Translate: 
EnglishFrenchGermanItalianPolishPortugueseRussianSpanish

Running PHP on NFS: version 1.3 of turbo_realpath extension.

May 13th, 2013

Here’s a new version of the turbo_realpath extension which solves the performance problems with PHP applications and NFS storage. This is mainly a maintenance release that adds support for the latest versions of PHP like 5.4 and 5.5. Read the rest of this entry »

Equivalent of the PHP’s explode() function in Microsoft SQL Server 2000/2005

September 28th, 2011

There are situations, when you need to port a functionality from one programming language to another.

Some time ago I had to create the equivalent of explode() function in Microsoft SQL 2005.

Here is the result of my one-day battle with SQL. Read the rest of this entry »

MySQL.com website hacked and used to serve malware

September 28th, 2011

A site that offers “the most popular open source database” and boasts nearly 12 million visitors per month (almost 400,000 per day), is therefore an ideal tool to spread malware.

Yesterday hackers had installed JavaScript code on MySQL.com site that performed a variety of known browser attacks at visitors to the site, so those with out-of-date browsers or unpatched versions of Adobe Flash, Reader or Java on their PCs could have been infected with malicious software. Read the rest of this entry »

Ani-Shell, just another black-hat shell in PHP

September 27th, 2011

Quoting the project’s home page:

Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser etc! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization

Read the rest of this entry »

Pirate files on php.net site? The next reason why you should use MD5 and PGP checksums!

September 12th, 2011

It’s been two weeks since the publication of an article on ZDNet on illegal files found on the php.net server. The author wrote in the article:

PHP, utilized by millions of Web sites around the Web, has a not-so-hidden secret on their Web site: a directory full of pirated content, config files containing user name and password information, and more.

While the ZDNet article contains some factual errors (the “pirated content” was located only on the id.php.net server, which is simply a 3rd party mirror hosted by http://www.pesat.net.id/), the screenshot below demonstrates one major problem…

Pirate files on php.net (courtesy of ZDnet)

… If someone (even sysadmin) downloaded pirated and potentially malicious files to the trusted web server, someone else can with ease replace the valid content (ie. PHP binaries or documentation) with a tainted data. Read the rest of this entry »

Kernel.org hacked – how to get Android repo?

September 5th, 2011

As you may already know, kernel.org site which hosts the Android git repository has been hacked. Because of this we can’t obtain the Android source code from its servers. All attempts to do so ultimately fail with the similar response:

[root@localhost WORKING_DIRECTORY]# repo sync
android.git.kernel.org[0: 130.239.17.13]: errno=Connection refused
android.git.kernel.org[0: 199.6.1.173]: errno=Connection refused
android.git.kernel.org[0: 2001:6b0:e:4017:1972:112:1:0]: errno=Network is unreachable
android.git.kernel.org[0: 2001:500:60:10:1972:112:1:0]: errno=Network is unreachable
fatal: unable to connect a socket (Network is unreachable)
error: Cannot fetch platform/bionic

or:

[root@localhost ~]# curl https://android.git.kernel.org/repo>  ~/bin/repo
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
curl: (7) couldn't connect to host

I will describe another way to get the Android source codes if you hadn’t already cloned it’s repo before kernel.org servers went down. Read the rest of this entry »

Kernel.org has been hacked… Google requested to take android repo offline.

September 1st, 2011

This hack was discovered on August 28th. Currently all kernel.org boxes are offline to do a backup and are in the process of doing complete reinstalls.

How the hackers managed to gain root access is currently unknown and is being investigated. The maintainers of kernel.org are in the process of doing an analysis on the code within git, and the tarballs to confirm that nothing has been modified.

Until then, say goodbye to the Android repository:

[root@localhost WORKING_DIRECTORY]# repo sync
android.git.kernel.org[0: 130.239.17.13]: errno=Connection refused
android.git.kernel.org[0: 199.6.1.173]: errno=Connection refused
android.git.kernel.org[0: 2001:6b0:e:4017:1972:112:1:0]: errno=Network is unreachable
android.git.kernel.org[0: 2001:500:60:10:1972:112:1:0]: errno=Network is unreachable
fatal: unable to connect a socket (Network is unreachable)
error: Cannot fetch platform/bionic

Read the rest of this entry »

How to create PHP extensions – part II: Introduction to PHP variables

August 4th, 2011

In one of my previous articles I explained how to build a PHP extension, and how to declare a simple function in C. I demonstrated how to return data from the C function to the script in PHP. But I have not explained how to pass the arguments to the function, nor how to change the values of existing PHP variables.

In order to do so, I have to introduce you the internal ZVAL data structure used by PHP engine to store the PHP variables. Read the rest of this entry »

The Plot to Kill PHP MySQL Extension

July 15th, 2011

Today I received a mass email from phpclasses.org. This was an information about a new entry on a blog led by Manuel Lemos, the creator of the phpclasses.org site.

In this entry he informs us that the PHP core developers are planning to kill the PHP original MySQL extension. Read the rest of this entry »

Running PHP on NFS: version 1.2 of turbo_realpath extension

July 12th, 2011

I proudly present new version of my PHP extension which solves the performance problems with PHP application and NFS storage. This version adds support for safe_mode = on setting. Read the rest of this entry »

How to create PHP extensions – part I: simple functions

July 7th, 2011

There are some situations when every developer encounters limitations in PHP. For some, the problem is performance, for others the lack of specific, low-level functionality.

In that cases, the only solution is to write your own PHP extension that adds the missing features to the language.

Unfortunately, although the documentation of the PHP language itself is excellent, the information on the programming of the PHP engine are rudimentary.

In this series of articles I will try to show you, how to write the PHP extensions and describe some of the Zend engine features. Read the rest of this entry »

How to compile PHP scripts?

July 6th, 2011

In an earlier article I described how to install HipHop for PHP translator that allows compilation of the PHP scripts.

This time, I will describe different types of compilations, so that it is possible to build both simple scripts and large systems written in PHP. Read the rest of this entry »

Running PHP on NFS: new version of turbo_realpath extension

July 1st, 2011

More than a month has passed since I published my PHP extension fixing the performance issues with NFS and PHP. Since then, turbo_realpath has become quite popular among Web administrators. Unfortunately, despite my warnings, many of them don’t disable the PHP functions responsible for creating links and symlinks, or do it wrong way.

For this reason I decided to publish a new version of the turbo_realpath extension, which adds the ability to automatically disable dangerous functions in PHP. Read the rest of this entry »