web notes - a blog

*** This post and link superseded by the ‘color map’ blog (see above) ***

The link provides a set of instructions and code which allow you to read the CSS files from a target application, then read CSS files from an existing site, and map the colors from the existing site into the target application, using sed.

This is brute force design, it would be very valuable for rapidly skinning an application to help a potential client visualize your application delivering their site.

The success of the approach is affected by the colors of both designs, this is a very simple method, the number of colors will impact how well they map.

The basic idea is to convert the colors from RGB into HSV, then reorder the HSV code into VSH - so the brightness takes precedence. In this case, it is assumed that the lightest colors will map to each other. Hue is virtually disregarded by its position.

The mechanics of the process are functioning as I wanted them to, although I haven’t tested it with live sites.

It also creates a shell script to generate image files of the colors, using ImageMagick, which is interesting but not actually used.

Requisite knowledge: Linux, PHP, bash, sed, regular expressions helpful.

I tried to put the text from the above link in the blog, but it didn’t work. Too many bizarre character strings.

One of the easiest ways to make a server or application more secure it to reduce the publicly accessible information.

The above link describes how the versions can be suppressed in the HTTP headers to make it more difficult for people to identify the version of server software you are running, and the version of PHP.

This same principle should be used with applications. Any tag in the HTML that exposes the version should be suppressed.

With sincere thanks to the associated URL, this is .htaccess code that can be used with b2evolution to deny access to requestors who include http: or ftp: on the query string. This is slightly different than the other post - it seems to be working. [L,F] didn’t work as I would have liked.

.htaccess

RewriteEngine On
RewriteCond %{QUERY_STRING} ^.*=(ht|f)tp\://.*$ [NC]
RewriteRule ^.*$  403.php [L]


# CATCH EVERYTHING INTO B2EVO:
# The following will allow you to have URL right off the site root,
# using index.php as a stub but not showing it.
# This will add support for URLs like:  http://example.com/2006/08/29/post-title
# Redirect anything that's not an existing directory or file to index.php
#
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^.*$ index.php [L]

403.php

header('HTTP/1.1 403 Forbidden');

I hope this is helpful.

This is the second half of the prior post - how to find out what version of PHP are running on your server. Use curl with the -I (uppercase i) option, followed by the domain name to get the HTTP headers. There are many options you can use with curl, and the server can be configured to suppress some of this information for improved security - so if you don’t get the results you need, refer to the man pages and try again.

HTTP/1.1 200 OK
Date: Fri, 21 Mar 2008 23:11:07 GMT
Server: Apache/1.3.41 (Unix) mod_jk/1.2.23 mod_deflate/1.0.21 mod_fastcgi/2.4.2 PHP/5.2.3 mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.4.8 FrontPage/5.0.2.2634a mod_ssl/2.8.31 OpenSSL/0.9.7a
X-Powered-By: PHP/4.4.8
Content-Type: text/html

Another approach is to create one file, ver.php, and link to it called ver.php5. It should contain the following:

echo phpversion();

Request both URLs through a browser to see what version is used to deliver them.

My server has PHP4 as the default, and PHP5 available, indicated by the extension .php5. To use eZ publish 4.0, you need PHP5. To use it, one approach is to get a list of the PHP files, like so:

tar tzf eztagcloud.tgz > php_file_list

Use grep and sed to create a script to rename the files, as follows:

grep “\.php” php_file_list | sed “s/\(\(.*\)\.php\)/mv \1 \2.php5/” > php5

Make php5 executable:

chmod 700 php5

Untar the tar file:

tar xzf eztagcloud.tgz

Run php5:

./php5

Check by using:

ls -R eztagcloud/* | grep “php”

Change the filename.extension in the rewrite rules on the target from index.php to index.php5.

The include and require directives in the files must also be updated with the new extension. The file list extracted from the tar file could be used to feed a series of sed commands that substitute .php5 for .php.

grep “\.php” php_file_list | sed “s/\(\(.*\)\.php\)/sed –in-place \"s\/\\\.php\/\\\.php5\/\” \15/” > php52

Make php52 executeable.

If you don’t have alot of experience with eZ publish, and LAMP - this entire post should be considered extremely risky. However, it will not take long to check the success or failure of this idea - so it is definitely worth a try. Apologies for not testing it fully.

This approach should work for any application, and you may want to reverse it - so PHP5 is the default language, and PHP4 is accessible by extension. Good luck.

This link has some great suggestions about how to use htaccess to route all .php requests through php5. Set at the directory or account level, it may eliminate the renaming requiremnets. I couldn’t do it on my server, but others may be able to use it. Thanks to the author.
http://corz.org/serv/tricks/htaccess.php

.htaccess file

php5_value date.timezone 'America/Chicago'
php_value allow_call_time_pass_reference 0
php5_value magic_quotes_gpc 0


FilesMatch "."
order allow,deny
deny from all
/FilesMatch

FilesMatch "(index\.php5|\.(gif|jpe?g|png|css|js|html)|var(.+)storage.pdf(.+)\.pdf)$"
order allow,deny
allow from all
/FilesMatch


RewriteEngine On
RewriteRule content/treemenu/?$ index_treemenu.php5
RewriteRule index_treemenu.php5 - [L]

RewriteRule !\.(gif|jpe?g|png|css|js|html)|var(.+)storage.pdf(.+)\.pdf$ index.php5

DirectoryIndex index.php5

Run the installer - use .php5. Before you start fine tuning, be sure to change the extensions in settings/dbschema.ini and settings/codetemplates.ini.

Be sure to adhere to the requirements for eZ4, including eZ components, which can be processed with this approach as well.

*** This configuration is only intended for testing, production sites should be supported appropriately ***