PHP – Filip Forrez Online

Using Cisco NAC API with PHP (cURL)

The Cisco NAC Guest Server provides an API for other applications to interrogate the NAC.
I didn’t use cURL before, but now it was the best option to use since I didn’t have Zend Framework or anything else.

Off course, the first attempts always returned “false”. It never works from the first time. After some searching, this piece of code did it:

  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, $url);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($ch, CURLOPT_USERAGENT, "Dummy text");
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
 
  $result = curl_exec($ch);
  $error = curl_error($ch);
 
  curl_close($ch);
 
  if ($result) {
      return $result;
  } else {
      return $error;
  }

I needed to parse the response, so the transfer must be returned as a string; therefor CURLOPT_RETURNTRANSFER is set to “true”.

The NAC server expected a User Agent, so I needed to add that option: CURLOPT_USERAGENT. It doesn’t matter what value it has, but it needs something.

Because I didn’t needed to configure any certificates clientside (in cURL) I could set CURLOPT_SSL_VERIFYPEER is set to false.

The last problem I had, was that everytime something didn’t work, I only got “false” as answer. To get an error message from cURL it is necessary to read it out from the connection with “curl_error()”. This function returns the latest error message.

To simplify things, my function returns the result as a string, or the error message.

Artikel op Tweakers.net over SQL injectie en XSS

Op Tweakers.net staat er een zeer goed artikel over SQL injectie en XSS, met PHP en MySQL voorbeelden:

http://tweakers.net/reviews/2531/sql-injectie-en-xss-de-beste-verdediging.html

PHP 5.1 cannot connect to MS SQL Server 2008

A few days ago I had to set up a new environment for an old PHP application. The webserver runs on PHP 5.1.1, and could not be upgraded.
One of the databases is a MS SQL Server 2008. PHP has extensions for all kinds of databases, so I enabled php_mssql.dll in php.ini. When I tested the connection, I got a fatal error: Cannot connect to database…

Well, after a few hours of searching, I found this blog:
http://www.davidlauzon.net/2009/02/ms-sql-server-2008-with-php/

It describes perfectly my problem, and the solution. I downloaded MS SQL Server 2008, copied the file “ntwdblib.dll”, and replaced the two existing files in WAMP with the file I downloaded. After a restart of Apache, the MS SQL database was found.

It seems that PHP 5.1.1 (released november 2005) does not support more recent versions of MS SQL Server, but luckily there is a solution!

Thanks to all the bloggers out there, who make problem-solving a lot easier!

ntwdblib.dll

Be faster in Eclipse PDT

A tip for all PHP developers using Eclipse PDT:
if you want to type a class name, for example “Zend_Controller_Request_Http”, you can just type “ZCRH“, and the Eclipse code assist will suggest “Zend_Controller_Request_Http”.

This works also in Zend Studio for Eclipse.

Does gzdecode() exist or not?

The first step, encoding, was very easy. I used “gzencode()” and everything worked fine. Then I wanted to use the decoding function “gzdecode()” and I got this message “Fatal error: Call to undefined function phpdecode() “.

I go back to php.net, and there I see that the function gzdecode is documented, and no specifications are given which PHP version is needed, which extra extensions need to be installed etc. And since gzencode works fine, gzdecode should work fin too, isn’t it?

I google a little, and I find very little information. The best thing I see is this, on bugs.php.net. This issue is closed since 2006, and has one comment: “Implemented for PHP-6”.

So, why is gzencode() available in PHP5, en gzdecode() only in PHP6?
And because PHP6 is not out yet, what is the best solution: use other function (gzcompress() and gzdecompress(), gzinflate() and gzdeflate()), or use one of the meny alternative gzdecode() functions that user on php.net have written?