Good day guys..i'm currently working as an sys ad assistant. i just want to know if how can i know that a file from a directory(and it's subdirectory) has been modified..do i need to put every php code on a database? and is there a possibility to know which part of the file has been modified?thanks. please help.
Not sure what you mean by the database reference... but in general, if you know a file's creation date, you could check to see if filemtime is different from that. I'm a bit leery of using file modification times however; I've found some instances in which they were misleading, so take this with a grain of salt.
Outside of having a previous version of the file (via backup or a RCS), I can't think of how you'd see what part was modified.
Since you are working as sys ad assistant, I presume you can also use python.
If so, consider using watchdog library. I think it is a perfect fit.
When you're at it, you can also use programatically, with python, linux/unix diff command.
For this, you can also check out python sh module, which enables you to call diff from your python code.
php is hardly perfect solution for your sysadmin needs.
And python may be even easier to learn than php.
Use filemtime() which will give you the last time that the file was changed.
But you cannot know any made differences as far as you aren't running a version control system.
Related
If I would like to distribute PHP application with installer(package system of OS) how should I proceed? I don't want PHP files to be there, just working application, so when I type 'app' into console, it ends up being launching application, without need to install PHP on system(no php installation on host required). I would also like the application to have patch-able byte-code, so it's in parts, loaded when needed and only part needs to be replaced on update.
What I would do now is following:
->Compile PHP with extensions for specific platform.
->Make binary application which launches '/full/php app' when app is launched.
->Pack it in installer in a way, that there would be binary added to path when added, launching specific installation of PHP which is alongside the app with argument of start point->App would be running.
Problem is:
Maybe I don't want my PHP files to be exposed(in application, there will be available source anyway) is there some ready made stuff to do this? Is there some better way than I proposed?
Alternative: Modifying OP Cache to work with "packing" application to deliver byte codes to modified OP Cache which just reads the cache.
My suggestion would be a tiny tool I just finished, for almost exactly the same problem. (Oh yes I tried all the others but they're old and rusty, sometimes they're stuck with 4.x syntax, have no support, have no proper documentation, etc)
So here's RapidEXE:
http://deneskellner.com/sw/rapidexe
In the classical way, it's not a really-real compiler, just a glorified packer, but does exactly what you need: the output exe will be standalone, carrying everything with it and transparently building an ad-hoc runtime environment. Don't worry, it all happens very fast.
It uses PHP 7.2 / Win64 by default but has 5.x too, for XP compatibility.
It's freeware, obviously. (MIT License.)
(Just telling this because I don't want anyone to think I'm advertising or something. I just took a few minutes to read the guidelines about own-product answers and I'm trying to stay within the Code of the Jedi here.)
However...
I would also like the application to have patch-able byte-code, so it's in parts, loaded when needed and only part needs to be replaced on update.
It's easier to recompile the exe. You can extract the payload pieces of course but the source pack is one big zip; there seems to be no real advantage of handling it separately. Recompiling a project is just one command.
Maybe I don't want my PHP files to be exposed(in application, there will be available source anyway)
In this case, the exe contains your source compressed but eventually they get extracted into a temp folder. They're deleted immediately after run but, well, this is no protection whatsoever. Obfuscation seems to be the only viable option.
If something goes wrong, feel free to comment or drop me a line on developer-at-deneskellner-dot-com. (I mean, I just finished it, it's brand new, it may misbehave so consider it something like a beta for now.)
Happy compiling!
PHP doesn't do that natively, but here are a few ideas:
Self-extracting archive
Many archival programs allow you to create a self-extracting archive and some even allow to run a program after extraction. Configure it so that it extracts php.exe and all your code to a temp folder and then runs ir from there; deleting after the script has complete.
Transpilers/compilers
There's the old HPHC which translates PHP code to C++, and its wikipedia age also contains links to other, similar projects. Perhaps you can take advantage of those.
Modified PHP
PHP itself is opensource. You should be able to modify it withot too much difficulty to take the source code from another location, like some resource compiled directly inside the php.exe.
Use Zend Guard tool that compiles and converts the plain-text PHP scripts into a platform-independent binary format known as a 'Zend Intermediate Code' file. These encoded binary files can then be distributed instead of the plain text PHP. Zend Guard loaders are available for Windows and Linux platform that enables PHP to run the scripts encoded by Zend Guard.
Refer to http://www.zend.com/en/products/zend-guard
I would like to add another answer for anyone who might be Googling for answers.
Peach Pie compiler/runtime
There is an alternative method to run (and build apps from) .php source codes, without using the standard php.exe runtime. The solution is based on C#/.NET and is actually able to compile php source files to .NET bytecode.
This allows you to distribute your program without exposing its source code.
You can learn more about the project at:
https://www.peachpie.io/
You've got 3 overlapping questions.
1. Can I create a stand-alone executable from a PHP application?
Answered in this question. TL;DR: yes, but it's tricky, and many of the tools you might use are semi-abandoned.
2. Can I package my executable for distribution on client machines?
Yes, though it depends on how you answer question 1. If you use the .Net compiler, your options are different to the C++ option.
3. Can I protect my source code once I've created the application?
Again, depends on how you answer question 1. Many compilers include an "obfuscator" option which makes it hard to make sense of any information you get from decompiling the app. However, a determined attacker can probably get through that (this is why software piracy is possible).
im trying to implement on my site a system who let the user download a file that have to be change before the download.
I have a master file (a .exe program), that inside have a variable who has to be change for every different user.
The most simple solution is to change a variable inside a xml file every time the user want his personalized exe and then make the exe file to read the external file. BUT i dont want the user to download more than one file.
Is this possible? using php can i change a parametter inside a compiled program? Thanks for any help and suggestions!
If you really really know what you're doing and you know exactly the bits that need to be flipped inside the file, then yes, it's possible to modify the .exe file with PHP. Otherwise you have to make changes to the source or other files the .exe is built with and compile the program on the server before sending it to the user.
In theory it's certainly possible (PHP is turing complete), but as stated in other answers it will be hardly worth the hassle (considering the fact that you have to ask whether it is possible shows you'd have to investigate at last for days into the standard exe-format).
I'd recommend one of the following:
1) Zip the program with the configuration file; either use a separate launcher (e.g. Java [a JAR is a ZIP file]) or add a configuration file that is read by the program itself. There is a number of PHP libraries for generating ZIP files.
2) compile the program with the changed source on the server itself; however this can also become quite complicated depending on your server configuration and the programming environment you use. If you have never administered a virtual server I would not even slightly recommend that as an option.
3) If you can assume that the user got somewhat stable Internet access you might also consider to let hir download a standard executable, where additional configuration will be downloaded later on by the program itself (e.g. by transmitting the username to the server). However this creates dependencies you might want to avoid (your user probably can't use it on machines without Internet access and you should assert that your server is up most of the time).
While it's probably possible, I doubt it's worth the hassle. Unless you're trying to fight piracy or something. Why don't you just serve the user a custom .zip file with the .exe and a config .xml?
[edit after OP commented]
I presume what you're trying to edit is the facebook ID/username? Well, try to compile the base file with some unique string like "THISNEEDSTOBEREPLACED", then use some binary safe function to replace it. Though remember things can and will get tricky if the string lengths don't match.
I've been a research programmer (MATLAB) for most of my programming career, writing things for only myself that can be run on my own computer. Now, I'd like to be able to have people submit a comma-delimited text file and get processed text files in return without having to use my computer directly (only 1 MATLAB installment).
I'm thinking perhaps this can be done on my web server (XAMPP) over LAN and some programming language script that can be run on my server. This is what I'm thinking:
have people create comma-delimited text files.
have them go to a site I created on my localhost and submit it via a webpage forum.
have the uploaded file processed in PHP (small files, < 100KB). This involves looking up a MySQL database as well.
have people download the processed files somehow.
Is this a sound system? By "sound" I mean, if you, the expert, wanted to set up this system, would this be the steps and tools you would use? I've been learning PHP lately, and it seems like I could do this using PHP, but I'm not sure if this is the right tool for the task. The whole thing seems ... a bit on-the-fly, as in you upload the file, and things are done in PHP memory (from what I've read) instead of the file being stored on my server and the server running a script using that file (is there a difference?!). I would be greatly thankful if you guys could chime in and give me some pointers on how to do this properly (general ideas, not asking for codes).
PHP is most definitely a good tool for something like this. As meteorainer mentioned, PHP offers a pretty simple solution for most of what you need to do, and is much less complicated (in my opinion) than Java or .NET. I also believe it to be much easier to get started with.
As far as pointers go, a lot of what you need to accomplish can be found in the PHP manual itself, along with code samples. For example:
File uploads:
http://php.net/manual/en/features.file-upload.php
CSV Processing:
http://php.net/manual/en/function.fgetcsv.php
or, the method meteorainer mentioned
http://us3.php.net/manual/en/function.explode.php
MySQL Databases:
http://us3.php.net/manual/en/book.mysql.php
http://us3.php.net/manual/en/function.mysql-connect.php
Creating new files:
http://php.net/manual/en/function.fwrite.php
As far as whether or not this is a sound system, that all really depends on what this is going to be used for. I may be wrong, but it sounds like you just need a simple application for a very specific use. If this is the case, I would say it sounds just fine. You can always expand upon it later on if you choose to do so. Adding more security measures, more robust output, things like that. Either way, at the very least, your PHP implementation sounds like pretty good starting point to me.
Ya php can definitely do what you are looking for. You'll be using functions like:
$variablesArray = explode(file_get_contents('uploadedfile.csv'));
To bust open the CVS into a useful array and do some storage/math to that. PHP is definitely your bag.
You have other options, like java and asp, but imo java is far too complicated for what you get out of it, and asp requires a .net license and again, grants nothing over FREE php.
A few months ago I saw a PHP script built to detect malware injections in files. Basically the script watched for any files on the server to change or for their contents to change, and then emailed an admin if the contents changed. I haven't been able to locate a script that does this but I need one.
Does anyone know of a program like this?
Thanks!
Use an Intrusion Detection System like OSSEC
It's not a PHP script, but you're probably looking for something like the famd package. Possibly used with http://php.net/manual/en/book.fam.php, however, at http://www.php.net/manual/en/fam.installation.php it states:
This extension is considered unmaintained and dead.
... so I don't know what the current alternatives are.
I've just inherited a project, and been told that an entire folder, "includes/" needs to be removed due to licensing issues -- We don't have the right to redistribute the files in that folder, so we need to cut our dependencies on them, and fix whatever breaks. I've been told "Less than 5% of the lines in that folder are ever even called by our program", but I have no way of verifying this.
There are about 50 files in the folder, each with a couple hundred lines of code. There is no unit testing currently in place. There's one master file, include.php, that require()s all 49 other files, so I can't just grep for any file doing import() on includes/.*.
This is about as much detail as I've really figured out at this point. I spent all last week reading through the files in the includes/ folder, and it won't be hard to rewrite any of this, but I'm having trouble deciding where to start. I tried deleting the folder and slowly fixing things that break, but I'm afraid that this route will cause me to miss some crucial functions in my rewrite.
Can anyone point me in a direction to get started? Are there tools that will simplify this process? I'm looking at xdebug right now, but I'm not sure exactly how I'd use it for this.
You may want to search for "php code coverage." That should help you figure out what code is used. For instance, this appears like it might help:
http://www.xdebug.org/docs/code_coverage
Your initial approach isn't bad at all. It's certainly a reasonable place to start:
delete that code that isn't allowed.
try to run what's left.
if things break: create a stub for a method that is now missing, and set it to return some sensible "default" value for now.
goto 2.
Then, itemize all the things that were missing, and make a sensible schedule to re-implement each thing.
I would start by grepping for files that reference include.php. Check through them if they're manageable, one by one. Then I'd grep for each of the functions in the /include/*php files. See if they're called anywhere, find 'em, replace 'em.
Because PHP is so dynamically typed, I don't think there's going to be a tool for this.
(Eagerly awaiting someone to prove me wrong because I have similar tasks all the time... )
See SD PHP Test Coverage Tool. It will provide a visual view of what code actually executes, as well as a report on what parts of files are used (including "no parts", which is your cue that
the code is a likely candidate to delete).
It doesn't require any hand-modifications of your code, or any unit tests to run it.
To answer my own question, I wound up using xdebug profiler to do the job, as I was initially investigating (after a friend's suggestion prompted me to take a second look).
In my /etc/php5/apache2/conf.d/xdebug.ini (on ubuntu 9.10), I set xdebug.profiler_enable=1 and xdebug.profiler_output_dir=/var/log/xdebug/, then loaded up the resulting cachegrind files with KCacheGrind and just ran a search on filenames for "includes/".
Now I have a mountain of work ahead of me to remove all this, but at least I've got a good overview of what I'll be modifying!