Missing php-mbstring

After (re-)installing PHP and attempting to run a script, you may see an error message saying “PHP Fatal error: Uncaught Error: Call to undefined function mb_strtoupper()”.

Well, you may be missing the php-mbstring extension to PHP. Simply install it by:

  • sudo apt-get install php-mbstring

UTF-8 from MySQL does not show correctly in PHP

The data you have in MySQL is all in UTF-8, you have UTF-8 specified in your HTML, PHP is set up to use UTF-8, but you still get gibberish as output, with question marks showing up on screen instead of correct symbols.

The problem may be that the communication between MySQL and PHP is not happening in UTF-8.

Try telling “SET NAMES ‘utf8′” to MySQL when you initiate the connection, before you run any other queries.

For example, as soon as you establish the connection to database, run this in your script:

mysqli_query( $conection, “SET NAMES ‘utf8′” );

Removing comments from PHP

Sometimes it is enough to remove comments from your PHP code to make it not worth stealing, as a potential violator will spend more time figuring out what did you mean by all that, than writing his own version of the software to do the same job.

This very simple solution, based on an example in a forum here, does that for all files in the directory and its subdirectories.

  • find . -type f -name '*.php' | while read VAR; \
    do mv $VAR "$VAR-old"; php -wq "$VAR-old" > $VAR ; \
    unlink "$VAR-old"; done

Unlike obfuscators, it does not mess with your actual code.

The php options engaged here are:

-w             Output source with stripped comments and whitespace

-q             Quiet-mode. Suppress HTTP header output (CGI only).

Blank lines in top of file downloaded via PHP

You are serving a file for download directly from your PHP script, by setting its mime type,  sending headers with Content-Type and Content-Disposition, then piping the contents.

Everything works fine, but then suddenly the downloads become corrupted, with extra data added in their top, with blank extra lines clearly visible in downloaded text files.

The first thing to do without thinking much is to go through your PHP files and remove closing “?>“, if they are at the very end of the file. They are not needed and actually can be harmful, as anything after “?>” may served to the user with potentially damaging results.

Just remove those “?>” and your downloads may be fine again.

Obfuscate PHP code

So you write some software in PHP and are about to upload it to the server. But what if the server is not secure, what if it gets compromised, what if somebody steals your intellectual property? There may be situations where you are really concerned about it.

In most situations the best practical solution is to simply obfuscate your code, by making it unreadable to humans. It can still get stolen and used as it is, but it is very hard to practically impossible to restore the logic behind the code. And that is sufficient in most situations.

Quite good tool for that is YAK Pro. It works really well for small projects. As your project gets big and complicated, it begins to mess up the code, which makes the output unusable. But for small projects it is just fine. See for yourself, if you can make use of it.

The easiest way to install it is to use git.

1) Go to the directory where you want to have the obfuscator directory created, then type:

git clone https://github.com/pk-fr/yakpro-po.git

2) Change into the newly created directory and again type:

git clone –branch=1.x https://github.com/nikic/PHP-Parser.git

NOTE: It is “branch” with two dashes “-” before it, WordPress may mess up the text formatting.

Afterwards you may test it in action.

Read the rest of this entry »