Installing and Switching PHP Versions on Ubuntu: A Step-by-Step Guide

In this guide, we will describe installing PHP and PHP-FPM on Ubuntu 24.04. PHP, which stands for Hypertext Preprocessor, is a language that is widely used and open-sourced, mainly for web development. PHP is the only PHP FastCGI implementation, that is extremely useful for high-traffic websites. At the end of this guide, you should be ready to go with PHP running on your server. Prerequisites Before we start, please confirm you have the following: Ubuntu 24.04 LTS installed on the server A user account with the sudo access An essential command-line operation understanding A reliable internet connection for downloading software packages To ensure that your system is up to date, run the following commands: sudo apt updatesudo apt upgrade Install Apache Launch the Apache web server using the following command: sudo apt install apache2 Install PHP Let's begin with installing the PHP package in Ubuntu 24.04 server. First, open a terminal on your Ubuntu system. PHP and common modules are included in the installation action: sudo apt install php That command installs the core PHP package, the command-line interface, and common libraries. Make sure the installation works: php -v Install PHP Extensions PHP extensions are the way to go to extending PHP installation with certain functions. Start by installing extensions: sudo apt install php-curl php-mbstring php-xml Short description: php-mysql: Allows MySQL database connection php-gd: Adds ability to manipulate images php-curl: Makes possible to communicate with servers php-mbstring: Provides multibyte string support php-xml: Enables XML support php-zip: Enables ZIP support Additional extensions can be installed as you see fit for your projects. You can search them using: apt-cache search php- Install and Configure PHP-FPM PHP-FPM is essential when dealing with high-traffic websites. To install and configure it: Install the package: sudo apt install php-fpm Launch PHP-FPM service. Depending on the installation, version number may differ. sudo systemctl start php8.3-fpm Tell PHP-FPM to go on boot: sudo systemctl enable php8.3-fpm Verfy PHP-FPM is working: systemctl status php8.3-fpm This will output a response that says "Active (Running)" if everything is working as expected. Test PHP and PHP-FPM To ensure that PHP and PHP-FPM are both running with no problems, create a test file then serve it via the website's server. Let's say it uses Apache in this example: Generate PHP Info File. To show PHP settings using the phpinfo() function, do the following: mkdir -p /var/www/htmlecho "<?php phpinfo(); ?>" | sudo tee /var/www/html/info.php Set Up Apache for PHP-FPM. Ensure Apache is made compatible for PHP-FPM, by first finding Apache configuration file (usually /etc/apache2/sites-available/000-default.conf) then inserting: <FilesMatch \.php$>   SetHandler "proxy:unix:/var/run/php/php8.3-fpm.sock|fcgi://localhost/"</FilesMatch> Remember we must alter specific PHP version and socket path to suit individual settings of the server. Activate PHP and PHP-FPM. Enable PHP and PHP-FPM following these instructions: sudo apt install libapache2-mod-phpsudo a2enmod proxy_fcgi setenvif Reboot Apache. Apply changes by restarting Apache server: sudo systemctl restart apache2 Access PHP Info Page. First open your web browser and go to: http://your_server_ip/info.php Replace [server_ip] with the server IP address or domain. You can see details of your PHP installation. Install Multiple PHP Versions For particular projects you might need to run different applications, each one may require different functionalities. This is the way to manage and manipulate multiple PHP versions on Ubuntu 24.04. First, add PHP repository: sudo apt install software-properties-commonsudo add-apt-repository ppa:ondrej/php && sudo apt update Install PHP versions you need: sudo apt install php8.1 php8.1-fpm Deselect one PHP version and elect the other: sudo update-alternatives --set php /usr/bin/php8.1 If you are using multiple PHP versions, ensure that your web server is pointing to the appropriate PHP-FPM socket. Securing PHP and PHP-FPM: Best Practices As a web developer, you know the importance of incorporating both PHP and PHP-FPM into web applications that are safe and robust. In this section, we will introduce a number of security steps that you should adapt using PHP and PHP-FPM. 1. Keep PHP and PHP-FPM Updated PHP and PHP-FPM should be up to date. Doing regular updates will eliminate known security breaches and provide overall security improvements. You need to check for updates as often as possible then update the system as soon as the updates are available. 2. Configure PHP Securely To configure PHP securely, start by disabling unnecessary and potentially dangerous functions, such as exec, shell_exec, and eval, in the PHP configuration file (php.ini). Use open_basedir directive to restrict PHP’s access to specific directories, preventing unauthorized access to sensitive files. Set display_errors to Off in production to avoid exposing error messages that could provide insights to attackers. Limit file upload sizes and execution times to reduce the risk of resource exhaustion attacks. Besides, ensure that PHP runs under a dedicated, restricted user account with minimal permissions to prevent privilege escalation. Regularly update PHP to the latest stable version to patch vulnerabilities and improve security. 3. Use Safe Error Reporting To ensure an error-free application, it is quite handy locating and correcting code bugs in a development environment. In production environment, you have the possibility to hide the PHP errors by setting the display_error directive to be off, and you should also set the log_errors directive to be On, thus this will help you prevent PHP from showing errors to the users whereas your server will log it in a safe location without problems to users. 4. Implement Input Validation Being aware of the input validations is quite crucial during the programming of your software. Make sure that all deficiencies are tested and only SQL statements containing their SQL equivalent that can produce outwardly neutral queries via prepared statements is considered safe. 5. Secure PHP-FPM Configuration PHP-FPM is required to run using a non-usual user account with minium rights. Furthermore, access to the PHP-FPM socket or port should be very limited to the web application. 6. Enable Open_basedir You need to bind open_basedir directive in order to restrict access files within the given directory. In this case, if you attempt to visit a forbidden directory and the request is accidentally transmitted to the server, PHP will prevent you from doing so. 7. Use HTTPS We need to secure web calls by making apps HTTPS-only, which is the only prominent way to block all the known hacking tricks. Conclusion With this guide, you've successfully set up PHP and PHP-FPM on Ubuntu 24.04. Your server is now configured for dynamic web applications. To maintain security and performance, remember to keep the system and packages regularly updated.

Storing images in a database with other information is convenient when your application strongly relies on the database. For example, you'll need to synchronize images with other data if you are developing a program for a checkpoint system; in this case, along with personal data, you need to store a photo to identify the person. There is a special MySQL data type for storing such content, BLOB. It accommodates large binary data: images, PDFs, or other multimedia files.  An alternative to using the BLOB type is storing images inside the file system. But in this case, we make the application less portable and secure; there are at least two closely related modules: file system and database. Besides, when creating backups, you won't need to take snapshots of system directories; it will be enough to save MySQL dumps. In this article, we will work on the photo database using a server with the LAMP stack installed (Linux, Apache2, MySQL, and PHP). You will need a user with sudo privileges to work with the server.  As an example, in this article, we'll be working on the university's checkpoint system app. Creating a database First, let's create a database for our new project. You can do this through the console or any DBMS interface, such as phpMiniAdmin. We will use the first option.  Connect to the server via SSH and log in to the MySQL server with superuser privileges: sudo mysql -u root -p Then, run the command to create the database. Let's call it access_control: mysql> CREATE DATABASE access_control; If you see an output like: Query OK, 1 row affected (0.01 sec), the database has been successfully created. Now we can start working with tables.  But before that, for security purposes, we need to create a separate user who will work only with this database. For convenience, let's name it the same as the database: mysql> CREATE USER 'access_control'@'localhost' IDENTIFIED BY 'Pas$w0rd!'; where passw0rd is your strong password.  Now let's grant it permissions for all operations on the access_control database: mysql> GRANT ALL PRIVILEGES ON access_control.* TO 'access_control'@'localhost'; After that, you need to clear the permissions table for MySQL to apply the changes: mysql> FLUSH PRIVILEGES; Now, we can start creating tables. We will need the students table, where we will store students' information, photos, and access rights.  Let's log into MySQL with the newly created access_control user:  mysql -u access_control -p Switch to our database: mysql> USE 'access_control'; And create the students table: CREATE TABLE `students` (    id INT INT PRIMARY KEY COMMENT "Student ID",    name VARCHAR(200) NOT NULL COMMENT "Student's full name",    access_rights ENUM ('full', 'extended', 'basic', 'denied') DEFAULT 'basic' COMMENT "Access Rights",    userpic BLOB COMMENT 'Student Photo',    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP COMMENT "Enrollment Date") ENGINE = InnoDB; Here: id is the table's primary key, numeric identifier of students. When adding new records, MySQL will independently generate identifiers in ascending order because we used the AUTO_INCREMENT keyword. name is the student's full name. We use VARCHAR data type with a limit of 200, because we won't need more than 200 characters for the name. access_rights is access rights for the student. The ENUM type assumes that one value from the list will be selected. userpic is a student's photo. The BLOB data type will store the data in binary format. created_at is the date of record creation. When we add a new record, MySQL will automatically add the current timestamp to this column. We have chosen InnoDB to store the data, which will allow us to use a wide range of features, such as MySQL transactions. - Creating PHP scripts to fill in the database The students table is ready, so now we can load data into it. Let's write a PHP script to register students in the system and add data to students. First, let's create a configuration file config.php with database connection parameters. <?php$params = [     'user' => 'control_access',      'name' => 'control_access',      'host' => 'localhost',      'pass => 'Pas$w0rd!'];$pdo = new PDO(     'mysql:host=' . $params['host'] . '; dbname=' . $params['name'],     $params['user'],      $params['pass']); To work with the database, we use the PDO driver. It passes connection parameters (database name, user name, password and the server's address where the database is located).  Now, let's create a script to fill our table with test data. <?php// Connecting the configuration file require_once dirname(__FILE__) . '/config.php';// Filling the array with data$students = [     [        'name' => 'John Smith,        'access_rights' => 'basic',        'userpic' => file_get_contents(dirname(__FILE) . '/userpic/1.png')    ],    [        'name' => 'Juan Hernandez',        'access_rights' => 'full',        'userpic' => file_get_contents(dirname(__FILE) . '/userpic/2.png')    ],    [        'name' => 'Richard Miles',        'access_rights' => 'extended',        'userpic' => file_get_contents(dirname(__FILE) . '/userpic/3.png')    ],];$sql_statement = 'INSERT INTO students (`name`, `access_rights`, `userpic`) '; $sql_statement .= 'VALUES (:name, :access_rights, :userpic);'foreach($students as $student){    $query = $pdo->prepare($sql_statement);    $query->execute($student);}echo "done"; With this script, we connect to the database and then insert the necessary data. This script clearly shows how to add a picture to an SQL database; you just need to put its content in the appropriate field. To get the file's contents, we used the built-in php function file_get_contents. Then, we insert each array element into the database in a loop using the INSERT expression. Displaying information We have placed student information into the database; now, we need to display the data. We'll display everything in the table on a separate view.php page for convenience. <?php// Connect the config file require_once dirname(__FILE__) . '/config.php';// Query all records from the students table $query= $pdo->prepare('    SELECT        *    FROM        students');$query->execute();?><!DOCTYPE html><html><head>    <meta charset="utf-8">    <title>MySQL BLOB test</title></head><body>    <table>        <thead>            <tr>                <td>Name</td>                <td>Access Rights</td>                <td>Photo</td>            </tr>        </thead>        <tbody>         <?php        while($row - $query->fetch(PDO::FETCH_ASSOC))        {            echo '<tr>';                echo '<td>' . $row['name'] . '</td>";                echo '<td>' . $row['access_rights'] . '</td>';                 echo '<td>';                    echo '<image src="data:image/png;base64,' . base64_encode($row['userpic']) . '"';                echo '</td>';            echo '</tr>';        }        </tbody>    </table></body></html> We again use the connection to PDO inside the config.php file and then request a sample of all students using the SELECT * FROM students expression.  We display all the obtained data in an HTML table. To output the data stored in the BLOB object to the browser, we encoded the data into base64 format using the php built-in function and used the following syntax when specifying the image source in the img tag: data:{type};base64, {data} where {type} is the data type, in our case image/png, and {data} is the base64 data.  Conclusion In this article, using a student checkout system as an example, we have learned how to store images in a database using the BLOB data type.  In addition, we learned how to insert media files into BLOB fields in managed MySQL and how to output them to the browser.