php

Fix WordPress Update

Written by  on März 22, 2017

Wenn WordPress nicht mehr nach /tmp schreiben darf kommt vom Autoupdate eine Fehlermeldung nach diesem Muster

PCLZIP_ERR_MISSING_FILE (-4) : MISSING ARCHIVE FILE ‘/tmp/{WHATEVER..}.TMP’

Die Lösung ist einfach, es muss ein Temp-Verzeichnis definiert werden, auf das WordPress selber noch Zugriff hat.
wp-config.php

define('WP_TEMP_DIR', ABSPATH . 'wp-content/tmp');

Quelle

WordPress und PHP7

Written by  on Januar 18, 2017

Ein neues PHP ist verfügbar für den Webspace! Sofort aktivieren, für WordPress ist das kein Problem!
Doch was passiert – alle Beiträge sind leer.
Was steht im Log?

Got error 'PHP message: PHP Warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead

Die Lösung habe ich unter wordpress.org gepostet. Dieses nette wp-code-highlight Plugin zerreisst es leider komplett, wenn ich diese Zeilen einfüge.

Gute Infos gibt es auf stackoverflow

PHP random string generator at bing

Written by  on November 24, 2016

Ich war etwas verwundert, was man mit dem Suchbegriff auf Bing so vorgeschlagen bekommt.
PHP random string bing

Download a Variable with PHP

Written by  on April 12, 2016

You have a variable in php which should get into a file for download. But you don’t want to put it actually into a file? Then call the following script which does exactly that for you:

$filename=htmlspecialchars($_GET["name"]);
$content=$_GET['content'];
header("Content-type: text/plain");
header("Content-Disposition: attachment; filename=$filename");
echo("$content");

What’s obfuscation and what is it good for?

Written by  on Dezember 3, 2015

To see how PHP code obfuscation works, you might check out the Free Online PHP Obfuscator. What happens there, makes your code completeley unreadable. But, it creates an enormous base64 encoded file, which simply might be too much. Also I had some troubles with *larger* php scripts with around 50 lines.
Nevertheless, you’ll be able to copy a neat trick from there. First a function name gets decoded in hex. If you have no idea about how to do it check out string to hex. So now you are able to encode your function name into a variable

$a="\x73\x79\x73\x74\x65\x6d"

Now we are able to replace the calls to the system function with our variable from

system("openssl req -noout -modulus -in testfile.csr >/dev/null 2>&1",$ret);

to

$a("openssl req -noout -modulus -in testfile.csr >/dev/null 2>&1",$ret);

So what is it good for? Could you hide from the disabled function in the php.ini? That’s a clear no! But this helps, when there is some nasty “maleware scanner” that would delete your scripts from your webspace because of containing a call of the system function.
Is it secure? As always it depends. If you use PHP to execute some hardcoded shell script, this might work in a secure way. If you hand input to your scripts, you should be extra sure, that you know what you are doing!
Will it scale? I guess no. There is no protection from PHP in a way that you might DDOS yourself i.e. your webspace.
Also check for race conditions. Just think about what will happen, when you write into a file – and another call to the webserver will write into the same file.

PHP Mailer Test

Written by  on April 18, 2015

Notiz an mich – teste die PHP Mail Funktion

 <?php
ini_set( 'display_errors', 1 );
error_reporting( E_ALL );
$from = "emailtest@YOURDOMAIN";
$to = "YOUREMAILADDRESS";
$subject = "PHP Mail Test script";
$message = "This is a test to check the PHP Mail functionality";
$headers = "From:" . $from;
mail($to,$subject,$message, $headers);
echo "Test email sent";
?>

Quelle: Simple PHP Mail test

Greift das PHP Memory Limit?

Written by  on November 1, 2011

Manchmal ticken PHP Prozesse einfach aus und belegen "unendlich viel" Speicher. Überlegt man sich Maßnahmen zur Limitierung des Speicherbedarfes, muss man sich auch darum kümmern, ob diese eingehalten werden und nicht wieder von einem PHP Script mit ini_set übergangen werden:

<?php

ini_set("memory_limit", "3G");

$array = array();

while (true) {
    $array[] = str_repeat("nureinstring", 10000);
}