How to migrate my localhost php site to my ISP - Was: willing to learn php basics
in [Debian]
|
Prev: ssd / smart question
Next: black screen when starting X on radeon HD4850 with xserver-xorg-video-radeon 1:6.13
From: Monique Y. Mudama on 15 Apr 2010 23:50 On Thu, Apr 15 at 23:43, Bernard penned: > I have now got to a point that I have a working MySQL database > system on my localhost machine. I thought that I would not have any > problem migrating this to my ISP appropriate MySQL space, but so far > I have failed to do so. Local doc is very scarce, and I did not find > any relevant FAQ. I did find the relevant paths though, and > succeeded installing a short php script which displays the current > date, using strftime(), but there is no way I can access databases. > From the online doc, I learnt that I can't create databases, and > that I can just create tables under the database that already > exists. If I import a table, only its structure gets imported, not > its content, and then an error message says that I don't have > privileges for this... so I am surely missing something as far as > setting up is concerned, or initialization. In my efforts to fetch > info, I got a few hints, but they were negative ones, for instance > someone kind of said that most ISP did not allow their customers to > more than one authenticated user. This would mean that I could not > expect to install a database that would be available to the members > of a club, each of them having a login and password. Maybe I'm misunderstanding the question, but ... typically you would have *one* login that the website uses to talk to the database. Website users would not authenticate by logging into the database - they would authenticate by having a username and (possibly encrypted) password stored in the database, which you would somehow retrieve and compare. > Could someone tell me where I could find relevant information and > docs ? And maybe mention one or more ISP that would provide suitable > mysql facilities ? As for hosting companies, I have been very happy with www.pair.com for years. They provide I believe three database users - read-only, read-write, and full access. You would only use the full access user to create the database structure - tables, indexes, etc. You would use either a read-only or read-write user in your web code, depending on what you were doing. They also have a nice library of help documents, which are apparently freely available without requiring a login: http://www.pair.com/support/knowledge_base/ And I think the command you want is "mysqldump" ... with the correct parameters you should be able to tell it to create a file that includes everything necessary to both create your table structures *and* populate them with your data. This of course assumes that you're running the same version of mySQL on your local server as is available on your host machine. -- monique -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/20100416001551.GD11310(a)mail.bounceswoosh.org
From: Joe on 16 Apr 2010 05:30 On 15/04/10 22:43, Bernard wrote: > Hi Avi, Hi to Everyone, > > Avi Greenbury wrote: >> Bernard wrote: >>> Have I got to install one or more Debian packages for PHP ? >>> '$apt-cache search PHP' gives too many results for a choice. >> >> You want to do >> # apt-get install php5 php-mysql apache2 >> >> Which will also pull in the php5 apache module. >> By default, the web pages live under /var/www, the php config file >> is /etc/php5/apache2/php.ini and the apache config is all >> under /etc/apache2/, with apache2.conf being the 'main' config file. >> >> There're several howtos on the net to talk you through it, howtoforge >> is a bit of a goldmine for them. > I have now got to a point that I have a working MySQL database system on > my localhost machine. I thought that I would not have any problem > migrating this to my ISP appropriate MySQL space, but so far I have > failed to do so. Local doc is very scarce, and I did not find any > relevant FAQ. I did find the relevant paths though, and succeeded > installing a short php script which displays the current date, using > strftime(), but there is no way I can access databases. From the online > doc, I learnt that I can't create databases, and that I can just create > tables under the database that already exists. If I import a table, only > its structure gets imported, not its content, and then an error message > says that I don't have privileges for this... so I am surely missing > something as far as setting up is concerned, or initialization. In my > efforts to fetch info, I got a few hints, but they were negative ones, > for instance someone kind of said that most ISP did not allow their > customers to more than one authenticated user. This would mean that I > could not expect to install a database that would be available to the > members of a club, each of them having a login and password. > > Could someone tell me where I could find relevant information and docs ? > And maybe mention one or more ISP that would provide suitable mysql > facilities ? > For another perspective: I use 1&1 (http://1and1.com) for a web database. They have several level of package, the one I use has MySQL facilities, ftp and also ssh access to the virtual server that runs apache. As Monique said, you can use MySQL to store passwords and write your own login script, but you should also be able to use basic authentication (with .htpass files) in the web server to require a user name and password for access to web pages, which may well be enough for your purposes. The advantage is that it's simple to set up, the disadvantage is that you have to set the passwords and communicate them to the users, they cannot change them. Neither of these techniques count as authentication to the operating system or MySQL itself, so the single user isn't a problem. The MySQL installation at 1&1 is accessible by a public IP address from the virtual server, but this is not guaranteed to be available from outside their own network. They advise that the database be accessed only from the virtual server, either through ssh or the web server.They recommend installing phpmyadmin, which is a script which runs on the web server. Monique and Avi mentioned mysqldump, and phpmyadmin offers similar features remotely through a web page, including uploading of .sql files, by which you can create and populate entire databases if necessary. It can also backup the database to a file on the client computer. You can access phpmyadmin from anywhere, and you need to login to it using the MySQL credentials. The phpmyadmin information page can also tell you quite a lot about how the apache and MySQL installations are configured. One last point: even if you don't advertise the website outside your club membership, it will be found by others, and you need to understand at least SQL injection and cross-site scripting attacks on web servers, and the facilities that PHP offers to help defend against them. You should also regularly check your web server directory structure and files for signs of tampering. And a whole load of other things, but web server security is a career in itself... -- Joe -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4BC82D1C.2000009(a)jretrading.com
From: Bernard on 17 Apr 2010 05:20 > On Thu, Apr 15 at 23:43, Bernard penned: > >> I have now got to a point that I have a working MySQL database >> system on my localhost machine. I thought that I would not have any >> problem migrating this to my ISP appropriate MySQL space, but so far >> I have failed to do so. Local doc is very scarce, and I did not find >> any relevant FAQ. I did find the relevant paths though, and >> succeeded installing a short php script which displays the current >> date, using strftime(), but there is no way I can access databases. >> From the online doc, I learnt that I can't create databases, and >> that I can just create tables under the database that already >> exists. If I import a table, only its structure gets imported, not >> its content, and then an error message says that I don't have >> privileges for this... so I am surely missing something as far as >> setting up is concerned, or initialization. In my efforts to fetch >> info, I got a few hints, but they were negative ones, for instance >> someone kind of said that most ISP did not allow their customers to >> more than one authenticated user. This would mean that I could not >> expect to install a database that would be available to the members >> of a club, each of them having a login and password. >> > > Maybe I'm misunderstanding the question, but ... typically you would > have *one* login that the website uses to talk to the database. > Website users would not authenticate by logging into the database - > they would authenticate by having a username and (possibly encrypted) > password stored in the database, which you would somehow retrieve and > compare. > Thanks for your help Monique. I hadn't thought of that, but it makes sense that the ISP only allows one user to log into databases. Problem is that outside users will have to connect to my database through a php script that will contain my password ! > >> Could someone tell me where I could find relevant information and >> docs ? And maybe mention one or more ISP that would provide suitable >> mysql facilities ? >> > > As for hosting companies, I have been very happy with www.pair.com for > years. They provide I believe three database users - read-only, > read-write, and full access. You would only use the full access user > to create the database structure - tables, indexes, etc. Prior to subscribing to an expensive hosting, I wish to test the system on free ISP. I have two of them here. I tested them both, but testing did not go far as for now, since I am far from having understood how it is supposed to work. No doc is provided, except links for general docs. As previously said, I have been able to connect and succeed in a few requests, but, obviously I lack a "full priviledge" (root) status. I do have mysqladmin installed on both ISP machines, but I can do very little with it : '... denied for user bdebreil...'. Reading the general mysqladmin doc tells me that I have to create a super user (as I did in my local mysql machine on my PC), but nothing works. Same thing with my other ISP. Using php scripts, some sql request do work, for instance I can manually add content to an empty database that I have imported using phpmyadmin (import with no data, data refused: 'access denied...'), but I have no such thing as 'FILE' privilege, so that I cannot import data using 'LOAD DATA [LOCAL] INFILE ...' as I do on my local machine. Of course, anything such as 'GRANT [privilege] does not work either. The mysqladmin doc says that one has to create a config.inc.php file in the same folder as 'Mysqladmin documentation.html'... but I have no access to that folder... I would be tempted to write to my ISP system administrator, but, since I found that I have the same config at both my ISPs, I imagine that this is the way it is supposed to be.. By the way, just in case I would decide to subscribe to pair.com, would you know if it is possible to subscribe for a short time, 3 months for instance ? I know of an ISP in Switzerland that is quite a bit cheaper, but then you have to subscribe for at least two years (80 Euros for the first year, 120 Euros for each following year) -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4BC97C1E.2020407(a)teaser.fr
From: Bernard on 17 Apr 2010 05:30 Joe wrote: > On 15/04/10 22:43, Bernard wrote: >> Hi Avi, Hi to Everyone, >> >> Avi Greenbury wrote: >>> Bernard wrote: >>>> Have I got to install one or more Debian packages for PHP ? >>>> '$apt-cache search PHP' gives too many results for a choice. >>> >>> You want to do >>> # apt-get install php5 php-mysql apache2 >>> >>> Which will also pull in the php5 apache module. >>> By default, the web pages live under /var/www, the php config file >>> is /etc/php5/apache2/php.ini and the apache config is all >>> under /etc/apache2/, with apache2.conf being the 'main' config file. >>> >>> There're several howtos on the net to talk you through it, howtoforge >>> is a bit of a goldmine for them. >> I have now got to a point that I have a working MySQL database system on >> my localhost machine. I thought that I would not have any problem >> migrating this to my ISP appropriate MySQL space, but so far I have >> failed to do so. Local doc is very scarce, and I did not find any >> relevant FAQ. I did find the relevant paths though, and succeeded >> installing a short php script which displays the current date, using >> strftime(), but there is no way I can access databases. From the online >> doc, I learnt that I can't create databases, and that I can just create >> tables under the database that already exists. If I import a table, only >> its structure gets imported, not its content, and then an error message >> says that I don't have privileges for this... so I am surely missing >> something as far as setting up is concerned, or initialization. In my >> efforts to fetch info, I got a few hints, but they were negative ones, >> for instance someone kind of said that most ISP did not allow their >> customers to more than one authenticated user. This would mean that I >> could not expect to install a database that would be available to the >> members of a club, each of them having a login and password. >> >> Could someone tell me where I could find relevant information and docs ? >> And maybe mention one or more ISP that would provide suitable mysql >> facilities ? >> > For another perspective: > > I use 1&1 (http://1and1.com) for a web database. They have several > level of package, the one I use has MySQL facilities, ftp and also ssh > access to the virtual server that runs apache. > > As Monique said, you can use MySQL to store passwords and write your > own login script, but you should also be able to use basic > authentication (with .htpass files) in the web server to require a > user name and password for access to web pages, which may well be > enough for your purposes. The advantage is that it's simple to set up, > the disadvantage is that you have to set the passwords and communicate > them to the users, they cannot change them. Neither of these > techniques count as authentication to the operating system or MySQL > itself, so the single user isn't a problem. > > The MySQL installation at 1&1 is accessible by a public IP address > from the virtual server, but this is not guaranteed to be available > from outside their own network. They advise that the database be > accessed only from the virtual server, either through ssh or the web > server.They recommend installing phpmyadmin, which is a script which > runs on the web server. > > Monique and Avi mentioned mysqldump, and phpmyadmin offers similar > features remotely through a web page, including uploading of .sql > files, by which you can create and populate entire databases if > necessary. It can also backup the database to a file on the client > computer. You can access phpmyadmin from anywhere, and you need to > login to it using the MySQL credentials. The phpmyadmin information > page can also tell you quite a lot about how the apache and MySQL > installations are configured. > > One last point: even if you don't advertise the website outside your > club membership, it will be found by others, and you need to > understand at least SQL injection and cross-site scripting attacks on > web servers, and the facilities that PHP offers to help defend against > them. You should also regularly check your web server directory > structure and files for signs of tampering. And a whole load of other > things, but web server security is a career in itself... > Thanks for your advice. I do have 'mysqladmin' installed on both ISP, but I lack super user privileges, and most functions are therefore unavailable to me, as explained in my previous post. -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4BC97DC1.4090806(a)teaser.fr
From: Joe on 17 Apr 2010 12:10 On 17/04/10 10:15, Bernard wrote: > > > Thanks for your help Monique. I hadn't thought of that, but it makes > sense that the ISP only allows one user to log into databases. Problem > is that outside users will have to connect to my database through a php > script that will contain my password ! That is normal. If your users can enter data, then the script must have at least some write privileges on the database. In the real world, you deal with the security aspect by placing the password (and database and user names) in a second php script outside the web server's document root, so that no web request can return it. Apache will normally be configured not to allow download of scripts, even when a user knows the right filename, but placing the script outside the directory tree which apache can reach adds to security. You 'require' this mini-script in the main php script, which must of course be placed within the web document tree. While apache cannot reach outside its docroot, php/perl/etc. can, though with the same permissions that apache runs under. In order to achieve this, you need write access to that directory tree above apache's docroot, with the ability to set permissions correctly. From what you say, it does not seem that you have that with your current ISP. You would seem to need to spend some money, even before you are sure you will have the access you need. >By the way, just in case I would decide to subscribe to pair.com, >would you know if it is possible to subscribe for a short time, 3 >months for instance ? I know of an ISP in Switzerland that is quite a >bit cheaper, but then you have to subscribe for at least two years (80 >Euros for the first year, 120 Euros for each following year) 1&1 appears to offer a 60-day guarantee which may meet your needs: "The 1&1 60-Day Money Back Guarantee applies to the Instant Mail and Beginner packages as well as all shared hosting, Virtual Server and eShop packages. You will receive a full refund of the fees if you are not completely satisfied within 60 days' of the activation of your package. Guarantee starts on the date of initial registration of the contract number. "There is no refund for packages ordered with the software bundle, software shipping and handling fees, domain name registration fees, or any unused bandwidth. 1&1 considers that customers upgrading from an existing package have already experienced the 60-Day Money Back Guarantee. In addition, each customer can only use the Money Back Guarantee once, and for only one contract number per account." In practice, you'll need to pay a small amount for shipping of documentation and to register at least one domain name, so you wouldn't get much back out of two months' payment, but you wouldn't be tied into a long contract. I'm on the Business Pro package, at GBP 15 per month, most of which I can charge on to customers. There's a Business at GBP 9 per month, about the same as your Swiss one, which offers two 100MB MySQL databases plus perl and PHP. It doesn't have ssh access to the server, but I've very rarely used that. It also doesn't have cron scripts, but I've never used them. If you need something timed, you can write it into a script and call it as a web page on a timed basis from outside. As I recall, you don't need ssh access to install phpmyadmin, it's just another web script. You FTP the files to a suitable directory. You need to give phpmyadmin the local address and port number of the MySQL server. Certainly, you are free to create users at various privilege levels, you have full control of the databases. You can then logon to phpmyadmin using any of the MySQL user credentials, though normally you will be doing administration and you will use the root logon. -- Joe -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4BC9DB8A.2030309(a)jretrading.com
|
Next
|
Last
Pages: 1 2 Prev: ssd / smart question Next: black screen when starting X on radeon HD4850 with xserver-xorg-video-radeon 1:6.13 |