Category Archives: Tools

Installing Redmine on cPanel

Posted by on December 6, 2011 No comments

Installing Redmine on cPanel will be bit harder, because it needs some modifications on server configuration. And custom modifications will be lost on regeneration of configuration files by cPanel. According instruction at http://www.redmine.org/projects/redmine/wiki/HowTo_install_Redmine_on_CentOS_5 you will need change Apache configuration manually. It’s not okay on cPanel. Also it will be conflicts with the Ruby, Rack, RoR versions which comes with cPanel.

Let’s deal with it.

First of all be sure that you have root access to your server, and Ruby on Rails is uninstalled.

Get the rubygems (1.4.2 version):

wget http://production.cf.rubygems.org/rubygems/rubygems-1.4.2.tgz
tar zxvf rubygems-1.4.2.tgz
cd rubygems-1.4.2
ruby setup.rb

Then install passenger:

gem install passenger

Download and extract redmine:

wget http://rubyforge.org/frs/download.php/75518/redmine-1.2.2.tar.gz  # GET LATEST VERSION ON RUBYFORGE
tar zxvf redmine-1.2.2.tar.gz

Install bundler:

gem install bundler

Go to redmine directory and create Gemfile and install bundle:

vi /<redmine_dir>/Gemfile
source "http://rubygems.org" 
gem "rake", "0.8.3" 
gem "rack", "1.1.0" 
gem "i18n", "0.4.2" 
gem "rubytree", "0.5.2", :require => "tree" 
gem "RedCloth", "~>4.2.3", :require => "redcloth" # for CodeRay
gem "mysql" 
gem "coderay", "~>0.9.7" 
bundle install

Create database and user for it, go to redmine directory:

cd config
mv database.yml.example database.yml

Edit database.yml file and write database credentials in production section.

Now edit the config/environment.rb file.

ENV['RAILS_ENV'] ||= 'production'

Type in the shell:

RAILS_ENV=production bundle exec rake generate_session_store
RAILS_ENV=production bundle exec rake db:migrate
RAILS_ENV=production bundle exec rake redmine:load_default_data

Make sure there were no any error messages.

Go to public/ directory:

cd public/
mv dispatch.cgi.example dispatch.cgi
mv dispatch.fcgi.example dispatch.fcgi
mv dispatch.rb.example dispatch.rb
mv htaccess.fcgi.example .htaccess

Half of the work is done.

Now we must make it available to cPanel. So cPanel uses different version of rack and RoR there will be conflicts.

Install rubyonrails for cPanel.

/scripts/installruby

It will install RoR, RubyGems, Rack etc. which not compatible with redmine. Otherwise you’ll not be able to start ruby application from cPanel. So, create application named redmine and show the path(e.x. /home/redmine/ruby_apps/redmine – but it’s not real redmine directory with you just configured, it’s better show the non-existing directory). Once application is created. You can start it.

Start by clicking Run button on cPanel.

Test it http://yoursite.com:12001. If everything is okay, so we can continue for tricks.

Now stop it.

Go to directory which you created with RoR application on cPanel. Remove all files, copy everything from configured redmine directory. Then go to rubygems directory where you downloaded 1.4.2 version.

ruby setup.rb

Go to redmine directory

gem install passenger
bundle install

Change permissions for redmine directory.

cd ..
chown -R apache:apache redmine_dir
chmod -R 755 redmine_dir

Now go to cPanel, Ruby on Rails section. Run the application. Now it’s ready on http://yoursite.com:12001. You can make it available on port 80 with htaccess.

Enjoy!

Removing UTF8 BOM from PHP files

Posted by on June 28, 2011 No comments

UTF8 Byte Order Mark (BOM) is sequence of bytes for represent the file as UTF8. The sequence is hexadecimal EF BB BF value also you can see it at the beginning of the file as ï»¿. When these symbols is used the text editor recognizes that file as UTF8.

In most cases it creates a problem for PHP programmers. When php file is interpreted these symbols sent to the output directly (because there are not inside of <?php ?> tags). If the php file modifies or sends headers, BOM is sent before the headers(as an output) and sending headers fails. Usually you see such error:

Warning: Cannot modify header information – headers already sent by (output started at /path/to/php/public_html/config.php:28) in /path/to/php/public_html/index.php on line 101

The solution is to remove the UTF8 BOM signature from the PHP files. On Notepad++ or EmEditor you can save the file without UTF8 BOM. Another method is to open the files with the editor with can’t read utf8 and remove these byte order manually.

The easiest way is bomremover tool. You can get it from http://code.google.com/p/bomremover/ .

 

#cd /path/to/php/files/
#/path/to/bomremover/bomremover.sh -r

This will recursively locate the files and remove the BOM from files.

For removing BOM from a single file:

#cd /path/to/php/files/
#/path/to/bomremover/bomremover.sh index.php

 

Reference:

wget as a hacker tool

Posted by on November 9, 2010 No comments

Few days ago some people called himself web-programmers, created a web-site where it was online voting for the parliament in my country. It was a simple system you select your region, select the candidate and vote for him. The purpose of this system was to know approximate results of the election…

One of the sites used requests by GET method. The only limit was about IP address. So, from one IP address you vote once. Many people took the URL with the request and put it to their web sites as a iframe, img, or something else. For example:
http://namized.com/index.php?menyu=sesver&daireid=55&namizedid=74&buttson=S%C6%8FS+VER

You put this on the iframe in your page

<iframe src="http://namized.com/index.php?menyu=sesver&daireid=55&namizedid=74&buttson=S%C6%8FS+VER"></iframe>

and when your page is visited automatically it’s voted for “your” candidate.

GNU has a good tool called wget for downloading files from internet(or any other network). wget has a lot of options for performing different operations while you download the files. Most important options for “voting” purposes are –proxy, this little bash script will do your job:

while read line   
do   
    export http_proxy=$line
    wget --proxy=on "http://namized.com/index.php?menyu=sesver&daireid=55&namizedid=74&buttson=S%C6%8FS+VER"
done <proxy.list

Googling for proxy server list and copy/pasting them to proxy.list file on the current directory and then executing the script will vote for your candidate from different proxies. So, recorded IP address will be proxy IP address not yours.

Additionally if you want speed up the process by reducing your RAM and network resources you can change the script as follow:

while read line   
do   
    export http_proxy=$line
    wget --tries=1 --timeout=10 --proxy=on "http://namized.com/index.php?menyu=sesver&daireid=55&namizedid=74&buttson=S%C6%8FS+VER" &
done <proxy.list

Another web site used POST requests. wget has an option –post-data for solving this problem :)

Hmmm. Using a captcha could solve the problem…

phpasswd tool

Posted by on September 9, 2009 No comments

This week me and my friends from Neats group made little tool for working with htpasswd files.

The main purpose of the project was to make easy to use tool for changing admin passwords on Baku State University web site administration panel.

phpasswd We released the project as an open-source and it is hosted on Kenai. You can download it from http://kenai.com/projects/phpasswd

It was used extJS library for flexibility.