I have an Apache server
I have several SQLite databases there
I have a PHP code there
I have an Android application which communicates with that PHP code (http post)
The PHP code gets data from the Android application and creates SQLite databases or write records there or read and so on
So the complete control over SQLite databases is with that PHP code
Now the questions are as following:
1 - Considering the file-folder access permissions, what is the PHP code called,
owner or group or world ?
2 - Is it a true structure that all users interact with that PHP code and whenever an Android user is working with the SQLite database of the server, that PHP code gives Write-Read access to the folder containing the SQLite database?
3 - Isn't there any conflict considering one user may give write access to the folder containing the SQLite database and one other user which previously had given write access has now finished the work and gives read access to the folder? while the first user needs write access yet and the other user has now changed it to read access?
4 - Isn't there any security issue if I generally give Read and Write access to the folder containing the SQLite database (Since the PHP code controls everything and I have the PHP code in non public html folder of the server)
PHP runs through a webserver, the webserver runs under a user account, access to the servers file system (usually linux) is restricted to users/groups.
So, access to a folder/file must be possible for the user account (on that server) who is running the webserver process (which is running the PHP executable).
The SQLite file should NOT be accessible from the web.
It's not that access rights are changed by the PHP process according to web-users making a request. You should make yourself familiar with how the web actually works...
Related
The scenario: I have a number of machines/workstations (running Windows 7 or 8) that log in to a web application (PHP). The application needs to identify each machine to provide specific data for it.
The user is not to be involved in the process of identifying the workstation (needs to be automated to avoid mistyping).
So far we have a script running in the morning at the startup of the machines that writes the machine id/name into the firefox cookie database, then FF is started and the web application is loaded, retrieving the machine id from the cookie. That procedure works ok so far, but from time to time the cookie is not written (probably some problem with the script) and the user has to enter his id manually.
Is there another way to do it? I have access to each machine that log in to the application, so I can put down any kind of txt, ini or whatever file that holds the id/name of that machine. I just need to get that info reliably into the web application...
I am currently attempting to write a simple web page to store emails in a database. I am on a server which is not mine (but does run Apache), so I do not have root access, so I have opted to use SQLite3. The goal is to use PHP to INSERT into the database, however, I continue to encounter the issue with the database being owned by me and the PHP attempting to access using the user "apache" which leads to a "readonly" error. Since I am not root, I cannot chown the database file and even when I chmod 777, it has no effect. The conclusion I came to was to have the PHP script create the database itself (under the user apache) but now I do not have write access to the file. Is it okay for me to just allow apache to own the database or is there some better way to do this?
SQLite is a library, i.e., it's just a bunch of code that runs inside the web server process. This means that accesses to the database file behave just like any other file access from Apache.
The web server process needs to be able to access the file itself, and to create the journal rollback file in the same directory.
chmod 777 is a bad because every user on that machine can do anything to the database. It would be a better idea to have the database file and the directory belong to a group that has you and apache as members.
If the server's administrator will not create such a group, then you could have apache as the owner, and add a backdoor (sufficiently protected) to your web app to allow overwriting the database with a new file.
Newly registered user here after being a long time lurker!
I have an Apache 2.2 web server running on Windows locally (for now) as a service, with PHP 5 installed. I'm using PHP's exec() to run a command line client (.exe) hosted on the server, which authenticates the user to a database and makes pre-defined SQL queries on behalf of the user.
My question is: How does Apache run programs requested by multiple users through the (same) PHP exec() command? In this case, will Apache be using the same one instance of the client for all users who will access it, or will Apache be creating a new instance of the client for each user?
Since the client was designed for use by a single user, if Apache does reuse the same instance of a client, it will be running into a lot of concurrency issues.
I appreciate any help I can get, thanks!
PHP launches the process every time PHP calls exec(), and it keeps running for as long as it takes to finish. As such, you will end up with multiple copies of the process running at once if multiple users are simultaneously accessing scripts your web site which trigger it.
Unless you are using some really weird sort of database, there is probably a better way to query it than launching a command-line tool. If there's an ODBC driver available for your database, for instance, you may be able to use it directly via the PHP ODBC extension.
I wanted to connect to my server via ssh and run a php script to enter some data into the MySQL databases.
I couldn't do this because I didn't have ssh access.
So instead I'm just going to put a php script into one of my web pages and then put the data in the same folder and then run the php by loading the browser
this seems like a really wierd way to enter data into a database?
but is it ok?
Using a PHP script to execute an SQL script should not be a problem (but be sure to delete both afterwards, just so you don't leave an unvalidated/regulated passage into your database out there).
If your webhost provides a MySQL Admin interface (often phpMyAdmin), you should be able to access that through their Control Panel (often called "cPanel" or "Plesk"). You should be able to upload and execute an SQL file through that interface without installing anything else.
Failing that, you should be able to install Adminer, which is a cutdown version of phpMyAdmin which you can then upload to your server and access through a web browser to, again, upload or copy-and-paste your SQL script into.
So you are basically rebuilding phpMyAdmin's behaviour. I would just install phpMyAdmin, but if your php script is protected (.htaccess or similar), then this should be no problem. Look out for timeouts.
A good tool for working with MySQL db is Workbench, but you must have remote access to your db...
I am getting daily data dump via e-mail, which is being processed by Access (based on the Outlook rule, VBA is extracting the attachment and running Access procedures, so I get a report).
As data dump is getting bigger and bigger, and having in mind that Access is run locally which consumes my resources, I want to set up a PHP/MySQL server to make it more efficient.
The first challenge I face is how to connect Outlook rule with PHP execution? (as I will have Outlook set up on the Windows based machine, with apache/mysql set up (WAMP))
Anyone can share some insights on how to start PHP execution from Outlook?
Thanks for the help!
Srdjan
If you have an existing setup using Access and VBA, and you just need a better database behind it, could you not just use MySQL without PHP and use the MySQL ODBC driver instead of the Access connection you are using at the moment (assuming you are currently using ODBC to connect to the access database)
This way you wouldn't even have to have mysql running locally if the hit is too high on your local machine and it should be pretty straightforward in that you shouldn't have to make to many changes to your vba code.
Of course, whether this will do it depends on what else is going on in your access db
If not you could try using php and using the PHP Command Line Interface (CLI) which you should be able to call as an external executable from Outlook. Just pass php.exe the name of the php script you want to run
UPDATE:
I am not a VBA expert by any means but it looks like the shell function would let you run the PHP CLI from within VBA
Shell("path/to/php.exe phpscript.php")
http://msdn.microsoft.com/en-us/library/xe736fyk(VS.71).aspx
Of course this will only work if you can get to php.exe on the wamp machine (ie is a local machine or you have network access to the appropriate folder)
Alternatively, if the Wamp server is to be a separate machine then you could trigger the php script to be run by calling a url. I think the XMLHTTP object will do this for you
Dim xmh As Object
Set xmh = CreateObject("MSXML2.XMLHTTP")
xmh.Open "GET", "http://urlofphpserver/script.php", False
xmh.Send