blog.arithm

In order to run Windows commands via PHP functions such as open_proc(), apparently one has to grant read/execute permissions to the account under which IIS is running (usually IUSR_<servername>) on C:\WINDOWS\System32\cmd.exe. Be sure to do this for web apps that rely on external commands.

This of course took me an eternity to figure out. I was only able to piece together WebSVN‘s bizarre Windows mis-behavior after scouring through the remnants of forum posts limboed in Google cache. PHP.net of course has no proper details on this, though I do now better understand what proc_open‘s obscure and undocumented bypass_shell parameter might be about.

Ah yes, PHP on Windows. Obscure and irritating.

Kind of like me. Not that that makes it any better.

Ugh. As usual, more weird problems while trying to upgrade PHP on a Windows box. Are we having fun yet?

If you find that the MySQL extension won’t load, then probably a previous PHP installer has placed a version of libmysql.dll somewhere else in your path. Look in c:\WINDOWS\system32\

The problem is almost certainly the reason for the following obscure comment

Although copying libmysql.dll to the Windows system directory also works (because the system directory is by default in the system’s PATH), it’s not recommended.

in the PHP MySQL documentation.

Make sure your home PHP directory is in your path, and that its finding libmysql.dll there and only there.

If you are using Zend’s installer to upgrade PHP on Windows, the installer will probably break your file type mappings. Double check to make sure that .php points to the correct ISAPI dll in IIS.

(IIS -> Home Directory -> Configuration… -> Mappings)

This has been bothering me for a long time. According to an old post, Ctrl-C can’t be properly mapped in the normal Cygwin console running under Windows; so Ctrl-X-Ctrl-C-ing out of Emacs under Cygwin is not an option.

Alternatives are as follows:

• Set the environmental variable CYGWIN=tty. (This may disable echo back to the local terminal when you exit Emacs.)
• Run emacs under rxvt or X.
• Use M-x kill-emacs. (I wish I had know about this years ago.)

Die, emacs. Die.

For a simple and free (and fairly standard!) way to secure your remote desktop sessions — and without having to figure out the crazy, proprietary Microsoft security stuff — take a look at copSSH. copSSH uses a streamlined Cygwin client to setup an SSH sever on your Windows box.

I’ve recently been using copSSH and PuTTY‘s Pageant authentication agent to tunnel RDP through PuTTY/copSSH SSH connections. Works like a charm.

One gotcha: copSSH doesn’t clean-up after itself well. Consider running taskkill from time-to-time.

C:\WINDOWS\Taskkill /F /IM bash.exe /T

Or if you prefer bashing:

$ kill -9 `ps | grep ^I.*bash$ | cut -c2-9`

Accrue more than 64 zombied PTYs and you’ll find yourself locked out of the server.

Someone has finally produced a decent front end to 7-Zip ! jZip is 7-Zip, but not irritating to use. Like 7-Zip, it should support all major (and many, many minor) archiving formats.

Lately I find myself wading through a lot of IIS-related issues and the IIS6 FTP server has been driving me crazy.

I’ve never really worked with IIS before. Given Microsoft’s bent to make things as simple as possible, I’m surprised at the amount of time I have to spend figuring out basic configuration issues. The various Microsoft GUIs contain no way to set a passive FTP port range, or even a range of ports in Windows Firewall for that matter.

I’d originally assumed that I could just add the FTP server .exe to the list of exceptions in the firewall Exceptions tab: This way any ports that the server opened would be automagically accepted by Windows. From the running services it appears that Inetinfo.exe is the FTP server, or at least encapsulates an FTP service along with other services. An article here tells me that adding Inetinfo.exe to the list of exceptions would be rather naughty, so I have resorted to the tedious, manual means of configuring and opening passive FTP ports. I wonder if there’s a real FTP server binary somewhere in there that I could make an exception.

Anyway, the manual process in a nutshell…

1. Set some passive ports in the IIS Metabase:
   C:\Inetpub\AdminScripts\adsutil.vbs set /MSFTPSVC/PassivePortRange "5000-5010"
   (note that you cannot explicitly tell IIS to use active or passive.. it wants to figure that out for itself based on the available ports and what the ftp client is requesting)
2. Open same ports in Windows Firewall:
   FOR /L %%I IN (5000,1,5010) DO NETSH FIREWALL ADD PORTOPENING TCP %%I FTPPort%%I
3. Restart IIS:
   iisreset
4. Go back to doing more productive things.

Unless you have a lot of people FTPing in and out of your server, ten or so open ports should work.

Thanks to New Age Digital for their straightforward article on this. Some may also want to read the Slacksite article, the definitive explanation of Active/Passive FTP.