Need some php help...wil pay!

software development

#1

Hi People,

I need some help, or rather I need someone to compile/install php for me. I need it to be configured to these settings…
www.flashexperience.com/info.php
…whilst having/keeping these…
GD complied with your PHP Build
(Yes)
SendMail
(Yes)
PHP safe mode
(OFF)
PHP register_globals
(OFF)
PHP magic_qoutes_runtime
(OFF)
PHP open_basedir
(OFF)

…if anyone could get back to me with a price that would be great!

Thanks for your time and help

Dempsie


#2

Dempsie,

I’ve no doubt that you could find someone to take your money, but I really have to tell you that the PHP environment you describe in your post is exactly what is provided, by default, with the “stock” Dreamhost PHP5 configuration.

You can set your domain to use this version of PHP5 by going to the Control Panel -->Manage Domains screen and selecting the “edit” link next to the domain name. At the next screen, just make sure the PHP5 radio button is selected, and save the screen (If it is already checked, you don’t have to do a thing!).

If you had to made a change, just wait till the change takes effect (usually 10-20 minutes, though could be shorter or longer) and you are good to go without any need to compile your own PHP5. :slight_smile:

You can confirm these setting for yourself by checking the phpinfo outputs for the various version of PHP available on Dreamhost at this Dreamhost Wiki page.

–rlparker


#3

Hi rlparker

Thanks for the heads up on that one! =)

Just one last question, did you take a look at the link… www.flashexperience.com/info.php
…is this also the same as what dreamhost provides in its PHP5 configuraton?

If you could let me know that would be fantastic!!!

Thanks for your time and help.

Dempsie


#4

Here is a default PHP5 installation example: PHP info

You can also tweak the setup to match what you want by modifying php.ini, although you will need to be reasonably shell savvy to do this.


Simon’s website
Save $100 on 1-year plans with promo code [color=#CC0000]SCJESSEY100[/color] (details)


#5

Actually, I did just take a look - the things you mentioned in your post are compatible, but there are some differences (as is normal) between the configurations in areas other than those you mentioned.

I have not poured through all the info (there is a lot there - and you can compare yourself with the link I provided to check the Dreamhost settings), but, again, those you detailed don’t appear to be a problem.

For instance, there is a difference in how magic_quotes_gpc is set, but magic_quotes_runtime is set compatibly. There are some different setting in other places also. One potential “gotcha” is that the other site has allow_url_fopen set to “on” (which is a considerable security risk) and that setting is set to “off” on Dreamhost.

If you are considering buying that script, I’d contact their support and point them to the same link I gave you to check the Dreamhost phpinfo’s - they should be able to tell you authoritatively if any changes are required.

If it was a “free” script, I’d suggest attempting an install to see how it goes before attempting a PHP4 custom compile - I don’t suppose that is possible however for a commercial script. :wink: .

–rlparker


#6

Yeah it seems that the potential gotcha of the allow_url_fopen set to ‘on’ is a reality. I contacted the company and they’ve told me that the possible differences between our php settings that may be causing the problems are…
allow_call_time_pass_reference On
allow_url_fopen On
auto_globals_jit on
log_errors on
max_input_time -1
post_max_size 50M
register_globals o

… I’d really just like this to get sorted as I’ve already paid for the product, so if anyone is interested just contact me with a price and we can talk, cos I don’t really feel confident enough to do it myself.

Thanks for your time guys and girls

Dempsie


#7

As I suggested in my previous post, you will be able to address all of these problems by doing your own PHP.ini file.


Simon’s website
Save $100 on 1-year plans with promo code [color=#CC0000]SCJESSEY100[/color] (details)


#8

Like I said though, I’m not at all confident enough to do this. I have no experience of shell at all, as well as other things.

If you’re able and interested, like I said before, I’ll pay. Unless that is you’re feeling extra charitable and wanna do this as a freebie?! =P


#9

[quote]possible differences between our php settings that may be causing the problems are…
allow_call_time_pass_reference On
allow_url_fopen On
auto_globals_jit on
log_errors on
max_input_time -1
post_max_size 50M
register_globals o(n?)[/quote]
Ouch! There’s nothing there that can’t be done, but that doesn’t necessarily mean it should be done.

The combination of register_globals_on and allow_url_fopen is particularly dangerous and, as such, is probably not suitable for use on a shared server where other users can/will be impacted if your site is exploited, IMHO :frowning: .

Dreamhost set those setting’s “off” for good reason, and changing them assumes a huge responsibility; you may be introducing significant security vulnerabilities to your shared server by running a script, or scripts, that rely upon those settings. There is a little more discussion of that aspect of modifying your PHP environment in this Forum post.

I’m sorry, I’ll have to pass - I just don’t have the time to undertake a thorough “vetting” of the script involved to determine how secure it is (and make any necessary changes), which I would feel obligated to do if I made this change for you. Hopefully, you can find a “crack” PHP programmer you can hire to do it properly, as opposed to just retaining someone to change the PHP environment for you without making certain it is safe to do so. :wink:

Have you inquired as to whether the support staff at the company that sold you the script are willing to undertake this for you? It would seem they would be the obvious place to start, as no one is likely to know and understand their script better than they do.

–rlparker


#10

To do this, you would need to give shell access to a complete stranger - something I couldn’t possibly recommend. I suggest that you study the Wiki article I linked to earlier, get a copy of PuTTY, and learn to do this yourself. The whole process of doing your own PHP.ini takes about 10 minutes.

I have very limited experience using PuTTY (a little Windows program that allows you to access the shell and execute simple UNIX commands), but I have managed to perform this operation without error.


Simon’s website
Save $100 on 1-year plans with promo code [color=#CC0000]SCJESSEY100[/color] (details)


#11

Thanks for your help guys, I guess the best way to go is to check everything through thoroughly and make everything is a-ok and then try and do it myself.

Wish me luck! :wink:


#12

Actually, no. The best way to go is to try and get a refund on the highly insecure software you have purchased, or try to get the developers to update their application to make it more secure.


Simon’s website
Save $100 on 1-year plans with promo code [color=#CC0000]SCJESSEY100[/color] (details)