Moving PHP sites to php 7.2 – undefined constants used as a string

PHP7.2 and above will no longer allow Undefined Constants

According to the “Promote the error level of undefined constants” section of the PHP 7.2 Backwards Incompatible Changes Document

Unqualified references to undefined constants will now generate an E_WARNING (instead of an E_NOTICE). In the next major version of PHP, they will generate Error exceptions.

There have been many changes to PHP over its many versions – For Matraex’s use of PHP,   each version has been mostly compatible with the previous one with only minor changes, until a major decision affected one of the ways we deliberately used what we once called a “Feature” of PHP.  (For a full list of incompatible changes look at the Backwards Incompatible Changes sections in the PHP Appendices )

On March 5th, 2017, Rowan Collins proposed to deprecate bareword strings.  In PHP 7.2   the messages throw an E_WARNING message and in PHP 8.0 it will through an E_ERROR.

PHP has always been a loosely typed language which allows flexibility in many ways,   And we had used this flexibility in order write code in a ways that we belive made it more legible, maintainable and supportable within our coding style.   With this new change, hundreds of thousands of lines of code will need to be rewrittend before we can put it on a 7.2 or above server,  keys may be difficult to search, we will have inconsistencies in usage of keys depending on whether they are inside or out side of quotes.

Take this one example where lines 1, 3 and 4 below would work,   but line 2 would throw a warning in 7.2 and would through an error in 8.0.

  1. echo “Hello, $user[firstname],”;
  2. echo “Hello, “.$user[firstname].”,”;
  3. echo “Hello, “.$user[‘firstname’].”,”;
  4. echo “Hello, “.$user[“firstname”].”,”;

Matraex would have previously preferred to use methods 1 and then 2,  as they require fewer quotes and a search in our IDE of ‘user[first’ would have highlighted both uses.

Mr Collins did evaluate both sides of the decision and wrote a bit about it.  He described that “The value of keeping the current behaviour would be for programs written to deliberately take advantage of it”,   however he really dismisses that value and gave a stronger argument undefined constants can “mask serious bugs”.

I agree with each of the arguments and our 7.2 scripts will all comply with this new syntax requirement.  However, I disagree with the way the solution was indiscriminately executed.  A more considerate solution would have been to create a configuration option in PHP to control the requirement and allow developers and system administrators to continue to ‘deliberately’ use ‘undefined constants’.   This option would also allow existing stable programs to continue to take advantage of the other features of PHP >=7.2 without a significant refactor.    Perhaps the Impact section of the article could attempted to get more feedback from users that had deliberately made heavy investment in this feature.

To be more direct here is my request: PHP developers,  please create / allow a configuration option in PHP which will allow undefined constants to be used as strings. 

Changing existing code across the 10 + years of PHP projects will take thousands of hours to modify and test,  and that is just the projects that still exist. This is a barrier to upgrading to PHP 8.0.

Arguments for a configuration option

  • Millions of lines of code which deliberately use undefined constants as string (more likely billions or trillions – I probably have close to one million myself overtime)
  • My random belief: PHP should enforce “standards” on those that want or need them,  and allow experience users to explicitly choose to ignore them.
  • The configuration option would be disabled by default to address all of the problems mentioned in ‘the problem’ section of the article

Dealing with undefined constant warnings

Now we get to more technical area where I document some of the methods we have used to find code that needs to be updated for PHP 7.2 code.

1)  Use grep to find all uses of the code

This code finds ALL uses of lower case strings without quotes – because our standards do require constants to be in upper case

grep -Rne ‘\$[A-Z\_a-z]*\[[A-Za-Z\_]\{1,\}\]’ *.php

2)  Suppress E_WARNING messages

This is a bad idea,   while it will certainly make it so that your code continues to work in 7.2,   it will not fix it going into 8.0,   and this WILL mask other issues that you do need to know about.

If you want to learn mroe about this,   take a look at this discussion about it on Stack Overflow. Definitely read the comments about hiding warnings to get a better feel for it.

3) Create PHP configuration options to make provisions for undefined constants

These options would require the good work of a C developer that works on the PHP source. Some of these ideas may just work as described,  they really are just a good start (or continuation) of a discussion for features which could be implemented.   I don’t have a ‘bounty’ system but if you are interested in creating any of these options,  or would like to group together to coordinate it, please contact me.

  1. undefined_constants_string_level – Have a PHP directive which declares what E_ level all undefined constant warnings should – default in 8.0 can be E_ERROR
  2. undefined_constants_string_lowercase – Allow users to configure options which would allow only lowercase (or mixed case) constants as strings – which would allow / reserve upper case for use as constants.
  3. undefined_constants_string_superglobal – Allow undefined constants to be used when attempting to reference any key to a super global array (such as $_POST[mykey] or S_SERVER[HTTP_HOST]);

Solution -> Fatal error: Allowed memory size exhausted wp-includes/class.wp-dependencies.php on line 339

Recently one of our Managed WordPress Services clients came to me to describe a problem with a WordPress site they were working on.

If you need in depth help debugging an erro on your WordPress of PHP site,  contact us.

They were receiving an error: Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 71 bytes) in /***REDACTED_PATH***/wp-includes/class.wp-dependencies.php on line 339

The client described that they had not done any kind of upgrades or changes to cause the issue and asked about whether we did any upgrades as part of the weekly site reviews we do under the Managed WordPress Service.   I found in the weekly email report sent by another person in our office,  that we had done some upgrades,  however the file that was throwing the error (class.wp-dependencies.php) had not been updated.   So I had to dig in deeper to find the root cause.

I ended up writing some debugging code that I placed directly in class.wp-dependencies.php that helped me to identify some of the causes.    Because I found lots of other sites when googling that had the same error, I decided I would post the debugging code,  in the case that it helps other users debug their issue.   The issue ended up being that site had an enqueued script jquery which   dependency on jquery-migrate which in turn had a dependency on jquery.  This circular reference looped in the WP code until the server ran out of memory. (in this case it was about 128MB).

The theme and plugins had two locations which enqueued  jquery scripts,  one was enqueud BEFORE a dependency existed,  then a dependency was created and the script was queued again. The code I wrote is intended for debuggin purposes,   because the the issue could easily come from other issues,  and I wanted to see the backtrace for exactly where the problematic scripts (jquery, jquery-migrate) were queued from.

Here is the output from my code:


MATRAEX Debugging Code This WordPress project has circular dependencies
Aborting script execution at /***PATH_REDACTED***/wp-includes/class.wp-dependencies.php:400
Debugging tip look for theme code that calls ‘enqueue’ on for items which already have dependencies)
If this error did not show, your script would have likely errored on line 339 when it ran out of memory from the circular debugging.
Most likely this is a plugin error!!


jquery has a dependency on jquery-migrate which has a circular dependecy on jquery
Backtrace of when jquery was enqueued:
Instance 0:

#0  WP_Dependencies->enqueue(jquery) called at [/***PATH_REDACTED***/wp-includes/functions.wp-scripts.php:276]
#1  wp_enqueue_script(jquery, http://dev.art4healing.org/wp-content/plugins/jquery-updater/js/jquery-3.1.1.min.js, , 3.1.1) called at [/***PATH_REDACTED***/wp-content/plugins/jquery-updater/jquery-updater.php:26]
#2  rw_jquery_updater()
#3  call_user_func_array(rw_jquery_updater, Array ([0] => )) called at [/***PATH_REDACTED***/wp-includes/plugin.php:524]
#4  do_action(wp_enqueue_scripts) called at [/***PATH_REDACTED***/wp-includes/script-loader.php:1197]
#5  wp_enqueue_scripts()
#6  call_user_func_array(wp_enqueue_scripts, Array ([0] => )) called at [/***PATH_REDACTED***/wp-includes/plugin.php:524]
#7  do_action(wp_head) called at [/***PATH_REDACTED***/wp-includes/general-template.php:2555]
#8  wp_head() called at [/***PATH_REDACTED***/wp-content/themes/Parallax-One/header.php:19]
#9  require_once(/***PATH_REDACTED***/wp-content/themes/Parallax-One/header.php) called at [/***PATH_REDACTED***/wp-includes/template.php:572]
#10 load_template(/***PATH_REDACTED***/wp-content/themes/Parallax-One/header.php, 1) called at [/***PATH_REDACTED***/wp-includes/template.php:531]
#11 locate_template(Array ([0] => header.php), 1) called at [/***PATH_REDACTED***/wp-includes/general-template.php:45]
#12 get_header() called at [/***PATH_REDACTED***/wp-content/themes/Parallax-One/front-page.php:5]
#13 include(/***PATH_REDACTED***/wp-content/themes/Parallax-One/front-page.php) called at [/***PATH_REDACTED***/wp-includes/template-loader.php:75]
#14 require_once(/***PATH_REDACTED***/wp-includes/template-loader.php) called at [/***PATH_REDACTED***/wp-blog-header.php:19]
#15 require(/***PATH_REDACTED***/wp-blog-header.php) called at [/***PATH_REDACTED***/index.php:17]

Instance 1:

#0  WP_Dependencies->enqueue(jquery) called at [/***PATH_REDACTED***/wp-includes/functions.wp-scripts.php:276]
#1  wp_enqueue_script(jquery) called at [/***PATH_REDACTED***/wp-content/plugins/nextgen-gallery/nggallery.php:513]
#2  C_NextGEN_Bootstrap->fix_jquery()
#3  call_user_func_array(Array ([0] => C_NextGEN_Bootstrap Object ([_registry] => C_Component_Registry Object ([_searched_paths] => Array ( .......
#4  do_action(wp_enqueue_scripts) called at [/***PATH_REDACTED***/wp-includes/script-loader.php:1197]
#5  wp_enqueue_scripts()
#6  call_user_func_array(wp_enqueue_scripts, Array ([0] => )) called at [/***PATH_REDACTED***/wp-includes/plugin.php:524]
#7  do_action(wp_head) called at [/***PATH_REDACTED***/wp-includes/general-template.php:2555]
#8  wp_head() called at [/***PATH_REDACTED***/wp-content/themes/Parallax-One/header.php:19]
#9  require_once(/***PATH_REDACTED***/wp-content/themes/Parallax-One/header.php) called at [/***PATH_REDACTED***/wp-includes/template.php:572]
#10 load_template(/***PATH_REDACTED***/wp-content/themes/Parallax-One/header.php, 1) called at [/***PATH_REDACTED***/wp-includes/template.php:531]
#11 locate_template(Array ([0] => header.php), 1) called at [/***PATH_REDACTED***/wp-includes/general-template.php:45]
#12 get_header() called at [/***PATH_REDACTED***/wp-content/themes/Parallax-One/front-page.php:5]
#13 include(/***PATH_REDACTED***/wp-content/themes/Parallax-One/front-page.php) called at [/***PATH_REDACTED***/wp-includes/template-loader.php:75]
#14 require_once(/***PATH_REDACTED***/wp-includes/template-loader.php) called at [/***PATH_REDACTED***/wp-blog-header.php:19]
#15 require(/***PATH_REDACTED***/wp-blog-header.php) called at [/***PATH_REDACTED***/index.php:17]

jquery-migrate has a dependency on jquery which has a circular dependecy on jquery-migrate
Backtrace of when jquery-migrate was enqueued:
Instance 0:

#0  WP_Dependencies->enqueue(jquery-migrate) called at [/***PATH_REDACTED***/wp-includes/functions.wp-scripts.php:276]
#1  wp_enqueue_script(jquery-migrate, http://dev.art4healing.org/wp-content/plugins/jquery-updater/js/jquery-migrate-3.0.0.min.js, Array ([0] => jquery), 3.0.0) called at [/***PATH_REDACTED***/wp-content/plugins/jquery-updater/jquery-updater.php:32]
#2  rw_jquery_updater()
#3  call_user_func_array(rw_jquery_updater, Array ([0] => )) called at [/***PATH_REDACTED***/wp-includes/plugin.php:524]
#4  do_action(wp_enqueue_scripts) called at [/***PATH_REDACTED***/wp-includes/script-loader.php:1197]
#5  wp_enqueue_scripts()
#6  call_user_func_array(wp_enqueue_scripts, Array ([0] => )) called at [/***PATH_REDACTED***/wp-includes/plugin.php:524]
#7  do_action(wp_head) called at [/***PATH_REDACTED***/wp-includes/general-template.php:2555]
#8  wp_head() called at [/***PATH_REDACTED***/wp-content/themes/Parallax-One/header.php:19]
#9  require_once(/***PATH_REDACTED***/wp-content/themes/Parallax-One/header.php) called at [/***PATH_REDACTED***/wp-includes/template.php:572]
#10 load_template(/***PATH_REDACTED***/wp-content/themes/Parallax-One/header.php, 1) called at [/***PATH_REDACTED***/wp-includes/template.php:531]
#11 locate_template(Array ([0] => header.php), 1) called at [/***PATH_REDACTED***/wp-includes/general-template.php:45]
#12 get_header() called at [/***PATH_REDACTED***/wp-content/themes/Parallax-One/front-page.php:5]
#13 include(/***PATH_REDACTED***/wp-content/themes/Parallax-One/front-page.php) called at [/***PATH_REDACTED***/wp-includes/template-loader.php:75]
#14 require_once(/***PATH_REDACTED***/wp-includes/template-loader.php) called at [/***PATH_REDACTED***/wp-blog-header.php:19]
#15 require(/***PATH_REDACTED***/wp-blog-header.php) called at [/***PATH_REDACTED***/index.php:17]

Add this following code to the query() function,  just before the return statement withing the the “case ‘queue’ :line in the file wp-includes/class.wp-dependencies.php.  (in the version current as of this writing it is about line 387)

//BEGIN NON WP CODE - MATRAEX
                     foreach($this->queue  as $queued)
                            $check[$queued]=$this->registered[ $queued ]->deps; 
                    foreach($check as $queued => $deparr)
                        foreach($deparr as $depqueued) 
                            if($check[$depqueued] && in_array($queued,$check[$depqueued]))
                                $recursivedependencies[$queued]= $depqueued;
                    if($recursivedependencies)
                    {
                       $_SERVER[DOCUMENT_ROOT] = str_replace("/home","/data",$_SERVER[DOCUMENT_ROOT]);
                       ob_start();
                        echo "

 

MATRAEX Debugging Code

blog post
This WordPress project has circular dependencies
Aborting script execution at “.__FILE__.”:”.__LINE__.”
Debugging tip look for theme code that calls ‘enqueue’ on for items which already have dependencies)
If this error did not show, your script would have likely errored on line 339 when it ran out of memory from the circular debugging.
Most likely this is a plugin error!!


“; global $enqueue_backtrace; foreach($recursivedependencies as $queued =>$depqueued) { echo ”
$queued has a dependency on $depqueued which has a circular dependecy on $queued” ; echo ”
Backtrace of when $queued was enqueued: “; foreach($enqueue_backtrace[$queued] as $k=>$lines) { echo ”
Instance $k:

";
                                foreach(explode("\n",$lines) as $line)
                                    if(strstr($line,'enqueue'))
                                        echo "$line\n";
                                echo "

“;
}
}
$out=ob_get_clean();
$out = str_replace($_SERVER[DOCUMENT_ROOT],”/***PATH_REDACTED***/”,$out);
$out = str_replace(“/plugins/”,”/plugins/”,$out);
$out = str_replace(“/themes/”,”/themes/”,$out);
echo $out;
exit;
}
//END NON WP CODE – MATRAEX

The full function code should look like this

In Addition,  add the following code to the enqueue  function just below the line with public function enqueue ()  at the time of this writing,  that wa about line 378 of wp-includes/class.wp-dependencies.php.

        //BEGIN NON WP CODE - MATRAEX
            global $enqueue_backtrace;
            ob_start();
            debug_print_backtrace(); 
            $enqueue_backtrace[$handles][] = ob_get_clean();
        //END NON WP CODE - MATRAEX

The full function code should look like this

 

Find all PHP Short Tag instances – COMMANDLINE

Occassionally we have run across web products which were developed using the PHP short open tag “<?”  instead of “<?php”.

We could go into the php.ini file and update “short_open_tag” to “On”,  however this ends up creating software which can not run on as many servers,  and it is less transportable between servers.

The command below when run from the directory that houses all of your PHP files,  will identify all of the files which use short open tags.   You will then be able to make the changes to the files from <? to <?php

grep -rI '<?' -n . |grep -v '<?[(php)(xml)="]'

 

This command is running a first grep statement recursively in the current directory looking for any “<?”.   The output of this is passed through another grep statement which then ignores any instances of “<?php”, “<?xml”, “<?=”  and ‘<?”‘

Lets decompose:

  • -r  – means search the current (“.”) directory recursively
  • -I means ignore binary files
  • ‘<?’  search for all instances of ‘<?’
  • -n – add the line number of the found code to help you find it faster
  • -v – in the excludes anythign that matches in the second grep statement
  • ‘ the regular expression then matches each of the items we want to ignore.

 

Note:

I have put in double quote(“) in the regular expression which ignores <?” because we have some php functions which loop through some XML code and tests for “<?”.

 

Website WordPress PHP Custom Application Development Boise

Website WordPress PHP Custom Application Development Boise

I was asked recently, what kinds of work do you do for your clients.Website, WordPress, PHP Custom Application Development Boise

The short answer is “Matraex, Inc provides Website WordPress PHP Custom Application Development Boise to small businesses

Below I describe our services in more depth.

Contact me to discuss what we can do for you – Michael Blood – 208.344.1115 x 250

Matraex, Inc – Nationwide Web Services

  • We design online presence websites in WordPress.
  • We custom build web applications for businesses, entrepreneurs and individuals with ideas.
  • We create custom automation and time saving software using the web.
  • We support, refresh, repair and enhance existing websites and custom applications.
  • We provide Managed WordPress Hosting services.
  • We build, host and support custom scale-able hosting environments.

Matraex, Inc – Basic consulting and technology list

Matraex Inc, – Boise, Idaho Web Services:Website WordPress PHP Custom Application Development Boise

While we work for clients nationwide. A large percentage of our clients are from here in Boise, Idaho. When items become complex we are able to work directly with clients in our office onsite at our client’s office. We communicate via skype or just on the phone.

WordPress Website Developmentwordpress-development

WordPress is an online, open source website creation tool written in PHP.  WordPress allows Matraex, Inc to quickly create a beautiful online presence for your business and the give you the ability to login and make simple updates to your site.  It is the easiest and most powerful blogging and website content management system (or CMS)

We offer WordPress  Website Development solutions that are compatible with all business models and industry verticals. Our team of WordPress developers provides WordPress CMS development, plugin development. Also theme customization and maintenance services as well as ongoing security and update services through our Managed WordPress Hosting.

When you engage Matraex, Inc  to build or enhance your online, unless you have another tool in place. We will likely recommend that we develop your marketing presence using the WordPress Content Management System.  Depending on your vertical and your website needs we will either find existing WordPress plugins. We also build new plugins which add the needed custom touch to your website.

WordPress Plugin Development

A WordPress plugin is a piece of software that can be uploaded to extend and expand the functionality of your WordPress site.  Matraex, Inc builds custom plugins such as this,  any time that our client needs are not met with the base WordPress Package.

In each of these situations,  Matraex, Inc relies on its deep knowledge of WordPress. Also the WordPress SDK and the PHP programming language to implement new and innovative website features.

Legacy WordPress Plugin Repair and Replacement

In many cases we have customers with existing WordPress websites with plugins which are out of date. Even some what wont work with newer versions of WordPress,  in these cases we can:

  • Find an up to date WordPress Plugin which replaces the functionality of the out of date plugin
  • Make changes to the WordPress Plugin code to bring it up to date or
  • Build a replacement plugin made for the current version of WordPress.

Custom Web Application DevelopmentWebsite WordPress PHP Custom Application Development Boise

Matraex, Inc works with entreprenuers, business owners and individuals with ideas to define innovative Web based applications and solutions which solve real world problems.   Our team takes stakeholders through a process to define problems and craft potential solutions.  From this we build a project that  our clients want and the Matraex team can commit to.  We then work closely with the client to get constant feedback throughout the development process to implement a fabulous product.  Each of our Custom Web Application projects are implemented into a production hosting environment,  where we continue to support them as needed.

Web Task Automation

Most people that work within a small business recognize problems and issues within their industry that need to be fixed.   Small tasks which take up more time,  than the value they provide.  They often know that if they had the software,  the task could be automated.   Matraex, Inc builds the custom software that provides this automation.   We work with our clients,  the industry professionals who understand the issues. We create software which reliably accomplishes and automates the tasks.   We periodically followup on the process to confirm that the software continues to accomplishes what has been intended or whether it could be improved.

PHP Developmentphp-development

PHP Powers nearly 70% of websites and has emerged as the most preferred & widely used server-side language.  Historically, 90% of our development projects have been done with PHP. All new development projects are done using PHP, whether it is within the WordPress CMS. The laravel Framework, uses other composer packages. Or a custom frameworkless PHP project using a homegrown library of functions.

Matraex builds PHP websites using MySQL, Linux and Apache which is popularly known as the LAMP platform.   We are able to launch new LAMP shared or dedicated development and production environments in minutes at one of our two redundant Data Centers (Involta and Fiberpipe)

Our company’s PHP Development Services offer multipurpose solutions that encapsulate the following:

  • PHP Web Development
  • PHP Application Development
  • Custom PHP Development
  • PHP Software Customization and Integration
  • PHP Porting and Migration
  • Packaged PHP Applications
  • PHP Professional Services
  • PHP Outsourcing

MySQL and Postgres Database Administrationmysql-database-administration

The custom applications that Matraex, Inc develops integrate with a database to store persistent application data.  Some applications like WordPress automatically setup and  manage all aspects of the MySQL database architecture. But our custom applications require database administration (DBA) services for setup and maintenance.   Matraex, Inc has Oracle Certified MySQL Administration experts to address the Database needs of these custom applications.

Matraex, Inc internally follows very stringent Database Naming conventions which we have used for more than 10 years.  These standards allow our development team to very quickly create custom relationships.  We also area able to easily read and understand relationships in existing applications we have built.

Website Overhaul and Repair

Websites get old,   designs get tired and software gets outdated.  Matraex, Inc breathes new life into websites by either a small simple change. Or a complete website overhaul.  Depending on the client need we address goals and budget to recreate websites which perform.

Matraex offers Website WordPress PHP Custom Application Development Boise.

Grep command to find all PHP shortcode entries

Grep command to find all PHP shortcode entries

As PHP files are moved from one server to the other,  occassionally we find a situateion where PHP was developed on a server that allowed shortcodes “<?”  which does not use the longer “<?php”  if this happens,  the PHP code does not execute and shows the code that would have executed,  on the output of the page.

When this happens I have found that using a simple command I can identify all of the places that use the short code

 grep -n '<?[^p=]' *.php

COMMANDDUMP – Upgrading from PHP 5.3 to 5.6 on Ubuntu 14.04

COMMANDDUMP – Upgrading from PHP 5.3 to 5.6 on Ubuntu 14.04

When upgrading from PHP version 5.3 to 5.6 there are several things to worry about.  On a shared system with multiple sites which do not make use of a common unit testing or library,  these tools and commands could be useful to find issues.  (this would also work from 5.4 or from 5.5 to 5.6)

COMMAND DUMP of things I ran.

Create a file call 5.4.php.searchterms

#echo import_request_variables >> upgrade.php.searchterms
#echo session_is_registered >> upgrade.php.searchterms
#echo session_register >> upgrade.php.searchterms
#echo session_unregister >> upgrade.php.searchterms
#echo define_syslog_variables >> upgrade.php.searchterms
#echo register_globals >> upgrade.php.searchterms
#echo sqlite >> upgrade.php.searchterms
#echo php_logo_guid >> upgrade.php.searchterms
#echo php_egg_logo_guid >> upgrade.php.searchterms
#echo php_real_logo_guid >> upgrade.php.searchterms
#echo zend_logo_guid >> upgrade.php.searchterms
#echo register_long_arrays >> upgrade.php.searchterms

#find -type f -name ‘*.php’ -exec grep -f upgrade.php.searchterms {} \; -ls

Check the version of your server

#lsb_release -a
#dpkg -l |grep php|grep apache
#php -v
#apache2ctl -vV

To upgrade from ubuntu 14.04 LTS you have to get php 5.6 from another repository as it is not includedin the default repos

apt-get -y update
apt-get install -y software-properties-common
add-apt-repository ppa:ondrej/php5-5.6 -y
apt-get -y update
apt-get -y install php5 php5-cli php5-common php5-curl php5-gd php5-imap php5-json php5-mysql php5-readline

You will be prompted when installing the latest version of PHP5 whether you want to keep the old or new version of PHP5.ini  I chosed to install the pakage maintainer’s version,   then I compare the two and update the new one with the differences.    The following command makes it easy to compare by removing all of the commented lines from the diff against the backed up file

cd /etc/php5/apache2
diff <(grep -v '^\s*;' php.ini|awk '$1 != ""') <(grep -v '^\s*;' php.ini.ucf-old|awk '$1 != ""')|more

I also updated the php.ini date.timezone setting to my area due to this php.net post

date.timezone = America/Boise

/etc/init.d/apache2 reload

Preg_Match Visual Composer PHP Error

We started getting a preg_match Visual Composer PHP error that was: Warning: preg_match() expects parameter 2 to be string, array given in /wp-content/themes/bridge/vc_templates/vc_empty_space.php on line 12.

visual-composer-icon

I was able to determine that when using the empty space feature for managing site contents in the design, if you saved “px” in the pixel value for the size of the empty space, WordPress results would throw this error. For example, if I saved 16px for the size, we would get this error message. However, if I went back in and just saved the value as 16 the system would work as expected.

This is only a slight fix, I have discovered that in a recent update to Visual Composer, the issue was resolved. So be sure you have updated to (at this time) v4.8

Here is a quick link to the Visual Composer plugin.

 

 

This webpage is not available ERR_CONTENT_DECODING_FAILED – PHP ob_start() ob_gzhandler – Trailing spaces after closing ?> in WordPress Plugin

This webpage is not available  ERR_CONTENT_DECODING_FAILED – PHP ob_start() ob_gzhandler – Trailing spaces after closing ?> in WordPress Plugin

Recently we ran into an issue where a website would not load.   We traced the problem to a line in the code which attempted to pass all content to ob_start(‘ob_gzhandler’).

This basically words to zip up all content and send it to the browser.  However an error was being thrown ERR_CONTENT_DECODING_FAILED,  which showed up in the browser window and in the browser console.  After some detailed debugging in PHP using some die commands()

die("die: ".__FILE__.":".__LINE__);

I found that the issue came from an rogue blank character which displayed before the ob_start(“ob_gzhandler”) function could be called.

There were a couple of ways I could deal with this,  first I could simply put an ob_start() at the top of the code,  and then put an ob_get_clean(); just before the ob_start(‘ob_gzhandler’),  however this felt a bit sloppy,  so I went in search of the rogue character.

The application that this was in,  was one that simply included the wordpress load file so that it could integrate with a WordPress installation,   and I found that the characters was coming from the WordPress install.   Using a hunch I decided d to look for a recently updated plugin and I quickly found a plugin that had an end php tag “?>” with an extra line after it.

I quickly fixed this and then decided I would figure out a way to quickly identify issues like this.  While there are many ways to address this and figure out how to over come it,   the issue seems to identify an need to figure out whether plugins conform to some best practices (such as omitting a closing ?> php sign)

If we identify this need,  we will write a free plugin to put on the WordPress site,  which will go through all plugins on sites to confirm that they use some best practices such as this.


			

Find out which PHP packages are installed on ubuntu / debian

Find out which PHP packages are installed on ubuntu / debian

As we have moved or upgraded sites from one server to another,  sometimes we have needed to know which PHP5 dependencies were installed on one server servera,  so that we could make sure those same dependencies were met on another server serverb

To do this we can run a simply command line tool on server a

servera# echo `dpkg -l|awk '$1 ~ /ii/ && $2 ~ /php5/{print $2}'`
libapache2-mod-php5 php5 php5-cli php5-common php5-curl php5-gd php5-mcrypt php5-mysql php5-pgsql 

and then we copy the contents of the output and past it after the apt-get install command on serverb

serverb# apt-get install libapache2-mod-php5 php5 php5-cli php5-common php5-curl php5-gd php5-mcrypt php5-mysql php5-pgsql 

Dont forget to reload apache as some packages do not reload it automatically

serverb# /etc/init.d/apache2 reload

PHP Solution to http to https ajax call: No ‘Access-Control-Allow-Origin’ header is present on the requested resource

PHP Solution to http to https ajax call: No ‘Access-Control-Allow-Origin’ header is present on the requested resource

When submitting a form from an http:// site to an https:// via ajax,   you will run into the following error in the Chrome console

XMLHttpRequest cannot load https://www.example.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.example.com' is therefore not allowed access

This problem can come about if your current url is http://www.example.com/  and you are using an ajax POST or GET request to the https://www.example.com site.

For example on http://example.com/login.php you might have some JQuery such as

$('div#login').load('https://example.com/loginform.php')

Or

$.post({url:'https://example.com/loginform.php'
     ,data: 'username=bob&password=pass123'
     ,success: function(data){ $('div#login').html('You are logged in') }
})

To correct this, add the following PHP to the top of the loginform.php page.  Note the HTTP_HOST variable which should make it so that if you are simply trying to access the https:// site using the exact same domain name you will not have to change the code

 

<?php
    header("Access-Control-Allow-Origin: http://$_SERVER[HTTP_HOST]"); 
?>

 

Connecting to a database with PHP

Connecting to a database with PHP

Install these packages:

#apt-get install apache2
#apt-get install mysql
#apt-get install php
#apt-get install php5-mysql

Create a test user, password and database

At the sql server, Log into mysql:

#mysql -u root -p

Issue the following commands to create a user “test” and a password “password”:

CREATE USER ‘test’@’localhost’ IDENTIFIED BY ‘password’;
CREATE USER ‘test’@’%’ IDENTIFIED BY ‘password’;

GRANT ALL ON *.* TO ‘test’@’localhost’;
GRANT ALL ON *.* TO ‘test’@’%’;

CREATE DATABASE instruments

 

Exit mysql:

q

Log back in as the user you just created, attaching to the new database:

mysql -u test -p instruments

Execute a

s

to see the status. Verify the user and database.

Test PHP Functionality:

Create a file named “something”.php and insert the following text:

<?php echo ‘hello world’.time();
/* <?php echo ‘mysqli_connect(); print_r(mysqli_query(‘select now()’)) ; ?> */
?>

Place this file in the /var/www directory

Open a browser and point to that file:

http://<your server>”something”.php

You should see hello world and the date.

To test your connection to the database via PHP:

Create a file with the following text and name it “something”.php

Edit the line “$db = mysql_connect(“206.207.94.34″,”test”,”password”);” to reflect your server & user.

<?php
$db = mysql_connect(“206.207.94.34″,”test”,”password”);
if (!$db) {
die(“Database connection failed miserably: ” . mysql_error());
}
else

die(“Database Success!!!: ” . mysql_error());
$db_select = mysql_select_db(“instruments”,$db);
if (!$db_select) {
die(“Database selection also failed miserably: ” . mysql_error());
}
?>
<html>
<head>
<title>Step 3</title>
</head>
<body>
<?php
$result = mysql_query(“SELECT * FROM mytable”, $db);
if (!$result) {
die(“Database query failed: ” . mysql_error());
}
?>
</body>
</html>

Place this file in the /var/www directory

Open a browser and point to that file:

http://<your server>”something.php

Success!!!

HANDY MYSQL COMMANDS:

Note that all text commands must be first on line and end with ‘;’
? (?) Synonym for `help’.
clear (c) Clear the current input statement.
connect (r) Reconnect to the server. Optional arguments are db and host.
delimiter (d) Set statement delimiter.
edit (e) Edit command with $EDITOR.
ego (G) Send command to mysql server, display result vertically.
exit (q) Exit mysql. Same as quit.
go (g) Send command to mysql server.
help (h) Display this help.
nopager (n) Disable pager, print to stdout.
notee (t) Don’t write into outfile.
pager (P) Set PAGER [to_pager]. Print the query results via PAGER.
print (p) Print current command.
prompt (R) Change your mysql prompt.
quit (q) Quit mysql.
rehash (#) Rebuild completion hash.
source (.) Execute an SQL script file. Takes a file name as an argument.
status (s) Get status information from the server.
system (!) Execute a system shell command.
tee (T) Set outfile [to_outfile]. Append everything into given outfile.
use (u) Use another database. Takes database name as argument.
charset (C) Switch to another charset. Might be needed for processing binlog with multi-byte charsets.
warnings (W) Show warnings after every statement.
nowarning (w) Don’t show warnings after every statement.

For server side help, type ‘help contents’

Matt Long
01/27/2015

Bulk Domain NS, MX and A record lookup tool

Summary: We have two tools to help you lookup information on domains quickly

Bulk Domain NS, MX and A record lookup tool

Occassionally, we come across some sort of project in which we have to work through a list of multiple domain names and make some sort of changes.

In some cases we simply have to update contact records, in other cases we have to determine ownership, hosting and mail setups so we can assist with an ownership transfer.

There are a plethora of domain tools out there which help one at a time, But we were hard pressed to find a tool that could do a bulk lookup of multiple domains with table based out put.

 

So, we built the toolBulk Domain NS, MX and A record lookup tool

https://www.matraex.com/quick-domain-research.php

This tool has the

  • A records for the root domain (@) and the (www) domain.
  • MX records for the root domain
  • NS records for the root domain

This tool was thrown together quickly to help us identify whether an OLD but active nameserver, which had dozens of domain names on it,  was actually being used for the domains.

We were able to delete more than 20 domains cluttering up the DNS entries.

Additionally we were able to clean up associated webservers that had not been cleaned of hosting accounts after a client left the account.

Some future ideas which will make their way in next time:

  • Display whois information for the domain
  • Optionally group the domains based on which name servers, whois records or www C class they are hosted at

Bulk Domain NS, MX and A record lookup tool


Update 11/28/2015 by Michael Blood

Since this original post,  we have added several new features including the ability to upload a file with a large batch upload, and download a CSV file with the results.  You can see all of the details in this Enhanced Bulk Domain NS, MX and A record lookup tool post.

 

 

 

 

 

 

 

PHP to reset all primary key sequences in your postgresql database

PHP to reset all primary key sequences in your postgresql database

Use the following php code t reset all of the primary key sequences with the max(id) currently in the db.

We use wrapper functions db_query (which returns an array from the db when a select statement is run)  and db_exec()  which runs an update or insert command against the db.

[code language=”php”]$sql = &quot;SELECT t.relname as related_table,
a.attname as related_column,
s.relname as sequence_name
FROM pg_class s
JOIN pg_depend d ON d.objid = s.oid
JOIN pg_class t ON d.objid = s.oid AND d.refobjid = t.oid
JOIN pg_attribute a ON (d.refobjid, d.refobjsubid) = (a.attrelid, a.attnum)
JOIN pg_namespace n ON n.oid = s.relnamespace
WHERE s.relkind = ‘S’
AND n.nspname = ‘public’&quot;;
$qry = db_query($sql);

foreach($qry as $row)
{
$outsql = &quot;select setval(‘$row[sequence_name]’,(select max($row[related_column]) from $row[related_table]))&quot;;
db_exec($outsql);
}[/code]

 

Fixed Hacked Site – PHP injection

Fixed Hacked Site – PHP injection

Today a customer called me about a PHP website that was popping up viruses all over the place.

I loaded up the site and there it was, the page was immediately redirected to a spyware / virus type site that tried to convince me to download their software to fix a problem. Since I knew better I carefully answered the browser prompts to make sure I closed out and left the page without opening anything malicious.
Then I went back to the page that had the problem and tried to load it again. But the problem was GONE!

After a bit more investigation I found that the people who wrote the virus dropped a cookie on my machine and made sure they allowed me back in the site. I am sure this trick helps them to keep the virus on a site for longer because the site administrators may not recognize it as an on going problem (or even a problem that their site caused).

In digging I found that each PHP page on the site had some PHP code added to the top of it.
something like

This was on a single line at the top of the file and even the administrator who had noticed the odd code at the top passed over it not thinking it was malicious.
However, the text inside the encoded string was VERY malicious. I decoded it and found several PHP functions and additional encoded strings.

I decided it wasnt worth figuring out what all they did with the code but instead decided to just clean it up. I assumed that the code probably helped replicate itself by checking that ALL other PHP pages on the site also had the same code in them. So if someone removed the code and then the code was run on another page it put itself back where you removed it.

Anyway, pretty sophisticated but it was easy for me to find the problem just opened and looked at the PHP file and saw code that shouldnt have been there.

A cool way that I found where the problem was before even opening the PHP file was to use HTTPWatch to see which exact files were downloaded from which site in the browser. I use the free version of the softwar and it has met all my needs so far. It is similar to firebug in FireFox.

 

Linux System Discovery

Linux System Discovery

Over the last couple of weeks I have been working on doing some in depth “System Discovery” work for a client.

The client came to us after a major employee restructuring,  during which they lost ALL of the technical knowledge of their network.
The potentially devastating business move on their part turned into a very intriguing challenge for me.

They asked me to come in and document what service each of their 3 Linux servers.
As I dug in I found that their network had some very unique, intelligent solutions:

  • A reliable production network
  • Thin Client Linux printing stations,  remotely connected via VPN
  • Several Object Oriented PHP based web applications

Several open source products had been combined to create robust solutions

It has been a very rewarding experience to document the systems and give ownership of the systems, network and processes back to the owner.

The documentation I have provided included

  • A high level network diagram as a quick reference overview for new administrators and developers
  • An overall application and major network, server and node object description
  • Detailed per server/node description with connection documentation,  critical processes , important paths and files and dependencies
  • Contact Information for the people and companies that the systems rely on.

As a business owner myself,  I have tried to help the client recognize that even when they use an outside consultant,  it is VERY important that they maintain details of their critical business processes INSIDE of their company.  Their might not be anything in business that is as rewarding as giving ownership of a “lost” system back to a client.

 

Matraex Upgraded Mail Client From Squirrelmail to Roundcube

Matraex Upgraded Mail Client From Squirrelmail to Roundcube

Matraex has officially upgraded our web based mail client from Squirrelmail to Roundcube.

Roundcube is a modern mail client utilizing newer technologies for faster and more feature rich mail interaction.  Roundcube runs on our Linux webservers, utilizing Apache, PHP and MySQL.  The software connects to the mail server using the IMAP protocol.

All address book contacts and preferences were imported to Roundcube from Squirellmail at the time of the transition.

As well as updating and implementing their own technologies, Matraex provides server administration, open source production implementation and software customizations to business as a service.

Users with questions about the new mail service or Matraex Consulting Services should contact:

Michael Blood
Matraex, Inc
208.344.1115
www.matraex.com

 

SIGN UP TO
GET OUR 
FREE
 APP BLUEPRINT

Join our email list

and get your free whitepaper