Dylan's Main Page

PHP at SCCC


Anyone with a web account at Seattle Central can write PHP scripts. Our setup is a little different from what might be considered normal and this page attempts to explain those differences.

PHP Runs As Your User Account

The web server at seattle central runs as a user called 'www'. Any files that the web server needs to read from or write too must be readable or writable for the 'www' user. Usually that means we have to make our files world-readable or world-writable.

With our system, the php interpreter runs as the user who owns the script it is interpreting. For instance, my username is 'dmartin', any files I create are owned by 'dmartin', so any php scripts I write will run as 'dmartin' not as 'www'.

What that means

There are two major thing that you need to think about when you write PHP scripts for use at SCCC. First, your scripts can read from and write to any file on the server that you can. Second, you may need to specify some settings in your php scripts that you're not used to setting.

Reading from and writing to files

The most obvious affect of this is that you can now read from and write to files with stricter permissions. For instance, my php scripts no longer need to be world readable. If 'dmartin' can read that file, then our web server can serve it. If you have sensitive information (like a MySQL password) or you just want to keep your php code hidden, you should make your files so they are not world-readable.

Sessions in PHP

Most features of PHP work fine at SCCC, but if you want to use PHP's session features, you need to make some changes to your scripts for them to work here.

PHP normally keeps track of sessions in regular files in /var/lib/php/session. Not only can anyone can read your session information, but they could also erase or even change the server's copy of your session information.

With the system at SCCC, you can save session information in your home directory, but you have to tell your php scripts how to do that. It's usually as simple as creating a directory to hold session information and then adding this to the beginning of your php script(s):

ini_set('session.save_path','FullPathToPHPSessionDirectory');	

For a step-by step howto, go here: http://www.seattlecentral.edu/~dmartin/docs/phpsess.html

To see my demo script which uses sessions and looks at the file permissions of the session files, go to : http://www.seattlecentral.edu/~dmartin/test.php

To see the source of that script, go to : http://www.seattlecentral.edu/~dmartin/test.phps


Updated Tue Jan 17 10:46:12 PST 2006

Dylan's Main Page