Novell Developer Kit - webdev

NovellDeveloper Kitwww.novell.comPHP ON NETWARE®

Legal NoticesNovell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specificallydisclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc.reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify anyperson or entity of such revisions or changes.Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims anyexpress or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the rightto make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity ofsuch changes.This product may require export authorization from the U.S. Department of Commerce prior to exporting from the U.S. orCanada.Copyright © 1993-2002 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, storedon a retrieval system, or transmitted without the express written consent of the publisher.U.S. Patent Nos 5,553,139; 5,553,143; 5,677,851; 5,758,069; 5,784,560; 5,818,936; 5,864,865; 5,903,650; 5,905,860;5,910,803 and other Patents Pending.Novell, Inc.122 East 1700 SouthProvo, UT 84606U.S.A.www.novell.comPHP on NetWareSeptember 2002Online Documentation: To access the online documentation for this and other Novell developer products, andto get updates, see developer.novell.com/ndk. To access online documentation for Novell products, seewww.novell.com/documentation.

Novell TrademarksAppNotes is a registered trademark of Novell, Inc.AppTester is a registered trademark of Novell, Inc., in the United States.ASM is a trademark of Novell, Inc.BorderManager is a registered trademark of Novell, Inc.BrainShare is a registered service mark of Novell, Inc., in the United States and other countries.C3PO is a trademark of Novell, Inc.Client 32 is a trademark of Novell, Inc.ConsoleOne is a registered trademark of Novell, Inc.Controlled Access Printer is a trademark of Novell, Inc.Custom 3rd-Party Object is a trademark of Novell, Inc.DeveloperNet is a registered trademark of Novell, Inc. in the United States and other countries.DeveloperNet 2000 is a trademark of Novell, Inc.Direct Connect is a service mark of Novell, Inc.DirXML is a registered trademark of Novell, Inc.eDirectory is a trademark of Novell, Inc.Full Service Directory is a trademark of Novell, Inc.GroupWise is a registered trademark of Novell, Inc. in the United States and other countries.Hardware Specific Module is a trademark of Novell, Inc.Hot Fix is a trademark of Novell, Inc.iChain is a registered trademark of Novell, Inc.Internetwork Packet Exchange is a trademark of Novell, Inc.IPX is a trademark of Novell, Inc.IPX/SPX is a trademark of Novell, Inc.Link Support Layer is a trademark of Novell, Inc.LSL is a trademark of Novell, Inc.ManageWise is a registered trademark of Novell, Inc., in the United States and other countries.Mirrored Server Link is a trademark of Novell, Inc.MSL is a trademark of Novell, Inc.MSM is a trademark of Novell, Inc.NCP is a trademark of Novell, Inc.NDPS is a registered trademark of Novell, Inc.NDS is a registered trademark of Novell, Inc. in the United States and other countries.NDS Administrator is a trademark of Novell, Inc.NDS Manager is a trademark of Novell, Inc.NE2000 is a trademark of Novell, Inc.NetWare is a registered trademark of Novell, Inc. in the United States and other countries.NetWare/IP is a trademark of Novell, Inc.NetWare Connect is a registered trademark of Novell, Inc. in the United States.NetWare Core Protocol is a trademark of Novell, Inc.NetWare Loadable Module is a trademark of Novell, Inc.NetWare Management Portal is a trademark of Novell, Inc.NetWare Management System is a trademark of Novell, Inc.NetWare MHS is a registered trademark of Novell, Inc.NetWare Name Service is a trademark of Novell, Inc.NetWare Peripheral Architecture is a trademark of Novell, Inc.NetWare Print Server is a trademark of Novell, Inc.NetWare Requester is a trademark of Novell, Inc.

NetWare SFT and NetWare SFT III are trademarks of Novell, Inc.NetWare SQL is a trademark of Novell, Inc.NetWire is a registered service mark of Novell, Inc. in the United States and other countries.NIMS is a trademark of Novell, Inc.NLM is a trademark of Novell, Inc.NMAS is a trademark of Novell, Inc.NMS is a trademark of Novell, Inc.Novell is a registered trademark of Novell, Inc. in the United States and other countries.Novell Authorized Reseller is a service mark of Novell, Inc.Novell Authorized Service Center is a service mark of Novell, Inc.Novell Certificate Server is a trademark of Novell, Inc.Novell Client is a trademark of Novell, Inc.Novell Cluster Services is a trademark of Novell, Inc.Novell Directory Services is a registered trademark of Novell, Inc.Novell Distributed Print Services is a trademark of Novell, Inc.Novell Internet Messaging System is a trademark of Novell, Inc.Novell Labs is a trademark of Novell, Inc.Novell Press is a trademark of Novell, Inc.Novell SecretStore is a trademark of Novell, Inc.Novell Security Attributes is a trademark of Novell, Inc.Novell Storage Services is a trademark of Novell, Inc.Novell Web Server is a trademark of Novell, Inc.Novell, Yes, Tested & Approved logo is a trademark of Novell, Inc.NSI is a trademark of Novell, Inc.ODI is a trademark of Novell, Inc.Open Data-Link Interface is a trademark of Novell, Inc.Packet Burst is a trademark of Novell, Inc.Printer Agent is a trademark of Novell, Inc.QuickFinder is a trademark of Novell, Inc.Red Box is a trademark of Novell, Inc.Remote Console is a trademark of Novell, Inc.RX-Net is a trademark of Novell, Inc.Sequenced Packet Exchange is a trademark of Novell, Inc.SFT and SFT III are trademarks of Novell, Inc.SPX is a trademark of Novell, Inc.Storage Management Services is a trademark of Novell, Inc.System V is a trademark of Novell, Inc.Topology Specific Module is a trademark of Novell, Inc.Transaction Tracking System is a trademark of Novell, Inc.TSM is a trademark of Novell, Inc.TTS is a trademark of Novell, Inc.Universal Component System is a registered trademark of Novell, Inc.Virtual Loadable Module is a trademark of Novell, Inc.VLM is a trademark of Novell, Inc.ZENworks is a registered trademark of Novell, Inc.Third-Party TrademarksAll third-party trademarks are the property of their respective owners.

ContentsPreface 7Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Getting Started 9Setting Up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Using UCS in PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 Functions 11Supported Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Unsupported Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11A Secure Scripting 13Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Script Operations and Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Remote File System Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Changes Required in the Scripting Applications . . . . . . . . . . . . . . . . . . . . . . . . . . 16Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Revision History 215

6 PHP on NetWare

PrefaceThis documentation describes the PHP programming language and howNovell has implemented it on NetWare.IntroductionPHP (Hypertext Preprocessor Language) is a server-side HTML embeddedscripting language. Like any other CGI language PHP can also be used tocollect form data, create dynamic pages or send and receive cookieinformation.PHP can be used for talking to other services using protocols like IMAP,SNMP, NNTP or HTTP.Preface 7

8 PHP on NetWare

1 Getting StartedSetting UpThis section describes the setup procedures for PHP, and how it has beenadapted for NetWare. These procedures only provide general guidelines. Mostof the steps consist of suggested uses for PHP on NetWare and are intended tobe viewed as launching points rather than the solutions to your system needs.You need to meet the following system requirements before implementing thetasks.Hardware/SoftWareOperating systemWeb ServerVersionNetWare 5.x and aboveNetWare Enterprise server or Apache WebserverUsing UCS in PHPRefer to README.TXT available in the installed folder before proceedingfurther.The Universal Component System (UCS) provides access to tools andservices outside of PHP (For more details visit http://developer.novell.com/ndk/ucs.htm (http://developer.novell.com/ndk/ucs.htm).Getting Started 9

10 PHP on NetWare

2 FunctionsSupported ModulesUnsupported FunctionsThis chapter lists PHP functions and modules applicable to the NetWareenvironment.The latest PHP Specification can be got from distributed Perl documentationpage (http://www.perl.com/CPAN-local/doc/manual/html/index.html).All supported modules shipping with standard distribution work for PHP onNetWare.Some of the standard PHP functions are not.Functions 11

12 PHP on NetWare

A Secure ScriptingIntroductionThis section covers an introduction to the security features, the support forremote file systems, configuration details, the changes required in scripts, andthe limitations.Secure scripting environment is provided for NetWare with theimplementation of various security features in Novell Script for NetWare,UCX components, and Perl 5.6 for NetWare.The security features are implemented in such a way that it preserves thepower of script execution from the server console, and it ensures that the Webbasedscripts (server-side) can access only resources for which the user hasappropriate rights.The security feature uses Novell eDirectory. The Web-based scripts shouldnow authenticate to eDirectory with appropriate rights for various operations.Script Operations and SecurityThe following table lists the various operations and the role of security.OperationsLocal file system access - Directorylisting, opening files for reading/writing,creation, deletion, moving of directoriesand files, etc.Security FeatureOperations are allowed based onthe rights of the user.If the script does not log in, theseoperations will return an error.Secure Scripting 13

OperationsLocal file system - Above file systemactivities under web document directory,such as SYS:PERL\WEB.Remote file system access - Directorylisting, opening files for reading/writing,creation, deletion, moving of directoriesand files, etc.Server management - Access to serverconfiguration parameters, loadingmodules and NCF files, bringing downthe server, access to server hardware,and peripheralsImport functions - Calling functionsexported by NLMsSecurity FeatureThese operations are allowedbased on the rights of the user.If the script does not log in (publicscript), read-only access is allowedto the Web documents.These operations are allowedbased on the rights of the user.Allowed to admin or consoleoperator.These function calls are performedunder the context of the user. Basedon the user rights, the call eithersucceeds or fails.Remote File System SupportSecurity feature is provided for the remote NetWare file system. Existingcomponents are modified to support it. Scripts can access the file systems onother servers, by logging into eDirectory using UCX:NWDir component andthe FileSystem object.The resources on the remote NetWare file system are identified using theUniversal Naming Convention (UNC). The strings in the UNC format have tobe used as arguments for the method/property call, to access the remote file/directory.Following is the syntax and examples.Syntax 1 : \\ServerName\Volume:Path\nameEx: \\My-Test-Server\DATA:User\mydata\account.txtSyntax 2: \\IP Address\Volume:Path\nameEx: \\1.2.3.4\DATA:User\mydata\account.txt14 PHP on NetWare

Following example adds a folder to a remote NetWare volume and displaysthe contents of the directory.# Script to create a directory on remote NetWare volume# Load Perl2UCS or UCSExt based on the Perl versionif ($] < 5.006) {require UCSExt;} else {require Perl2UCS;}if ($] < 5.006) {$fso = UCSExt->new("UCX:FileSystemObject") or die"Failed to instantiate the File System Object component\n";} else {$fso = Perl2UCS->new("UCX:FileSystemObject") or die"Failed to instantiate the File System Object component\n";}if ($] < 5.006){$nwdir = UCSExt->new("UCX:NWDIR") or die "Failed toinstantiate the Directory component\n";}else{$nwdir = Perl2UCS->new("UCX:NWDIR") or die "Failed toinstantiate the Directory omponent\n";}$nwdir ->{"FullName"} ="nds:\\\\remote_tree\\remote_context";$nwdir ->login("UserName", "Password") or die "Failed tologin. Check the username and password\n";$myFolder = $fso->GetFolder("\\\\remoteserver\\sys:\\tmp");$subFolders = $myFolder->{"SubFolders"};$subFolders->reset();print "Remote Folder List: Prior to add\n";while($subFolders->hasMoreElements()){$sub_folder = $subFolders->Next();$FolderName = $sub_folder->{"Name"};print "The Folders Name is $FolderName" . "\n";Secure Scripting 15

}Configurationprint "\n";print "Remote Folder List: After adding \n";$newfld=$subFolders->Add("Test");$subFolders = $myFolder->{"SubFolders"};$subFolders->reset();while($subFolders->hasMoreElements()){$sub_folder = $subFolders->Next();$FolderName = $sub_folder->{"Name"};print "The Folders Name is $FolderName" . "\n";}$nwdir->Logout();By default, the security features are enabled on the system. However, it is anoptional feature and you can choose to enable or disable it. Edit theSYS:SYSTEM\NWSEC.INI file to enable or disable the security features.For example, to disable the security features for Perl, modify theSYS:SYSTEM\NWSEC.INI, to include the following line under the section[Languages].PERL=OFFNOTE: If the security features are turned off, public access is granted to all the systemresources. The decision to disable this feature has to be taken only after carefullyconsidering the consequences.Changes Required in the Scripting ApplicationsThe changes required in the scripts with the introduction of the securityfeatures are minimal.The following table lists the changes for the scripts.16 PHP on NetWare

Script TypeConsole-based scripts - Scriptsthat are executed from the serverconsole.Web-based scripts - Scripts thatare executed as an LCGI program,or scripts embedded in HTML pagessuch as NSP or ASP.ChangesNo changes.Include script code to login to eDirectoryusing UCX:NWDIR object if access toremote file system is required.Security features ensure that the usersare allowed to perform operations forwhich they have the relevant rights.For example, a script may not be able tolist the content of the SYS volume, untilthe user is authenticated to eDirectorywith appropriate rights.Include script code to login to eDirectoryusing UCX:NWDIR object. Otherwisescripts have restricted access toresources.Following is a simple Perl example to demonstrate the need for the script toauthenticate with appropriate rights.An existing Web script that is executed without any rights returns an error.# Script to list the contents of SYS:NSN directory# Load Perl2UCS or UCSExt based on the Perl versionuse CGI;$cgiobject=newCGI;print $cgiobject->header;if ($] < 5.006) {require UCSExt;} else {require Perl2UCS;}if ($] < 5.006) {$fso = UCSExt->new("UCX:FileSystemObject") or die"Failed to instantiate the File System Object component\n";} else {$fso = Perl2UCS->new("UCX:FileSystemObject") or die"Failed to instantiate the File System Object component\n";}print "";Secure Scripting 17

print "";print "";print "";print "Directory Names\n";print "List of Folders";$myFolder = $fso->GetFolder("sys:\\nsn");$subFolders = $myFolder->{"SubFolders"};$subFolders->reset();while($subFolders->hasMoreElements()){$sub_folder = $subFolders->Next();$FolderName = $sub_folder->{"Name"};print "$FolderName" . "\n";print "";}The modified Web script does not throw an error as it logs into eDirectory withappropriate rights.# Script to list the contents of SYS:NSN directory# Load Perl2UCS or UCSExt based on the Perl versionuse CGI;$cgiobject=newCGI;print $cgiobject->header;if ($] < 5.006) {require UCSExt;} else {require Perl2UCS;}if ($] < 5.006) {$fso = UCSExt->new("UCX:FileSystemObject") or die"Failed to instantiate the File System Object component\n";} else {$fso = Perl2UCS->new("UCX:FileSystemObject") or die"Failed to instantiate the File System Object component\n";}if ($] < 5.006){$nwdir = UCSExt->new("UCX:NWDIR") or die "Failed toinstantiate the Directory component\n";}else{$nwdir = Perl2UCS->new("UCX:NWDIR") or die "Failed to18 PHP on NetWare

instantiate the Directory omponent\n";}print "";print "";print "";print "";print "Directory Names\n";print "List of Folders";$nwdir ->{"FullName"} = "nds:\\\\servername\\context";$nwdir ->login("UserName", "PassWord") or die "Failed tologin. Check the username and password\n";$myFolder = $fso->GetFolder("sys:\\nsn");$subFolders = $myFolder->{"SubFolders"};$subFolders->reset();while($subFolders->hasMoreElements()){$sub_folder = $subFolders->Next();$FolderName = $sub_folder->{"Name"};print "$FolderName" . "\n";print "";}$nwdir->Logout();LimitationsMultiple tree support is not implemented for remote file system access. Oncethe script logs into an eDirectory tree, the script can access the files on anyserver within this tree. Simultaneous authentication to multiple trees, andaccessing resources on different servers are not supported. If there is a need toaccess different servers, it has to be done in a serial fashion. For example, login to the tree A, access resources on server A1, and logout; again log in to treeB, access resources on server B1, log out, and so on.Secure Scripting 19

20 PHP on NetWare

Revision HistoryThe following table summarizes the changes that have been made to thisdocumentation:Release DateSeptember 2002ChangesAdded this component to the NDK.Revision History 21

22 PHP on NetWare