phpacademy.org Offers FREE PHP Tutorials

Posted by Nessa | Posted in uncategorized | Posted on 31-03-2011

4

There’s a new site out there that’s offering high quality PHP video tutorials – for FREE!  All you PHP gurus, check out phpacademy.org.  They currently have over 200 PHP and MySQL tutorials for both beginner and intermediate users.  Unlike other PHP tutorial sites, phpacademy is unique because the tutorials are all on video, so there’s less boring reading.  Did I also mention that it’s free?

Head on over and check them out, feel free to post comments and reviews here!

Command Line PHP: Part 3

Posted by Nessa | Posted in uncategorized | Posted on 25-05-2010

4

This is part third and final part in my PHP command line tutorial series. If you didn’t see parts 1 and 2:

Command Line PHP: Part 1

Command Line PHP: Part 2

Command Line PHP: Part 2

Posted by Nessa | Posted in uncategorized | Posted on 21-05-2010

3

This post is continuing on my three-part series on command line PHP programming. Missed part one? It’s right behind you. This part will go over command execution and processes.

Command Line PHP – Part 1

Posted by Nessa | Posted in uncategorized | Posted on 18-05-2010

15

PHP isn’t just for websites anymore. In fact, almost every script I’ve written to perform server-side functions is either written in bash or PHP, rather than Perl or Python as preferred by my colleagues. It’s a common belief that PHP isn’t suited for CLI programming since it’s mainly used in web applications, but PHP has over a hundred functions specifically intended for system management.

These kinds of posts can be rather lengthy, so I’m making this into a series with three parts.  Part 1 will go over the basic filesystem functions. You can find a complete listing here, but I’ll just go over a few of the more important and common ones.

8 Steps to Starting a Free Online Service

Posted by Nessa | Posted in uncategorized | Posted on 28-03-2010

0

Working in the web hosting industry, I come across a lot of interesting sites and not surprisingly, I’ve found that a good number of new site owners have at least one of two goals in mind – to become well-known on the Internet, or to make money…sometimes even both.  It’s also not surprising to find out that less than an eighth of the people that have these goals will never meet them.

One of the more common trends I’ve noticed is the creation of free services.  No individual wants to pay for using things on the Internet nowadays, and anyone who has a choice between a paid and a free service will consider the free choice first.  Offering a free service also may mean big bucks for you in the long run, so if you were thinking about enhancing your presence on the Internet by offering a service, here are some tips to help get you started.

1) Come up with a solution

People turn to using services because they provide some kind of value that can help or solve a real-life issue. For instance, Mint.com offers free financial planning services. Facebook and MySpace offer social networking to help you keep in touch with other people. These services were unique to their time, which is why they are so popular – and now millions of people use them.  The first thing you should think about when starting any new service is what you can offer for people that may have a dilemma or need for efficiency. Stuck?  Carry a mini notebook around and jot down things that you do on a daily basis, then look back and think: Is there something on this list that would be easier to do or track if there was a something out there to help me out?  Also, don’t waste your time trying to clone free services that already exist unless you’re prepared to offer something that they don’t.  Instead, focus on coming up with something unique.

2) See what’s already out there

When I was in technical support, I would come across at least two customers every week that appeared to be starting some kind of social networking site, and some even admitted that they’re trying to launch the next MySpace.  Let’s get a reality check here – most of the popular social networking sites out there have been around for years and by now have millions of users, and are endorsed by multi-billion dollar companies.  You’re not going to have the next eBay or Youtube, so don’t waste your time trying.   When there are already hundreds of services offering the one that you’re trying to launch, you really need to know what you’re doing if you plan on being successful at reaching your target audience.  Your best bet at success is offering something that no one else does.

Instead, again, focus on bringing something new to the table or improving a service that isn’t as readily available.  One of the best ways to get attention for a free service is basing it off a paid one that is at least moderately successful.  The simple concept of something being free will entice your targeted audience to at least try it.

3) Figure out how you’re going to do it

Listen here, dreamer – if you want people to use your service, you have to do some a lot of technical planning.  Depending on what kind of service you’re starting, you may end up needing a design and custom content management software for your website, neither of which comes easy or cheap.  If you’re tech-savvy, expect to spend at least 10 hours a week for several months on development alone. If you’re not a technical person when it comes to programming and site design, well, let’s hope you have quite a bit of money saved up.

But – don’t just start throwing a bunch of junk together. You need to site down with a pencil and paper and plan out all the major aspects of your website before you get started.  This tends to be the most time-consuming part of the entire process if you’re doing this all yourself, because you have to think about how everything is going to tie together as far as programming, layout, and security.  Then there’s the actual doing of all this, which takes even more time.  Be aware of exactly what you’re needing and how long it’s actually going to take. Once you have a plan, start on it as soon as possible.  It helps to make an outline of what needs to get done, and then set deadlines for those items.

4) Think about maintenance

Running a service doesn’t end at its launch, that is, if you want your users to continue using it.  You need to think about how you’re going to support and maintain your service – your users may try to contact you every so often if they need help, or the site itself may eventually need maintenance and updates performed.  If you don’t think you’re going to be able to maintain the site yourself, see if you have any friends that will be willing to help out. Depending on how successful your service ends up, you may eventually need to hire staff members to help you maintain the site.

5) Make it free for them, but profitable to you

You’ll want to make all this worth your time, otherwise you’ll probably end up giving up.  Free services are almost always supported by paid ads, which offer a per-click or per-sale incentive for you.  Always consider putting ads or endorsements on the site that will bring in money, but make sure they are relevant to what your service is offering and they don’t affect the usability of the site.  Search places like Commission Junction for affiliate programs or other services that you think your users will find helpful. Either way, find ways to make your site profitable, whether it be supported by ads, or giving the option for users to upgrade to a paid service that offers a few more features.

6) Cover your ass

Believe it or not, people can pretty much be sued for anything nowadays, regardless of how stupid it is.  I’m not saying that you need to hire a lawyer, but you need to make sure your bases are covered when it comes to dealing with people that are either just out for money, or want to take things to the extreme by holding you accountable for their problems. Anytime you offer a service, you’re going to have people who are not satisfied.  Therefore, you’ll want to draft a Terms of Use and/or legal document on your site specifically stating that you’re not responsible for what your users do, or how your service works.  Basically, don’t offer any kind of guarantee, and let your users know that they are using your service at their own rish.  The exception is in cases where personal information is stolen, as if you obtain and store such information on your site you are responsible for its security.  That also brings up the point that you should avoid obtaining personal information for your members that isn’t necessary for then to use your site.  If you do have to obtain such information, take a few extra steps to secure it and cover yourself against liability by encrptying information and getting PCI certified by a trusted provider.

7) Make it known

You need to get the word out about what you’re trying to do, and set it up far enough in advance to where people are actually looking forward – and waiting anxiously – to using your service. This means using Twitter, Facebook, and other social media networks to tell everyone about the site, and reach out to other blog owners that may be interested in posting about it.  You’ll want to start letting people know about it at least 2-4 weeks before your expected launch date.  Your site should have a visually-friendly page up indicating what services and features you will offer, when they will be available, and that it’s free.  It may also be worth setting up a mailing list that people can opt into so they are notified of updates, and purchasing ad space on more popular sites, which can eventually pay off if your service is a success.

8) Stick with it

One of the hardest parts of starting anything is sticking with it. In this case, you may be looking at a project lasting six months to well over a year.  If you think about giving up, motivate yourself by thinking about how much money you’re going to make, or how you’re going to be helping people.  If you find yourself in a bind, consider getting help or making your goals a little more realistic.

Simple API Writing, Part I

Posted by Nessa | Posted in uncategorized | Posted on 09-02-2009

8

A lot of people don’t realize how easy it is to write an API with PHP. It really is as easy as having a simple PHP script accepting GET variables, and when you add in some security, you can pretty much do anything you want with a single script that accepts variables from any authenticated source.  So a little while ago I posted about the new cPanel XML API and how to integrate that with your own scripts – well now, I’ll use that as an example to show you how to write an API for their API, a.k.a, an API connector.   Though in real applications you wouldn’t need an API, all you’d need is a PHP script that accepts GET or POST input to perform some kind of action. In this example, we’ll have a script that automatically adds DNS zones to a nameserver that runs cPanel as well.

Most APIs do the same thing – you have a script, then that script accepts post/get variables, then does something.

The Interface (addzone.php):

You guy remember the one I posted a while back – well, we’ll use the same one only a tad different.  This is the script that runs statically on the server, which accepts the variables passed through the URL:


<?php
// API for adding a DNS zone to ns cluster
$isinclude = “1″; // specifies $isinclude for xmlapi.php
// GET & POST definitions

$key = “098f6bcd4621d373cade4e832627b4f6″;
$domain = $_GET['domain'];
$ip = $_GET['ip'];

// Validation – make sure that we have the right information

if($_POST['key'] != $key){ echo “Invalid key!!”; die(); }
if(empty($domain)){ echo “Domain value missing!!”; die(); }
if(empty($ip)){ echo “IP Value missing!!”; die(); }

$theServer = “ns1.v-nessa.net”; // the server to connect to
$apiPath = “/xml-api/adddns?domain=$domain&ip=$ip”; // the xml api path

$user = “root”; // use to connect to whm as

// ns1 hash (whm > remote access)

$rhash = “e9917f16b3fda69137192725a06b68e7
230e99fd445473807e33d637878641a5
–edited out for sake of length–
f673567ab443acedc77f9aec62ff953f”;

// Include the API connector
include(“xmlapi.php”);

// Output XML Result
$xmlObject=simplexml_load_string($xmlresult);

echo $xmlObject->result->statusmsg . “\n”;

?>

The file that is called via include() is the basic xml function file which constructs all of the variables from the outser script (shown above).  You can get a copy of of xmlapi.php from here, but for this example you need to comment out the output.

Now all we need to do is pass the variables that the script needs in order to know what information to process, which is $ip and $domain.  Therefore, in order to successfully call this API, you would enter the following in a browser:

http://v-nessa.net/api/addzone.php?domain=test.v-nessa.net&ip=205.134.252.71

This will pass the ‘domain’ and ‘ip’ variables to addzone.php, which uses the XML API to connect to WHM and add a dns zone on the nameserver ns1.v-nessa.net.  This is a problem though – what’s to keep outsiders from finding this and abusing it?  Well, there are several forms of non-interactive authentication you can use, such as:

  • Have an allow list of ips that can access the script (look up environmental variables at php.net)
  • Requiring a key or token

I generally use a key, though there are better ways to do this.  The way I’m about to show you is simple and secure, but slightly limits the way your API can be called.

First, I generated an md5 hash and defined it in the scipt (remember $key = “098f6bcd4621d373cade4e832627b4f6″; ?).  Then all I need to do is make sure that key is used whenever I call the API. Notice that in addzone.php it’s defined as a POST variable?  That is mainly for preference but you can just as easily make it a GET variable and just add it to your URL line.  Here I want it to be posted, so I can call the API through cURL as follows:

curl -k http://v-nessa.net/api/addzone.php?domain=test.v-nessa.net&ip=205.134.252.71 -d key = “098f6bcd4621d373cade4e832627b4f6

And there you have it! A very simple way to write an API using POST and GET.


How to Add Services to Chkservd

Posted by Nessa | Posted in uncategorized | Posted on 28-06-2008

4

.!.
.!.

Chkservd is the service in cPanel that checks to make sure that services are running, then restarts them if necessary. It’s also responsible for the ‘Service Manager’ section in cPanel, which is an interface where added services can be easily checked on and off.
To add a new service, create a line in /etc/chkserv.d/chkservd.conf in the same format as the others:

service:1

1 means the service should be enabled, 0 means it’s off.
In /etc/chkserv.d each service has its own file. Create a file called as the name of the service you are monitoring. The contents of the file are in the format of:

#SERVICE = PORT, SEND, RESPONSE, RE-START COMMAND

There are two ways that cPanel checks services with chkservd:

  • Connection-based monitoring – By default, cPanel will try to connect to the service’s specified port, issue a command, and if a response is received within 10 seconds it will consider the service to be online. For instance, FTP:
service[ftpd]=21,QUIT,220,/scripts/restartsrv_ftpserver
  • Process-based monitoring – cPanel will check for a specific process to determine whether it is online. For instance, named:
service[named]=x,x,x,/scripts/restartsrvr_bind,named,named|bind

If you have more than one restart command, you can separate them with semicolons in order of preference that they should be run. Output of these commands will be logged to the chkservd.log
After you’ve created the service’s configuration file, restart chkservd:

/etc/init.d/chkservd restart

You should then see the service listed in WebHost Manager in the ‘service manager section’
Chkservd logs are in /var/log/chkservd.log. Checks are done every 8 minutes, and everyone online service gets a +, offline services get a -. If the service is determined to be offline, the restart command(s) specified in that service’s chkservd configuration file is issued and the output is logged.

If you don’t even have chkservd installed, it’s probably missing and you need to install it.

Alternative PHP Caching FTW

Posted by Nessa | Posted in uncategorized | Posted on 27-06-2008

4

.!.

We get a TON of requests for the PHP APC pecl module because after having adopted suPHP into our configuration, eAccelerator is worthless. It’s quick to install, and especially if you’re running suPHP or phpsuexec, each user can maintain their own settings within their local php.ini without me having to do anything — basically the best thing that a lazy system admin can ask for.

Soooo, here’s how you install it:


wget http://pecl.php.net/get/APC-3.0.17.tgz
tar -xvzf APC-3.0.17.tgz

phpize
./configure && make && make install

Then just add “extension=/apc.so” to your php.ini and you’re done. With PHP under Apache this will load the APC module for everyone, but for suPHP users you’ll need to add it to their php.ini which will also allow them to modify their own APC settings. These are the ones I recommend using:

apc.enabled = 1
apc.shm_segments = 1
apc.shm_size = 30
apc.optimization = 0
apc.ttl = 7200
apc.user_ttl = 7200
apc.num_files_hint = 1000
apc.mmap_file_mask = /tmp/apc.XXXXXX

Now, if you want to get even sexier with it I came across this little tool that monitors the performance of APC on your server.

Dual Monitor Setup in Ubuntu 7.10, ATI Radeon

Posted by Nessa | Posted in uncategorized | Posted on 12-06-2008

4

The company just bought our department brand hooked up PC’s that include ATI Radeon dual output graphics cards with massive monitors.  This is probably the only time I’d willingly admit that Windows came out ahead, as I spent a good 2 days trying to get my dual monitors to work with Ubuntu.  I finally got it figured out and I’m embarrassed to say that the answer was in front of my the whole time — a fucking GUI!  Anywho, those of you who are having trouble with this as well, here’s what I did to make it work:

My setup:

  • Dell Vostro 200, Dual Core Intel CPUs, 2 Gb RAM
  • ATI Radeon HD 2400 dual output graphics card (both monitors plugged into card)
  • Two Dell 17” monitors

So first, shimmy over to http://ati.amd.com/support/driver.html and select your distro and card model, and download the file to your desktop.

In Terminal, chmod +x ati-driver-installer-<version>.run

Select Linux x86 installation, automatic

After the installation is complete, run:

sudo aticonfig –initial

Reboot.

After reboot, run fglrxinfo and you should get something like this describing your card:

OpenGL vendor string: ATI Technologies Inc.
OpenGL renderer string: ATI Radeon HD 2400 PRO
OpenGL version string: 2.1.7537 Release

At this point you probably see that both monitors are enabled, but are mirroring each other.  If you don’t, you might need to manually active the second:

sudo aticonfig –query-monitor

Use the output of that command and run:

sudo ati-config –enable-monitor=<result1>,<result2>

Replace result1 and result2 with the output of the first command.  Possible results are: none, crt1, crt2, lvds, tv, fmds1, tmds2

If the enable works, make it permanent:

sudo aticonfig –force-monitor=<result1>,<result2>

When both your monitors are up (whether they look how you want or not), in your GNOME gui, go to Applications > ATI Catalyst Control Center. This is where you configure how you want your dual monitors to act.

In Display Manager, set the dropdown to two monitors and change the Display Mode to “Big Desktop” — this will enable both monitors as one long desktop that you can drag your mouse and windows between.  You can also go ahead and set your resolution.

And there you go — easy dual monitor setup for Ubuntu 7.10!

UPDATE: Major issues with graphics after I upgraded to 8.10 – I found these instructions which worked:

http://wiki.cchtml.com/index.php/Ubuntu_Intrepid_Installation_Guide#Installing_the_restricted_drivers_manually

Creating and Installing an SPF Record

Posted by Nessa | Posted in uncategorized | Posted on 09-06-2008

5

.!.

Have you ever received a bounce for spam that was sent by you…only it wasn’t sent by you? Email spoofing is one of the easiest concepts to understand for us, but the hardest to explain to end users who confuse spoofing with email hacking and hijacking. The way I explain it to our customers is that spoofing is simply when someone (usually spammers) sends an email that looks as if it came from one person, when it really came from someone else.

Regardless of what some email providers say, there is no honest and straight forward way to keep people from spoofing your email, unless you have access to the real sender’s mail system. However, there is a way to keep legitimate mail servers from accepting spoofed email by creating an SPF record for your domain.

An SPF record (sender policy framework) in short is a DNS record that you add to your domain’s zone file to specify which hosts are allowed to send mail on behalf of your domain. For the most part you would only want the server hosting your domain to be able to send mail, but hat most of our customers don’t realize is that they unknowingly spoof email all the time! Since ISP’s nowadays block SMTP port 25 for third-party mail servers, a lot of our customers use their ISP to send mail for their domain. This is basically how email is spoofed…you put an email address as the ‘from’ address in an email, and send it from a different mail server. Even though this is legitimate email, they are basically allowing their ISP’s mail servers to send their domain’s email, even though their ISP has no authority or management rights over that email, since the domain is hosted on another server.

We usually require our customers to generate their own SPF records so that they can specify what servers they want to be able to send mail from, that way our hands stay clean if the SPF record causes them to not be able to send email. If you go to www.openspf.org you can easily generate a custom SPF record to add to your DNS zone with little to no hassle. The questions can be a little confusing for newbies, so here’s a quick walkthrough on how to answer them.

Question 1: A-Record

v-nessa.net's IP address is 216.134.252.71 (vps71.inmotionhosting.com).
Does that server send mail for v-nessa.net?

The wizard will attempt to resolve the domain to an IP, then do a rDNS on the IP for a hostname. You usually want to say YES unless your mail is hosted on a different server.

Question 2: MX-Record

This wizard found 2 names for the MX servers for v-nessa.net:
vps71.inmotionhosting.com and v-nessa.net.
MX servers receive mail for v-nessa.net.
Do they also send mail from v-nessa.net?

In most cases, this will be true. Exceptions for this is if you have an irregular MX record modification, or are using another outgoing mail server or domain to send mail.

Question 3: PTR

Do you want to just approve any host whose name ends in v-nessa.net?

Typically, you do not want to enable this setting unless you have mail accounts set up for subdomains or domains that are similar in ending that need to relay through this domain. Or, if you use a subdomain as your sending host (like mail.domain.com, etc)

Question 4: A subs

Do any other servers send mail from v-nessa.net?

The answer is usually no. The only other server that would send on behalf of that domain would be the server name (you may need to ask your host for this), but this was already allowed in question 1. The next two fields can be left blank, unless you specifically have information to add to them.

Question 5: Include

Could mail from v-nessa.net originate through servers belonging to some other domain?

Fill in this field mainly if you are planning on using another mail server or domain (such as your ISP, gmail, etc.) to send mail. Otherwise say no.

Question 6: ~all

Do the above lines describe all the hosts that send mail from v-nessa.net?

Check your answers and hit yes.
At the bottom of the page you’ll see the nicely-generated SPF record that will look something like this:

"v=spf1 a mx ~all"

Adding the Zone Entry

You can add the SPF record either WHM (if you are on a cPanel server) or manually in the zone file of that domain.

The line will look something like this:

v-nessa.net. 14400 IN TXT "v=spf1 a mx ~all"

You can then verify the addition by doing a dig on the domain:

dig v-nessa.net TXT