MySQL 8 was released recently (to this writing) and of course that means people are going to start using it. Since I have seen a couple posts on the forums with people using MySQL 8 I decided to fire up a new VM and install the following:
- OS: Windows 2012 R2
- Webserver: IIS 8
- MySQL 8.0.12
- PHP 5.6.31
note: PHP 5.6 is still the recommended version of PHP for osTicket until 1.11 is released. You should not have this problem if you are running PHP 7.1.16+ or PHP 7.2.4+ but since osTicket does not support those versions yet.
After checking to make sure that: IIS was serving pages and PHP was working in IIS it was time to download and install osTicket. The new website downloader is neat and allows you to download a languages and plugins together which can be a time saver. As a reminder always install osTicket with out any language packs and then add your desired language packs.
Running the installer resulted in the following error:
Database Connection information `Unabled to connect to MySQL Server: Server sent charset unknown to the client.` Please report to the devs
To fix this you will need to locate and edit your MySQL configuration file (my.cnf or my.ini). Since this is a new MySQL 8 installation under windows it is at: C:\ProgramData\MySQL\MySQL Server 8.0\my.ini. Once you located the file locate # character-set-server=. Directly after it add the line:
Next you will need to restart MySQL. You might be able to do this with MySQL WorkBench or services.msc. My server had some patches that installed so I just restarted the server for the patches to finish.
Running the installer again of course resulted in another error message:
Database connection information `Unable to connect to MySQL Server: The server requested authentication method unknown to the client`
Starting with MySQL 8.0.4, the default authentication plugin for MySQL server was changed from mysql_native_password to caching_sha2_password. There are two things that you need to do in MySQL to fix this. First: if you are running an older version of PHP (pre 7.1.16) you will need to set default_authentication_plugin=mysql_native_password in my.cnf. Restart the server.
Next you will need to edit the user account. I could not do this in the most recent version of MySQL WorkBench using the ui. You can do this one of two ways:
1. delete and recreate the user. Make sure authentication is set to ‘Standard’. Make sure you give the same permissions back that the user had.
2. run the following SQL Query (edit this for your user)
alter user 'username'@'localhost' identified with mysql_native_password by 'password';
After doing this the installer ran fine.
Using register globals in PHP is seen by many in the community as a security risk. That being said OSTicket wants you to disable register globals because of this risk. However a lot of people who deploy OSTicket are not system administrators who know how to do this. This short article will outline three different ways that you can achieve this.
1. Manually locate and edit your php.ini. Location of this file will vary depending on Operating System and version. However some common locations are:
Debian Linux (etch or squeeze)
Windows Server 2008
location: C:\Program Files\PHP\php.ini
If you cannot find your php.ini there are a couple easy ways to find it such as search. I usually create a php file called info.php which contains:
Put it in your web tree and view it in a web browser. It will tell you where the ini file resides.
Once you have located it, open it in your favorite text editor (vi, emacs, notepad, notepad+, etc) and locate the register_globals directive. Set it to off.
register_globals = off
2. Some web hosts allow a custom php.ini file that over rides their settings. If you do not have access to your servers PHP.ini and your web host allows this, simply create a php.ini in your web tree root and add the following line:
register_globals = off
3. If you are running Apache you can disable it via .htaccess file. Edit your .htaccess file or create a new file of that name and put the following line in it:
php_flag register_globals off
Some FTP clients may not display this file so make sure that yours does before you upload the file to your server. The last thing that you want to do is over write an intricate .htaccess file and muck up your site. Always check to see if you have one.
Recently at work I have been working on a new internal web page for processing information. The basis of it is that we have to enter data into a database, and it is a rare thing when we get a form A. filled out correctly, and/or B. legible. So in an effort to reduce the issues we are having with both those items we have webized it. The easy solution would of course be to have the individual who is responsible for filling out the paper work input into the database. However due to legality issues, license issues, and other we cannot have them do that. So I have set up MySQL and PHP on the webserver and started transitioning the forms into PHP w/ CSS.
There are four different forms that are submitted to us in IT to process. They are the ENTRY, MINIMUM, EXIT, and TURNAWAY. The first three are ready, and inputs the data into the database, allows for viewing, but at this point does not allow anyone to edit it. This will be reserved for admins/managers and implemented at a later time. I’m hoping that we will be able to make the leap to a paperless enviorment for the whole thing. Having two filing cabinets storing paperwork that chances are we are never going to look at again seems like a waste of time, energy and space.
Next on the agenda is the TURNAWAY form. I have also been toying with the idea of combining the ENTRY and MINIMUM forms into one. Since one cannot process data in the other database without both forms this seems to make sense. Once that has been completed the next stage will be to change the output of the database to have a “PRINT” maximized for printing output version. And to make the system email me with the clientid, and form id numbers so that I transfer the data into the state run database. The whole thing seems rather silly to me. But ultimately it should enable us to sell the product to other non-profits, or take over being the HMIS database for NH.