Daniel Tillett

If you have a script that needs to access functions that can only be run as root (e.g. chmod, chgrp, mkdir, etc) you will find that you can’t call these directly since the Apache user is not root (at least it should not be root). There is no perfect solution around this as all solutions involve some security risk, but the least bad seems to be to use sudoer to grant root privileges to the script and then lock down the script so nobody other than root can modify the script.

First chmod the script so that anyone can execute it, but nobody other than root can modify it (I am assuming here that you are logged in as root, otherwise sudo).

chmod 111 /home/path_to_script

Next modify sudoer using visudo. It is a good idea to use visudo so that any change you make are updated without having to restart sudo.

# visudo

Add the following line after the root entry in sudoer

apache_user ALL = NOPASSWD: /home/path_to_script

Change the apache_user to whatever your apache user is (e.g. nobody) and then add the path to your script. You might want to add your favorite editor (mine is nano) to your export in .bashrc. You should now be able to call your script from apache without problem.

I needed to generate a random string in php that did not repeat. This little snippet will generate a random non-repeating 32 character string.

// Generate random 32 character string
$string = md5(time());

I have been using the php number_function() to format currency values in my code and was recently caught by the thousand separator comma. If you use the function and just specify the the number of decimal places (ie $x = number_format ($y,2) ) then you will get a comma introduced for all numbers above 999.99. This comma will break any maths functions that you might use downstream.

The solution is to specify the decimal point but remove the comma. The format to use to achieve this is $x = $number_format ($y,2,”.”,”") – the empty double quotes tell the number format function to not include the thousand separator comma.