inherited website in MySQL/PHP - update or rewrite in newer technologies ?

Posted on 2008-11-08
Last Modified: 2013-12-13
18mths ago a staff member wrote our website in PHP/MySQL, and hosted it with a 3rd party hoster, who uses H-sphere for configuration. The staff member left just after this.

The website runs, well 98% of it runs. We need to fix the 2% that doesn't - which amounts to about 33% of its business value, as well as update it.

Trouble is, I have no experience with PHP, MySQL (apart from installing it and doing the tutorial), and very little with H-sphere (only for setting up email and DNS, not for PHP and MySQL)

I can learn what needs to be learned, but am looking for the quick routes here as I have many other things to do. I used to be a programmer, so hopefully once I get the principles, I should be ok.

H-sphere is down quite often (like now) and our hosters want to migrate us to cpanel, which is another posting in itself.

I thought best to get our own local webserver up and running so we can load the site up on it, and then tweak/add functionality in an environment where we can test things quickly, and are not at the effect of the 2x issues in last paragraph.

Is this going to be a wise approach, or will I end up scratching my head for days trying to set up said local environment, and maybe I'd be better just migrating to cpanel and doing everything that way.

Locally, we run SBS 2003, and I've just discovered IIS on there.
I've added a new website under IIS, but would need to buy an IIS book to actually get anything displayed, then get the MySQL database linked in.
Maybe I'd be better installing Apache - is it free?
But, can it coexist on the same machine as IIS (this is the only machine I'll be able to install a webserver on, I think), and IIS needs to be on the SBS server as it provides a lot of useful functions for SBS, so I've read, not least Remote Web Workspace which I rely on !!

If push came to shove I could install Apache on my personal work PC I suppose...

Eventually I see us redesigning the whole thing anyway, is it likely that a webdesigner will want to use Visual Studio / IIS etc (in which case we'll end up going the microsoft way, so maybe may as well start with IIS, as that will be what we're  using anyhow) ?

sorry lots of questions - all help appreciated !

Question by:zorba111
    LVL 12

    Expert Comment

    For php:
    >>Maybe I'd be better installing Apache - is it free?

    definitely...A bundled solution can be
    But before using it, learn the server side specification of php version they are using...simply write:


    to a test.php file and upload it to www root folder...And adjust your xampp or wampp solution you are going to install...

    You can use mysql gui tools or SQLYOG to view your database of remote server...

    LVL 12

    Expert Comment

    If you are happy with coding, you may continue to use...
    LVL 12

    Accepted Solution

    if that 33% of the business value represents a significant portion of your business, I'd suggest the incremental work needed to correct that 2% is a better investment of time and money (even if it means contracting someone to do it since you're not well versed in PHP). There's more to managing a business-critical web server than setting it up on your own server. Hosted services do (or should do) all of the infrastructure work to meet the SLA you've contracted for, including backups, high-availability, 24x7 support personnel, ... I don't know what your justification was for a hosted service, but make sure you're doing an apples/apples comparison before you decide to move it in-house.

    if a re-design is in the works, consider one of the content management systems such as Joomla or Mambo. They buy you a lot of functionality without ever having to develop code. You may find that much of what you want to do is already there, and what's not may be available as an addon developed by their active 3rd party communities.

    Author Comment

    I got the existing PHP site installed on our SBS version of IIS ok (whew, a lot of work to get PHP to work - see my other posts!) and started testing / hacking at it.

    Only got so far though, as compiled flash .SWF files had embedded URLs for live site, and I didn't have the source files to rebuild, and decompiling didn't work (see other post if interested...)

    Ended up having to do the hacking/fixes directly work on the live site. Luckily had devoured just enough of my PHP and MySQL book to fix that 2% problem - turns out original author had hijacked a button to redirect back to his site and present a 401 error and a cheeky message. Reinstated original funcitonality. (As an aside, considering legal / police action - anyone ever had any success with this sort of thing?)

    Now site is running ok, apart from there seems to be a cron job running that is calling into our site, but I can't work out where its being called from as we have no cron jobs installed.. I think the orginal author is running it from his server (this can be done remotely can't it, as long as he fires .php requests at my webserver in his cron file).

    I am just very nervous about their newly apparent malicious intentions and the sooner we get the thing secured the better. They know the code and all the entry points. Will take ages to strip out all the non-essential php files, as he developed it from a code template and left lots of redundant stuff in (4000 files, though a lot of it seems to be .html and .txt for SEO / analytics purposes). Real spaghetti.

    Might be just as well to do a 100% rewrite.
    Considering Joomla - see my last question though!

    Author Closing Comment

    your advice ended up constituting at least 50% of what i ended up doing
    ta v. much!
    LVL 12

    Expert Comment

    When you say a cron job is running, what are the symptoms you're seeing that make you think this? Certainly, if the developer's built some back door functionality into the web site, he/she could be triggering activity on your site. I'd suggest checking the IS log files to see what requests are coming in and looking for anything suspicious, occurring at a fixed interval, or in repeating patterns that might indicate some kind of scheduled activity.

    Good luck with the re-write. It sounds like this in a business relationship that's best terminated as soon as possible.

    Author Comment

    some period things are happening eg.
    something is causing "weekly jobmail" emails to be sent out.
    Also database records get tidied up - out of date jobs get archived into the archive jobs table etc.

    I can see the code on the site, but nothing is calling it from any events (buttons, links etc.)
    so I'm assuming its being called externally, probably from cron scripts still running on this guys development server

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
    If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
    Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
    The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now