芳草苑

Author: 芳草苑主

  • httpd.conf Can Override php.ini

    httpd.conf and php.ini, which has priority? I have done some experiments, and the conclusions are –

    • php settings in php.ini can be overrided by httpd.conf (or some other Apache configuration files) with php_admin_value, php_admin_flag, php_value, and php_flag.
    • However, I find on Linux, if php_admin_value, php_admin_flag, php_value, or php_flag can not be put inside of VirtualHost block. They can be put inside of Directory block, but if Directory is inside of VirtualHost, they won’t work. I assume it is a php bug because on Windows php_admin_value, php_admin_flag, php_value, or php_flag can be inside of VirtualHost or Directory blocks.
    • Some of php directives can only be set by php_admin_value or php_admin_flag, for example, safe_mode. Others can be set by php_admin or php_(non_admin), for example, display_errors. But if display_errors is set by php_admin, it is not overridable by .htaccess; if display_errors is set by php_(non_admin), .htaccess can override it.

  • 关于Magento一次安装,多处使用的构想

    WordPress可以一次安装,多处使用,Magento当然更有理由这么做了。

    Magento强大的功能之一就是run multi websites,Magento内置了多站点运行的功能。我援引从WordPress安装管理探索出的经验,觉得即使Magento内置multi websites功能,各站点还是不要使用同一个document root为好,还是以一主多副软连接的方式为宜。

    只是,我还是没有找到在后台隔离各站点的办法(假设它们由不同的web manager来经营)。我也无法控制上传目录,所有上传得文件都是存放在主域名的document root/{magento installatin path}/media下。

    好在magento子目录安装,根目录显示还是做得到的。如将magento放置在document root/magento下,但前台url不出现magento,具体的做法是

    1. 把index.php和.htaccess移到document root,其他文件都放置在document root/magento子目录

    2. 把index.php修改成

    <?php
    /**
    * Magento
    *
    * NOTICE OF LICENSE
    *
    * This source file is subject to the Open Software License (OSL 3.0)
    * that is bundled with this package in the file LICENSE.txt.
    * It is also available through the world-wide-web at this URL:
    * http://opensource.org/licenses/osl-3.0.php
    * If you did not receive a copy of the license and are unable to
    * obtain it through the world-wide-web, please send an email
    * to license@magentocommerce.com so we can send you a copy immediately.
    *
    * DISCLAIMER
    *
    * Do not edit or add to this file if you wish to upgrade Magento to newer
    * versions in the future. If you wish to customize Magento for your
    * needs please refer to http://www.magentocommerce.com for more information.
    *
    * @category   Mage
    * @package    Mage
    * @copyright  Copyright (c) 2008 Irubin Consulting Inc. DBA Varien (http://www.varien.com)
    * @license    http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
    */

    if (version_compare(phpversion(), ‘5.2.0’, ‘<‘)===true) {
    echo  ‘<div style=”font:12px/1.35em arial, helvetica, sans-serif;”><div style=”margin:0 0 25px 0; border-bottom:1px solid #ccc;”><h3 style=”margin:0; font-size:1.7em; font-weight:normal; text-transform:none; text-align:left; color:#2f2f2f;”>Whoops, it looks like you have an invalid PHP version.</h3></div><p>Magento supports PHP 5.2.0 or newer. <a href=”http://www.magentocommerce.com/install” target=””>Find out</a> how to install</a> Magento using PHP-CGI as a work-around.</p></div>’;
    exit;
    }

    $mageFilename = ‘magento/app/Mage.php’;

    if (!file_exists($mageFilename)) {
    if (is_dir(‘downloader’)) {
    header(“Location: downloader”);
    } else {
    echo $mageFilename.” was not found”;
    }
    exit;
    }

    require_once $mageFilename;

    #Varien_Profiler::enable();

    #Mage::setIsDeveloperMode(true);

    #ini_set(‘display_errors’, 1);

    umask(0);
    Mage::run(‘default’);

    3. 把.htaccess修改成:


    ############################################
    ## uncomment these lines for CGI mode
    ## make sure to specify the correct cgi php binary file name
    ## it might be /cgi-bin/php-cgi

    #    Action php5-cgi /cgi-bin/php5-cgi
    #    AddHandler php5-cgi .php

    ############################################
    ## GoDaddy specific options

    #   Options -MultiViews

    ## you might also need to add this line to php.ini
    ##     cgi.fix_pathinfo = 1
    ## if it still doesn’t work, rename php.ini to php5.ini

    ############################################
    ## this line is specific for 1and1 hosting

    #AddType x-mapp-php5 .php
    #AddHandler x-mapp-php5 .php

    ############################################
    ## default index file

    DirectoryIndex index.php

    <IfModule mod_php5.c>

    ############################################
    ## adjust memory limit

    #    php_value memory_limit 64M
    php_value memory_limit 128M
    php_value max_execution_time 18000

    ############################################
    ## disable magic quotes for php request vars

    php_flag magic_quotes_gpc off

    ############################################
    ## disable automatic session start
    ## before autoload was initialized

    php_flag session.auto_start off

    ############################################
    ## enable resulting html compression

    #php_flag zlib.output_compression on

    ###########################################
    # disable user agent verification to not break multiple image upload

    php_flag suhosin.session.cryptua off

    ###########################################
    # turn off compatibility with PHP4 when dealing with objects

    php_flag zend.ze1_compatibility_mode Off

    </IfModule>

    <IfModule mod_security.c>
    ###########################################
    # disable POST processing to not break multiple image upload

    SecFilterEngine Off
    SecFilterScanPOST Off
    </IfModule>

    <IfModule mod_deflate.c>

    ############################################
    ## enable apache served files compression
    ## http://developer.yahoo.com/performance/rules.html#gzip

    # Insert filter
    #SetOutputFilter DEFLATE

    # Netscape 4.x has some problems…
    #BrowserMatch ^Mozilla/4 gzip-only-text/html

    # Netscape 4.06-4.08 have some more problems
    #BrowserMatch ^Mozilla/4\.0[678] no-gzip

    # MSIE masquerades as Netscape, but it is fine
    #BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
    # Don’t compress images
    #SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary

    # Make sure proxies don’t deliver the wrong content
    #Header append Vary User-Agent env=!dont-vary

    </IfModule>

    <IfModule mod_ssl.c>

    ############################################
    ## make HTTPS env vars available for CGI mode

    SSLOptions StdEnvVars

    </IfModule>

    <IfModule mod_rewrite.c>

    ############################################
    ## enable rewrites

    Options +FollowSymLinks
    RewriteEngine on

    ############################################
    ## you can put here your magento root folder
    ## path relative to web root

    #RewriteBase /magento/

    ############################################
    ## workaround for HTTP authorization
    ## in CGI environment

    RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    ############################################

    #This is my creation for installing magento under a subfolder.

    ############################################

    RewriteCond %{REQUEST_URI} ^/(media|skin|js)/

    RewriteRule (.*) magento/$1 [l]

    ############################################
    ## always send 404 on missing files in these folders

    RewriteCond %{REQUEST_URI} !^/(media|skin|js)/

    ############################################
    ## never rewrite for existing files, directories and links

    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-l

    ############################################
    ## rewrite everything else to index.php

    RewriteRule .* index.php [L]

    </IfModule>

    ############################################
    ## Prevent character encoding issues from server overrides
    ## If you still have problems, use the second line instead

    AddDefaultCharset Off
    #AddDefaultCharset UTF-8

    <IfModule mod_expires.c>

    ############################################
    ## Add default Expires header
    ## http://developer.yahoo.com/performance/rules.html#expires

    ExpiresDefault “access plus 1 year”

    </IfModule>

    ############################################
    ## By default allow all access

    Order allow,deny
    Allow from all

    ############################################
    ## If running in cluster environment, uncomment this
    ## http://developer.yahoo.com/performance/rules.html#etags

    #FileETag none

  • Magento SID

    如果magento base url 为 goods-pro.com,那么用www.goods-pro.com 访问时,页面中的链接会带有SID,这是为了跨域名访问时,会话不丢失。

    为了SEO,就得避免SID,为此goods-pro.com和www.goods-pro.com只能选择一个做base url,把另外一个301跳转到base url。这里我个人比较爱好no-www的方案:

    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
    RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

  • safe_mode

    我想用script.php访问文件系统,但又想把script.php能访问权限限制在script.php owner 的权限内(而不是apache的权限)。今天才知道把safe_mode turn on就可以,真是又高兴又痛苦,因为很久以前我就想限制script.php的访问权限了,不知道怎么,当时我得出的结论是php 以cgi模式安装才能做到权限检查,sapi模式是做不到的。可能fastcgi过分宣传它的安全特性给我造成一种错觉,其实就文件访问权限来说,sapi一样安全。

    同样也是很久以前,见论坛上有个好学的人想要一个免费的空间体验一下xoops,对于好学的人我总想热心帮忙的,况且我又不用额外支出,何乐而不为。无奈我的服务器的designer做的初始设置不是针对share hosting的,safe_mode default off。这样把服务器分给别人用我总归不放心,所以最终没有划空间给好学之士。

    safe_mode=on,真就这么简单!

  • What Makes A Good Web Program

    我看问题可能有局限性,但我现在判断程序好坏的必要非充分条件之一是:这套程序能否充分利用Apache Url Rewrite。换句话说,如果是php程序,这套程序的前台页面是否由一个index.php来产生。

    以这个条件来看,Zen Cart算好,Magento当然更好,osCommerce就不算好;Drupal / Joomla 都算好,WordPress 当然算是典范,Xoops 就不怎么样了。

    也是因为这个原因,我放弃关注Xoops——痛苦地放弃,尽管曾经它是我的最爱,尽管它有某些功能很独到。

  • Why Google Analytics Dashboard Not Printing Out

    About a month ago, I found I could not print Analytics Dashboard from IE (my version is 7 already). Every time I tried to print Dashboard, the browser freezed. I have tried different computers and different printers. The symptom is the same.

    Analytics Dashboard is the only report I can not print from IE, but other reports are fine.

    I can print Analytics Dashboard from Firefox, but the print layout is not as well formatted as it is in IE. So I have to use IE to print this report.

    After I realise Flash 10 is causing problem of uploading images in magento, I think it might be same Flash causing another problem. However, this time Flash 10 is fine, but Flash 9 is not. As my test result shows, Analytics Dashboard can be printed in IE with Flash 10 installed. I assume the symptom is affecting IE with Flash version lower than 10.

    I do not like Flash, but between Flash 9 and Flash 10, I prefer the former for now. I think a good program should work both on Flash 9 and 10. So I reported this problem to Google for them to improve Analytics. It must be some recent changes that prevent Analytics Dashboard from being printed.

  • It’s all Flash’s Fault

    不经意中,电脑被装上了Flash 10。等我发现magento后台不能浏览和上传文件时,我怎么也没把原因和Flash 10联系起来。

    首先我以为是magento 1.1.5升级到1.1.6造成的,因为我在1.1.5还成功上传过文件。当我专门为此搞了个试验,全新安装了一个magento 1.1.5来上传图片,还是无功而返。

    浏览器提示javascript出错,可是我实在想不明白为什么以前可以,现在不可以。为此浪费了无数个晚上,终于让我找到了答案,Flash 10!

    Flash 对此的解释冠冕堂皇:为了安全,Flash 10不再允许间接调用文件浏览对话框,文件浏览对话框只能由鼠标动作触发。很不幸,作为magento的上传部件,SWFUpload采用的是间接调用的方式,落入了Flash 10的打击范围。

    我本来就不喜欢Flash,这次Flash 10又浪费了我这么多时间,magento至少被我拆装了3次!尽管它有千万个安全理由,我还是对它敬而远之。

  • 异地汇款的窍门

    我曾经对各银行异地汇款手续费摸得很熟,但几年不在中国生活,行情肯定过时了。今天凑巧读到一篇调查,摘录如下。

    目前,每家商业银行都有不同的异地汇划手续费用设计。2007年中国人民银行在《关于改进个人支付结算服务的通知》中规定,个人客户依托其银行账户办理个人汇兑时,汇划金额在1万元以下(含1万元)每笔收取5元,1万元以上至10万元每笔收取10元,10万元以上至50万元每笔收取15元,50万元以上至100万元每笔收取20元,100万元以上每笔按汇划金额的万分之零点二收取,最高不超过200元。未在银行开户的个人可用现金直接汇款,5000元以下的按汇款金额的1%收取,5000元以上(含5000元)的,均按50元收取;挂失手续费按票面金额的1%收取,不足5元的按5元收取。

    招行和农行等是按照央行的规定执行的。工行、建行、邮政储蓄银行等则是以现金汇兑的标准收取手续费用。其中,工行异地电汇的收费标准是:按汇款金额的1%收取,最低1元,50元封顶;建行与工行的标准基本相同,但最低收费为2元;邮政储蓄银行则将费率标准由1%降为0.5%,最低收费为2元,50元封顶。因此,1万元以下的异地汇款通过邮政储蓄银行汇款最划算。1 万以上的异地汇款可以选择招行、农行等。

    看来,异地汇款还是首选农行,因为它手续费最便宜,而且网点比较多。但现在多了个新概念“汇划”,汇款人要在银行开户才能汇划,嘿嘿,银行花样经真多。

  • 电话收款的完美方案

    客户电话订货,他把信用卡信息告诉我们,我们通过虚拟终端收款;我们的软硬件都不够安全等级,不适宜保存客户信用卡资料;客户再次订货时,我们通常又得问一遍信用卡信息。这很烦人,客户有时也觉得烦,大大咧咧的客户更觉得我们保存信用卡资料比每次问要好。我觉得以现有的软硬件设施来保存客户信用卡资料是不合法的,但我们不能做的事情,我们的Payment Service Provider可以替我们做到啊。

    这个问题我已经想了很久了:客户能把信用卡资料告诉我们一次,也能把信用卡资料告诉我们两次;我们能从客户卡上划出一镑钱,也能从他卡上划出两镑钱。这个前提是客户给与我们充分的信任。如果我们是诚信经营的,那么客户把信用卡资料告诉我们一千次也无妨,反之,哪怕一次也是祸害。

    从理论上讲,Payment Service Provider是支付网关,当它的虚拟终端被我们使用一次以后,它就保存有客户的信用卡资料,以后同个客户再来付款,它就没必要让我们再从客户嘴里套问一遍信用卡资料。

    但事实就是这么残酷。对于老客户的电话订单,一直以来我们总是反复问同一个客户几个同样的问题:持卡人姓名、账单地址、邮编、卡号、到期日、安全码…

    直到本周我们新换了PayPal做我们的Payment Services Provider,我的牛劲上来了,追着PayPal Support问:能不能有一种结合Virtual Terminal(能电话收款)和Recurring Payments(能定期收款)两个产品特点的新产品,能在客人每次下电话订单的时候收款,但不用每次套问信用卡资料?说实话,我本以为PayPal不会有一个现成的方案,我只是想建议他们推出这么个新产品,可以方便广大商家。

    不知道是PayPal Support笨,还是我表达得不够清楚,抑或是PayPal根本不想推广这个方案,我跟PayPal Support一来一去足足有四个来回才知道他们有现成的方案(藏这么好干吗?),前三个来回都是答非所问。

    现成方案就叫“New Reference Payment” ,就在每笔Virtual Terminal Payment的Details里找。

  • The Power of PivotTable

    突然发现 Pivot (数据透视表)很强大。

    我找了一份learning-pivot-table,方便我自己和对Pivot感兴趣的人学习。