How To Install PHP 5.6 on Ubuntu 16.04

I just upgraded one of my Ubuntu Servers to Ubuntu 16.04.  The media wiki installation shopped working because it now comes with PHP 7.  I tried upgrading mediawiki to the latest version but this didn’t seem to work either.   I can’t seem to find out if Mediawiki support PHP 7.  So, I thought I would install PHP 5.6 in parallel on Ubuntu 16.04 by using a PPA (which I generally don’t like)

Here are the commands that I used:

add-apt-repository ppa:ondrej/php
apt update
apt install php5.6 libapache2-mod-php5.6 php5.6-curl php5.6-gd php5.6-mbstring php5.6-mcrypt php5.6-mysql
a2dismod php7.0
a2enmod php5.6
systemctl restart apache2

Hope this helps someone.

 

php ini_set(“memory_limit”) isn’t working at all

If you are trying to set your php memory limit at the top of a php script using the php int_set() and it doesn’t appear to have any affect then there is a chance that you have the PHP Suhosin security extension installed. Suhosin stops a script from being able to increase the memory limit.

If you have the Suhosin extension installed then simply edit /etc/php5/conf.d/suhosin.ini and change:

;suhosin.memory_limit = 0

To:

suhosin.memory_limit = 1G

Or however much memory you would like to allow for the script. Then restart nginx / or apache.

sudo service apache2 restart

Note – if you use int_set() and attempt to set a higher memory limit than allowed in the suhosin settings then it will no have any affect at all.

How to remove exif metadata from jpegs using php or command line

There is a method of hacking php using a security flaw in php in how it handles exif meta data embedded in jpeg, png or gif images. You describe this as an EXIF injection attack. As a precaution it is a good idea to strip all EXIF information from any images that are uploaded to your website.

I have found these two tools really useful to do this and this is a quick outline of how we used them:

Removing EXIF meta data from .jpg on Ubuntu / PHP
There is a really good tool called exiftool. There is a version in the Ubuntu repositories – so it is super easy to install.

apt-get install libimage-exiftool-perl

You can then strip exif meta from a jpeg using the command:

exiftool -all=  filename.jpg

So in php this would look like this:

$output = exec(sprintf("exiftool -all= %s", escapeshellarg($_image_path)));

Removing EXIF meta data from .png images on Ubuntu / PHP
The best tool for removing exif information from .pngs is Optipng. You can install optipng on Ubuntu from source using this recipe.

apt-get install optipng

and so again in php it would look something like this:

$output = exec(sprintf('optipng -strip all %s', escapeshellarg($_image_path)));

I hope this helps someone.

Request Entity Too Large – php curl error

I have been trying to make curl post request to a script like so:

    $ch = curl_init('http://my.server/api.php');                     
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json') );
    curl_setopt($ch, CURLOPT_POSTFIELDS, array('json' => 'hello' ));
    curl_setopt($ch, CURLOPT_POST, true);                                         
    $response = curl_exec($ch);   

It keep failing with an Apache 213 error like this:

The requested resource
/api.php
does not allow request data with POST requests, or the amount of data provided in the request exceeds the capacity limit.

It turns out that you need to set the curl options in the correct order and CURLOPT_POST needs to be before CURLOPT_POSTFIELDS. Like so:

    $ch = curl_init('http://my.server/api.php');                     
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json') );
    curl_setopt($ch, CURLOPT_POST, 
    curl_setopt($ch, CURLOPT_POSTFIELDS, array('json' => 'hello' ));
true);                                         
    $response = curl_exec($ch);   

PHP CURL SSL Not working Ubuntu 12.04

We have been trying to make a curl requested to login to a secure website from within PHP on Ubuntu 12.04. However, curl was hanging and responding with a nothing.

After much debugging, it turns out the curl was failing to negoitiate the correct ssl protocol to use. You can test if you have the same bug as follows. Open a terminal in Ubuntu

Try:

curl https://the.secure.website.com

If it fails then try setting the SSL version to 3.

curl -3 https://the.secure.website.com

If this goes then set the SSL version in your PHP script.

curl_setopt($ch, CURLOPT_SSLVERSION, 3);

Hope this helps someone.