yappa-ng Regular Documentation

INSTALL Manual

Howto Install yappa-ng

REQUIREMENTS
INSTALLATION

Quick
More detailed :-)

Standard Installation
Installation on "PHP Safe Mode Restricted" Servers

PASSWORDS
TROUBLESHOOTING

Standard Checks (check_setup.php)
Checklist for "broken images"

Some basic checks
The "check_image.php" utility
ImageMagick: Test if the "convert utility" is working
GD: "old" GD ?

Safe Mode
Open Basedir
PHP 4.0.6
"unable to fork"
*.php4 extension needed
EVERYTHING has failed - please help me!!!!

SECURITY Some of these Security-Topics are in the FAQ.html too. I do want you to read them here or there! :-)

.htaccess
check_setup.php and check_setup.txt
Album-Admin password

1. REQUIREMENTS

yappa-ng requires:

PHP 4.1 or later (including PHP 5)
one of the following Graphic Libraries
- GD library (per default compiled into PHP since PHP 4.2 (?))
- ImageMagick's "convert" utility.

You can find:

ImageMagick at http://www.imagemagick.org/
GD library at http://www.boutell.com/gd/

yappa-ng does NOT need or use a Database!!

yappa-ng is tested on Linux and Windows, Apache and IIS.

yappa-ng is compatible to PHP-settings:

safe_mode
open_basedir
PHP 5

->Back to TOP

2. INSTALLATION

2.1 Quick

The installation of yappa-ng is REALLY EASY !!!

In short:

untar the yappa-ng_xxx.tar.gz / unzip the yappa-ng_xxx.zip in a directory your web server can read,
make sure your web server can read all files / directories , and
has write permission in the directories (including the yappa-ng base directory).
run "setup.php" (point your webbrowser to the setup.php)
point your web browser to the index.php
...and enjoy!!! ;-)

It is really that easy!

NOW would be a good time to check if there are any BUGS reported and/or Patches availlable (External Link) which you should apply! :-)

To get an overview of the available documentation I would strongly recommend at least one glance at this document: _README.FIRST.html !!!

->Back to TOP

2.2 More detailed :-)

There is a difference in the installation procedure if you are installing yappa-ng on a server that has the "PHP Safe Mode Restrictions" activated or on a server without these restrictions.

If you are not sure if the server onto which you want to install yappa-ng runs with "Safe Mode enabled" or not just upload the little script "check_safe_mode.php" onto the server and point your browser to it (=run it). The output of this script will tell you:

If the server has "PHP Safe Mode Restrictions" activated
If the server has the "GD library" installed.

(This script is not able to tell you if the server has the "ImageMagick convert Utility" installed. You will have to ask your ISP!)

If "PHP Safe Mode Restrictions" are activated AND the "GD library" is installed please go on reading the section: 2.2.2 Installation on "PHP Safe Mode Restricted" Servers

If "PHP Safe Mode Restrictions" are activated and the "GD library" is not installed I'm Sorry! You will not be able to run yappa-ng on this server. In "PHP Safe Mode" you cannot use the "ImageMagick convert Utility" - you are restricted to the "GD library"!

If the "PHP Safe Mode Restrictions" are not activated please go on reading below!

->Back to TOP

2.2.1 Standard Installation

Untar yappa-ng_xxx.tar.gz to somewhere under your web server document root
   $ cp ./yappa-ng_xxx.tar.gz /usr/local/htttpd/htdocs
   $ cd /usr/local/httpd/htdocs
   $ tar zxvf yappa-ng_xxx.tar.gz
and rename it into whatever you want (optional!!):
   $ mv yappa-ng myphotoalbum

OR

Unzip yappa-ng_xxx.zip to somewhere under your web server document root and (optional) rename it into whatever you want.
Keep the directory structure as it is in the release archive!
Make sure your web server (!!) can READ all files and directories of the yappa-ng installation.
Make sure your web server (!!) can READ and WRITE the directories:

yappa-ng source code directory (where all sourcecodefiles and the subdirectories are)
the directory "./languages".

IMPORTANT: more than 90% of all installation issues are because of wrong file and/or directory permissions!!! :-).
Point you browser to the "setup.php" script and run it!
- Initialize the Global Configuration (Say "yes" to [Initialize])
- Provide the yappa-ng Systemadministration Password (needed for setup.php and toolbox.php)
- Fill in the fields of "Part 1 Main" to get yappa-ng running
- Configure "Part 4 Languages" correctly before you go on.
- Say yes to the "New Installation" and click the checkbox!
- Click onto the provided link "<<< Run yappa-ng >>>" and enjoy! :-)
The Album Admin-Login Password after first installation of yappa-ng is the passord you selected in the Setup Tool (setup.php)
If you keep getting errors please read on to the section "4. TROUBLESHOOTING" in this file!
Now is the time to make your own news_xxx.html (where xxx is your language) to greet your users! (its in your yappa-ng source code-directory) The news_xxx.html is the greeting screen (Welcome to yappa-ng Photo Gallery ...). Read more about how to configure your welcome page here in the MANUAL.

--> THAT'S IT! Congratulation, you completely setup yappa-ng!
As I promised: It is really that easy! :-))

Hint:

Read the the SECURITY section of this manual!!!
Valuable infos are in the FAQ and the MANUAL!
Before you start creating many albums after installation configure your home album as you want to have it.
Everything but the admin-password will be inherited to the next "child album"!
If you want to know what exactly I mean with "Left Navigation Bar" or "Admin-Login" take a look at the file: GLOSSARY
Take a look at the _README.FIRST.html file to get an overview of the available documentation!

->Back to TOP

2.2.2 Installation on "PHP Safe Mode Restricted" Servers

For an explanation why the installation on "PHP Safe Mode Restricted" Servers is more complicated than the standard installation process on servers without this restriction or if you just want an explanation on what this "PHP Safe Mode Restriction" means take a look at the TROUBLSHOOTING section of this manual: "Safe Mode".

And here is the Installation procedure for Safe Mode enabled systems:

Untar yappa-ng_xxx.tar.gz to somewhere you want, but NOT to the directory you want to install it!
   $ cp ./yappa-ng_xxx.tar.gz /usr/local/htttpd/htdocs
   $ cd /usr/local/httpd/htdocs
   $ tar zxvf yappa-ng_xxx.tar.gz

OR

Unzip yappa-ng_xxx.zip to somewhere you want, but NOT to the directory you want to install it!
Untar or unzip the files in the archive: "safe_mode_installation.tar.gz" (or "safe_mode_installation.zip")
Upload the script "safe_mode_start.php" to the webserver and run it (point your webbrowser to it). At the location where you put this script the yappa-ng main directory will get created!

Give the name of the directory into which the complete yappa-ng will get installed. You will have this directoryname in your path when you call yappa-ng. The default is "yappa-ng". (http://www.yourdomain.com/yappa-ng/). Please give only one directoryname! This script will not make mutliple directories!
Giving no directoryname and trying to install yappa-ng without main yappa-ng subdirectory will work with standard installation but will not work with safe mode enabled!!
Search for the file "safe_mode_install.php" in the upload box.
After clicking onto "Submit" you will get a link to go on with the installation. This link will call the upladed "safe_mode_install.php". (Please call the script "safe_mode_install.php" only with this link because there are parameters linked to the call!)

Run the previously uploaded safe_mode_install.php script with the link as described above:

Search for the files needed in the upload boxes. They are all in the main yappa-ng directory after you extracted the release archive. Only the Demo-image is located in the directory: ./yappa-ng/install.
After hitting the "Submit" button all directories get created and the files get uploaded. Some files get created (hitcounters, config files, security files,...)
If you want more than 3 languages installed please feel free and upload as many as you want (all :-). Just fill in the 3 languageboxes with the filenames/paths of the next languagefiles and hit "Submit" again. No need to provide the names of the other files (like index.php,...) again!!!

Copy (FTP, move, copy&paste,...) all other files of the installation into the appropriate directories (all of them), without overwriting one of the previously created/uploaded!!!! Be sure that you do not miss any! (Hint: there are 2 files in the yappa-ng/languages directory that will be needed!! (language_selection.inc.php and languages_translated.inc.php!!) Without these yappa-ng will not run!) ;-)
Delete the 2 scripts (safe_mode_start.php and safe_mode_install.php) from the server (someone could upload malicious scripts)!!!

Point you browser to the "setup.php" script and run it!
- Provide the yappa-ng Systemadministration Password (needed for setup.php and toolbox.php)
- Do not change the directories of "Part 1 Main"!!
- Configure "Part 4 Languages" correctly before you go on.
- Say yes to the "New Installation" (click the checkbox) and hit "Submit All" even if the Setup Tool tells you this is not a first installation!!!! The Setup Tool will only copy some more files!
- Click onto the provided link "<<< Run yappa-ng >>>" and enjoy! :-)
The Album Admin-Login Password after first installation of yappa-ng is the passord you selected in the Setup Tool (setup.php)
If you keep getting errors please read on to the section "4. TROUBLESHOOTING" in this file!
SECURITY:
- Do not forget to delete the 2 scripts (safe_mode_start.php and safe_mode_install.php) from the server (someone could upload malicious scripts)!!!
Now is the time to make your own news_xxx.html (where xxx is your language) to greet your users! (its in your yappa-ng source code-directory) The news_xxx.html is the greeting screen (Welcome to yappa-ng Photo Gallery ...). Read more about how to configure your welcome page here in the MANUAL.

--> THAT'S IT! Congratulation, you completely setup yappa-ng!
As I promised: Safe Mode Setup takes a little bit longer, but its running in Safe Mode!!! :-))

Hint:

Read the the SECURITY section of this manual!!!
Take a look into the FAQ! Many valuable information is in this file!!
Before you start creating many albums after installation configure your home album as you want to have it.
Everything but the admin-password will be inherited to the next "child album"!
If you want to know what exactly I mean with "Left Navigation Bar" or "Admin-Login" take a look at the file: GLOSSARY
Take a look at the _README.FIRST.html file to get an overview of the available documentation!

->Back to TOP

3. PASSWORDS

Upon first installation of yappa-ng the album administration-password is set to the same one that you selected in the Setup Tool (setup.php) for the yappa-ng System Admin.

Please remember that you can (have to!!) change the Album Admin Password for each Album separately in the Album-Admin-Login of the album (Upper right corner).
If you import albums (directories which you FTPd or Copied into your Main Photo directory) you can select the source config for the imported albums and there the album admin password will be the same!

You can change the yappa-ng System Admin Password (the password for the Setup Tool and the ToolBox) in the ToolBox. This changes only the yappa-ng System Admin Password!!

->Back to TOP

4. TROUBLESHOOTING

4.1 Standard Checks (check_setup.php)

If you get errors (yappa-ng_ERROR_xxx) look into the ERRORCODES file! There is detailed help why this error is shown and what to do to solve the issue! These ERRORCODES are an additional help to make the installation of yappa-ng even easier as it already is! ;-)
Maybe you are running into an already reported (and patched) BUG? Take a look here: BUGS.html (External Link)
Point your browser to the file check_setup.php in your yappa-ng source directory (e.g. http://www.mysite.com/yappa-ng/check_setup.php )
Now after this point your browser to the created file check_setup.txt (e.g. http://www.mysite.com/yappa-ng/check_setup.txt )

->Back to TOP

4.2 Checklist for "broken images"

4.2.1 Some Basic Checks

In almost all cases this is a problem of file and/or directory permissions!
Here is a short checklist - please check EVERY point! ;-)

Is the image itself readable for the webSERVER?
(To check: point your web server to the image: "http://www.mysite.com/yappa-ng/photos/sample/yappa-ng_DEMO.jpg" )
Has the path where the image is located read-permission for the web server?
Can you see the image if you select "original" as size in the single image view?
(There is no conversion for the "original" resize option in single image view. The "original" option is independent from ImageMagick / GD!) [If you don't see it please recheck the two points above!]
Try uploading an image with the admin-module "Upload Images" and see if you can view it !
Try to "Initialize" the image with the admin-module "Initialize Images" and see if you get an error which could help you.
There could be permission problems if you uploaded the image with FTP and not with the admin-module!
The following test will work only if you have the original "sample" directory with the "yappa-ng_DEMO.jpg" image in it from the installation! (Change the parameters to check other images in other albums!)
- http://www.mysite.com/yappa-ng/show.php?size=original&album_name=/sample&obj_name=yappa-ng_DEMO.jpg (Uppercase/Lowercase is important!!)
  The browser should open an image with the original "yappa-ng_DEMO.jpg" - picture (unchanged!).
- http://www.mysite.com/yappa-ng/show.php?size=640x640&album_name=/sample&obj_name=yappa-ng_DEMO.jpg (the 640x640 is correct!)
  The browser should open an image with a 640 x 480 "yappa-ng_DEMO.jpg" - picture.
Take a look at the file "yappa-ng.error.log" in your yappa-ng main source directory.
Take a look at the file "yappa-ng.warning.log" in your yappa-ng main source directory.

If nothing from the above worked take a look at your WEBSERVER-LOGFILE. (This will only be possible if you have full access to the webserver logfiles. Step to next point if your ISP gives you no access to the serverlogfiles!) (Almost no ISP will permit you free access to his logfiles :-)

are there any 4xx server errors (403 - forbidden or 404 - not found)? If there are you can pinpoint the error and maybe resolve it (permissions again??)
are there any other errors?
there should be calls with the syntax in your web server logfile:
http://www.mysite.com/yappa-ng/show.php?size=thumbnail&album_name=/sample&obj_name=yappa-ng_DEMO.jpg
Take a look at your php-error.log too (if you have any). Maybe you see the error there?

->Back to TOP

4.2.2 The "check_image.php" utility

->Back to TOP

4.2.3 ImageMagick: Test if the "convert utility" is working

Did you provide the full UNIX-path (including the name "convert" itself) to the convert utility (e.g.: '/usr/bin/convert')?
If you use a WINDOWS based system make sure you make the windows-like call to convert (with .exe!) (e.g. 'C:\full\windows\path\convert.exe') !
Has the web server execute permission for the convert utility? (path & utility)?
Does the convert utility work from the commandline? (Test only possible if you have commandline-access to the webserver!)
- change into your album where some images are
- change the permissions that you too can read/write in this directory/image - not only the web server
- type the following command:
  /UNIXpathToConvert/convert -size 50x50 -geometry 50x50 -quality 60 xy.jpg yz.jpg
  where xy.jpg is your source-image and yz.jpg is the output. This is exactly the command I create with php!!
- look at the image yz.jpg if it is correct and you can view it. It should be a very small 50x50 jpg image.

->Back to TOP

4.2.4 GD: "old" GD

yappa-ng uses an autodetect-method to guess what version of GD you use. But - alas! This does not work on every system! :-(

If you are using GD and have broken images set the config-parameter "gd_truecolor" to "no" (ONLY THAN!)

(Background: If possible I use the 'ImageCreateTruecolor' function of GD. I try to check for this function - but on some systems this method does not work - so if you say "no" in the config I override the test.)

If you use ImageMagick this parameter has absolute no meaning!

->Back to TOP

4.3 Safe Mode

yappa-ng is fully "safe_mode" compatible - but you have to know some facts:

What is the "safe_mode" PHP directive?

"safe_mode" compares the owner UID (=UserID) of all files / directories it reads from/writes to with the owner UID from the starting script. For yappa-ng the scripts which are started directly (and not included or read by these) are the following:

index.php - the yappa-ng main script which starts the application
show.php - shows the images and gets called from other scripts (index.php, slideshow.php,...)
setup.php - the yappa-ng Setup Tool
slideshow.php - Showing the Slideshow, gets called with all parameters from the index.php
check_setup.php - checks the environment, parameters and some basics.
check_noimage.php - runs some checks to show images with your current settings

If one of the above starting scripts has another owner (maybe your FTP-User!!!) than the file / directory that yappa-ng wants to access you will get the following error (example!!):
Warning: SAFE MODE Restriction in effect. The script whose uid is 500 is not allowed to access /yappa-ng/photos/sample/yappa-ng_DEMO.jpg owned by uid 0 in /yappa-ng/index.php on line 67
IF DEFINED only executables within the "safe_mode_exec_dir" get executed! For yappa-ng this is the convert utility.
These parameters are set and/or changed in the php.ini (/etc/php.ini in most linux installations, ??? on windows and others). You can view the current setting in the check_setup.txt file!
If you have changed something in the php.ini you have to restart your web server to make the changes active!

What things to watch when installing yappa-ng with "safe_mode" in effect?

All files and directories should have the owner UID (=UserID) of the web server. (specially the index.php the show.php and the setup.php).
New directories / uploaded images will get automatically the owner UID of the web server.
If the setup.php / index.php / show.php do not have the UID of the web server yappa-ng will not be able to read/write within the newly created directories and will not be able to write to the newly created files (hits.log, config.inc.php, config_album.inc.php,...)
Thats why you will have to follow the "Safe Mode Installation Routine":

Upload a script (safe_mode_start.php) which will do the following steps:

Create the main yappa-ng directory (you may name it as you like!) (getting the right permissions)
Upload the main safe mode installation file (safe_mode_install.php) (which gets the right permissions itself)

Run the previously uploaded safe_mode_install.php script, which will do the following steps:

Create all directories
Create some files (hitcounters, config files, security files,...)
Let you upload some specific files (the scripts that get started directly)

Copy (FTP, move, copy&paste,...) all other files of the installation into the appropriate directories (all of them), without overwriting one of the previously created/uploaded!!!!
Delete the 2 scripts (safe_mode_start.php and safe_mode_install.php) from the server (someone could upload malicious scripts)!!!
Continue with the Standard Installation! :-)

You will have to use GD!

->Back to TOP

4.4 Open Basedir

yappa-ng is fully "open_basedir" compatible - but you have to know some facts:

What is the "open_basedir" PHP directive?

IF DEFINED (default is empty) it limits the files that can be opened by PHP to the specified directory-tree, including the file itself.
This parameter is set and/or changed in the php.ini (/etc/php.ini in most linux installations, ??? on windows and others). You can view the current setting in the check_setup.txt file!
If you have changed something in the php.ini you have to restart your Web server to make the changes active!

What things to watch when installing yappa-ng with "open_basedir" in effect?

Make sure the complete yappa-ng installation is within the "open_basedir".
The "photo_root" has to be within the "open_basedir".
The "cache_root" has to be within the "open_basedir".
The file upload temp path has to be within the "open_basedir".
If you use ImageMagick:

The convert utility has to be within the "open_basedir".

->Back to TOP

4.5 PHP 4.0.6

There are some keywords which are not working in PHP 4.0.6
If you are using PHP 4.0.6 set the following parameter in the file "config_private.inc.php": $config['php_4_0_6'] = "yes".

->Back to TOP

4.6 "unable to fork"

If you get an error like:

Warning: exec(): Unable to fork [C:\ImageMagick\convert.exe -size 50x50.....

This is a windows-related issue and has nothing to do with yappa-ng but with the permission settings on your webserver!

There may be an easy way out for you (thanks to Jesper Rudbeck, who sent me this hint):
"We had lotso fun with "unable to fork" errors. It turned out to be a permissions problem. Y ou must give RX permission on "\winnt\system32\cmd.exe" to the user account that your web server runs as (e.g. IUSR_xxx on IIS, LocalSystem on Apache).
Turning on a Win2000 user right called "Bypass traverse checking" also solved a related problem but I forget what or why."

Another solution has been submitted by swbadn (Thanks):
"I copied cmd.exe into the c:\php folder and that seems to work as well. I set the permissions to read and execute only. This keeps from having to give anonymous access to C:\winnt\system32\cmd.exe where all of those nasty IIS scripts always seem to attack and I think is a little more secure than having to give access to the cmd.exe in the C:\winnt\system32 directory."

->Back to TOP

4.7 *.php4 extension needed

Some servers still need the "*.php4 extension" instead of the standard "*.php extension".

If you are running yappa-ng on such a server there are a view things you have to do:

rename the file "index.php" to "index.php4"
rename the file "show.php" to "show.php4"
rename the file "setup.php" to "setup.php4"
Edit the file config_private.inc.php and set the
   "resize_script" => "show.php",
   to
   "resize_script" => "show.php4",
if you need the check_setup.php script for installation help rename the file "check_setup.php" to "check_setup.php4"

Do no other changes!!!

->Back to TOP

4.8 EVERYTHING has failed - please help me!!!!

If you have a problem which is not covered in this document please take a look into the FAQ and the MANUAL! There are many useful hints!

If you need help because nothing in this document or the FAQ helps then it is time to read the file:

SUPPORT_REQUESTS in the yappa-ng /docs directory!

There is a detailed description how to get support!

->Back to TOP

5. SECURITY

5.1 .htaccess

If your web server supports .htaccess directory-protection (Apache Webserver) you should protect your complete yappa-ng "photo_root" (Photos Main Directory)!

You need no direct web-access to this directory - everything is done with PHP-scripts from your yappa-ng main directory!
It is important for you if you have userprotected albums.
If the directoryname AND the image name is known someone can access these images without the yappa-ng password-query if no .htaccess-protection is in place!

->Back to TOP

5.2 check_setup.php and check_setup.txt

DELETE (!!) or rename the check_setup.php script after you have the installation complete. If created DELETE the check_setup.txt file too!

Anybody can point his browser to the check_setup.php script and create the check_setup.txt file. There is no danger that this in itself is dangerous, but within the created check_setup.txt file there is some information about the setup of your webserver. This information is kept only to the yappa-ng related topics (some server configuration options, some PHP configuration options and of course your yappa-ng configuration options) and is necessary to get some yappa-ng installations up and running! ;-)

It's a good strategy that nobody should know very much about your setup. Some people don't even let their web server display his signature. On the other hand: if this is a standard installation of a linux distribution or windows installation there will be no information which is not already known.
Deleting /renaming these files will just keep you on the safe side! :-)

->Back to TOP

5.3 Album-Admin password

Log into your home-photo album (this is where the "Welcome to yappa-ng..." text shows after installation) as Album-Admin as soon as possible after installation and change the default password to your own (Even if there are no images in it and even if you never will have images directly in this central folder).

There is no real security issue if you do forget / ommit it, but it could happen that someone changes the password to one you do not know, upload/delete images,...
And I do not believe you will think this is funny! ;-)

Hint:

Before you start creating many albums after installation configure your home album as you want to have it.
Everything but the admin-password will be inherited to the next "child album"!

->Back to TOP

Part of yappa-ng Documentation by Fritz 'wizard' Berger: >> yappa-ng Homepage <<