That, with a little trial and error and I was able to get a PHP page to fire off a command-line PHP process to run an import of several years data into a new reporting schema. Since this import relies on some serious data manipulation it has a tendency to time out for large data sets. So, I set up the command line script to run six months worth of data and before it exits it starts a new background process for the next six months of data. In this way I was able to complete a many-hour process without worrying about timeouts. I did notice that running in the background (actually in an “invisible” command shell) that the process ran slower than when running in the foreground. This was acceptable, however, since the page returns immediately while the processing begins and the application is still usable while the process is running.

Here is how I call it from the page:

if(isset($_SERVER['PWD'])) { // *nix
    $basepath = dirname(__FILE__).'/';
    $php = 'php';
} else {
    $basepath = dirname(__FILE__).'\\';
    // edit to match your installed target environment
    $php = "C:\\php516\\php.exe";
}
ignore_user_abort(true);
set_time_limit(0);
$arg1 = 'foo';
$arg2 = 'bar';
$runCommand = "$php -q {$basepath}my_background_running.php $arg1 $arg2";
if(isset($_SERVER['PWD'])) { // *nix
    // *nix: Use the backtick operator or shell_exec()
    $nullResult = `$runCommand > /dev/null &`;
} else { // Windows: use the php COM class
    // WScript.Shell gives you the command line
    $WshShell = new COM("WScript.Shell");
    $oExec = $WshShell->Run($runCommand, 7, false);
}

I do the same from the background script to call itself recursively right before it exits.

I didn’t find the Microsoft documentation for the Windows Script Host Shell until today during lunch. I found the location in the Practical PHP Programming Online Book where he says to use the Google search “wshell object” msdn which will result in the first link pointing at the MSDN documentation. (I have a feeling it moves around quite a bit, since every link I have run across up to now that points directly at the documentation results in a nice 404 error page at Microsoft.)

Buzz This Post Delicious Digg This Post Ping This Post Reddit Stumble This Post

So far I haven’t found any hints on this anywhere yet. If any of my readers know of any file IO tricks for PHP on Windows please let me know! (I’m talking to both of you!)

Edit: It seems the issue was caused by having XDebug running while trying to write the files. I thought I had turned it off, but I hadn’t so it was writing cachegrind files while the scripts were trying to write their files, and well, it wasn’t pretty.

Buzz This Post Delicious Digg This Post Ping This Post Reddit Stumble This Post

I deleted my Parallels XP image (and subsequently ended up wishing I hadn’t) and used the Boot Camp assistant to set up my hard drive and install XP. I got XP set up and running, but had to call Microsoft to get it ‘activated’ since it saw it as a new install. Once that was taken care of I installed Office, and got the same kind of headache there – where the key wouldn’t work, because it said it had been installed on too many machines. I decided to leave that be for the time until I felt like waiting on the MS phone queue again.

I rebooted into OS X and loaded my now ‘active’ and ‘valid’ Windows XP under Parallels. As soon as it booted it gave me the message that I had 3 days to activate it as the hardware had changed significantly and it was no longer valid. I ddn’t feel like fighting it so I closed down Parallels and rebooted into XP where, surprise, I got the 3 day warning again!

So not only does loading the same image in a VM result in XP thinking it isn’t a valid copy, but it changes something in the registry somewhere, so that booting back into natively results in the same thing. I thought the concept of hardware profiles would help with this sort of thing, but apparently not. This is something that MS needs to address sooner rather than later as multicore machines make virtualization more common and loading a native image in a VM becomes a more common way of doing that.

An interesting side note: I got fed up with the whole validation issue and removed the XP partition and re-installed XP under Parallels the same way I did originally. I expected the phone calls for the XP key and the Office key etc, etc – but, it just accepted the keys and validated no questions asked.

Technorati Tags: Boot Camp, Parallels, XP, OS X

Buzz This Post Delicious Digg This Post Ping This Post Reddit Stumble This Post

Essentially, a user with the Speech Command feature enabled can browse to a web page which starts a sound file (like just about every mySpace page) containing clearly recorded commands, and the Speech Command feature will execute those commands without any other user interaction. While not every command is enabled through Speech Command, George explains why you should disable Speech Command until there is a fix:

The fact that a website can play a moderate level sound file to
interact in a way with the desktop by activating an idle speech
command system and be able to delete user documents with zero user
interaction is serious by any stretch of the imagination.

Update: Microsoft has confirmed this exploit.

Technorati Tags: security, windows, vista

Buzz This Post Delicious Digg This Post Ping This Post Reddit Stumble This Post

While FAT32 is an option, it has some serious limitations. Like a maximum file size of 1 byte less than 4 GB. That and the way that FAT32 partitions over 32 GB (while supported under Windows) tend to get a little, shall we say, flaky.

Before today what I had found was as follows:

Note: native = default or standard in a “vanilla” install | in kernel = modules available for kernel insertion, although not default.

Well, that was before I found these today: kernel modules for both OS X and Windows for full read and write support of Ext2 / Ext3 file systems. I have installed Ext2 IFS for Windows and pounded on it already. It works (so far) like a charm. I don’t yet have a Mac to test the Mac OS X Ext2 Filesystem but I will do so as soon as I can. Assuming they are building this as a loadable module for the Darwin kernel (does the OS X Darwin kernel allow insmodding?) then it should be a snap. What surprised me is that the Ext2 IFS for Windows is an actual NT Kernel module, not an app or service. It’s actually kind of cool to see my Linux partitions show up under XP as lettered drives!

Buzz This Post Delicious Digg This Post Ping This Post Reddit Stumble This Post

From the CERT bulletin:

Data used by Microsoft Word to construct a destination address for a memory copy routine is embedded within a Word document itself. If an attacker constructs a Word document with a specially crafted value used to build this destination address, then that attacker may be able to overwrite arbitrary memory.

According to the eWeek article, currently only BitDefender recognizes the threat. Testing on a fully patched and up-to-date WinXP SP2 I can at least vouch that AVG doesn’t recognize it as a threat yet. Opening the POC in Microsoft Word results in successful execution of the exploit (which in the POC merely crashes Word.) Attempting to open the POC in OpenOffice results in OO reporting an error.

My recommendation: use OpenOffice.

Buzz This Post Delicious Digg This Post Ping This Post Reddit Stumble This Post

The PoC is an integer overflow-based heap overflow, in the DSA_SetItem function in COMCTL32.DLL. An arithmetic overflow can occur during multiplication to calculate the desired size for a call to ReAlloc, that isn’t reproduced during a subsequent call to memmove, so the allocated size can be smaller than the copy size and result in a heap buffer overflow. …

This vulnerability can result in remote code execution in the context of the logged in user. In order to exploit this an attacker must create a malicious website or leverage a site that allows for custom user content.

While the vulnerability was posted on the Browser Fun Blog on July 18th, the exploit first appeared over the weekend. The Microsoft Security Advisory has details on how to patch manually and how to apply the manual change to group policy.

Affects:

• Windows 2000 Service Pack 4
• Windows XP Service Pack 1
• Windows XP Service Pack 2
• Windows Server 2003
• Windows Server 2003 Service Pack 1
• Windows XP Professional x64 Edition
• Windows Server 2003 for Itanium-based Systems
• Windows Server 2003 with SP1 for Itanium-based Systems
• Windows Server 2003 x64 Edition

Buzz This Post Delicious Digg This Post Ping This Post Reddit Stumble This Post

Although the hackers are calling it a 0day exploit, it seems that it isn’t really. It is one of many that can be easily found using the AxMan ActiveX fuzzing engine. It seems that the guys over at xsec.org are trying to take more than reasonable credit for writing code to exploit a known vulnerability.

HD Moore, head of the Metasploit project was quoted in the article as saying:

“This is one of the many exploitable bugs that can be discovered using AxMan and one of the few that I didn’t include in Month of Browser bugs due to the ease of exploitation. I still have three or four left in IE that have similar impact.”

There is also a Secunia Advisory related to this exploit.

Buzz This Post Delicious Digg This Post Ping This Post Reddit Stumble This Post

Buzz This Post Delicious Digg This Post Ping This Post Reddit Stumble This Post

The Microsoft Security Bulletin MS06-040 came out on the 8th, and a MetaSploit module to exploit the flaw came shortly after. Tech e-zine eWeek reported that Immunity and Core Security Technologies had both released what they deemed “reliable exploits” for the flaw and declared it wormable on all Windows versions.

Dave Aitel, CEO of Immunity said in an interview with eWeek “A worm is coming. This bug is just too easy to exploit.”

This is a vulnerability that would allow for remote takeover of an unpatched Windows machine. It will be interesting to see how widespread the damage is when (not if) a worm is released.

Patches are available from the bulletin (follow the links) or from Windows Update.

Buzz This Post Delicious Digg This Post Ping This Post Reddit Stumble This Post