lamp part 1

======================================================
DEBIAN - LAMP Part 1
======================================================

LAMP usually stands for:
- Linux
- Apache
- Mysql
- PHP

Different possiblities:
- Linux -> FreeBSD, OpenBSD, Solaris, Mac OS X, Windows
- Apache -> lighthttpd, dhttpd, roxen, dhttpd, khttpd
- MySQL -> PostgreSQL, Sybase, Oracle, DB2, SqLite
- PHP -> Perl, Python, Ruby, C#, Bash...

*********************************************************************
*********************************************************************

Today's steps:
1) setup of all packages
2) create a static page
3) create a SSI page
4) run a CGI-script
5) run a PHP-script
6) try to protect a directory with .htaccess

*********************************************************************
*********************************************************************

* retrieve and install the basic LAMP packages:

First: save a list of the current installed packages:
dpkg -l > dpgk_yyyymmdd_1

Install the packages: (after a "apt-get update" as usual)

apt-get install apache2 apache2-utils # webserver
apt-get install php5 # php language interpreter
apt-get install mysql-server-5.0 # mysql database server
apt-get install phpmyadmin # phpmyadmin software
apt-get install lynx links # 2 text-based webclients

Save another list of the packages, and compare:
dpkg -l > dpgk_yyyymmdd_2
diff dpkg_yyyymmdd_1 dpgk_yyymmdd_2

-> you not only have apache, php and mysql, but also some libraries,
and tools which are required by these programs (dependencies:
mueller:~# apt-cache show php5|grep Depends )

*********************************************************************

* save your configuration just in case:

cd /etc
cp -Rp apache2 apache2_backup_yyyymmdd

*********************************************************************

* as usual under debian, a basic setup is ready just after
installation, and the webserver is already running, listening
on port 80

-> find the new processes visible with "ps fawux"

-> try to access your page : http://YOUR_IP_ADDRESS/
(from your notebook, or on the console, with links or lynx:
check the man pages for more information)

-> have a look at the logs while you browse: opening a new window
or virtual screen and launching something like :
tail -f /var/log/apache2/*log
during the session may be a good idea.

*********************************************************************

* first webpage: a simple static html page.

By default, the "Document Root" of your webserver ( = what will
be displayed if you access http://IP/ ) is "/var/www/".

To setup a new page: create a new file "index.html" under
"/var/www/test", with this content:

============

First page

Hello World :-)

============

And load it in your browser under http://IP/test/

You will probably notice some errors in the error.log: most
of the browsers now tries to load a "favicon.ico" file once
every session (to illustrate the tabs and bookmarks).

To add a "Favicon" to the page, you can download
"http://omx.ch/favicon.ico" (or from anywhere else) with wget and
save the file in the "/var/www/" directory. You may need to restart
your browser to make it reload the icon.

*********************************************************************
*********************************************************************
*********************************************************************

Dynamic Contents
================

The first kind of "dynamic" pages are the SSI: Server Side Includes.

* Server Side Includes:

Create a new page under "/var/www/test/test.shtml" with:

==============

Test SSI

Date_Local:

Date GMT:

Last Modified:

Document URI:

Document Name:

Query String:

==================

Then load the page: http://IP/test/test.shtml

Something buggy? We need to activate these SSI before!

In /etc/apache2/sites-available/default, replace

Options Indexes FollowSymLinks MultiViews
AllowOverride None

Options Indexes FollowSymLinks MultiViews +Includes
AllowOverride None

And install the "include" module:

mueller:~# a2enmod include

Test if the setup is correct, and restart apache:

mueller:~# apache2ctl configtest
Syntax OK
mueller:~# apache2ctl restart

Another test in browser should now display something new:
http://IP/test/test.shtml

And try with a query string:
http://IP/test/test.shtml?abcdef=ok

-> We can now add some dynamic information to the page, but
it's very "low level". You can see some more variables under
http://www.itc.virginia.edu/desktop/web/ssi.html

Next step: the CGI script.

The Common Gateway Interface (CGI) is a standard protocol for
interfacing external application software with an information
server, commonly a web server.

CGI defines defines how information about the server and the
request is passed to the command in the form of arguments and
environment variables, and how the command can pass back extra
information about the output (such as the type) in the form of
headers.

* CGI Script (Perl)

Create the "testscript.cgi" file under "/usr/lib/cgi-bin":

===============

#!/usr/bin/perl

print "Content-type: text/html\n\n";

print "Today: " . `/bin/date` . "\n";

my $var_name;
foreach $var_name ( sort keys %ENV ) {
print "$var_name";
print $ENV{$var_name};
print "\n";
}

print "Form Contents:\n";

# parse form contents

my $method = $ENV{'REQUEST_METHOD'};

# The following is a basic if else structure to use the appropriate
# processing for grabbing the form data
if ($method eq "GET") {
$rawdata = $ENV{'QUERY_STRING'};
} else {
# if not "GET" then it will default "POST"
read(STDIN, $rawdata, $ENV{'CONTENT_LENGTH'});
}

# Splits the data pairs into sections
my @value_pairs = split (/&/,$rawdata);
my %formdata = ();

# Cycles through each pair to grab the values of the fields
foreach $pair (@value_pairs) {
($field, $value) = split (/=/,$pair);
$value =~ tr/+/ /;
$value =~ s/%([\dA-Fa-f][\dA-Fa-f])/pack ("C", hex ($1))/eg;
$formdata{$field} = $value;
# store the field data in the results hash
}

# cycle through the results and print each field/value
foreach $field (sort keys(%formdata)) {
print "Field $field has value $formdata{$field}\n";
}

print "\n\n";
exit(0);

===============

And try to run the script from your browser:
http://IP/cgi-bin/testscript.cgi

Same thing with a query string:
http://IP/cgi-bin/testscript.cgi?var1=aaa

If may not work at the first time: check the apache error.log
for more information. If there is a syntax error, you can
try to run the script on the console with:

mueller:~# perl /usr/lib/cgi-bin/testscript.cgi

and check the syntax with:

mueller:~# perl -c /usr/lib/cgi-bin/testscript.cgi
/usr/lib/cgi-bin/testscript.cgi syntax OK

*********************************************************************

To test our new CGI-script, we create a simple HTML form:

* Formular Test: (save as /var/www/test/form.html)

==============

Form

Formular

Vorname:

Nachname:

Student:
Ja
Nein

==============

Test... http://IP/test/form.html

Then replace method="GET" by method="POST" and look at the
differences in the URL and the access.log.

* PHP Script Testen

Save this contents as "/var/www/test/test.php":

===============

PHP Test

<?php
echo(date("d-m-Y H:i:s") . "");
echo($_SERVER["REMOTE_HOST"] . " " .
$_SERVER["REMOTE_ADDR"] . "");
echo($_SERVER["HTTP_USER_AGENT"]);
?>

===============

Try to access the page: it should again display dynamic contents,
which changes on each reload.

Add:
<?php
phpinfo();
?>

before the "" and reload: this will display all the
runtime variables from php and a list of installed modules:
very useful when you have to install complex php-software
requiring specific modules.

Last "do-it-yourself" part:

Please create a page "index.html" under "/var/www/protected/", and
protect the access of this page with a login/password query (like
for http://abbts.omx.ch/ ) by using an ".htaccess" file.

Username = admin
Passwort = abbts888

http://IP/protected/

Keywords: HTTP Authentication, .htaccess, man htpasswd

Note: you will need to replace "AllowOverride None" for /var/www/ by
"AllowOverride AuthConfig" in /etc/apache2/sites-available/default
otherwise the webserver will just ignore any .htpasswd file
you create.

Good luck!

lamp part 1

menu

User login

Who's new

Who's online