";
}

User and File information

Getting user and group data

The fileowner function as shown above will return the UID of the file, but I specified the username. You can use posix_getpwuid to return an array with the user’s information in a more usable format:

Array
(
[name] => nessa
[passwd] => x
[uid] => 1000
[gid] => 1000
[gecos] => Vanessa V.,,,
[dir] => /home/nessa
[shell] => /bin/bash
)

So you can simply echo out the array values of $username based on the keys. For example, to get the shell of the user in the above example, simply echo to the ‘shell’ key from the $username array:

echo $username[shell];

If you want to get group information for a file, you can use the same method, but with filegroup and posix_getgrgid:

$filename = "/opt/app/users/users.txt";
print_r(posix_getgrgid(filegroup($filename)));

Getting file information

You can also get information about a file using the stat or fstat functions, which return the results to an array:

$filename = "/opt/app/users/users.txt";
$stat = stat($filename);
print_r($stat);

Will return a giant array of information for the file. If you only want to return one value, say, the size, echo it out like you would a normal array:

echo $stat[size];

So here we’ve finished the first part of PHP command line scripting, which covered the use of files, folder, and users. The next parts will go over command execution and process management.

See: Command Line PHP: Part 2, Command Line PHP: Part 3

I don’t know about you other cPanel system admins out there, but I find WHM to be very useful for the more advanced and time-consuming tasks, such as installing SSL certificates. However, the easy stuff like changing an account’s package and resetting passwords is a royal pain in the ass as far as convenience is concerned when you have to log into WHM, list accounts, and make whatever change.

I recently became favorable towards the WHM XML API functionality which will let me do a majority of the everyday account-related tasks from command line without ever opening my browser, which is a lot easier when managing thousands of users across multiple servers. Below are a couple scripts I’ve put together using the XML API from a base script in the cPanel forums:

Change account password

Change account package

Both are run via command line, and the arguments passed to the PHP script as variables. For example, to change an account’s password:

./chacctpass myuser mypass1234

Customizing these scripts to perform different functions is easy via the following steps:

- change if ($argc != 3) to the number of command line arguments you wish to pass to the script plus one. In the above example there are two arguments and since the script name counts, add one and that makes 3.

- in the section where the arguments are assigned to variables (like $cpuser, etc), name your variables. The first one should have an array value of 0, then 1, 2, etc.

- edit the usage example, which will come up if the required number of arguments is not provided…you can add any text you like

- if you’re using a hash (which is more secure than user/pass authentication), go fetch your remote access key from WHM and put it in the $hash value within quotes, format intact. Otherwise, put in your WHM user’s username and password

- change the $server variable to your server’s hostname

- change $apipath to the WHM path for the function you are using. You can find a whole list of them here, and most will give you the path to use in the examples sections. In the API path, insert your variable names where the values are suppose to be. For instance:

$apiPath = “/xml-api/passwd?user=myuser&pass=mypass1234″;

Would be:

$apiPath = “/xml-api/passwd?user=$cpuser&pass=$newpass”;

In the header section, uncomment whichever $header .= “Authorization: line that matches your authentication method (user/pass or hash)

Once you’ve configured your API script, chmod to 700 and run from the command line as show in my example. It’s better to lock down the script by changing its ownership only to the user that will be using it, and not giving read, write, or execute permissions to anyone else.

Note: for these scripts to work you have to have PHP compiled with OpenSSL support, otherwise change the socket variables to http over port 2086.

I have this recurring nightmare of PHP apps that don’t trim whitespace when entering info. As a habitual copy and paster, it would be nice if some programmers could tend to my laziness and reluctance to type. Yes, Tony, I’m talking about you. Ever hear of the trim() function? Yea, it’s the Brazilian wax of PHP you inconsiderate bastard.

$text = "some text with extra spaces ";
$trimmed = trim($text);
echo $trimmed;

I’ll eventually get the whole thing up here, but I’ve been working on a simple server info script to help me and the other members of the system admin team keep up with the gazillion servers we have and all their different configurations. One of the reasons it’s taking so long (aside from my recent alcohol binges) is that it has to be portable to every server without the need for specific modifications, regardless of their setup. This eventually calls for using a simple if statement and empty() function to decide what info to output. Really, it’s so easy that I don’t even know why I’m posting it, but it kinda supplements this and this.

I’ll take the Ruby example I used earlier to find out what version of Ruby is installed:

$rubyver = exec("ruby -v |awk {'print $2'}"); ?>

Most of our servers don’t have Ruby installed, so I instead of getting an ugly ass error or nothing at all, I’d rather the script gracefully output its absence:

if (empty($rubyver)) {
echo "<font color='red'>Ruby is not installed on this server</font>";
} else {
echo "Ruby Version $rubyver";
}

This code fragment will check the output of the $rubyver variable, so if Ruby is not installed then the variable will return no value. Since the variable is then considered empty, the first echo statement is executing telling the viewer that Ruby is not installed on the server. If Ruby is installed on the server, then the second echo statement will run.

I’m going back to the basics here, you know, when you wrote your first PHP script and saw an ugly-ass error message pop up on your screen? Error messages are the best tool a programmer has.

Set up Error Reporting

Most PHP errors are straight forward, but there are times where you don’t see any which makes it very difficult to tell what the problem is.

The first step of PHP troubleshooting is to turn error reporting on. For security reasons you’ll want error reporting off by default, but if something goes wrong you’ll need the information for debugging. You can usually enable error reporting by adding this line to the problem script:

<?php error_reporting(E_ALL) ?>

Or you can add these lines to the root .htaccess:

php_flag display_errors on
php_value error_reporting 6143

This will usually display an error useful for troubleshooting, that is, if the software and your server configuration allows it.

Parse Errors

Parse error: parse error, unexpected T_STRING in……

This is a syntax error. Perhaps you forgot a semi-colon at the end of a line, or you forgot a double quote (“) or an end bracket (}) after you started one. For quote and semicolon issues, the problem is usually the line above the one reported in the error. For brackets, it may be at the end of the script.

Parse error: syntax error, unexpected $end in

You’re most likely missing a } somewhere. Make sure that each { you have is also closed with a }.

Parse error: syntax error, unexpected T_STRING, expecting ‘,’ or ‘;’ in..

There may be double quotes within double quotes. They either need to be escaped or brought to single quotes. It’s also possible that a new PHP statement was started before the previous was finished.

Header Errors

Warning: Cannot add header information – headers already sent by (output started at /home/vnessa5/www/errors.php:9) in….

Warning: Cannot send session cache limiter – headers already sent in somefile.php on line 222

Naturally, HTML will parse before PHP. The script is trying to send header information after you’ve already sent output to the browser. HTTP headers are required to be sent before any output from your script, which means that a header function must be placed before any html or even a white space. There are two solutions for this. Either (1) Set the header tags the top of the document, or (2) insert a header redirect by adding this to the very top of the page to force the output buffer:

<?php ob_start();

Then this at the very end of the page (not usually required)

ob_end_flush(); ?>

mySQL Result Source Errors

Warning: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in…

You need to take a look at the $result variable used to define the loop. More than likely there is a syntax error on the reported line before the $result field, or the value of $result does not exist.

Supplied argument is not a valid stream resource…

This is usually caused when your code is looking for a table or other resource in the database that does not exist.

Sessions are not being created or maintained

This can apply to any of the scenarios below:

(1) The program isn’t remembering your login
(2) Your shopping cart won’t hold items
(3) Your php script is redirecting like crazy
(4) “Call undefined function session_start” error
(5) PHP isn’t processing pages called by something like index.php?page=home&id=7

Your site is most likely dependent on register_globals. You can enable them by putting this line in your .htaccess (or just enabling in your php.ini if you have access):

php_flag register_globals On

Stream Errors

Warning: failed to open stream…

Warning: main(/index.php): failed to open stream: No such file or directory in…

This is usually because either the specified file is missing, or a file declared in a require() or include() function is missing. The easiest way to fix this is by re-installing the PHP program from a freshly-uploaded copy, or restoring the original config.php and just changing the db information. The include path may also be incorrect, but either way your script is looking for a file that isn’t there, or it is looking in the wrong place.

Warning: fopen(…): failed to open stream: Permission denied in…

This is a permissions and/or ownership issue. Try first setting the permissions to 777 just to see if the script will run. If so, you should narrow down the permissions to 775. If not, set the user/group to user:nobody.

Warning: <…> is not a valid stream resource…

Warning: fread(): supplied argument is not a valid stream resource in…

This is an error seen when trying to use functions like fopen(), fread(), feof(), etc. and are usually caused by an invalid or unavailable resource that is being called in the line specified. For instance, if the fread() function is returning this error, it could be that the file it is trying to access does not have the correct permissions or does not exist.

Warning: Failed opening….

Warning: Failed opening ‘…’ for inclusion (include_path=’.:/usr/local/lib/php’) in Unknown on line 0

Make the sure that the file mentioned (and its holding directorie) has read + execute permissions, and that the path to the file is correct. If not, you’ll need to add the path into the PHP code: (or .htaccess)

include(“/path/to/files”);
Blank PHP Pages

You go to a .php page, but it’s blank.

The scope of what can cause blank pages is very broad, but there are a few things to look at:

-Is error reporting turned off anywhere in the script or in the .htaccess? If so, turn it on to see what is happening (php_flag display_errors on), or add the lines at the top of this page into the script.

-Is the PHP script even generating any output (usually you can tell my finding the print function?

-Check the database connection, i.e, username, dbname, user added to db, etc.

-Try using the full <?PHP ?> tags, rather than the shorter versions <? ?>

Also, if the software is prebundled (like phpBB or Gallery), then the index or one of the include pages could be corrupted. Usually you can just replace the problem page with a working version from another installation.
Max Execution Time Error

You receive some variant of a “Max_execution_time” error when loading a page.

This is caused when a PHP script takes longer to execute than the server allows, but can be adjusted by adding a PHP directive to your .htaccess: (in seconds, 0 = unlimited) or modifying the value in php.ini.

php_value max_execution_time 0

Open_basedir Errors

Warning: Unknown(): open_basedir restriction in effect.

This is a protective feature of Apache that restricts PHP from accessing files/folders outside the user’s home directory. Most of the time this is due to an incorrect include path in one or more of the config files (which are usually mentioned). Look for something like this:

/includes/somefile.php
/admin/files/anotherfile.php

The heading / tells the filesystem that these folders are on the server root, and thus prevents PHP from accessing them. You can usually fix this by changing the path to these files to be absolute to their location:

/home/username/public_html/includes/somefile.php

or

./includes/somefile.php

We seriously see a ton of customers coming in with the type of databases that are a nightmare to move over. When you’re dealing with special characters in a database, you have to make sure that the charset and collation are dumped *with* the database, so that when you move it to another server the tables and data create properly. The biggest annoyance so far is converting tables back to UTF-8, as when this is done through the MySQL shell or phpmyadmin is had to be done table-by-table. So, I wrote this simple PHP script to do it all at once:

<?php
// Database info

$dbhost = 'localhost';
$dbuser = 'db_user';
$dbpass = 'password';
$dbname = 'db_name';


//---------------

header('Content-type: text/plain');

$dbconn = mysql_connect($dbhost, $dbuser, $dbpass) or die( mysql_error() );
$db = mysql_select_db($dbname) or die( mysql_error() );

$sql = 'SHOW TABLES';
$result = mysql_query($sql) or die( mysql_error() );

while ( $row = mysql_fetch_row($result) )
{
$table = mysql_real_escape_string($row[0]);
$sql = "ALTER TABLE $table DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci";
mysql_query($sql) or die( mysql_error() );
print "$table changed to UTF-8.\n";
}

mysql_close($dbconn);
?>

If course, you can adjust the ALTER TABLE statement to any character set and collation that you need.