Using an SSL Certificate with Joomla

Posted: May 4th, 2009 | Author: Troy | Filed under: Joomla! | Tags: | No Comments »

The simplest way of using Joomla 1.0.8+ with an SSL certificate is to run your entire site over https. To do this. you will need to add redirects from your http pages to the https versions. and make sure that the $mosConfig_live_site value in your configuration.php file contains your https URL.

However. that is not a very satisfactory solution not least because running your site over https is noticeably slower than http.  Typically. you will want the Joomla administrator to run over https. and the front-end website to run over http - perhaps switching to https when a user logs in.  Joomla 1.0.x versions do not support this behaviour natively - to get it working. it is necessary to make some small hacks to certain Joomla files…

The following instructions are based on Joomla 1.0.10.  For other versions. the same principles apply. but there may be slight differences.  Always make sure you are running the latest stable version of Joomla.  Back everything up before you start!

To make sure the Joomla administrator always runs over https…

In administrator/index.php. immediately after the line that says

define( ‘_VALID_MOS’. 1);

Add the following:

// PART 1 - See if user is connecting via SSL
if ($_SERVER["SERVER_PORT"] == “443″ && $_SERVER['SERVER_NAME'] != “localhost”)
{
// reset site config var to SSL equiv
$mosConfig_live_site = str_replace(”http://”. “https://”. $mosConfig_live_site);
}

//PART 2 - Redirect to https if accessed over http (except when running locally)
if ($_SERVER['SERVER_NAME'] != “localhost”)
{
$port = $_SERVER["SERVER_PORT"];
//echo $port;die;
$ssl_port = “443″;  //Change 443 to whatever port you use for https (443 is the default and will work in most cases)
if ($port != $ssl_port)
{
$host = $_SERVER["HTTP_HOST"];
$uri = $_SERVER["REQUEST_URI"];
header(”Location: https://$host$uri”);
}
}

Also add the above code to /administrator/index2.php - immediately after the require_once directives near the start.

This forces the administrator to always use https. However. if you are using IE and find that it keeps warning you about insecure items on the page. you will have to add the code from part 1 to the end of your configuration.php file instead.  Note however. that the code you add there will be lost whenever you save the ‘Global Configuration’ page in Joomla (so you will either have to re-add it after saving. or preferably make changes directly in configuration.php instead of using the Joomla ‘Global Configuration’ screen).

To allow the front end of your website to use https as well as http. open Joomla’s main index.php file. and find the following code (near the start of the file):

define( ‘_VALID_MOS’. 1 );

include_once( ‘globals.php’ );
require_once( ‘configuration.php’ );
require_once( ‘includes/joomla.php’ );

Paste the following after those require_once commands:

// See if user is connecting via SSL
if ($_SERVER["SERVER_PORT"] == “443″ && $_SERVER['SERVER_NAME'] != “localhost”)
{
// reset site config var to SSL equiv
$mosConfig_live_site = str_replace(”http://”. “https://”. $mosConfig_live_site);
}

(Note: As mentioned above. you could add the above code to the end of your configuration.php file instead. However. that will break whenever you change any configuration settings in Joomla. so it is better to put it in the index.php file which is never modified by Joomla - unless you also want to run the adminisrator over https and are finding that you keep getting warning messages about the page being insecure - in which case you will need to add the above to the end of configuration.php instead of index.php as described above).

This ensures that if a request comes in over https. all content is served over https (including images. etc.). In addition. in order to avoid problems with session cookies while switching from http to https. you will need to edit a line in the includes/joomla.php file.  Find the line (round about line 896) that says:

return md5( ’site’ . $mainframe->getCfg( ‘live_site’ ) );

…and replace it with the following:

if (strpos($mainframe->getCfg(’live_site’). ‘http://localhost’) !== false) {return md5( ’site’ . $mainframe->getCfg( ‘live_site’ ) );} else {return md5( ’site’ . str_replace(”http://”. “”. str_replace(”https://”. “”. $mainframe->getCfg( ‘live_site’ ))) );}

These hacks enable Joomla to be able to handle both http and https.  They do not however cause your site to automatically switch to https.  There are 2 ways to acheive this:

1) Instead of using the login module. use the login component. and link to it from a menu item of type URL - specifying https in the URL.  For example. you could create a menu item that points to https://www.yourdomain.com/index.php?option=com_login - that way the entire login process is handled using https.

2) If you want to keep the login module. the login form itself will not be shown over https. however by making the following alterations. the login submission is still protected as the form will be submitted over https when the user clicks on login. In other words. it is just as secure as using option 1. but the user will not see a padlock icon until after they have logged in.

In either case. you need to make a small amendment to the login form.  If you are using option 1. the form to be altered is in the components/com_login/login.html.php file.  If using option 2. it is in modules/mod_login.php.  There is nothing stopping you using both methods. in which case you will need to alter both files.

In modules/mod_login.php. look for the line that says:

<form action=”<?php echo sefRelToAbs( ‘index.php’ ); ?>” method=”post” name=”login” >

Make sure you get the login one. not the logout one (ie. make sure it ‘index.php’. not ‘index.php?option=logout’ in the middle bit).  Replace that line with the following:

<form action=”<?php echo strpos($mainframe->getCfg(’live_site’). ‘http://localhost’) !== false ? sefRelToAbs( ‘index.php’ ) : sefRelToAbs( str_replace(’http://’. ‘https://’. $mosConfig_live_site) . ‘/index.php’ ); ?>” method=”post” name=”login” >

NOTE: If using the login module. you will also need to go into the module parameters (login to Joomla administrator. go to Modules->Site Modules. and click on the login form). and set the login url to the https:// version of the page you want users to be directed to when they log in. If you don’t do this. IE will might you a nasty warning message when you try to log in. and you could be redirected back to http.

You can also optionally redirect to http when the user logs out by setting the logout url in the module parameters. However. IE will display a warning when redirecting to http like that. To get the site back to http when logging out without the pesky warning in IE. you need to change the logout form as well.  Look for the line (nearer the start of modules/mod_login.php) that says:

<form action=”<?php echo sefRelToAbs( ‘index.php?option=logout’ ); ?>” method=”post” name=”logout”>

Make sure you get the one that says ‘index.php?option=logout’ in the middle.  Replace it with:

<form action=”<?php echo sefRelToAbs( str_replace(’https://’. ‘http://’. $mosConfig_live_site) . ‘/index.php?option=logout’ ); ?>” method=”post” name=”logout”>

Firefox may give you a warning when logging out to let you know you are going back to http - the above will not prevent this.

To update the login component. go to components/com_login/login.html.php. find the line (quite near the start) that says:

<form action=”<?php echo sefRelToAbs( ‘index.php?option=login’ ); ?>” method=”post” name=”login” id=”login”>

Replace it with:

<form action=”<?php global $mosConfig_live_site; echo strpos($mainframe->getCfg(’live_site’). ‘http://localhost’) !== false ? sefRelToAbs( ‘index.php?option=login’ ) : sefRelToAbs( str_replace(’http://’. ‘https://’. $mosConfig_live_site) . ‘/index.php?option=login’ ); ?>” method=”post” name=”login” id=”login”>

If you want to revert back to http when they log out. scroll down to the logoutpage function (near the end of the file). and find the line that says:

<form action=”<?php echo sefRelToAbs( ‘index.php?option=logout’ ); ?>” method=”post” name=”login” id=”login”>

Replace it with:

<form action=”<?php global $mosConfig_live_site; echo sefRelToAbs( str_replace(’https://’. ‘http://’. $mosConfig_live_site) . ‘/index.php?option=logout’ ); ?>” method=”post” name=”login” id=”login”>

Joomla (version 1.5) has full https support without any hacks being necessary! :D


Zip Command

Posted: May 4th, 2009 | Author: Troy | Filed under: Linux | Tags: | No Comments »

The following examples illustrate typical uses of the command zip for packaging a set of files into an “archive” file. also called “zip file”. The command uses the standard zip file format. The archive files can therefore be used to tranfer files and directories between commonly used operating systems.

zip archivefile1 doc1 doc2 doc3 This command creates a file “archivefile1.zip” which contains a copy of the files doc1. doc2. and doc3. located in the current directory.

zip archivefile1 * This command creates a file “archivefile1.zip” which contains a copy of all files in the current directory in compressed form.

However. files whose name starts with a “.” are not included. The extension “.zip” is added by the program.

zip archivefile1 .* * This version includes the files that start with a dot. But subdirectories are still not included.

zip -r archivefile1 . This copies the current directory. including all subdirectories into the archive file.

zip -r archivefile2 papers This copies the directory “papers”. located in the current directory. into “archivefile2.zip”.

zip -r archivefile3 /home/joe/papers This copies the directory “/home/joe/papers” into “archivefile3.zip”. Since in this case the absolute path is given. it doesn’t matter what the current directory is. except that the zip file will be created there.
The command unzip extracts the files from the zip file.

unzip archivefile1.zip This writes the files extracted from “archivefile1.zip” to the current directory.


Mount Points

Posted: May 4th, 2009 | Author: Troy | Filed under: Linux | Tags: | No Comments »

Below are various commands for discovering. mounting and un-mounting drives.

Command:
fdisk -l
will give you the hd* (* = number) of the Hard Drive you want to format

To format the drive. as ROOT
enter this command
mkfs /dev/hd*

Line for the /etc/fstab file:
/dev/sda1 /mnt/sdb1 auto noauto.user.owner 0 0

Mount the drive:
mount -t auto /dev/sdb1 /mnt/dev_backups


Adding Media Types to the Content Image Tab

Posted: May 4th, 2009 | Author: Troy | Filed under: Joomla! | Tags: | No Comments »

Adding more media types to be available in the content manager Image tab - Joomla 1.0.8

1 - open /includes/joomla.php
2 - find this line and edit the “if ( eregi( “bmp|gif|jpg|png”. $file ) )” and add “|swf|pdf” etc.
3 - find the other line like this and repeat step 2

All media types will now be available in the Images dropdown.


Finding Duplicates (or records with more than 1 item)

Posted: May 4th, 2009 | Author: Troy | Filed under: MySQL | Tags: | No Comments »

SELECT
DISTINCT id.
COUNT(id)
FROM
my_table
GROUP BY
id
HAVING
COUNT(id) > 1


Setting File Permissions

Posted: May 4th, 2009 | Author: Troy | Filed under: Linux, PHP | Tags: , | No Comments »

Here’s a few facts about locking down the server when it comes to hosting PHP scripts.

1) No PHP file should ever require the X bit (ie. you should be able to set all PHP files to 744 - rxwr–r–)
2) All directories do need X bit so set all directories to (755 - rxwr-xr-x)

The following steps should be performed to properly set the file permissions

- chown -R user /direcory/to/receive/new/permissions
- chgrp -R group /directory/to/receive/new/permissions
- chmod -R 744 /directory/to/receive/new/permissions - (this changes all files and directories to rwxr–r–. so still need to set all directories with the X bit)
- find /dir/to/chmod/all/dirs -type d -exec chmod 755 {} \;


List All of a Certain File Type in a Directory

Posted: May 4th, 2009 | Author: Troy | Filed under: PHP | Tags: | No Comments »

//USAGE:
listFiles("/web_directory/". ".jpg");

function listFiles( $dir. $type ) {
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if (is_file($dir.$file)) {
if (strchr($file. ".") == $type) {
echo "&lt;a href='".$path.$file."'&gt;".$file."&lt;/a&gt;&lt;br/&gt;\n";
}
}
}
closedir($dh);
}
}
}

Image Template Position Control in Content Administration

Posted: May 4th, 2009 | Author: Troy | Filed under: Joomla! | No Comments »

This was a hack I did on the admin content component in Joomla 1.0.8 - ish about 3 years ago. Worked well at the time and I thought I’d share it here regardless. Not that I advocate hacking up the Joomla core so to speak but when you can prove to be creative, it often pays off. Here’s the original post:

So who wants to put up with the pain of file naming conventions just to make images show up in specified positions on the template. Not me. So what I did was modify the MOSIMage controls under the Images tab in the content administration.

I noticed that all of those somewhat useless attribute modifiers at the bottom of the Images tab actually just appended values onto the end of the image path string in the database delimited by “|” ’s. COOL. So I thought I’d try and make my own attribute modifier called ‘Image Position’ so that I could assign images their positions no matter what the image file name was. This proved to be pretty simple.

I opened ‘/administrator/components/com_content/admin.content.html.php’ and took out all the other modifiers in the table html. Then I plugged in my own select box with pre-defined image positions that could be applied (appended to the end of the image path string in the db) to the image. When selecting an image from the ‘Content Images’ select list. a javascript function is called named ’showImageProps’ and is in the file ‘/includes/js/joomla.javascript.js’. This function simply does it’s own parsing of the image data and populates the MOSImage Control attributes. In this case. I had to make a very quick and easy modification to this function to have it populate my new ‘Image Position’ field.

Then on the front end of things. I simple made an included file that first parses each image in the ‘images’ column of the content which is delimited by “\n” ’s. Then one by one. I parsed out the attributes (in this case now there is only one and that is the image position). did a quick lookup in a switch statement to match the position’s name which in turn wrote out the image tag.


Shortening a String Down to Whole Words

Posted: May 4th, 2009 | Author: Troy | Filed under: PHP | Tags: | No Comments »

Had to do this for the displaying of news flash headlines and I didn’t want to substr down to just characters and chop off parts of words. So here’s what I did:


function shortenText($text)
{
// Change to the number of characters you want to display
$chars = 50;

$text = $text." ";
$text = substr($text.0.$chars);
$text = substr($text.0.strrpos($text.' '));
$text = $text."...";

return $text;
}

Add Samba Users

Posted: May 4th, 2009 | Author: Troy | Filed under: Linux | Tags: | No Comments »

Pretty simple. First have to make sure that you have a system user with the same user name added first:
Good article for that: http://www.ahinc.com/linux101/users.htm

Then, in Red Hat type distros you’ll need the smbpasswd file which contains the samba user names and passwords.

To add a new samba user:
smbpasswd -a [username]

To delete a samba user:
smbpasswd -x [username]