I'm working with Symfony2.3.4 and PHP 5.6.3.
I'm going to deploy a project I just finished and I need to do it "by hand", it means copying the project source code manually onto the production server in a company because I can't use any tool for it or anything of the like.
I've never done this before and for what I've googled so far it's hell. But what worries me the most is the matter of protecting my code once it's in the server, i.e.: no one sniffing around, editing, copying, plagiarizing it, etc.
I don't know if I'm making any sense or if this is an obvious question, I really really have zero experience deploying web apps so be gentle.
Anyone who has administrative access to the server can read and copy your code, including of course the server administrators (i.e. the hosting provider staff).
Of course any hosting provider in the world can do that and AFAIK it's never been a problem, because they usually are professional and don't do it.
The only solution I can think of is to setup a VPS where you have the only SSH access, but of course that means you have to setup the whole web server yourself... and that's even more complicated than simply deploying your code.
To answer your question, and if you really (really!) want that, you can checkout this SO question: Is there a code obfuscator for PHP?
But you shouldn't do that! As said, don't be scared by hosting providers, or setup your own server. :)
Related
I would like to develop a website for a company with a lot of different functions. I decided to use the Symfony 2.0 framework for the first time and started reading the documentation and also a video tutorial.
After a week reading the documentation I still have some general questions unanswered. It would be great if you could help me with them:
Which client OS do you recommend to work with Symfony2? Windows doesn't seam appropriate.
Can I develop the whole website on a local Apache server and than upload the files to a regular webhosting server and use it?
I bought a regular web hosting (www.cyon.ch) is this recommended? I can't use any console on it.
I'm really confused and I'm sure I'm asking quite some stupid questions. It would be great if you can help me understand better how Symfony2 works.
Thanks in advance!
Windows is OK, as long as you have PHP and MySQL. There are several package that can do the job.
You can. In fact you should. Common workflow is develop on localhost and test on test server, and then move to production server. You should use a SCM like git.
Theoretically you can. But you won't have access to many console features that are really useful, like updating the database schema, flushing cache, download dependecies automatically, etc. I know some people doing this (copying everything with vendors), that's heavy and insecure.
When it takes half a day to update the app, you don't hurry when you have to apply security patch. Unlike Wordpress or Drupal, Symfony has no other 'easy way' to update vendors and third party modules than command line interface. So it is really not a good idea. You can find a lot of VPS with full ssh access, that cost less than 10$ months.
I work on windows just fine. For wamp server, use Easyphp. Everything is easy to configure and most important; cli and apache users use same php.ini
Yes, but it is bad. You should use either svn or git. I find svn easier to use and both of them have UI variants: TortoiseSVN and TortoiseGIT.
No. You need console access and php5.3 minimum.
I am new to web development and have been building my websites in Visual Studio. I have built a database which is stored in App_Data folder. The database is open(no password) but when the website will be ready and when I will publish it onto a server then what will happen to the databases. How will I add the password. Will it remain stored inside the project or can I move it to the hosting server's database folder's. I maybe be asking silly questions but they are bothering me.
*Please bear with me, I am dyslexic and have problems doing normal things.
No questions are silly everyone on this site was a beginner once and I’m sure they have all in the same boat.
When it comes to deploying a database each hosting company will be set up differently and most likely each hosting plan at that company will be different. My hosting company helped me out the first time and it was actually much easier than getting my first database to work on my own computer, but a lot more time consuming.
I’m guessing you are using SQL Server Express locally, if so you will probably find your hosting company, sorry I’ve said (Hosting Company) a lot in this spiel, doesn’t support Express. This will mean you will have to go with its big brother, but most plans will have at least one available on the cheapest plan.
All that said, your database will most likely not go in you App_Data folder, I suggest contacting you hosting company and ask them about the process. One thing to keep in mind though is make sure you like you hosting company and they are not going to go away, because once you go through the process of setting it all up and getting your data into it, you want to ever have to move it!!!
So time consuming and pleasantly easy,
Cheers,
Mike.
We have a web application that uses AJAX to talk to an ASP.NET web service. We would like to write another version that can be used offline. We need to be able to re-use our existing code as much as possible. What approaches should we consider?
The app is currently using XmlHttpRequest to get dynamic data from the server. Obviously the offline version will not be able to talk to the server, but it does need to talk to something! I'm sure installing IIS or Cassini on the client would work, but I was hoping for a simpler solution. Is there no other way for JavaScript to talk to some external code?
There are plenty offline web apps nowaday. It simply evolve from AJAX.
For example:
WoaS (wiki on a stick / stickwiki), Tiddly Wiki,
Google doc and Gmail is going to be offline.
You don't need a webserver to run these webapps in offline mode. Just store the required data, scripts on the client side (usually as XML).
One of the possibilities would be to use Cassini. This is a web server that acts as a host for the ASP.Net runtime. You can host Cassini in a Windows application or a Windows Service. In this scenario you do not have to rewrite the web app and the web service.
Most other solutions do require a rewrite of both your web app and your web service. Depending on the way you have written the existing app you can reuse more or less code.
Have you considered HTML5 with application cache and offline storage?
If you hope to create an "offline" version of your package your biggest issue by far will be the need to install your site into a local copy of IIS (registering a virtual directory, etc.). I pursued this briefly a few years ago and gave up in frustration. It can be done: a number of software vendors such as DevExpress do this so you have local copies of their demonstration projects. Indeed, I was able to do this. The problem was the classic "it works on my computer" syndrome. There was simply no way to guarantee that most of my end-users had anywhere near the technical proficiency to make this work.
Thus, I would strongly recommend that you not pursue this path unless you have very technically proficient users and a huge support staff.
But there is one more very important question: did you abstract all data access code to a DAL? If not, then you have a lot of work to do in managing data access as well.
Update: user "Rine" has recommended Cassini. I just wanted to let you know that I pursued Cassini and another 3rd-party web server as well. I think that there are licensing issues with Cassini but may be wrong - it has been awhile. However, I do distinctly remember running into barrier after barrier with this approach and very little documentation to help me out.
if you want a web application run offline, you need a webserver (IIS for ASP) bound to the localhost (127.0.0.1) address. After this so can access your web application by typing http://127.0.0.1/ in your web browser the same way as you do online.
If your AJAX relies on XMLHttpRequest's, you can:
Make the static versions of XML's you get over XMLHttpRequest and put then into a folder on disk.
Rewrite your XMLHttpRequest URL's so that they point to files on disk.
Rewrite your XMLHttpRequest's so that they don't check status (it's always 0 for the file:// protocol.
All JScript works on file:// pages as well as on http:// ones.
Of course it's not the best way to develop static pages, but it may save you some time on rewriting.
I havent come across any framework specifically built for asp.net like the ones available for PHP or RoR.
Here is a good article by Steven to get you started with HTML 5 and ASP.Net Creating HTML 5 Offline application
Obviously the offline version will not be able to talk to the server, but it does need to talk to something!
Enter HTML5 LocalStorage. It works like a database and enables you to put data on your client. Indeed you have to rework parts of your code in javascript and transmit it to the client, but then it would work offline.
Local Storage works like this:
- Setter: window.localStorage.setItem(KEY, VALUE)
- Getter: window.localStorage.getItem(KEY)
- Remove: window.localStorage.removeItem(KEY)
To get the main page working offline you need to create a manifest. This is used to store complete sites on the client. Please refer to this for more information about manifests:
http://diveintohtml5.info/offline.html
You want to build a web application to work offline?? It can't be done.
You could split the interface code from the rest (in diferent dlls) and create a windows application to mimic the behaviour of your web application. This way you have 2 distinct user interfaces but the same code for business rules and data access.
I don't really see any other way...
How come one user in the local Administrators Group has no problem hitting http://localhost:8080/services/v1.0/Registration.asmx while other users in the local Administrators Group get 403 (access denied) errors (with nothing in the Event log)?
Have you checked the permissions of all three areas. You need permisssion on server, reporting service and sharepoint for this.
I would strongly recommend you download Team Foundation Server Administrator tool to do this as otherwise it can be a right pain.
rasx, yea, the interface isn't the best on that tool. It basically allows an easy way to set up permissions to the Team Foundation Server, Reporting Services, and Sharepoint.
Most of the security problems I've come across always resolve down to one of those three permissions messed up on a particular user. I'm pretty sure that's what you're experiencing. Without the Team Foundation Administrator Tool that dove mentioned, you can still just add permissions to each of those areas manually.
It sucks that TFS doesn't come with an easy way to manage all permissions everywhere, but there you have it.
dove, I’m not sure about how the Team Foundation Server Administrator tool would help here. I installed it on the TF server and got an empty interface that looks like it is expecting pre-exiting Team projects.
I have a web app which queries a Lucene index and it works just fine in a W2K3 server in my network. Now I got my azure code so I wanted to test the service uploading the app. In order to do that I had to install Vista (I did it in a Virtual machine) cause the Azure SDK won't install on an XP box.
I created my Cloud Service, added the files from my app but when I run it (just F5) I get a SecurityException, when I call Lucene to query the index, saying:
The application attempted to perform
an operation not allowed by the
security policy. To grant this
application the required permission
please contact your system
administrator or change the
application's trust level in the
configuration file.
I've been googling around and the solutions I've found concern modifying the machine.config file which is something I won't be able to do "in the cloud".
Could anybody help on this?
Ok, in case somebody is facing the same issues, this is the correct answer which I got from the Azure forum:
This is because of the trust policy
for the Windows Azure CTP. The
enviroment variablies TEMP and TMP are
avaliable and set up appropiately.
However, System.IO.Path.GetTempPath
and System.IO.GetTempFile do not work
as they require unrestricted
environment permissions. I would
suggest you contact the Lucene
developers to see if they can modify
the code so it runs properly in medium
trust environments.
Thanks to Daniel C. Wang for the answer.
I also found a question regarding my same issue and how if was fixed.
Here the link: Lucene.Net fails at my host because it calls GetTempPath(). What’s the work around?
You can change trust in the web.config, unless that has been disallowed in the machine.config (which it often is in shared hosting). inside your put and see what happens.
If you are not allowed to do that, see if you can get your control GACd by talking to your provider. If that doesn't work, sorry to say but you are out of luck. Sometimes you can find workarounds that don't require full trust for a specific method, but if a third party dll requires it there is not much you can do
Haven't done this but isn't it possible to have a desktop version of the Live Operating Environment? This would seem a good start for troubleshooting.