Is there a way to check if PHP is installed on an Apache or IIS server within the PHP environment itself?
If so, how?
create a file (say info.php) with the following content on an accessible path and try to browse it:
<?php
phpinfo();
?>
#Alfabravo is correct: don't forget to delete the file from the server after using it!
Create a PHP script called php.php with the content:
<?php
phpinfo();
?>
and run it from your browser. Or from command line, run:
php -v
I don't know with what PHP version it became available, but try this:
if( strpos( $_SERVER['SERVER_SOFTWARE'], 'Apache') !== false)
echo 'Have Apache';
else
echo 'Have some other server';
The virtually most definitive answer possible (there are other similar possibilities) is:
function on_iis() {
$sSoftware = strtolower( $_SERVER["SERVER_SOFTWARE"] );
if ( strpos($sSoftware, "microsoft-iis") !== false )
return true;
else
return false;
}
Now, just use on_iis() whenever you want to know.
You can also find out via the $_SERVER['DOCUMENT_ROOT'], sort of:
Read http://www.helicron.net/php/
(Basically, according to the article, Apache sets the document root with a valid variable, and IIS does not).
Related
Should we check $_SERVER['REMOTE_SERVER'] or what?
This will do the trick:
if($_SERVER['REMOTE_ADDR'] === '127.0.0.1') {
// do something
}
Be careful you don't rely on X_FORWARDED_FOR as this header can be easily (and accidentally) spoofed.
The correct way to do this would be to set an environmental variable in your server configuration and then check that. This will also allow you to toggle states between a local environment, staging and production.
This code will help you.
<?php
if($_SERVER['SERVER_NAME'] == 'localhost')
{
echo 'localhost';
}
?>
Check
$_SERVER['REMOTE_ADDR']=='127.0.0.1'
This will only be true if running locally. Be aware that this means local to the server as well. So if you have any scripts running on the server which make requests to your PHP pages, they will satisfy this condition too.
refered from :
How to check if the php script is running on a local server?
i am not sure whether this is in the right section or not but i am building an file upload site and want to be able to scan the files on upload for viruses etc.. How would i be able to do this?
Any ideas to get me started?
Thanks
The clamav library has a PHP binding called php-clamav. You then can scan files for viruses from within your PHP code:
if ($_FILES['file']['size'] == 0 || !is_file($_FILES['file']['tmp_name']))
{
throw new Exception('Please select a file for upload!');
} else {
cl_setlimits(5, 1000, 200, 0, 10485760);
if ($malware = cl_scanfile($_FILES['file']['tmp_name']))
throw new Exception($malware.'(ClamAV version: '.clam_get_version(),')');
}
...
Another alternative is to install the Mod_Security web application firewall. It can be configured to scan all upload files for viruses using modsec-clamscan.
You could try something like the following using AVG:
Windows:
<?php
exec("avgscanx.exe /SCAN=filename.ext/");
$result = exec("echo %ERRORLEVEL%");
?>
Linux:
<?php
exec("avgscan filename.ext -a -H -c");
$result = exec("echo $?");
?>
Both platforms return the same error codes, allowing you to determine whether a scan was successful or not.
References:
http://www.avg.com/ww-en/faq.num-4443
http://www.avg.com/ww-en/faq.num-4441
http://www.avg.com/ww-en/faq.num-1854
http://www.avg.com/ww-en/faq.num-1759
It depends on your server configuration, but for example on linux, it's easy to install something like clam and access it through the command line. You can use something like php's exec() to run it.
You could also use VirusTotals public API. You can read more about it here. There is some PHP code available here.
This way you get a lot of scanners, and you don't have to run AV locally. On the other hand you'll have to wait a while for the result.
Is it possible to check if the website (php) is running locally or on a hosted server?
I want to enable some logs if the website is running locally and I don't want these to appear on the site online..
I can set a variable $local=1; but I'll have to change that before uploading.. is there anyway to automate this task?
Local Server : WampServer 2.0 / Apache
WebServer: Apache
Check $_SERVER['REMOTE_ADDR']=='127.0.0.1'. This will only be true if running locally. Be aware that this means local to the server as well. So if you have any scripts running on the server which make requests to your PHP pages, they will satisfy this condition too.
I believe the best approach is to 'fake' a testing mode, which can be done by creating a file in your local environment.
When I used this approach I created an empty text file called testing.txt and then used the following code:
if (file_exists('testing.txt')) {
// then we are local or on a test environment
} else {
// we are in production!
}
This approach is 100% compatible with any Operating System and you can use several test files in case you want a more granular approach (e.g. development.txt, testing.txt, staging.txt, or production.txt) in order to customise your deployment process.
You should automate deployment
This is not directly the answer to your question, but in my opinion the better way. In an automated deployment process, setting a variable like $local = true, like other configuration values (for example your db-connection), would be no manual, error prone, task.
Checking for 'localness' is in my opinion the wrong way: you dont want to show your logs to every local visitor (a Proxy may be one), but only when deployed in a testing environment.
A popular tool for automated deployment is Capistrano, there should be PHP-Centric tools too.
Just in case this is useful to anybody, I made this function as the above answers didn't really do what I was looking for:
function is_local() {
if($_SERVER['HTTP_HOST'] == 'localhost'
|| substr($_SERVER['HTTP_HOST'],0,3) == '10.'
|| substr($_SERVER['HTTP_HOST'],0,7) == '192.168') return true;
return false;
}
$whitelist = array(
'127.0.0.1',
'::1'
);
if(!in_array($_SERVER['REMOTE_ADDR'], $whitelist)){
// not valid
}
I have build this function that checks if current server name has name server records, normally local server don't has.
<?php
function isLocal ()
{
return !checkdnsrr($_SERVER['SERVER_NAME'], 'NS');
}
?>
Your remote server is unlikely to have a C drive! So I run with this:
//Local detection
$root = $_SERVER["DOCUMENT_ROOT"];
$parts = explode("/",$root);
$base = $parts[0];
$local = false;
if ($base == "C:") {
$local = true; //Change later for if local
}
I want to check if files exists in the network folder (eg. path = "U:\abc\def\") using php.
I tried to use following:
if(file_exists("U:/abc/def/400abc.doc")) {
echo "YES";
} else {
echo "NO";
}
I get NO. I also tried path = "//abc-drive/folder-main/abc/def/400abc.doc" but still it doesn't work.
The files are on a network/shared folder and NOT in subfolders from where php server runs
Can anyone please tell HELP?
Regards
This won't work if PHP has safe_mode enabled. Try setting safe_mode_include_dir to add an exception, and reference the location with the syntax \\computername\share\filename.
Use the URI format. file://U:/abc/def/400abc.doc
Change FASTCGI Setting in server
[FASTCGI Setting] -> open ...php-cgi.ex ->
FastCGI Property -> Advanced Setting -> protocol -> Change [NamedPipe] to [TCP].
I have same error with you, I tried it and success. GoodLuck
If file_exists is returning false for a file or folder on a Windows network drive, try the following:
Run regedit.exe
Locate the following key - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\RestrictNullSessAccess
Change its value from 1 to 0.
Restart your computer.
Double check your network drive is connected.
Retry your script - this time file_exists should return true.
How can I get the binary path of php from PHP?
I saw it in phpinfo(), but I need another method that gets it in Linux and Windows systems.
You can use:
$_SERVER['_']
Also, the predefined constant PHP_BINDIR gives the directory where the PHP executable is found.
Sample on CodePad and Ideone.
It looks like, for security reasons, $_SERVER values are not exposed.
Linux Only
Use the "which" command to find php.
$phpPath = exec("which php");
Note this does not guarantee the same php executable that your web server may be using, but rather the first instance that was found while looking through the paths.
A method using environment variables, assuming the php executable is in the system path.
function getPHPExecutableFromPath() {
$paths = explode(PATH_SEPARATOR, getenv('PATH'));
foreach ($paths as $path) {
// We need this for XAMPP (Windows)
if (strstr($path, 'php.exe') && isset($_SERVER["WINDIR"]) && file_exists($path) && is_file($path)) {
return $path;
}
else {
$php_executable = $path . DIRECTORY_SEPARATOR . "php" . (isset($_SERVER["WINDIR"]) ? ".exe" : "");
if (file_exists($php_executable) && is_file($php_executable)) {
return $php_executable;
}
}
}
return FALSE; // Not found
}
Maybe the best solution is in the Symfony process component:
PhpExecutableFinder.php and ExecutableFinder.php. In use:
<?php
use Symfony\Component\Process\PhpExecutableFinder;
$phpFinder = new PhpExecutableFinder;
if (!$phpPath = $phpFinder->find()) {
throw new \Exception('The php executable could not be found, add it to your PATH environment variable and try again');
}
return $phpPath;
In Windows, using WAMP, you can use the ini variable - extension_dir - as it is placed in the PHP folder.
Like this:
echo str_replace('ext/', 'php.exe', ini_get('extension_dir'));
Normally, in a simple default PHP installation under Windows, the php.ini file is located and loaded from the same directory of the PHP binary.
To simplify, Windows users:
echo dirname(php_ini_loaded_file()).DIRECTORY_SEPARATOR.'php.exe';
VoilĂ !
Of course, if you are using multiple .ini files, it may not work if the files are not into the same PHP binary directory. BTW, this may solve to most of cases. Windows developers running PHP from local development environment.
As of PHP 5.4 you can simply use the PHP_BINARY reserved constant.
It's very easy!
var_dump(getenv('PHPBIN'));
But it works only on Windows, so we should use this answer.
How did I get this? I just typed echo echo phpinfo(); and searched the php path there. Just see here:
Then I just getting it here: php getenv and ... you see the result.
For Windows and XAMPP:
$php = getenv('PHPRC') . '/php.exe';
if(is_file($expected)){
return $php;
}