Sorry to get back to you for a question that has been asked many years ago. But I am really stuck with this.
I have a legacy application which is very old, running PHP 5.2.17.
I followed this guide to setup my docker container
https://andrewscaya.net/blog/bringing-php-52-back-life
I have everything setup correctly. I made a downloaded and compiled a PHP installation and configured this with Apache. And its working fine with php.
However, it is essential that I have SSL support (in PHP) for the POSTGRES connection.
Which is now default not enabled according to PHPINFO
I have basically the very same problem somebody else had many years ago. SSL support of Pgsql
See:
Enable SSL support for pgsql
So from what I am understanding is that I need to recompile PHP again, but with a package called libpg ?
Where do I get this package and how can I compile this with the PHP source code?
After 2 days of searching I finally found LAPP stack which has some older versions available with pgsql ssl support
https://community.bitnami.com/t/can-i-get-the-installers-for-wapp-and-lapp-stacks-for-5-4-45/38548
In the long-run I would recommend upgrading PHP versions, but I understand that this can be a lot of work. There are many good guides on upgrading versions. I recommend going through the version upgrades one-by-one, dealing with deprecated features and other potential problems one-at-a-time and testing each script.
In the short-term, I'm not sure if this would work, but PDO is supported in 5.2 (actually in 5.1 even) and as it simply passes info to the PostgreSQL library, I would expect SSL support to work. I have used it in 5.4, and I am not aware of any changes made between those two versions.
There is a solution here, by IMSoP, that explains how to get this working and points you to more official documentation if you need more info: Connecting to PGSQL over SSL via PHP PDO
If this fails, a second approach that I would try would be to create an SSH tunnel to connect to a local port. An example would be:
ssh -L 127.0.0.1:5443:127.0.0.1:5432 username#remoteboxaddress
Then you can initiate what looks to PHP like a local connection on port 5433, but it will actually be a (secure) SSH tunnel to the remote box. This will also require that the remote box is configured to accept (non-encrypted) local connections, and that you have SSH access to it. Then, if you test it out and it works, you can make a script to start the tunnel on boot, or better yet, when the webserver is started; this necessitates using an authentication method like keys stored in a file, that doesn't require the entering of a password. So...there are a lot of "if's" here, in terms of whether or not you will be able to get this solution to work, but it can be done if you have root access on both servers, and occasionally if you do not, depending on how they are configured.
Hopefully, one of these two solutions will work for you.
Related
I am trying to encrypt the connection from an application running on php 5.6.40 to gearman server(version 1.1.12). I have started gearman server enabling ssl and passed the ca file, certificate and key as arguments.
gearmand -d --ssl --ssl-ca-file=ca.crt --ssl-certificate=gearman.crt --ssl-key=gearman.key
Where I am stuck now is to get my php client use ssl. I am using GearmanClient class that comes with php's gearman extension and I could not figure out a way to achieve this.
$gearmanClient = new GearmanClient();
$gearmanClient->addServer('server ip', 4730);
$result = $gearmanClient->doHighBackground('job-type', 'workload');
The code above works but the job-type and workload are sent un-encrypted to gearman server. If it is not possible with php's gearman extension, does anybody know if we can use socket functions to achieve this? I have gone through a lot of threads related to this, but could not find a proper answer. Apologies if this has been already answered.
SSL support in gearmand works just fine. I have been using it in a production environment for ~3 years now. The issue mentioned in another answer is still open because that issue is really about making improvements to the documentation, and that wishlist item is unresolved.
Getting SSL support in the PHP extension is possible, but it will require patching and compiling the code yourself. The current version of the PHP extension can be found at https://github.com/wcgallego/pecl-gearman, but that is for PHP 7.x.
The Gearman PECL extension for older versions of PHP (< 7.x) is no longer maintained, as far as I know, but you can download the latest version at https://github.com/hjr3/pecl-gearman and apply the patch at https://bugs.php.net/bug.php?id=67623. It works. My workplace used that in production for about a year before moving to PHP 7.x.
If you are using PHP 7+, I recently opened a PR for adding SSL support at https://github.com/wcgallego/pecl-gearman/pull/72. You should also read the issue thread at https://github.com/wcgallego/pecl-gearman/issues/43 for some caveats.
In either case, you also need a libgearman.so from gearmand 1.1.19 or newer that was compiled with --enable-ssl and has support for the setSSL() API.
I hesitated to answer the question previously because it is related to PHP.
Actually gearmand supports SSL connection properly. The issue mentioned by #emix is still opened because there is no ssl tests for gearmand itself in repository.
Perl Implementation of gearmand Client/Worker supports SSL connection and contains ssl tests for the purpose.
SSL is alleged to be not working. This was posted as a bug long time ago and the issue is still considered open. The official extension seems dead as well: last release was more than 6 years ago.
If I were in your shoes I'd switch to something more stable with better community support.
I spent some hours trying to solve a migration from CentOS 5.5 to 7 in which everything worked except PHP-based sites connecting to the MySQL server for a Web site. Perl worked fine. CLI commands worked fine. I tried every solution listed on Stack Overflow and elsewhere:
Make sure /etc/hosts contains localhost as the first entry for 127.0.0.1
Check that PHP is correctly pointing to the right socket
Try swapping localhost and 127.0.0.1 in the connection setup
Checked php.ini for any settings that differed between my functional CentOS 5.5 setup and the new stock CentOS 7 installation.
Annoyingly, I couldn't get PHP to dump errors, whether via Apache or elsewhere. It was all maddening.
After checking for the fifth time that I had the right drivers installed, I realized that there are two CentOS/yum packages: one is php-mysql; the other is php-mysqlnd, a native driver.
Uninstalling php-mysql, which is apparently outdated, but which is what I used in CentOS 5.5, and installed php-mysqlnd instantly fixed the problem.
I have been unable to find any other answers of this sort, so perhaps my situation is unique. But I wanted to document it in case someone else came across the same migration issue.
I have shifted my CakePHP (2.3.1 stable version) site to Host-ed.me and I am getting PDO class not found error. How to enble PDO on Host-ed.me server. Any suggestion is highly appreciated.
I suggest to first compare your previous/local PHP configuration with the configuration on hosted.me.
You can do so by generating a phpinfo() report of both. be sure to remove the phpinfo page afterwards - having a publicly visible phpinfo page on your website is a major security risk.
Check if PDO is really not installed on the webserver, either via the phpinfo() report or via instructions found in this question; How to determine if PDO is enabled in PHP?
You may also check if hosted.me is not using an outdated version of php, otherwise you may run into other problems later on
If PDO is not installed and is required for your website (or the php version is too old), there's no other option than to contact the hosting provider and ask them if it is possible to have it installed or your website be hosted on a different server.
Finally, if these options do not give you a solution, find a better hosting provider that does have a decent PHP installation :)
Check out this blog for details.
Basically, you have to do the folllowing:
1. Check if PDO is installed (lookinto your phpinfo() output / write simple program)
2. Install PDO, using yum install php-pdo
Test again, using the above scripts and you should be good to go.
You just need to enable the PHP extensions:
pdo
pdo_sqlite
sqlite
or ask host to enable them
I'm sure this is something simple that I'm overlooking, but it's driving me a bit crazy. I'm on a Ubuntu machine running LAMP. I have several sites running on this machine using Php / MySql without a hassle. I've recently begun a site using the Yii framework, but I don't think that this is a Yii quesiton. Maybe it is. Anyway...
My other sites used mysqli so Yii's PDO requirement is new to me. I did a quick -i|grep on the PDO and it came back as installed / enabled so no worries. I installed the framework, created a quick test site and database. However, when I try to connect to the database via the site I get an error telling me that the PDO failed. Specifically, a failure to open the stream. So it's not finding the PDO even though the PDO is installed. The Yii site is in the same web folder as the other sites, so there can't be a path issue.
From a Yii standpoint, if that is where the problem lies... I was able to create controllers for the various database tables in Gii, but pulled the same unable to open stream error when I tried to generate CRUD for those tables.
For the record, yes, the MySql is enabled in the Yii main.php file. Yes, the connection string is correct. I'm a bit at a loss as to why the PDO would fail to open if it lists as enabled.
Posting this just for the search engines. I still have no idea exactly what the problem might have been. As I mentioned, PDO was showing enabled from the CLI, but not from phpinfo. This is possible because the CLI uses a different php.ini than does apache2. However, after a complete re-install of php I was still running into the same problem. I again opened both .ini files in gedit and went line by line with them using a non-case sensitive find on "pdo". They were absolutely, completely identical. Finally, I gave up trying to understand the problem and just went for the easy fix. I removed the .ini from Apache2 and replaced it with the one from cli, and voila! I have PDO enabled in Apache2. I still have absolutely no idea what the problem was, but at least it's solved.
Is there a pure PHP implementation of SQLite that will run on PHP 5.1.6? I am working on an application that would benefit from being able to store data in a relational database, but the server that it has to run on is stuck with PHP 5.1.6 and has been configured "'--without-sqlite"
I have no control over this server; cannot recompile, upgrade or otherwise modify PHP aside from using .htaccess files. Hosting externally is also not an option, unfortunately. MySQL may be possible but would be a nightmare trying to get their IT to create a database for me. (It took them 6 weeks to get .htaccess files enabled because of red tape and other things)
Am I out of luck? My fall back is to write everything to flat files but I really would rather not do that.
EDIT: Fixed typo. PHP does not have the SQLite extension and was configured "'--without-sqlite" according to the output of phpinfo()
Actually, you could easily download and install sqlite in your userspace, whether on windows or on a linux remote shell doesn t usually matter unless your host is unusually restrictive, if that is the case you should change service provider.
Once sqlite is installed, you can one of the available pear extensions or pecl extension to allow easy access through php.
Tutorial and code examples for the pear solution here.