Category: php

slackに脆弱性情報をpost

function send_to_slack($message){
	$webhook_url = 'https://hooks.slack.com/services/hogehoge';
	$options = array(
		'http' => array(
		'method' => 'POST',
		'header' => 'Content-Type: application/json',
		'content' => json_encode($message),
	  )
	);
	$response = file_get_contents($webhook_url, false, stream_context_create($options));
	return $response === 'ok';
}

$message = array(
	'channel' => '#general',
	'username' => '脆弱性情報',
	'icon_emoji' => ':warning:',
	'text' => $string,
);

send_to_slack($message);

おおおおおおお、できたー

とりあえず、リファクタリングしよう

ipa RSSを取得

<?php 
$target_day = date('Y/m/d', strtotime('-1 day'));
$xml = "https://jvndb.jvn.jp/ja/rss/jvndb_new.rdf";

$xmlData = simplexml_load_file($xml);
foreach ($xmlData->item as $entry){
  $dc = $entry->children('http://purl.org/dc/elements/1.1/');
  $day = date('Y/m/d', strtotime($dc->date));
  if($day == $target_day){
      $string.= date('Y/m/d h:i', strtotime($dc->date))."<br>";
      $string.= $entry->title."<br>";
      $string.= $entry->link."<br>";
  }
}
?>
<html>
<body>
	<?php echo $string; ?>
</body>
</html>

OK、次はslack webhook

php.ini session.save_handler

/etc/php.ini

[Session]
; Handler used to store/retrieve data.
; http://php.net/session.save-handler
session.save_handler = files

session.save_hanlder defines the hanlder to use when saving and retrieving data related to the session. The default is files. Npte that each extension can use its own save_handler.

先ほどElastiCacheで作成したmemcacheのエンドポイントをphp.iniに設定する

;session.save_handler = files
;session.save_path = "/tmp"
session.save_handler = "memcached"
session.save_path = "php-session.xxxxx.cfg.apne1.cache.amazonaws.com:11211""

続いて動作確認

session_start();
echo "This is Web Server 1<br>";

if (isset($_SESSION["username"])){
	echo $_SESSION["username"];
} else {
	$_SESSION["username"] = "hoge";
}

なるほど、sessionを共有する両方のphp.iniファイルで、エンドポイントを指定して共有しているのね。

$m = new Memcached();
$m->addServer('localhost', 11211);
$m->set('foo', 'var',60);
var_dump($m->get('foo'));
$m->add('hoge', 'fuga', 60);
$m->add('hoge', 'piyo', 60);
var_dump($m->get('hoge'));
$m->flush();
var_dump($m->get('foo'));

Mcrypt

This function is an extensive block algorithm such as CBC, OFB, CFB, ECB cipher modes DES, TripleDES, Blowfish (default), 3-WAY, SAFER-SK64, SAFER-SK128, TWOFISH, TEA, RC2 and GOST. Interface to the mcrypt library to support. In addition, it supports RC6 and IDEA, which are described as “not free”.

php zip

インストール済みを確認します。
[vagrant@localhost ~]$ yum list installed | grep zip
bzip2.x86_64 1.0.5-7.el6_0 @anaconda-CentOS-201605220104.x86_64/6.8
bzip2-devel.x86_64 1.0.5-7.el6_0 @base
bzip2-libs.x86_64 1.0.5-7.el6_0 @anaconda-CentOS-201605220104.x86_64/6.8
gzip.x86_64 1.3.12-24.el6 @base
libzip5.x86_64 1.5.2-1.el6.remi @remi-safe
php-pecl-zip.x86_64 1.15.3-1.el6.remi.7.1 @remi-php71
unzip.x86_64 6.0-5.el6 @base

ん?
php-pecl-zipか??

[vagrant@localhost ~]$ php –ri zip

zip

Zip => enabled
Zip version => 1.15.3
Libzip headers version => 1.5.1
Libzip library version => 1.5.2

はいってるっぽいですね。
これのこと?

php70-zipとphp-pecl-zipの違いが分からんぞ。

fsockopen – smtp

Open an internet connection or Unix domain socket connection.

$fp = fsockopen("www.example.com", 80, $errno, $errstr, 30);
if(!$fp){
	echo "$errstr ($errno)<br>\n";
} else {
	$out = "GET / HTTP/1.1\r\n";
	$out .= "Host: www.example.com\r\n";
	$out .= "Connection: Close\r\n\r\n";
	fwrite($fp, $out);
	while (!feof($fp)){
		echo fget($fp, 128);
	}
	fclose($fp);
}

Laravelでindexを作成、追加する方法

Schma::create('books', function(Blueprint $table){
	$table->increments('id');
	$table->string('title')->index();
	$table->string('isbn')->unique();
	$table->integer('price');
	$table->integer('author_id');
	$table->timestamps();
});


Schema::table('books', function(Blueprint $table){
	$table->index('title');
});

Schema::table('author_book', function(Blueprint $table){
	$table->index(['author_id', 'book_id']);
});

$table->dropIndex('books_title_index');

league/flysystem-aws-s3-v3

LaravelのファイルストレージとS3を連携させるには、専用のパッケージを導入する必要があるとのこと。

composer.json

"require": {
        "php": "^7.1.3",
        "barryvdh/laravel-dompdf": "^0.8.4",
        "fideloper/proxy": "^4.0",
        "laravel/framework": "5.8.*",
        "laravel/tinker": "^1.0"
    },

ここに、league/flysystem-aws-s3-v3を追加する。

laravel/config/filesystem

's3' => [
            'driver' => 's3',
            'key' => env('AWS_ACCESS_KEY_ID'),
            'secret' => env('AWS_SECRET_ACCESS_KEY'),
            'region' => env('AWS_DEFAULT_REGION'),
            'bucket' => env('AWS_BUCKET'),
            'url' => env('AWS_URL'),
        ],

env(${})となっているので、.envファイルで編集します。

AWS_KEY=[アクセスキー]
AWS_SECRET=[シークレットキー]
AWS_REGION=[リージョン(東京ならap-northeast-1)]
AWS_BUCKET=[バケット名]

そういうことかー

PHPMDを使おう

まずtestコードを書きます。

class Test {

	private $t = 1;

	public function test(){
		echo $this->t;
		$test = 2;
	}
}

で、テストします。

[vagrant@localhost app]$ vendor/phpmd/phpmd/src/bin/phpmd test.php text unusedcode,naming
/home/vagrant/local/app/test.php:5 Avoid variables with short names like $t. Configured minimum length is 3.
/home/vagrant/local/app/test.php:7 Classes should not have a constructor method with the same name as the class
/home/vagrant/local/app/test.php:9 Avoid unused local variables such as ‘$test’.

ぎゃあああああああああああああああああああああ
修正します。

class Test {

	private $test1 = 1;

	public function index(){
		echo $this->test1;
		$test2 = 2;
		echo $test2;
	}
}

で、再度テストすると。。
[vagrant@localhost app]$ vendor/phpmd/phpmd/src/bin/phpmd test.php text unusedcode,naming

おおおおおおおおお、こういうことか~