Jump to content

averagecoder

New Members
  • Posts

    5
  • Joined

  • Last visited

Posts posted by averagecoder

  1. I have a PHP file in /var/www/html/ called foobar.php with the following content:

    Quote

    <?php
    shell_exec('/usr/bin/env > /tmp/output');
    ?>


    From the backend I can run php foobar.php.  It works as expected.  When I browse to my website and go to foobar.php, the /tmp/output file does not receive anything.  

    I set the permissions of the foobar.php file to different settings.  I set the owner and group of foobar.php and /tmp/output to different values.

    I tried modifying the httpd.conf file.  When I placed this stanza in the httpd.conf file

    Quote

    LoadModule php7_module /usr/lib64/httpd/modules/libphp7.so

    I could not restart the httpd service.  I tried using just

    Quote

    LoadModule php7_module modules/libphp7.so

      But this failed too.  

    I thought PHP would interpret the file regardless of how I access it (e.g., via a web page and with the php command from a Linux terminal).  How do I get PHP to invoke a Bash command when someone visits a .php web page?

  2. I'm starting with an empty database.  I want to provide 10 users credentials to a web front end.  I'm going to create tables.  I want the users to have access to the new tables I create.  They probably should not have access to the system tables.  I don't want anonymous people on the internet to be able to access the database through this web page.  Please let me know if you need more details on the requirements.

  3. I have PHP, Apache and Postgres all running on one CentOS 7 server.

    I want a web front end that requests a username and password.  If authentication works, I want the application (web front end) to allow the user to retrieve database records.  How do I create a PHP web page that performs authentication (and tests if the credentials that were entered valid or not)?
     

  4. I have Apache, PHP, and Postgres all installed on one CentOS 7.3. I have a .PHP script that does not use interactive user input that successfully connects to the Postgres database. So I know PHP and Postgres work. I now want to create new .PHP files for front end web development.  I want a web page that accepts user input then uses that input as credentials to log into the database.

    I am trying to get the PHP page to take the credentials to then authenticate to a Postgres database. I use this PHP script (called a.php) to request the credentials from the front end:

    <!DOCTYPE HTML>
    <html>
    <body>
    
    <form action="welcome.php" method="post">
    Name: <input type="text" name="name"><br>
    E-mail: <input type="text" name="email"><br>
    <input type="submit">
    </form>
    
    <!DOCTYPE HTML>
    <html>
    <body>

    I use this PHP script named welcome.php (it was based on a TutorialsPoint example so "email" will be the password in this code):

    echo "Favorite name is " . $_POST["name"] . ".<br>";
    echo "Favorite email is " . $_POST["email"] . ".";
    
       $host        = "host=poda";
       $port        = "port=5432";
       $dbname      = "dbname=foobar";
       $credentials = "user=" . $_POST["name"] . " password=" . $_POST["email"];
       echo "                                                       ";
       echo $credentials;                         //I am certain the correct credentials are being used.
       echo "                                                       ";
       $db = pg_connect( "$host $port $dbname $credentials"  );
       if(!$db){
          echo "Error : Unable to open database\n";
       } else {
          echo "Opened database successfully\n";
       }
       $sql =<<<EOF
          CREATE TABLE COMPANY
          (ID INT PRIMARY KEY     NOT NULL,
          NAME           TEXT    NOT NULL,
          AGE            INT     NOT NULL,
          ADDRESS        CHAR(50),
          SALARY         REAL);
    EOF;
    
      $ret = pg_query($db, $sql);
       if(!$ret){
          echo pg_last_error($db);
       } else {
          echo "Table created successfully\n";
       }
       pg_close($db);
    
    
    echo $name
    ?>
    I have now posted the first PHP file (a.php) and the subsequent welcome.php file. Therefore my code is all on this post that I want to get to work. The credentials I input into the web page work when I use those credentials hard-coded into this PHP script.Here is the standalone script that does not accept user input; it works on the back end from a Linux prompt with "php standalone.php":
    <?php
       $host        = "host=poda";
       $port        = "port=5432";
       $dbname      = "dbname=foobar";
       $credentials = "user=jdoe password=jdoe@so.com";
    
       $db = pg_connect( "$host $port $dbname $credentials"  );
       if(!$db){
          echo "Error : Unable to open database\n";
       } else {
          echo "Opened database successfully\n";
       }
       $sql =<<<EOF
          CREATE TABLE COMPANY
          (ID INT PRIMARY KEY     NOT NULL,
          NAME           TEXT    NOT NULL,
          AGE            INT     NOT NULL,
          ADDRESS        CHAR(50),
          SALARY         REAL);
    EOF;
    
       $ret = pg_query($db, $sql);
       if(!$ret){
          echo pg_last_error($db);
       } else {
          echo "Table created successfully\n";
       }
       pg_close($db);
    
    ?>
    
    

    (Whenever I run the script above, I subsequently drop the table that it created.)

    Ports 80 and 5432 are open on the CentOS server between the Windows computer with a web browser. I tested the port and the IP address. I created a firewall rule to block it. Then I unblocked it. I can say that the relevant ports are open between the web browser and the CentOS server that runs Apache, PHP, and Postgres.

    When I open a web browser on a Windows computer and go to the PHP page, I enter the correct credentials into the PHP page. I see this error after I click submit

     

    Error : Unable to open database.

     

     

     

    What can I do to have the "welcome page" show a successful authentication to the Postgres database?  The credentials are known to work.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.