1. Install the Package in Cydia Add the Cydia Source http://ios-webstack.tk/cydia, find and install the package ios-lighttpd-php-mysql. Your lighttpd web server is now running. You can test it in Safari. But you need to do some more work with php and mysql.
2. Mysql Configuration
Log in your IOS device and execute the following shell commands.
# bin/mysql_install_db –user=daemon
# /usr/local/bin/mysqladmin -u root password ‘new-password’
# /usr/local/bin/mysql_secure_installation
执行mysql_secure_installation
Change the root password? [Y/n]
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] n
# mysql -u root -p’yourpassword’
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection idis 8
Server version: 5.1.66 Source distribution
Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the current input statement.
mysql>
mysql>
mysql> show databases;
+——————–+
| Database |
+——————–+
| information_schema |
| mysql |
+——————–+
2 rows in set (0.01 sec)
mysql>
3. PHP Configuration
Create File: /etc/php.ini
;This is an ‘EXAMPLE’ configuration file for PHP.
;Be careful with the socket path
mysql.default_socket = /tmp/mysql.sock
pdo_mysql.default_socket = /tmp/mysql.sock
mysqli.default_socket = /tmp/mysql.sock
;Limits
upload_max_filesize = 10M
post_max_size= 10M
;TimeZone
;You should simply replace ‘Europe/Berlin’ with the desired timezone.
;The full list of supported time zones is available here: http://www.php.net/manual/en/timezones.php
date.timezone = ‘UTC’
;I recommends to place following lines to /etc/php.d/security.ini (it will not be touched
;from a cydia packages update).
;========================================================================================
;Please have a look at http://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html
;It is up to you to comment-out some directives.
;Make sure you log all php errors to a log file.
;Make sure that php and lighttpd have write permissions.
log_errors=Off
error_log=/var/log/lighttpd/php_scripts_error.log
;To restrict PHP information leakage disable expose_php.
;Have a check befor and after: curl -I http://your.iOS-Web.server/yourPHPsite.php
expose_php=Off
;Do not expose PHP error messages toall site visitors.
; display_errors=Off
;The allow_url_fopen option allows PHP’s file functions – such as file_get_contents() and the
;include and require statements – can retrieve data from remote locations using ftp or http
;protocols. Programmers frequently forget this and don’t do proper input filtering when passing
;user-provided data to these functions, opening them up to code injection vulnerabilities.
;A large number of code injection vulnerabilities reported in PHP-based web applications are
;caused by the combination of enabling allow_url_fopen and bad input filtering.
; allow_url_fopen=Off
;I also recommend to disable allow_url_include for security reasons:
; allow_url_include=Off
;If turned On, mysql_connect() and mysql_pconnect() ignore any arguments passed to them.
;Please note that you may have to make some changes to your code. Third party and open source
;application such as WordPress, and others may not work at all when sql.safe_mode enabled.
; sql.safe_mode=On
;It is also recommended that you turn off magic_quotes_gpc for all php 5.3.x installations
;as the filtering by it is ineffective and not very robust. mysql_escape_string() and
;custom filtering functions serve a better purpose (hat tip to Eric Hansen):
; magic_quotes_gpc=Off
;You can set maximum execution time of each php script, in seconds.
;Another recommend option is to set maximum amount of time each script
;may spend parsing request data, and maximum amount of memory a script may consume.
;GD picture converting needs a lot of memory. Be carefull with ‘memory_limit’
;Set in seconds:
; max_execution_time = 30
; max_input_time = 30
; memory_limit = 40M
The packages include configuration files for PHP in /etc/ and extension configuration files in /etc/php.d/
Create File: /etc/php.d/php.ini
;You can splite this file in separate INI files.
;If you do that, please remember the extension loading
;order of INI files (alphabetically).
extension=iconv.so
extension=mbstring.so
extension=curl.so
;The loading order is important
extension=sqlite3.so
extension=pdo_sqlite.so
;The loading order is important
extension=mysqlnd.so
extension=mysqli.so
extension=mysql.so
extension=pdo_mysql.so
;Must be loaded after mbstring.so
extension=exif.so
extension=gd.so
extension=zip.so
extension=bz2.so
extension=calendar.so
extension=mcrypt.so
extension=xsl.so
extension=openssl.so
Finally, input http://127.0.0.1/phpinfo.php in Safari, you’ll get a long PHP information page like this:
PHP Version 5.4.8 System
Darwin mengtaos-iPhone 10.4.0 Darwin Kernel Version 10.4.0: Wed Oct 20 20:08:31 PDT 2010; root:xnu-1504.58.28~3/RELEASE_ARM_S5L8920X iPhone2,1
Build Date
Nov 14 2012 17:33:08
Configure Command
‘./configure’
Server API
CGI/FastCGI
Virtual Directory Support
disabled
Configuration File (php.ini) Path
/etc
Loaded Configuration File
/etc/php.ini
Scan this dir for additional .ini files
/etc/php.d
Now, Enjoy this little web server!