Tuesday, 5 December 2017

PHP for Dynamic Web Content

PHP is a powerful language for creating dynamic web content. form processing, sessions, databases, XML, and graphics. 
PHP Encoder to protect, encrypt and encode your PHP source code assets. Includes encryption, protection, security and obfuscation.

Whenever a php script requires write access to a file or directory, you have to chmod that directory (or file) to 777 (or 666 for files) on most servers. This is because on most servers apache and php runs as user 'nobody'.
Although giving world write access will make it possible to use the script, it also means a security hole, which can be used by hackers.

To avoid this security hole some ISP's install phpsuexec on their servers. Using phpsuexec php runs under your own username on the server. This removes the necessity to make files and folders world writable. Instead you can just use 755 for folders (the default) and 644 for files (also the default).

But using phpsuexec will result in an error 500 (internal server error) for some statements in .htaccess.

For this, you need to make sure, that whenever you are using files with (or without) an extension different then the normal extension for that filetype you can use ForceType in your .htaccess file to make it clear to the server how to handle that file (or all the files in the folder) (this works on servers without phpsuexec).

ForceType application/x-httpd-php

However, when your server uses phpsuexec this will result in an internal server error. To solve this you can simply use SetHandler instead of ForceType, so your .htaccess-file becomes:

SetHandler application/x-httpd-php

On a server without phpsuexec it is possible to use the php_value statement in a .htaccess-file to change settings of php (actually overwrite the settings from php.ini).

On a sever with phpsuexec this will also result in a server error. To solve this you can use a php.ini file which you put in the same folder as where you would have put your .htaccess file. In that php.ini file you can change all the php values. You only have to put the values you want to modify in that file. Let me give one example if you want to set the short_open_tag to Off you would have used short_open_tag? = off in your .htaccess file. Using a php.ini file this results in:

[php]

short_open_tag = Off

customizing storefront
We can easily customize our storefront, Let us assume that your storefront is in English, first of all download 2 documents that are there in the webshell file management system.

Path: /yourdomain.com/catalog/includes/languages/english.php
Path: /yourdomain.com/catalog/includes/languages/english/default.php

Now, Open default.php using WebShell or NotePad:

define('TEXT_MAIN', 'This is a demonstration online-shop, <b>any products purchased will not be

delivered nor billed</b>. Any information seen on these products are to be treated

fictional.<br><br>If you wish to download this sample shop, or to contribute to this project,

please visit the <a href="http://oscommerce.com"><u>support site</u></a>. This shop is based on

<font color="#f0000"><b>' . PROJECT_VERSION . '</b></font>.');

define('TABLE_HEADING_NEW_PRODUCTS', 'New Products For %s');
define('TABLE_HEADING_UPCOMING_PRODUCTS', 'Upcoming Products');
define('TABLE_HEADING_DATE_EXPECTED', 'Date Expected');

if ($category_depth == 'products' || $HTTP_GET_VARS
['manufacturers_id']) {
define('HEADING_TITLE', 'Let's See What We Have Here');
define('TABLE_HEADING_IMAGE', '');
define('TABLE_HEADING_MODEL', 'Model');
define('TABLE_HEADING_PRODUCTS', 'Product Name');
define('TABLE_HEADING_MANUFACTURER', 'Manufacturer');
define('TABLE_HEADING_QUANTITY', 'Quantity');
define('TABLE_HEADING_PRICE', 'Price');
define('TABLE_HEADING_WEIGHT', 'Weight');
define('TABLE_HEADING_BUY_NOW', 'Buy Now');
define('TEXT_NO_PRODUCTS', 'There are no products to list in this category.');
define('TEXT_NO_PRODUCTS2', 'There is no product available from this manufacturer.');
define('TEXT_NUMBER_OF_PRODUCTS', 'Number of Products: ');
define('TEXT_SHOW', '<b>Show:</b>');
define('TEXT_BUY', 'Buy 1 '');
define('TEXT_NOW', '' now');
define('TEXT_ALL', 'All');
} elseif ($category_depth == 'top') {
define('HEADING_TITLE', 'What's New Here?');
} elseif ($category_depth == 'nested') {
define('HEADING_TITLE', 'Categories');
}
?>

Page "heading title" can be easily modified. But do the following when you are editing the document:
1. Make copies of english.php and default.php in a separate folder before editing the source

code. This way, if you inadvertently mess up the syntax you can always start over with the

untouched file. Failure to do so could destroy your cart.

You can insert some HTML tags like <b> or <font> in between the ' ' where the text resides.
For example: define('TEXT_SHOW', '<b>Show:</b>');

When you are done editing any PHP file, upload it back where you got it from and refresh your
storefront page to see the changes. In WebShell make sure the properties of the PHP file are

marked as "Executable" on the right hand side.