Adam
-
Posts
131 -
Joined
-
Last visited
-
Days Won
16
Posts posted by Adam
-
-
What are you trying to do?
I believe the issue is that you are not passing a valid Session object. If you read the docs the login function takes two arguments, a Session Object and an array of user attributes.
The session object is defined here: http://source-docs.blesta.com/class-Session.html which is not the same as PHP's session class you are currently using (does not appear Blesta Session module implments PHP's SessionHandlerInterface). You might want to use the auth function if you want to verify if a user exists.
-Adam
-
Ah, thanks! I'll update the script then, with your suggestions. I'll also update to GeoLite2 when Blesta shifts to supporting GeoLite2. I suppose I could have the script download GeoLite 2 in preparation for Blesta switching to using GeoLite 2. In fact... I'll do that. Check the OP, the script will be updated shortly.
Script does not work -- did you try it out in your shell? By default curl streams the data to standard output. You are not capturing the output. Every line after that is incorrect. Your logic on checking for MD5 is backwords -- if you ask me. Read the man page for the command md5sum (man md5sum).
Edit: This bit here: 0 9 * * 3 [ `date +\%d` -le 7 ], is that to be in the cronjob or the script itself?
Yes, that goes in your crontab file (/var/spool/cron/) Do not forget the &&. The following does everything you need:
0 9 * * 3 [ `date +\%d` -le 7 ] && cd /path/to/uploads/system/ && curl -L https://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz | gunzip > /srv/uploads/system/GeoLiteCity.dat
Edit2: Suggestions on MD5 verifying signature? Should it e-mail you on mismatch of the signature? Also, does the script look good now?
No, the script is not good. Please test before posting. Depending on what philosophy you subscribe too, I am of the idea that I should only be email when something bad happens. Since you plan on making this into a cronjob, cron can email you the output of a script. So only print to standard output (or error) in your bash script when it fails. Get ride of the verbose printing would be what I suggest.
-Adam
-
So. Here's a script for updating your GeoIP database.
#!/bin/bash echo "GeoLiteCity update beginning at `date`" > /home/example/logs/geoip.txt cd /home/example/public_html/exampledomain.com/billing/system/ rm -rf GeoLiteCity.dat wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz gunzip GeoLiteCity.dat.gz echo "GeoLiteCity update completed at `date`" > /home/example/logs/geoip.txt
If you run this in a cronjob, no need to log each message since you log the whole script (email or pipe redirection). I would also make the suggestion you use https as opposed to http for the transfer (geolite supports this).
You could get a small performance boost if you used named pipes and curl. Something like this would work:
curl -L https://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz | gunzip > GeoLiteCity.dat
Works for me so far.
My cronjob looks like this:
* 20 * * 6 /home/example/geoip.sh
Runs every Saturday at 8PM.
Haven't figured out how to automatically overwrite... oh wait.
That is pretty agressive. The Maxmind website says the database is updated on the first Tuesday of the month. Taking into account the various number of timezones and not knowing when on Tuesday the database is updated, lets run this on Wednesdays instead.
0 9 * * 3 [ `date +\%d` -le 7 ] && curl -L https://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz | gunzip > /srv/uploads/system/GeoLiteCity.dat
Runs on the first Wednesday of every month at 9AM server time.
but why does it need to be updated? the countries don't change nor do the IPs?
It is more then just countries, cities are accounted for. With IPv4 shortage, v4 addresses are being reallocated, reassigned more fequrently then ever before.
Note to Blesta Devs: Should switch to the new GeoLite2 database format. The current one is legacy and will be deprecated at some point. The new GeoLite2 also includes md5 sums which can be added to the script above.
http://dev.maxmind.com/geoip/geoip2/geolite2/
-Adam
- activa, EidolonHost and Lucas
-
3
-
FYI: PHP 5.3 has end of life about 11 months ago and is no longer getting updates or patches for security.
PHP 5.4 will EOL in about a month. I suggest upgrading to the latest.
More information: http://php.net/eol.php and http://php.net/supported-versions.php
-Adam
-
how to get the module_id in the called function ?
The caller of the function (blesta core) passes you that argument. It is more of a convince then anything. It is a variable that you can access within the function.
-Adam
-
If cPanel had a tutorial I would
I use InterWorx so don't deal with crapPanel 
But they do! http://bfy.tw/rdw and for the lazy: http://documentation.cpanel.net/x/hgAX :-)
-Adam
-
Would be better if you offered a link directly for cPanel/WHM since that is what kikloo is running. BUT the idea is the same, although I would NOT follow the steps of using chattr. In fact, if you do, you will most likely not be able to add/remove/modify any accounts server wide. I believe you can increase the max timeout via WHM under Apache Configuration (WHM > Apache Configuration > Global Configuration)
Hi,
I checked the logs and it says:
---
[Fri Jul 17 06:21:57 2015] [error] [client 122.173.197.254] Script timed out before returning headers: index.php, referer: http://avissoft.com/client/index.php/install/process/
---
What does it means ???
Thanks.
Checking our your website, it appears you are now getting SQL errors, and no longer 500 errors. Sounds like you have resolved the 500 errors. You might want to re-start the installation process (clear out all data, including database) and make sure your system meets the requirements: http://docs.blesta.com/display/user/Requirements
If you are running under a LxC environment (which you mentioned you are via CageFS) make sure you select the necessary PHP version and modules required.
thanks,
-Adam
-
If you are getting a 500 error, check your server logs, for example: /etc/httpd/logs/error_log
Common items to check:
Are the files owned by the web user?
Do you have issues in your .htaccess file?
Do you have the correct version of IonCube loaded with the version of PHP you are running?
(if you are running PHP5.5 you need to apply the PHP 5.5 patch files).
Many issues could cause 500 errors, only way to know is to check /etc/httpd/logs/error_log
-Adam
-
Typically with popen you want to use pclose and not fclose. However in my test environment I wrote a simple pipe program and simulator and it did not matter.
Things to try, make sure Blesta debugging is enabled (along with PHP's)
(in config/core.php)
Configure::set("System.debug", true);and that the path to pipe program is correct. You should try using the full path in your code above. You may also want to try and add a shebang to plugins/support_manager/pipe.php. Use something like#!/bin/env php -q
should do it. Of course, also make sure Blesta department is setup to correctly handle piping.-Adam
-
Some need to use /usr/local/bin/php on cPanel.
Should always use
/bin/env php
followed by any args or path. -
hi devs and fellow Blesta lovers,
We need a SEO plugin to do the following and not limited features.
Blesta needs a SEO plugin? What benefit will that offer? Take for example the Blesta demo: http://demo.blesta.com/ the only area I could see any use if someone had an extensive knowledge base that they want to attract users to their site (similar to digital ocean's system ... but most of those are user submitted content in exchange for credits).
But I believe the wording of the knowledge base would be more beneficial for SEO then any metadata that would exist.
1. Shorten the length of the url
Ya, I think that could be solved with some rewrite rules from your webserver. But I can see some modifications that might need to be done to Blesta to support this.
2. Has meta tags for each order form
3. Key words selection
What do you mean? Like configuration fields supporting extra metadata information? What do you mean by keyword selection? Tag Cloud? This could be solved by editing your theme.
4. Add Robots
5. Add XML Feed better faster
6. Send website details to Google or Listed Directories
Add Robots, like in robots.txt? Blesta can give suggestions for bots to not crawl some aspects of a blesta install, for example, the admin area or plugins folder. As for installation, robots.txt requires it to be installed at the root web folder of a domain. If your blesta is installed in a subfolder, out of the box it would not work (domain.tld/blesta/robots.txt for example).
What do you mean by XML feed better faster? What feeds would blesta publish? The only thing I can think of would be for the Blesta Announcement plugin: http://www.blesta.com/forums/index.php?/topic/3180-plugin-announcement-released/ Perhaps you should post your suggestion to that plugin (already on TODO list).
As for send website details to google or listing directories, I mean, google has an API for that https://developers.google.com/apis-explorer/#p/webmasters/v3/ but why is this needed? How many times are you going to be submitting the site to Google's Webmaster Tool? Seems like a lot of work on reinventing the wheel. Would be much easier, and update to date, if you used Google's interface rather then a plugin.
I just do not see the need for this. Maybe you and others can convince me I am wrong.
-Adam
-
Using 2+ modules on a single service adds an additional layer of complexity to the module system for services and invoices which poses several design and backward compatibility issues. It's something we will need to discuss internally more before we would have anything more specific to share about it.
Yes and, inheritance! I think having the inheritance model would allow for this. For example, if we want to create a new module, we can inherit from the universal plugin and simply override or and add new features. At some level, this is already built in from the base class Modules. This adds a great level of separation and adds features!
Tyson , First module is the master . used to provisioning to the service .
Second is a slave. Used just to achieve some task from tabs not more .
Nothing related to addons .
If you search the first threads from the first beta stage . you can find aa discussion about attaching modules to a specific tab in other module . that is the real behavior should be done .
Yup, keyword is inheritance.
/adam
-
your answer is just for the OP question . what about the other questions , use two module to manage 1 service ?
Any update on this from the devs? Paul, Cody, Tyson?
thanks,
-Adam
-
this is the mysql shema that i will use , any correction ?
$this->Record-> setField("id", array('type'=>"int", 'size'=>10, 'unsigned'=>true, 'auto_increment'=>true))-> setField("subject", array('type'=>"varchar", 'size'=>255))-> setField("client_id", array('type'=>"int", 'size'=>10, 'unsigned'=>true, 'is_null'=>true, 'default'=>null))->Why is client_id not required? How do you plan on sending quotes to clients who do not exist within the system? I understand quotes are not invoices, but when you create a quote, you already have a client in mind (at least their name, company, email address, etc). Might be better, and easier, if every quote you created was associated with some client. It would make garbage collection easier -- no orphaned records, etc.
setField("date_added", array('type'=>"datetime"))-> setField("date_valid", array('type'=>"datetime"))-> setField("date_closed", array('type'=>"datetime", 'is_null'=>true, 'default'=>null))-> setField("active", array('type'=>"int", 'size'=>10, 'default'=>1))-> setField("company_id", array('type'=>"int", 'size'=>10, 'unsigned'=>true))-> setField("currency", array('type'=>"varchar", 'size'=>3, 'default'=>'USD'))-> setField("status", array('type'=>"enum", 'size'=>"'open','accepted','dead','closed'", 'default'=>"open"))->What is the difference between status column and activate? For example, how can a quote be activate but "dead." Or inactivate but open? Seems like you these two fields should be normalized (merged).
setField("note_public", array('type'=>"mediumtext"))-> setField("note_private", array('type'=>"mediumtext"))-> setKey(array("id"), "primary")-> setKey(array("company_id"), "index")-> setKey(array("date_added", "status"), "index")-> create("nh_quotes", true); // Quotes Lines $this->Record-> setField("id", array('type'=>"int", 'size'=>10, 'unsigned'=>true, 'auto_increment'=>true))-> setField("quote_id", array('type'=>"int", 'size'=>10, 'unsigned'=>true))-> setField("description", array('type'=>"mediumtext"))-> setField("qty", array('type'=>"decimal", 'size'=> (12,4), 'default'=>"1.0000"))-> setField("amount", array('type'=>"decimal", 'size'=> (12,4), 'default'=>"0.0000"))-> setKey(array("id"), "primary")-> setKey(array("quote_id"), "index")-> create("nh_quotes_lines", true);Other then that, looks good.
-Adam
-
-
Any updates from the Blesta Devs? Paul, Cody, Tyson?
thanks,
/adam
-
And it would also be nice if it was possible to assign more than one module to a service (e.g. one main module that handles the actual server provisioning, and a completely different one to offer monitoring through Observium)
That would be awesome. It would make for more features and shorter development cycles. For example, SolusVM has IP management and rebooting of VMs (among other features). If someone wants to do the same for lets say VPS.net module (already written) or new module xyz for a cloud provider, why should they reinvent?
If we can assign more then module per product, things like adding Observium (or another monitoring platforms) would be easier and fit a wider audience.
Unless, of course, plugins are the answer? Would be interesting to know what the Blesta Developers have to say where the "line in the sand" is drawn between module and plugin.
/adam
-
Howdy,
Is it possible to extend an existing module?
For example, I would like to extend the universal_module and add a few features to it for server management. For compatibility reasons and general separation of concerns, this would make sense, however I am not sure if this is feasible.
I am currently developing a few extra features like IP address management (PTR/RDNS), password / public key generation, bandwidth graphs, monitoring and general IPMI interface. My assumption is that this should go under a module and _not_ a plugin. Is this correct?
The reason for creating a plugin is that these items are very specific to a service and product and not necessarily to all products and services. I did read http://docs.blesta.com/display/dev/Creating+a+Plugin and it seems like a plugin would also work for these requirements. However looking at both plugins and modules, it seems that modules tend to have the characteristics I am building, hence my assumption.
thanks,
/adam
-
The tools.php file generates an encoded string used by the module, and have the algorithm to encode the string, this its the reason that its encoded. for security reasons.
Im working in a new update with some improvements of the code
It is no secret what algorithm you use to encode that string .. since you told us how to decode it (via your module). I do not understand your argument on it being obfuscated for security reasons.
You first output the server status via base64 encode as hex. Then each character is shifted by 13 places via str_rot13. After that you reverse the entire character stream via strrev. Finally, you compress the output via gzencode. All this for what appears to be server status. I say what appears as server status because I have not taken the time to reverse engineer the script to see if any malicious intent is also included.
What is so secretive about the status of the server? With a little investigative work (thanks to your screenshot) I can see your server has 3 CPUs, ~25GB of disk and roughly 256MB of memory with an uptime of almost two days. If you are worried about attackers, outputting the version of Apache you use, along with OpenSSL and PHP can do more harm (which is what you currently have setup).
Again, all this for server status. Yet, as Max pointed out, your passwords are sent as a GET parameter to a 3rd party site. Regardless if the connection is SSL or not, GET parameters are not part of the encrypted payload in TCP/IP (they are part of the packet header). It seems more focus should be addressed in other areas is all I am saying.
I say these things not to make you feel bad, but because code review is an integral part of making software better.
-Adam
-
Howdy,
I am using the universal configuration module and currently testing it out. An order was placed using that module and service provisioned with configuration options.
In the admin area, I want to now upgrade / downgrade any of these options for the client. I can do that just fine, but the price of the product does not change, despite the configuration option correctly changing.
What am I doing wrong? Do I have to manually override the price? I am using Blesta 3.4.4
thanks,
/adam
-
Why is servertools obfuscated? May you please undo that, along with posting this on a public source code repo .. so others can contribute to it?
A lot of work needs to be done in order to make this more modular. Injecting HTML within the controller does not seem good MVC approach nor is using shell_exec without escaping the string with escapeshellarg.
It also seems you are hard coding OS values, hard drive values rather then taking a more general approach of pulling from database via the Record object provided from the base class.
-Adam
-
Mike,
Check the PayPal IPN history page: https://www.paypal.com/us/cgi-bin/webscr?cmd=_display-ipns-history (Profile -> Profile & Settings -> My Selling tools on the left hand side -> Instant payment notifications -> IPN History Page). That will show you the payload that PayPal sent, and the respond back it got from the server.
/adam
-
Hooboy, this is quite the advanced module. I'm almost tempted to stop development of my Dedicated Server Module and let this one take over... but I think, that is probably not a wise idea.
More modules may be a good thing... but I think this one will probably win out in the end.
Merge the projects. @cyandark should post this on some public code repository (self-hosted git/svn or github, bitbucket, etc).
/adam
-
Howdy,
Would it be possible to add a default option to be selected when using Radio or and Checkbox as a configuration option?
By adding this feature, this would improve the user experience on order forms as the end user can avoid selecting configuration options if the default that is define by the company is selected.
thanks,
/adam
Why Use Api To User->Login Return This False
in Support
Posted
What are you trying to do? ... For what purpose are you calling the login module for Blesta?
-Adam