I'm using PHPSecLib for SSH connection through PHP but I have this error :
Notice: No compatible server to client encryption algorithms found in C:\Program Files (x86)\EasyPHP-DevServer-14.1VC9\data\localweb\nodejs\includes\classes\net\Net\SSH2.php on line 1170
Why ?
Thanks
Quoting this post,
So phpseclib determines which symmetric key algorithms it can use by seeing which ones are includable. The following links demonstrate how this is done:
https://github.com/phpseclib/phpseclib/blob/efd3b96dc8e378a5155cb42f4869de85f4153135/phpseclib/Net/SSH2.php#L1110
https://github.com/phpseclib/phpseclib/blob/efd3b96dc8e378a5155cb42f4869de85f4153135/phpseclib/Net/SSH2.php#L3775
If you're using PHP 5.4 then it's essentially doing stream_resolve_include_path('Crypt/RC4.php'). If PHP doesn't think it's includable than it's hard to argue with that.
Could be your include_path that's not correctly set as well.
Related
Recently I have migrated one of my projects (PHP 7.4/Lumen/Ubuntu 20.04) from MongoDB to MongoDB compatible AWS DocumentDB. Since the migration all the CLI Scripts are triggering this strange notice/warning
bson_append_array(): invalid array detected. first element of array parameter is not "0".
Everything seems to be functionally working apart from this message (Even though I have all the PHP errors hidden from ini file this still shows up). Not really sure what is going on.
Message is actually coming from "find" method. I also did try to suppress the msg but no luck.
Does anyone have any idea what is going on here ? Appreciate and thanks for all your responses in advance.
DocumentDB version 4.0
PHP SDK Composer version 1.9.0
If you add &authMechanism=SCRAM-SHA-1 to the connexion string, the warning disepear.
I am answering my own questions based on my findings so far.
Seems like there is no solution for this issue since AWS DocumentDB is not 100% compatible with MongoDB (As per mongoDb documentation over 66% of all of the correctness tests have failed for DocumentDB). Also it is extremely difficult get AWS support for these sort of incompatibility issues, they always refer you to public user forum.
MongoDB recently put up a blog post summering incompatibility issues with DocumentDB and it makes a lot of sense. You can read it in detail here - https://www.mongodb.com/atlas-vs-amazon-documentdb/compatibility
My recommendation is if you are considering using documentDB as a replacement of Mongo do not bother. Save your precious time by sticking with MongoDB.
My server host had php version 5.2.17. I am using a random token and used openssl_random_pseudo_bytes in my function.
openssl_random_pseudo_bytes( $length);
Trying to run this code from Scott's answer.
It is running well on my localhost with higher php version.
Other than upgrading my server php version. What is an alternative function for openssl_random_pseudo_bytes?
Update: Using mt_rand, rand or uniqid, how can I generate secure unique tokens?
As of now, I am using this line of code:
$token = md5(uniqid(rand(), true));
$thetoken = $token.$user_id;
Thank you for any help!
I am using 5.6 but have also been looking for ways to create secure and unique tokens as I am unable to get the openssl_random_pseudo_bytes function to work. I have run across paragonie's random_compat at github which should allow you to use random_bytes() and random_int() (both only available with PHP7). They do say it should be able to be used with older 5.x versions of PHP in theory, though they do suggest updating to a current stable version of php. https://github.com/paragonie/random_compat
Here is a link to another stack overflow answer that suggests using random_bytes() as $token = bin2hex(random_bytes($length));
best practice to generate random token for forgot password
And also the link i found suggesting paragonie's random_compat
https://akrabat.com/random_bytes-in-php-5-6-and-5-5/
https://paragonie.com/blog/2015/07/how-safely-generate-random-strings-and-integers-in-php
the Alternative way for openssl_random_pseudo_bytes(10) is something like this decbin(rand(0,1024)) in php 5.X
Is it possible to encrypt a PHP code file without installing php.in extensions?
I have a script of 5 php file and I want to create a copy to give away with the code protected. So they can access the script from the front-end but the back-end (code) is encrypted. I have found alot of software that allow encryption of php be but they all require installation of php.in extensions.
Is there anything embedded into Php 5.5 that would work similar to MD5 password encryption?
Is there anything embedded into Php 5.5 that would work similar to MD5
password encryption?
Simple answer: No.
Every encoder I have seen (e.g. http://www.ioncube.com/) uses some kind of php extension so your code will need a special enviroment to be executable.
There are some so called obfuscators (e.g. http://www.gaijin.at/olsphpobfuscator.php is free) out there that will not encrypt your code but rename variables and functions/methods so that your code will become much harder to read.
One thing to keep in mind is that debugging errors of encrypted/obfuscated code usually is much harder, even for the developer.
No because MD5 is a one-way hash, you can't reverse the string. The reasons these extensions exist are so that the code can be encrypted and decrypted so that PHP can execute it.
You might want to look at a similar question here: Best solution to protect PHP code without encryption
Im trying to compile phpurple. Im doing everything according to the documentation:
hxxp://phurple.php.belsky.info/ch02.html
but "make" gives me an error:
/myhomedir/phpurple/purple.c: In function ‘call_custom_method’:
/myhomedir/phpurple/purple.c:1370: error: ‘zend_fcall_info’ has no member named ‘object_pp’
/myhomedir/phpurple/purple.c:1408: error: ‘zend_fcall_info_cache’ has no member named ‘object_pp’
I`ve found other people with the same problem:
hxxp://www.mail-archive.com/monetdb-bugs#lists.sourceforge.net/msg05515.html
hxxp://belsky.info/archives/23-Phurple-per-se-PHPurple.html
but nobody gives any information about successful php 5.3 build and the message
PROJECT IS CLOSED if you want
commercial support for php 5.3, let me
know ... )
does not help at all.
does anyone have any idea how to compile it or any clue how to fix the problem ?
P.S. Sorry about the links, some strange StackOverflow limitation
According to phpurple requirements:
Please let me know, if you've successfully compiled on
earlier versions. Actually the extension is being developed
on the php v5.2.6 with the option to be upcomming php v5.3
compatible.
The authors will need to update their source. However, since you have the source you could update it yourself because you noted that the project is CLOSED. You could also fork the code and create your own gitHub project with php 5.3 support.
Good luck.
What you are seeing is PHP's shifty interface (ahem, hold your down votes, I said s h i f t y). By that, I mean function prototypes are subject to change from version to version. Take this meta example:
int foo_call_bar(const char *foobar, size_t len);
And in a later version of something, the function calculates the length dynamically, thus eliminating the second variable in the prototype:
int foo_call_bar(const char *foobar);
Some projects strive to always maintain backwards compatibility to alleviate this headache, which could be accomplished with pre-processor directives that prototype the new implementation with the len variable, but just don't do anything with it. If PHP did that, the code base would succumb to even more madness.
Unfortunately, you'll have to modify phpurple to present the correct arguments to the correct PHP functions, and ensure that they are of the appropriate type. That would be a bit of an undertaking, but probably wouldn't be as difficult as it seems.
The Linux kernel's VFS interface is the same way, and I'm often tasked with porting older experimental file systems to work on modern kernels.
look at that man
http://sourceforge.net/news/?group_id=235197&id=296063
A little late, but here is the latest library that works with PHP 5.3:
The new project page is: http://sourceforge.net/projects/phurple
The blog post: http://belski.net/archives/23-Phurple-per-se-PHPurple.html
I have ran into a problem after I have complied it and added the extension to PHP.ini configuration:
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/modules/phurple.so' - /usr/lib/php/modules/phurple.so: undefined symbol: ZVAL_ADDREF in Unknown on line 0
To fix this, change the line containing ZVAL_ADDREF in client.c from
ZVAL_ADDREF(PHURPLE_G(phurple_client_obj));
to
Z_ADDREF_P(PHURPLE_G(phurple_client_obj));
Well, the new URL seems to be a persistent repo with fixes to PHP-5.3 and above. Maybe that should be mentioned, but that won't help with checking it out anyway. For me it worked fine, so I would say it is worth a try.
You can check the new sources shortly posted on https://github.com/weltling/phurple
I am using Python for indexing utilizing the shelve functionality and I was wondering whether it was possible to open and read the files in PHP.
I checked out the PHP Shelve option and it doesn't seem to be working on PHP 5.X I am getting (when running the example they gave me)
PHP Fatal error: Cannot pass parameter 2 by reference in test.php on line 205
Even still, I don't think I'd get the same performance writing to the shelve in PHP as I would in Python.
I'm not sure how mature or well developed that project is, but, if I had that need, I would try the Python In PHP project.