The self-extracting executable that I'm attempting to develop is an installer. An end-user will visit a site, then they will be prompted to register on the site and a download will be provided to them. That download is the self-extracting executable that will install the software on the end-user's computer along with a config file that will have the user's unique id in it. The software is a Windows Service so it will not be able to simply ask the user their username and password.
To be able to insert the registered user's unique id into the installer, I would have to generate the installer on the fly. After researching and using my own experience, I decided that a self-extracting executable would be the best option. The question I have now is how can I generate one using PHP? After researching this problem, I found that the most common solution was to install a executable that could create self-extracting executables on the server machine and then invoke it from PHP. However, executing a executable is not possible with my web host, so this is not a viable solution.
However, executing a executable is not possible with my web host, so this is not a viable solution.
I think in that case, you will need to switch to a web host that lets you do this (or rent a dedicated or virtual server). You can create ZIP files from within PHP when the necessary libraries are installed, but that is about it. Producing Self-extracting executables is not on the menu.
If that is not an option, you would have to find a way to pre-produce the self-extracting executable and inject the user ID into it afterwards. That is surely possible, but I expect you would have to build a custom self-extractor for this.
A self-extracting archive is just an extractor with archive data appended. The extractor program opens itself, finds the offset of the data and extracts. There might be a trailer record to help find the offset.
You can append files easily in PHP: both an archive with your program and the user data. But you need to write a custom extractor that will be aware of this format.
I'm not sure this is possible.. The most you could do is use PHP to dynamically grab the files required surely?
Anyway, perhaps your application could access the internet to grab the files it needs periodically?
Or, you could reference an external PHP file in your program like /data.php?userid=1222&token=9999 which should be fairly secure.
Related
I am trying to create an application that has a sender and receiver. The entire application is only meant to be used on a LAN and can also possibly be done almost completely through the browser.
The "sender" part is an application of some sort that will need to run a local server on the person's computer and allow for php,html,css,js, and mysql to run.
On the "receiver" end, it is simply a person's browser accessing a webpage being served up from the "sender" application.
I have been looking into nodejs as a means of accomplishing the server part of this...but I am not sure if I can ship it as an exe with mysql and php installed and allow it to be execd from php. I am aware of being able to install these extensions using npm, but I want to ship a whole exe to the end user and not have them install node on their own.
Is this possible? If so, how? Thanks in advance.
You may want to look into XAMPP. It appears to be a portable(-ish) installation of Apache, PHP, MySQL, and a few other things (e.g., Perl). You way want to see if you can strip out the irrelevant parts and put your application code into it somehow.
I believe there is a sure way to this.
I came across server2go some few months ago and it does the work perfectly.
Just download server2go from here http://www.server2go-web.de/download/download.html
Run the application and a folder will be created to the location specified with all the needed files in it.
Just copy your php, html, css etc files to the www folder
Import your mysql database if you are using mysql
When all is set, zip the folder and then use
zipInstaller, you can get it here http://www.nirsoft.net/utils/zipinst.html
ZipInstaller creates an exe application.
Thanks
I've built a CMS (using the Codeigniter PHP framework) that we use for all our clients. I'm constantly tweaking it, and it gets hard to keep track of which clients have which version. We really want everyone to always have the latest version.
I've written it in a way so that updates and upgrades generally only involve uploading the new version via FTP, and deleting the old one - I just don't touch the /uploads or /themes directories (everything specific to the site is either there or in the database). Everything is a module, and each module has it's own version number (as well as the core CMS), as well as an install and uninstall script for each version, but I have to manually FTP the files first, then run the module's install script from the control panel. I wrote and will continue to write everything personally, so I have complete control over the code.
What I'd like is to be able to upgrade the core CMS and individual modules from the control panel of the CMS itself. This is a "CMS for Dummies", so asking people to FTP or do anything remotely technical is out of the question. I'm envisioning something like a message popping up on login, or in the list of installed modules, like "New version available".
I'm confident that I can sort out most of the technical details once I get this going, but I'm not sure which direction to take. I can think of ways to attempt this with cURL (to authenticate and pull source files from somewhere on our server) and PHP's native filesystem functions like unlink(), file_put_contents(), etc. to preform the actual updates to files or stuff the "old" CMS in a backup directory and set up the new one, but even as I'm writing this post - it sounds like a recipe for disaster.
I don't use git/github or anything, but I have the feeling something like that could help? How should (or shouldn't) I approach this?
Theres a bunch of ways to do this but the least complicated is just to have Git installedo n your client servers and set up a cron job that runs a git pull origin master every now and then. If your application uses Migrations it should be easy as hell to do.
You can do this as it sounds like you are in full control of your clients. For something like PyroCMS or PancakeApp that doesn't work because anyone can have it on any server and we have to be a little smarter. We just download a ZIP which contains all changed files and a list of deleted files, which means the file system is updated nicely.
We have a list of installations which we can ping with a HTTP request so the system knows to run the download, or the click can hit "Upgrade" when they log in.
You can use Git from your CMS: Glip. The cron would be a url on your own system, without installing Git.
#Obsidian Wouldn't a DNS poisoning attack also compromise most methods being mentioned in this thread?
Additionally SSH could be compromised by a man in the middle attack as well.
While total paranoia is a good thing when dealing with security, Wordpress being a GPL codebase would make it easy to detect an unauthorized code change in your code if such an attack did occur, so resolution would be easy.
SSH and Git does sound like a good solution, but what is the intended audience?
Have you taken a look at how WordPress does it?
That would seem to do what you want.
Check this page for a description of how it works.
http://tech.ipstenu.org/2011/how-the-wordpress-upgrade-works/
im trying to implement on my site a system who let the user download a file that have to be change before the download.
I have a master file (a .exe program), that inside have a variable who has to be change for every different user.
The most simple solution is to change a variable inside a xml file every time the user want his personalized exe and then make the exe file to read the external file. BUT i dont want the user to download more than one file.
Is this possible? using php can i change a parametter inside a compiled program? Thanks for any help and suggestions!
If you really really know what you're doing and you know exactly the bits that need to be flipped inside the file, then yes, it's possible to modify the .exe file with PHP. Otherwise you have to make changes to the source or other files the .exe is built with and compile the program on the server before sending it to the user.
In theory it's certainly possible (PHP is turing complete), but as stated in other answers it will be hardly worth the hassle (considering the fact that you have to ask whether it is possible shows you'd have to investigate at last for days into the standard exe-format).
I'd recommend one of the following:
1) Zip the program with the configuration file; either use a separate launcher (e.g. Java [a JAR is a ZIP file]) or add a configuration file that is read by the program itself. There is a number of PHP libraries for generating ZIP files.
2) compile the program with the changed source on the server itself; however this can also become quite complicated depending on your server configuration and the programming environment you use. If you have never administered a virtual server I would not even slightly recommend that as an option.
3) If you can assume that the user got somewhat stable Internet access you might also consider to let hir download a standard executable, where additional configuration will be downloaded later on by the program itself (e.g. by transmitting the username to the server). However this creates dependencies you might want to avoid (your user probably can't use it on machines without Internet access and you should assert that your server is up most of the time).
While it's probably possible, I doubt it's worth the hassle. Unless you're trying to fight piracy or something. Why don't you just serve the user a custom .zip file with the .exe and a config .xml?
[edit after OP commented]
I presume what you're trying to edit is the facebook ID/username? Well, try to compile the base file with some unique string like "THISNEEDSTOBEREPLACED", then use some binary safe function to replace it. Though remember things can and will get tricky if the string lengths don't match.
Ok this might seems a bad idea or an obvious one. But let's imagine a CMS like PHPBB. And let's imagine you'd build one. I'd create just 1 file called PHPBB.install.php and running it it will create all folders and files needed with PHP. I mean, the user run it just once and every file and folder of the app is created via the PHP file.
Why to do this?
Well mostly because it's cleaner and you are pretty much sure it creates everything as you wish (obliviously checking everything about the server first). Also, having all the files backed-up inside a file you would be able to restore it very easily by deleting everything and reinstalling it running again PHPBB.install.php. Backing-up files like this will allow you to also prevent errors: How? When an error occurred in a file, this file is restored as it was and automatically re-run.
It would be too heavy!
The installation would happen only once and you'd be sure the user will not forget to place the files correctly. The error-preventing will worth the cause and it would also happen only once.
Now the questions:
Does this technique exists? If so, What's its name?
Why would you discourage it?
As others have said, an installer.
It requires the web server to have permission to write to the filesystem, and ends up having the files owned by the user the web server runs as. Even when one has the ability to change filesystem permissions, it's usually a longer process than just extracting an archive and having the initial setup verify permissions.
Does this technique exists? If so, What's its name?
I'd advise to read about __halt_compiler(). It allows you to mix PHP code with non-php data which is not parsed, so you may have PHP code ("installer") and binary data (e.g., compressed contents of all the files) in single PHP file.
1 - Yes, there is a single install file in PHPBB. You run through an online wizard defining your settings and then it installs automatically.
http://www.phpbb.com/support/documents.php?mode=install&version=3&sid=908f5766fc04868ccb985c1b1e6dee4b#quickinstall
2 - The only reason to discourage it would be if you want the user to understand exactly how the system works. Automatically installing it means the user has no need to understand the nitty gritty of it all - of course, many see this as a good thing.
I have an issue with accessing an HTML file in an SVN repository. Its contents are displayed as plain text.
What I would like to do is to link to that always up-to-date file from an external website, but I'd like the HTML file to simply launch in the browser (it's a TiddlyWiki file, rather unreadable for human beings in raw text form).
My idea is to simply grab the latest revision of the file and copy it over to my server so that it's accessible as a normal HTML file. Is there a way to easily do that using a PHP script? If there are more than one way, what would you recommend?
If it helps to know it, my server does not have SVN and I have no possibility to install it (it's a shared host).
Check if the Subversion module is available on your server. If that's the case, you can easily create some script that connects to the SVN server and gets the newest file.
If you don't have that module, I can think of two possibilities:
If your SVN server has some kind of web interface, you could simply do a HTML download from the web interface. Depending on the kind of web interface, you might need to extract the file's source out first.
You can also add a postcommit hook to the SVN server that uploads the file to your website; but given that this requires you to change the SVN server's configuration and also puts a direct connection to your website, it might not be what you want.
Have you looked at the SVN extension for PHP?