HaLe Communications Blog

So you got yourself a LAMP webserver and started hosting some sites on it. Now, for easy access to your databases, you opt to chose phpMyAdmin.

When installing phpMyAdmin on a Debian system via the synaptic manager (apt-get install phpmyadmin), the installation will be done in this folder

/usr/share/phpmyadmin

You will be able to access your phpMyAdmin via

http://www.mydomain.com/phpmyadmin

You will notice that you are asked for a username and password. This is great! It means that your database is protected…. but what if i want to protect it even more?
What if i would like to add some extra folder protection by using the good old .htpasswd technique?

Well, I looked around for a while but did not find any satisfying solutions. This meant I had to mess around a bit myself and after not too long, success! I had a phpMyAdmin installation where it would first use the .htpasswd protection before bringing me to the phpMyAdmin login page.

How did we do this?

1) create a .htpasswd file in the installation directory (cfr. supra). You can use handy .htpasswd generators like this one: http://www.htaccesstools.com/htpasswd-generator/

2) find and edit the phpMyAdmin apache2 config file:

/etc/apache2/conf.d/phpmyadmin.conf

3) add the necessary lines in the conf file to tell Apache2 it should use the .htpasswd file. Below you will find the before and after of the code.

Before:

# phpMyAdmin default Apache configuration
 
Alias /phpmyadmin /usr/share/phpmyadmin
 
 
		AllowOverride All
		Options Indexes FollowSymLinks
		DirectoryIndex index.php
 
		# Authorize for setup

After:

# phpMyAdmin default Apache configuration
 
Alias /phpmyadmin /usr/share/phpmyadmin
 
 
        AllowOverride All
        Options Indexes FollowSymLinks
        DirectoryIndex index.php
 
        AuthType Basic
        AuthName "HaLe MySQL"
        AuthUserFile /usr/share/phpmyadmin/.htpasswd
        Require valid-user
 
        # Authorize for setup

4) reload your Apache2

sudo /etc/init.d/apache2 reload

5) your phpMyAdmin is now .htpasswd protected!

Cheers
Lajfi

For a couple of our clients we implemented a webshop with Drupal and Ubercart. One feature which was missing from the default Ubercart setup, was a VAT number field, and the accompanying validation.

After some googling I found out about the VAT number module . This module adds a VAT field to the checkout billing fieldset, depending on which country you have selected. Because only european corporate visitors should be able to fill in a VAT number, it’s useless for other countries and can be hidden.

Now there are 2 ways of validating a VAT number:

1. Through a fixed preg-match scheme, which validates the format of the VAT number depending on the country. This method ensures you have a valid formatted VAT number but it does not validate if this VAT number belongs to an actual company. Hence method 2.

2. You can also validate a VAT number through the European VAT validation service, in short “VIES”. They allow for a developer to do a Soap call to their service, providing the country code and VAT number. The Drupal module already provides this Soap call, but there has been an update to the VIES services, and the endpoint url of the Soap service has moved.

So to get your VAT checker up and running again, here’s The Fix:

Just replace the existing endpoint by the new one:

$client = new SoapClient("http://ec.europa.eu/taxation_customs/vies/api/checkVatPort?wsdl");

By

$client = new SoapClient("http://ec.europa.eu/taxation_customs/vies/services/checkVatService.wsdl");

For a full implementation on how to do a VAT validation through SOAP:

function hale_validate_vat($args = array()) {
	if ( '' != $args['vatnumber'] ) {
		$vat_number 	= str_replace(array(' ', '.', '-', ',', ', '), '', $args['vatnumber']);
		$countryCode 	= substr($vat_number, 0, 2);
		$vatNumber 		= substr($vat_number, 2);
 
		if ( strlen($countryCode) != 2 || is_numeric(substr($countryCode, 0, 1)) || is_numeric(substr($countryCode, 1, 2)) ) {
			$error = array('result' => false, 'message' => 'Your VAT Number syntax is not correct. You should have something like this: BE805670816B01');
			return $error;
		}
 
		if ( $args['country'] != $countryCode ) {
			$error = array('result' => false, 'message' => 'Your VAT Number is not valid for the selected country.');
			return $error;
		}
 
		$client = new SoapClient("http://ec.europa.eu/taxation_customs/vies/services/checkVatService.wsdl");
		$params = array('countryCode' => $countryCode, 'vatNumber' => $vatNumber);
 
		$result = $client->checkVat($params);
 
		if ( !$result->valid ) {
			$error = array('result' =&gt; false, 'message' =&gt; sprintf('Invalid VAT Number. Check the validity on the customer VAT Number via <a href="%s">Europa VAT Number validation webservice</a>', 'http://ec.europa.eu/taxation_customs/vies/lang.do?fromWhichPage=vieshome'));
			return $error;
		} else {
			return true;
		}
	}
	return false;
}

Use it like this:

$result = hale_validate_vat(array(‘vatnumber’ => ‘BE0123456789′, ‘country’ => ‘BE’));

Where the result is either TRUE or contains the error message in $result['message']

Update: Like promised in the comments below I have created a txt file with the code of this post and some comments. Download it here.

Greets,
Kim

Hi guys,

Since yesterday I discovered this awesome module! First off, kudos to the creator(s), we’ll be using this on all our companies’ websites and will save us a truckload of time!

Second, I must say I’m not so convinced about the provided documentation as it took me about half a day to get this working.

It seemed that all my FTP credentials were correct under “Plugin Manager – Settings”:

Host: notorious.halecomm.net
User: ftp_user
Pass: xxxxxxx

I tried these with cuteFTP and got it working.

After this issue, it seemed that Plugin Manager could not retrieve the installation path for drupal, so I had to put in the full linux path to my drupal installation:

Path: /home/ftp_user/www/drupal6 (with beginning / and no trailing / as “sites/default/” or “sites/all” is being added…

With these settings I managed to download all the necessairy files, but was unable to extract and copy them through the FTP system to my “/sites/all/modules/” directory.

After some Googling I found out the following on the PHP.net website, about the usage of “ftp_connect”:

http://be.php.net/manual/en/function.ftp-connect.php

thomas g.
03-Mar-2003 11:35
always keep an eye on the ftp_pasv function, if you are behind a firewall or nat’ed and your scripts won’t do a listing or put files to the ftp

As our company webserver is behind our firewall, I suspected the problem was indeed in the lacking of PASV mode so I added the following line of code to “plugin_manager/ftp.backend.inc” on line 133:

ftp_pasv ($connect, true);

So the whole code block from line 115 to line 138 looks something like:

  // Try to guess which how far in we are chrooted...
  if (empty($ftp_path)) {
    foreach ($local_path AS $index => $value) {
      unset($local_path[$index]);
      if (@ftp_nlist($connect, implode('/', $local_path) .'/'. $dir)) {
        $ftp_path = implode('/', $local_path) .'/'. $dir;
        drupal_set_message(t('A drupal install was automatically located on ftp at @ftp_path.', array('@ftp_path' => $ftp_path)));
        break;
      }
    }
  }
  else {
    $ftp_path = $ftp_path .'/'. $dir;
    if (!@ftp_chdir($connect, $ftp_path)) {
      drupal_set_message(t('Your provided drupal install directory is invalid.') . l(t('Change it here.'), 'admin/plugin_manager/settings'),  'error');
      return FALSE;
    }
  }
 
  ftp_pasv ($connect, true);
 
  // If we couldn't guess it, then quit.
  if (!isset($ftp_path) || !@ftp_chdir($connect, $ftp_path)) {
    drupal_set_message(l(t('Could not guess the ftp directory for drupal.  Set it here.'), 'admin/plugin_manager/settings'), 'error');
    return FALSE;
  }

I hope to be of any assistance,
Kind regards,
Kim