Scripting & Databases

The LSIT web server is available as a host for your academic web sites. We strive to provide our users with all the tools they need to create functional websites that meet various departmental, administrative, pedagogical, and research needs. It is with this thought in mind that the service provides technologies such as MySQL, PHP, Perl, and Python. However, while we encourage the use of these technologies when there is appropriate need and available requisite expertise, LSIT Services is unable to offer assistance beyond server-related issues. In other words, if you're not sure what you're doing, but you still want to proceed, please consult the knowledge and help available online. You'll find a brief introduction to a few of these technologies below along with lists to some useful sites.

Security

If you load scripts onto the webserver, including third-party or commercial applications, you should be aware of potential security issues. You should consider it your responsibility to keep applications in your account up to date and secure.

Important Server Notes

CGI/Scripting capability on the LSIT Web Server will need to be requested. By default, web shares will not be capable of running server-side scripts.

Scripting service must be requested.  To request scripting service, please use the Web Feature Request form.

File/Folder Permissions 

The permissions model on the LSIT web server uses group permissions to give access to the web server and scripts.  For your files to be read and served by the web server they must have group read enabled.

This is normally not something you have to worry about as the sgid bit is set on directories so they inherit the correct group automatically.  FTP, Samba, and PHP will all create files with permissions set to allow group, and thus the web server, read access.  This is only a problem if you have a CGI that changes group permissions, or removes the sgid bit from directories.

Similarly if you need a specific file or folder to be writeable you must ensure that it is set group writeable. The only interface available to chmod is via Remote Files in the LSIT Services Interface. Select the file you would like to modify, then select "Change Permissions" from the Actions drop-down menu. Then select the group read/write permissions you wish to set and click Save.

Web applications will need to be configured or in some cases have their code modified to ensure that files they create and expect to be able to delete or write to are changed to group writeable.  It is up to you or your web developer to make these changes.

PHP Safe Mode is ON

The web server has PHP Safe Mode turned ON. You should not design or select applications that require Safe Mode to be off. Also, you may not include or require files from outside your share.

register_globals is OFF

PHP is configured with register_globals OFF. If a function requires register_globals ON, it will not work.

cgi-bin

CGIs must reside in the cgi-bin directory that is provided for each web share. CGIs must have "chmod g+x" in order to work, this is a default permission for uploaded files.

Paths

The paths for perl and python are as follows:

  • perl - /usr/bin/perl
  • python - /usr/bin/python

If you have been using different paths, you will need to change them.

MySQL access limited to clients on our server

Access from outside hosts may be allowed only under special circumstances and must be requested by the account owner.  Access to outside hosts will be limited to UCSB campus IP address space.

Off-campus access must use the UCSB VPN service.

Scripting Cautions

Poorly-written or vulnerable scripts pose a couple of serious dangers: they might allow inappropriate access to system level resources; and they may lead to processing load levels that cripple the server.

If problems do occur, we will notify you and allow you to correct the situation if possible. However, in order to protect the server from compromise or overloading, scripts that are found to be vulnerable or use unusual levels of system resources may be disabled or removed with little or no prior notice to the web site owner.

MySQL

The MySQL database server is the world's most popular open source database. Its architecture makes it extremely fast and easy to customize. Extensive reuse of code within the software and a minimalistic approach to producing functionally-rich features has resulted in a database management system unmatched in speed, compactness, stability and ease of deployment. The unique separation of the core server from the storage engine makes it possible to run with strict transaction control or with ultra-fast transactionless disk access, whichever is most appropriate for the situation.

Source: http://www.mysql.com/products/mysql/

Activation of MySQL requires the creation of a separate account. Please use the MySQL Account Request form to activate MySQL. MySQL accounts are currently available to LSIT Web account holders, at a ratio of one MySQL account per Web account. MySQL management access is available via phpMyAdmin only. Shell access is not provided.

Descriptions and Links

MySQL Help

phpMyAdmin

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and is available in 47 languages.

phpMyAdmin is available at http://db.lsit.ucsb.edu/ for MySQL accounts provided by LSIT.

Source: http://www.phpmyadmin.net/home_page/

phpMyAdmin Links

PHP

PHP is self-referentially short for Hypertext Preprocessor, an open source, server-side, HTML embedded scripting language used to create dynamic Web pages. In an HTML document, a PHP script is enclosed within special PHP tags. Because PHP is embedded within tags, the author can jump between HTML and PHP instead of having to rely on heavy amounts of code to output HTML. And, because PHP is executed on the server, the client cannot view the PHP code. PHP can perform any task that any CGI program can do, but its strength lies in its compatibility with many types of databases. Also, PHP can talk across networks using IMAP, SNMP, NNTP, POP3, or HTTP.

Source: http://www.rustybrick.com/definitions.php

PHP Programming Help

Perl

Perl, which stands for Practical Extraction and Reporting Language, is a robust programming language frequently used for creating CGI programs on Web servers because it is faster than UNIX shell script programs, it can read and write binary files, and it can process very large files.

Perl Programming Help

Python

Python is an interpreted, interactive, object-oriented programming language. It combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac, MFC). New built-in modules are easily written in C or C++. Python is also usable as an extension language for applications that need a programmable interface. The Python implementation is portable: it runs on many brands of UNIX, Windows, Mac, and other platforms.

Source: https://www.python.org

Python Programming Help

JavaScript

JavaScript is intended to provide a quicker and simpler scripting language for enhancing Web pages and servers. It is embedded as a small program in a web page that is interpreted and executed by the web client. The scriptor controls the time and nature of the execution, and JavaScript functions can be called from within a Web document, often executed by mouse functions, buttons, or other actions from the user. JavaScript can be used to fully control Mozilla and Microsoft Web browsers, including all the familiar browser attributes.

Source: http://www.google.com/search?hl=en&lr=&ie=UTF-8&oi=defmore&q=define:JavaScript

JavaScript Programming Help