Penn State PHP Service

2012 年 12 月 17 日5320

Penn State Web Application Engines

PHP Web Service - Phase III, Version 1

The Web server, php.scripts.psu.edu, is the Phase

I, and

Phase III rollout of a dynamic Web content service designed for use by students,

staff, faculty, departments, courses, and student organizations who use

PHP Hypertext Preprocessor

technology. Information, guidelines and resources for using this

service follow below.

NOTE: Other dynamic content application engines such as ASP

and JSP may be available in the future. For additional information,

please refer to the announcement found at: http://aset.its.psu.edu/announcements/app_engines.html.

Also note that a fully-featured database server is not provided for

this service with Phase

II; however, one is planned for a later release. Developers and Web

content providers are welcome to use independently operated database

servers. Also note that the Database

Course-Related Service is currently a separate service. These

services may be combined in a subsequent phase of this rollout.

General Guidelines and Information

The service is available to all Penn State students, staff and

faculty with Personal Web

space, student organizations with Web space on the Student Organizations Web

Service, colleges and departments at University Park and other

Penn State locations with ITS departmental

Web space and courses with Course Online

Accounts (COLA).

This is a production service for general purpose use.

It must be used in accordance with Penn State policies such as AD-20, AD-52 and when

appropriate AD-54, RAG-16 and RA-14.

Code auditing will not be performed. Users may update their

respective code as they wish; however, it should be noted that there

is an increased risk for error/failure compared to other production

services, which may be caused by programming errors made by others

using this service.

This service is for execution of PHP code only. SSI and PHP

functions which call other programs have been disabled. CGI programs

may be installed on other servers. Additional PHP security features

such as safe_mode have been enabled.

Server Side Includes (SSI) and .htaccess files are enabled

with policies similar to other ITS Web services. You may restrict

access with passwords via .htaccess and .htpasswd files, or within

the methods provided by PHP (HTTP auth, CGI/Cookies).

With the release of Phase

II, Penn State WebAccess

authentication will be provided to restrict access to select sites,

per request. If you are interested in using WebAccess to

authenticate Penn State Access

Account and/or Friends of Penn

State Account holders, please send a request to

dbadmin@aset.psu.edu.

Phase

II offers SSL encryption (HTTPS) for select sites by request. If

you wish to use SSL with your site, send a request to

dbadmin@aset.psu.edu. While SSL encryption provides added security,

there remain other vectors for disclosure. For this reason,

sensitive and confidential data should not be used on this service at

this time even with SSL protection. The plan is to improve access

methods with subsequent implementations, enabling developers to

consider the management of more sensitive information.

Phase

II upgrades PHP from version 4 to version 5. Please note some differences between

the versions.

Resources

php.scripts.psu.edu may be used to process

PHP content in ".php" files (files that end with ".php"). Content

for various ITS Web services may be processed as PHP via:

Penn State Personal

Web accounts

The local URL paths will be the same on php.scripts.psu.edu as it is

on www.personal.psu.edu. For example, content located on the Web at

http://www.personal.psu.edu/users/x/y/xyz123/ will be visible on

the PHP service as

http://php.scripts.psu.edu/users/x/y/xyz123/.

Information

about Penn State Personal Access Account Storage Space (PASS) and

Personal Web accounts.

Penn State Departmental

Web accounts

The local URL paths will be the same on php.scripts.psu.edu as it is

under www.psu.edu/dept/. For example, content located on the Web at

http://www.psu.edu/dept/department_name/ will be visible on the

PHP service as

http://php.scripts.psu.edu/dept/department_name/.

Information

about Departmental Web and Disk space.

Penn State Student

Organization Web Service accounts

The local URL paths will be the same under php.scripts.psu.edu/clubs/

as it is under www.clubs.psu.edu. For example, content located on the

Web at http://www.clubs.psu.edu/up/organization_name/ will be

visible on the PHP service as

http://php.scripts.psu.edu/clubs/up/organization_name/.

Information

about Student Organization Web Service accounts.

Penn State Course

On-Line Accounts (COLA)

The local URL paths will be the same under

php.scripts.psu.edu/courses/ as it is under www.courses.psu.edu. For

example, content located on the Web at

http://www.courses.psu.edu/art/art100_xyz101/ will be visible on

the PHP service as

http://php.scripts.psu.edu/courses/art/art100_xyz101/.

Information

about Course On-Line Accounts (COLA).

With the advent of Phase

II, URLs ending in .php on the aforementioned sites will be

automatically redirected to the corresponding URL on

http://php.scripts.psu.edu/. Web domains virtually hosted by ASET may be included in the

automatic redirects by request.

Discussion / Announcements mailing list

Users may subscribe to the L-PHPScripts list to discuss problems and challenges

with other users and administrators and receive update announcements specific to php.scripts.psu.edu. In addition, all updates, pertinent information, etc. regarding this service will be posted to this list.

To subscribe:

Send an e-mail from your preferred e-mail address to L-PHPScripts-subscribe-request@lists.psu.edu. The subject and body should be left blank. Once your request is received, confirmation instructions will be sent to you.

To unsubscribe:

Send an e-mail from your subscribed e-mail address to L-PHPScripts-unsubscribe-request@lists.psu.edu. The subject and body should be left blank. Once your request is received, confirmation instructions will be sent to you.

Navigation Links

Storing Data - List of options for storing data in files and databases on the server.

Setting PASS Permissions - Guide on how to configure Access Control List (ACL) permissions on files for use with PHP.

Firewall/Database Permissions Info - Guide on how to configure access for php.scripts.psu.edu to access remote databases.

Errata and Change Log - Information about known problems and updates to the PHP Web Service.


The Pennsylvania State University ©2008. All rights reserved.
Alternative Media - Nondiscrimination Statement
Information Technology Services.

For assistance please write to helpdesk@psu.edu or see our Help Sources.

Last revised: Friday, July 18, 2008.

0 0