The controversy of Universal Reconciliation

Origen (3rd Century) is thought to have favoured Universal Reconciliation
Origen (3rd Century) is thought to have favoured Universal Reconciliation

Much as I am constitutionally disposed to resist being pigeon-holed, I guess you could describe me as a conservative Charismatic. Although I am a firm believer that the gifts of the Holy Spirit are rightly in active use today, I am troubled by some of the excesses witnessed in modern churches, blamed on “moves of the Spirit”. I would align myself with all mainstream orthodox (little ‘o’) Christian beliefs and creeds. So that sets out my stall/bias in writing this article.

Many years ago, a dear friend of mine took a turn – maybe it was a gradual turning – in his Christian walk, into a movement known as “Universal Reconciliation” (UR). I have attempted subsequently to understand what Universal Reconciliationists believe and to what extent (if any) my fellowship with them might be affected. Early on, I instinctively felt that a doctrinal chasm had opened up between us, but I do not trust my instincts, except in the sense that they reveal to me my deeper emotions. And I know that emotions can be misleading.

What is it?

The name is a fairly accurate although perhaps simplistic description of the characteristic belief of Universal Reconciliationists. To expand this slightly, they believe that all people will ultimately achieve salvation through Jesus Christ, if not in this life then in the next. This would include all those persons traditionally cited as “evil beyond redemption” – Hitler, Stalin, Genghis Khan, etc. This of necessity disallows the concept of eternal punishment/hell. More on that anon.

The need for grace

I think that God must find it very saddening when Christians focus more on what divides them than on what unites them. One way in which this is evident is the use of name-calling. Evangelicals sometimes call fundamentalist Christians “fundies”. Fundamentalists may call Charismatics “Charismaniacs”, and so on. An unfortunate trend I have seen amongst Universal Reconciliationists is to cover the rest of Christendom with the blanket term “ET-ers”, where the “ET” stands for “Eternal Torment”.

Granted, many Christians outside UR do believe that non-believers are destined to spend eternity/the afterlife in some form of perpetual and ever lasting punishment. But what we should remember here is that in the case of UR, “Universal Reconciliation” describes the point at which the movement departs from mainstream Christianity. For many (non-UR) Christians, eternal torment is not a major tenet of their beliefs. Admittedly, it’s in there somewhere, but this is not, I don’t think, the key focus of their spiritual lives. So it is unfair to pick one arguably secondary doctrine and make this the defining characteristic of those believers. Furthermore, calling them “ET-ers” implies a negative focus whereas I would suggest that this is not the focus or experience of the majority. And finally, note the difference: Universal Reconciliationists have (broadly speaking) chosen this label for themselves; the rest of Christendom has not (to my knowledge) chosen the label ET-ers.

So may I call for grace from Universal Reconciliationists towards your brothers and sisters in the Lord? Can we drop the name-calling?

If I am going to speak about grace, I must go on to express my dismay at the way non-UR believers have treated Universal Reconciliationists in so many cases. We should look to the fundamental primary doctrines held by these people and the fruit of their spiritual lives. I would submit that the differences are much smaller than the heresy-hunters wish to make out.

It is difficult, but necessary, when engaging in theological debate, that we focus on the issues, not on the people. We are called to love one another whether friends, enemies, those in our particular branch of the Church or those outside it. The vitriol unleashed by people on both sides of this debate is alarming, unloving, unrighteous and generally not worthy of a direct response. It is acceptable to demolish ideas; it is not acceptable to demolish people.

If you research UR online, you do not have to dig very deep to discover websites that have large sections devoted to UR (apologetically for or against). The attitudes of some of the contributors to and maintainers of those websites can be deeply saddening. Personal attacks are rife and this is extremely unbecoming for anyone who claims to be devoted to an all-loving God. UR particularly emphasises the love of God, making personal attacks all the more incongruous in those quarters. Whatever the case, it is incumbent upon all who seek to engage on this topic to do so with the utmost respect for each others’ dignity as creatures made in God’s image.

Examining the scriptural evidence

Since we’re talking about matters of doctrine, we must start with our source text, the Bible. It is important not to impose one’s presuppositions on the text. Beginning with an assumption that UR is either a correct or an incorrect position will inevitably result in the view that certain scriptures shore up that assumption. The Bible is an ancient document, which we see through the lenses of translation and dynamically shifting cultures.

I am hampered though; I do come to the text with presuppositions and fettered by my culture. Moreover, I am not trained in ancient languages and cultures, nor indeed in theology (except through limited self-study). Nevertheless, I will make the best fist I can, of examining the scriptural evidence both for and against UR and – who knows – perhaps something somewhere will ring true for my readers. I ask the Holy Spirit to guide my thoughts as I write and yours as you read.

Examining evidence is something with which I am well acquainted, having spent some 14 years in the study and practice of the law. Perhaps my approach will seem clumsy to some, but to me it is second nature. To the evidence, then.

The scriptural case for UR

I do not have the resources to conduct a thorough biblical study, but let us address a few of the typical texts used in support of UR.

For as in Adam all die, so in Christ all will be made alive.

1 Corinthians 15:22

The UR conclusion from this passage is that all people for all time will be “made alive”, that is, saved. To evaluate this critically from a non-UR perspective: while most Christians would agree that all people are “in Adam”, we cannot with certainty say that all people are “in Christ”. There is a subtle difference between the UR reading and the non-UR reading. To illustrate this better, compare, “as in Adam all [people ever born] die, so in Christ all [people ever born] will be made alive” (UR) with “as [of those people who are] in Adam all die, so [of those people who are] in Christ all will be made alive” (non-UR). Both are arguably valid renderings of the text. This verse on its own is insufficient therefore to support either position fully. Further evidence from the text is required.

On the basis that “a text out of context is a pretext for a proof text” we should at least examine the immediate context surrounding the verse in question. In verse 23, Paul goes on to say, “But each in his own turn: Christ, the firstfruits; then, when he comes, those who belong to him.” This seems to beg the question whether there will be those who don’t belong to him. Further, this raises the suggestion that the previous verse is not intended to indicate that the “all” referred to in connection with Christ is universal. This verse taken in isolation supports neither the UR nor the non-UR view.

Consequently, just as the result of one trespass was condemnation for all men, so also the result of one act of righteousness was justification that brings life for all men.

Romans 5:18

As with the previous verse, the UR position is tied up in the use of that word “all” – “life for all men”. Analysing the context, we see in verse 19: “For just as through the disobedience of the one man the many were made sinners, so also through the obedience of the one man the many will be made righteous.” That there is a difference between “all” and “many” is undeniable (two different Greek words are used and those words are not synonyms). On a plain reading, verse 19 gives an indication that not all people will be made righteous.

Some might argue that the “many” people referred to in verse 19 could logically include “all” people. If all people were together, that would indeed be “many”! But although the logic follows, it seems rather awkward to impose such a reading on the verse. “Many” just as logically (and more commonly) can mean “less than all”.

In verse 18 the assertion that Christ “brings life for all” does not necessarily imply that all receive life. Nor does it expand on the nature, extent or duration of that “life”. Once more, neither the UR, nor the non-UR position is conclusively proven.

For God was pleased to have all his fulness dwell in [Christ], and through him to reconcile to himself all things, whether things on earth or things in heaven, by making peace through his blood, shed on the cross.

Colossians 1:19-20

This undoubtably is a key scripture for Universal Reconcilationists, not least because of the appearance of the phrase “reconcile to himself all things”. The UR position concludes that all people are ultimately reconciled with God, where “reconciliation” implies eternal blessed life, free from further punishment. This is compelling. Some difficulties present themselves, however:

  • “all things” – is Paul implying that reconciliation/eternal life awaits everything, whether animal, igneous rock, body corporate, item of stationery, ideology, software product, termite mound or interstellar gas? One supposes not.
  • “things in heaven” – is Paul suggesting that reconciliation and eternal punishment-free life await Satan?
  • “reconciled” – does reconciled mean that for all time any deserved punishment is removed, suspended, negated or past?

If the emphasis in this verse is placed on “through him” (non-UR) rather than on “all things” (UR), a valid reading becomes, “All things which are reconciled to God are reconciled through Christ.” So although this verse might lead some to reach a UR position, we can see that a UR position does not arise from it of necessity. This verse is better evidence in support of UR, but not sufficient in itself to build a doctrine.

So far, much has been made of one small word, translated “all”. In each of these verses, the word “all” comes from a Greek word transliterated “pas” (Strong’s number 3956). Interestingly, this same word is used in 1 Timothy 6:10, which is a very familiar passage:

For the love of money is a root of all kinds of evil. Some people, eager for money, have wandered from the faith and pierced themselves with many griefs.

! Timothy 6:10

Earlier versions such as the KJV tended to translate this as “love of money is the root of all evil”. The New KJV now favours “the love of money is a root of all kinds of evil”. There is not currently a complete consensus amongst translators, but the differences of opinion should be enough to suggest that a dogmatic insistence on one particular rendering would be unwise. That said, the rendering that includes “all kinds” seems more consistent with the remaining corpus of scripture and makes good sense (in that there are certainly many evils for which money is not the root). Applying this back into the previous scriptures, where “all things” are reconciled, might this not properly be rendered, “all kinds of things” are reconciled? And so on.

That if you confess with your mouth, Jesus is Lord, and believe in your heart that God raised him from the dead, you will be saved.

Romans 10:9

and

and every tongue confess that Jesus Christ is Lord, to the glory of God the Father.

Philippians 2:11

I juxtapose these two as others have done elsewhere, in support of UR. The conclusion invited is that all people will ultimately confess that Jesus Christ is their Lord, thereby obtaining the salvation promised in Romans 10:9. The previous verse in Philippians states however, “at the name of Jesus every knee should bow…” This is a valid translation of the original and leaves open the possibility that while all should bow and confess, some will not.

… God our Saviour … wants all men to be saved and to come to a knowledge of the truth.

1 Timothy 2:3b-4

Perhaps we now come to the crux of it. A common line of reasoning for Universal Reconciliationists is thus: God is omnipotent. God is all-loving. God desires that all people be saved. Due to his omnipotence, everything he desires, he can bring into being, and since this would be consistent with being all-loving, all people will be saved. I do not propose to analyse that reasoning here, but returning to the scriptural evidence, we can ask: are God’s desires ever unfulfilled?

The Greek word translated here “wants” can be transliterated from the Greek as “thelo” or “ethelo” (Strongs number 2309). This word appears 210 times in the New Testament and the best place to answer our previous question is wherever the word is used in connection with God. One such instance is Romans 9:22:

What if God, choosing to show his wrath and make his power known, bore with great patience the objects of his wrath— prepared for destruction?

Romans 9:22

In this passage we see God’s wishes (“thelo” here translated “choosing”) being restrained by God himself. Taking an overview of the context in which this word is used (and precise meaning would normally vary with context), the meaning is no stronger used in connection with God than in connection with an individual. For example, “I wish to do a parachute jump,” communicates the desire without implying that this desire will definitely be fulfilled. I would suggest that this is how 1 Timothy 2:3b-4 should be taken. It is silent on the matter of whether God’s wish in this respect will ever be fulfilled.

There are many passages in scripture similar to those above. There are too many to list here, but of those I have analysed, a similarly inconclusive position arises. For the avoidance of doubt, I have not found any scripture that provides conclusive evidence in favour of UR, but please understand that this mere fact must not be taken as a positive assertion that UR is false. In that respect, we must next consider whether there is any scriptural evidence negating UR.

The scriptural case against UR

Since a principal tenet of UR is that punishment for unbelievers will be limited in time (or not happen at all), it is appropriate to examine those scriptures that touch on eternal punishment.

He will punish those who do not know God and do not obey the gospel of our Lord Jesus. They will be punished with everlasting destruction and shut out from the presence of the Lord and from the majesty of his power

2 Thessalonians 1:8-9

Everything turns on the correct translation of the word here rendered “everlasting”. Unsurprisingly, it transpires that this is an extremely contentious point between UR and non-UR believers. On the face of it, on a plain reading of the NIV at least, UR is obliterated by this translation, but is the translation correct?

Different translators have different views. Here are a few:

  • eternal destruction (NASB, NLT, ESV, CEV, ASV)
  • everlasting ruin (destruction and perdition) (Amplified)
  • everlasting destruction (KJV, NKJV, Darby, NIV)
  • destruction that continues forever (NCV)
  • everlasting pains (Wycliffe)
  • destroyed for ever (Worldwide English)
  • eternal exclusion (JB Phillips)
  • eternal exile (The Message)
  • destruction age-during (YLT)

Of the translations (and paraphrases) surveyed, there is a broad consensus that the duration of destruction/punishment will be eternal or everlasting. In those translations it is difficult to impute a cessation to the period of punishment, at least not without second guessing the translators. In a couple of the translations, the intensity of the punishment is moderated to “permanent exclusion”. It is still without temporal limit.

The UR counter to this stems from translations such as Young’s Literal Translation, which focuses on the “ages” translation of the Greek word “aionios”, viz “they will be punished for an age”. The majority of translators disagree with this conclusion, but it seems to me that the bible is the best arbitrator on the question. Where else is this word used? Aionios occurs 72 times in the New Testament. Interestingly it is used in connection with life as well as with punishment. For example:

Then they will go away to eternal punishment, but the righteous to eternal life.

Matthew 25:46

“Eternal” here is aionios in both cases. If the UR position is correct that “aionios” punishment is limited in duration, then it must also surely assert that the “aionios” life is similarly limited in duration. Any other approach would be inconsistent. So if 2 Thessalonians 1:8-9 does not conclusively support the non-UR position (if there is a valid question concerning the correct translation of aionios) it cannot support the UR position either, in the light of verses such as Matthew 25:46.

A third angel followed them and said in a loud voice: If anyone worships the beast and his image and receives his mark on the forehead or on the hand, he, too, will drink of the wine of God’s fury, which has been poured full strength into the cup of his wrath. He will be tormented with burning sulphur in the presence of the holy angels and of the Lamb. And the smoke of their torment rises for ever and ever. There is no rest day or night for those who worship the beast and his image, or for anyone who receives the mark of his name.

Revelation 14:9-11

This is one of many passages within Revelation concerning the punishment of the wicked. In this instance, the flavour of the passage conveys a permanent sacrifice-like punishment of a particular group of apostates. On a plain reading of the text, one must emerge with an impression of a devastating outpouring of God’s judgment upon some unbelievers. Words such as “fury”, “wrath”, “torment” and “sulphur” enhance that impression. I would advise caution here however: Revelation must be approached with great care. It contains much that is allegorical, much that is prophetic, much that appears poetic even. Extracting a clear prediction of the future (to the extent that Revelation may contain as yet unfulfilled prophecy) is beyond me. I accept Revelation as one of those mysteries of God, to be revealed at his good pleasure.

So, the evidential strength of Revelation 14:9-11 may legitimately be brought into question by UR believers. That it is evidence against their cause cannot be called in question. That it is perhaps not utterly compelling may be.

There are many scriptures that say similar things to those we have studied thus far. One scriptural concept deserves particular attention before we wrap up this section however: that of the unpardonable sin:

I tell you the truth, all the sins and blasphemies of men will be forgiven them. But whoever blasphemes against the Holy Spirit will never be forgiven; he is guilty of an eternal sin.

Mark 3:28-29

I cannot play Devil’s advocate with these verses. I must simply pray that I never stumble into such error.

The problem of free will

I do not wish to stray far from my biblical studies approach to this debate, but I do wish to express some thoughts on the topic of free will. It presents philosophical difficulties for me when I address Universal Reconciliation. My understanding may be coarse and inelegantly expressed, but for me, the Universal Reconciliationist says this: you will be saved whether you want to be or not. If you reject God initially, it is inevitable that you will ultimately repent and return to him.

In this eternal, UR view, free will becomes illusory. If a person’s choice (of God) is inevitable, predictable and effectively impossible to avoid, how can we reconcile this with what we instinctively know and feel (and believe the bible teaches moreover) about free will?

There is another problem: if it is inevitable that people will choose God, over the eternal time scale, is it not also inevitable that they will subsequently choose to reject him again? Or is it impossible, having chosen God, to reject him (thus negating free will once more)? The matter of salvation becomes bound up in the works of the individual, rather than in the sacrifice of Christ. This, compounded with the dismantling of free will, makes the UR position one that would require very careful scrutiny indeed, were one to choose to embark down that path.

Does UR present a case to answer?

Taking all things together, UR does indeed have a case to answer. Whilst I maintain that if we take an orthodox view of scripture whereby it is internally consistent, a non-UR position appears to emerge more strongly, this is not to say that UR views should be dismissed summarily. They rightly challenge the non-UR approach to scripture and this challenge must be met with grace and dignity.

It is not my objective to reach a conclusion on this subject, although my own position remains unchanged having conducted this study. For the reader, further material may be of interest. Might I suggest two starting points – in the interests of balance, one from each camp:

Universalism and the Bible — The Really Good News Keith DeRose (UR)

All the (((all’s))) all covered – An Examination of the Biblical Proof of the Doctrine of Universal Reconciliation Eric Landström (non-UR)

Bible quotes above: THE HOLY BIBLE, NEW INTERNATIONAL VERSION®, NIV® Copyright © 1973, 1978, 1984, 2011 by Biblica, Inc.™ Used by permission. All rights reserved worldwide.

Image of Origen from the Wikimedia Commons. Commons is a freely licensed media file repository.

Easily host your own web sites | part 4: web design (DIY)

Contents


web designThere are many different ways of approaching web design and development, ranging from packages that do all the hard work for you, to coding the thing from scratch. If you were of the former persuasion, then I suspect you wouldn’t be reading this series, so we’re going to look at two different DIY approaches: moderate DIY (requiring little or no programming) and geek/hacker (getting your hands dirty with code). We’ll concentrate on the former, today.

Moderate DIY: Content Management Systems

I’ve been through the loop a few times with several different content management systems. These are software packages that typically provide a high level of functionality for your website, without involving you in lots of programming. There are some big names in this field, in both the commercial and open source worlds. In the latter case, the “big players” include:

There are hundreds of CMSes out there. By all means, experiment and try a few out. They have many things in common, so you’ll learn useful skills whatever you do. If you want to hit the ground running though, I would recommend checking out WordPress. Each iteration of WordPress is becoming more friendly to the web developer as well as the end user (content editor). The installation is a breeze. If your target website is a blog or a simple corporate website, WordPress is a great choice. There are some caveats, however.

WordPress may well be the most popular and most widely deployed CMS on the planet. This has pros and cons. On the one hand, you will find a large community of helpful and knowledgeable users, lots of documentation and a decent rate of product improvement. On the other hand, WordPress’s success makes it a large target. WordPress has suffered from some fairly high-profile security flaws. Because it drives so many web sites, WordPress is a tempting target for spammers and identity thieves alike. In short, if you plan to use WordPress (and I think you should), you’ll need to be committed to keeping up to date with security patches. Fortunately, applying WordPress patches is simplicity itself. You shouldn’t find it too onerous to keep it up to date – unless you are managing a hundred WP websites; but even then, there are tools for that

For the remainder of this section, I’ll proceed along the basis that you’ve selected WordPress as your CMS of choice. I’ll also assume that you are setting this up on the server created by following the earlier parts of this series (that is, you are using Virtualmin as your server/website management solution).

Installation

The installation of WordPress is well documented on the WordPress website, so I’ll not rehash that here. Let me suggest a couple of things to assist your installation though.

First, for each WordPress site, it is easiest to start from scratch, setting up a new site/domain within Virtualmin. If this is the very first site you’ve set up with Virtualmin, you will also be creating your first “user”. Virtualmin can handle multiple users on a single server, where each user is a kind of “mini administrator” of the website(s) within his or her control.

Virtualmin will by default create a username that corresponds to the first part of the domain you specify. So if your domain is “fredbloggs.changeip.com”, your user name will be “fredbloggs”. Virtualmin will also create (by default) a new MySQL database of the same name (“fredbloggs”). This MySQL user will have full control over the database.

If however, this is the not the first website you’ve created with Virtualmin, you have the option of adding the website to an existing user’s profile (in which case, you need to ensure you’re creating a sub- server), or creating a new user/domain/MySQL database. If you go down the sub-server route, you’ll be using the original username for your credentials, but your MySQL database name will be different (again, corresponding to the first part of the domain, by default).

To flesh this out a bit, you might do the following:

Site 1
Type: Virtual Server
Domain: fredbloggs.changeip.com
Username: fredbloggs
MySQL database: fredbloggs
MySQL username: fredbloggs
Web site root directory: /home/fredbloggs/public_html

Site 2
Type: Virtual Sub-server
Domain: funkyshop.changeip.com
Username: fredbloggs
MySQL database: funkyshop
MySQL username: fredbloggs
Web site root directory: /home/fredbloggs/domains/funkyshop.changeip.com/public_html

Note the different root directories (where the web site’s files are stored). I’d recommend the following procedure for obtaining and extracting the WordPress files:

  • Go to the WordPress download page
  • Make a note of the URL for the “tar.gz” download. This is a Linux-friendly compressed archive. At the moment the address is http://wordpress.org/latest.tar.gz, but that may of course change.
  • Fire up an SSH connection to your server.
  • Navigate to the web site root directory.
  • If you logged on as root, use “su” to change to the website owner: su fredbloggs
  • Use the command “wget” to download the WordPress archive file: wget http://wordpress.org/latest.tar.gz
  • Extract the files: tar zxf latest.tar.gz
  • Move the extracted files out of the newly-created “wordpress” directory into the current directory: mv wordpress/* .
  • Tidy up the archive file and the now empty directory: rmdir wordpress; rm latest.tar.gz
  • Proceed with the installation per the instructions on the WordPress site.

Design

Restyling a CMS is never a trivial task. If you are creating a commercial site, it may well be best to engage the services of an experienced WordPress designer. Until then, you have some other options. For starters, there are a lot of WordPress themes freely available which will completely change the look and feel of your site. Most of these themes can be customised in various ways, from adding your own logo, to changing the colour scheme. If you’re handy with CSS, you can tailor them even further, through the built-in CSS editor.

The problem is of course that your website will end up looking like a lot of other websites out there. For a personal blog, that’s probably not a big deal. If that doesn’t statisfy you though, you have a couple of ways of creating something a bit more personalised.

Several theme frameworks are available for WordPress. They are essentially skeleton themes, which come with instructions for customising to your own design. This tends to come with a steep learning curve. You’ll do well to avoid this until you’re reasonably fluent in HTML, CSS and PHP.

I recently came across a software package called Artisteer, which provides a WYSIWYG environment for designing themes for WordPress and many other CMSes. I have had a brief look at it, following a recommendation elsewhere. It too comes with a learning curve, though not as steep as beginning with a framework theme. Also, it is not free. But if you think you’d like to make your name designing cool WordPress sites, Artisteer (or something like it) would most likely speed up the design process.

Plug-ins

One of the great advantages of using a CMS, is that other people create generic plug-ins, which extend and enhance the functionality of the site. WordPress is no exception, with thousands of plug-ins available on its website. There are far too many plug-ins to list here, but here are a few that I would install straight away, on most WordPress sites I create:

  • Cookie Law Info: “A simple way to show how your website complies with the EU Cookie Law. Implied Consent. Style it to match your own website.”
  • Google XML Sitemaps: “[Generate an] XML-Sitemap compliant sitemap of your WordPress blog. This format is supported by Ask.com, Google, YAHOO and MSN Search.”
  • JetPack: an official WordPress plugin, which supercharges the commenting system, adds mobile-friendly themes, adds great stats and much more.
  • Ultimate Maintenance Mode: a handy plugin if you ever need to take your site offline

This is all you need to know, to get a massively featured website up and running in relatively no time, using pre-built tools. In the next and final article in this series, I’ll look at doing the whole thing more or less from scratch.

What is a backslider?

DepressedThis is one of the few scripture verses I can remember (Ishmael made it into a handy song). Proverbs 14:14 – “A backslider gets bored with himself, but a godly man’s life is exciting.” (The Living Bible) Or, “The backslider in heart will be filled with the fruit of his ways, and a good man will be filled with the fruit of his ways.” (ESV)

The bible doesn’t really expand on what “backslider” means. For me, a simple definition would be “a person who formerly claimed to be a Christian but whose life is not bearing the fruit one might expect of a Christian”. I would describe two types of backslider:

  1. A Christian whose life is currently dominated by sin.
  2. A person who never was a Christian and who has reverted to type.

I wouldn’t dare to call the apostle Paul a “backslider”, but his self-effacing remarks in Romans 7:15-24 hint at type 1 backsliding:

15 For I do not understand my own actions. For I do not do what I want, but I do the very thing I hate. 16 Now if I do what I do not want, I agree with the law, that it is good. 17 So now it is no longer I who do it, but sin that dwells within me. 18 For I know that nothing good dwells in me, that is, in my flesh. For I have the desire to do what is right, but not the ability to carry it out. 19 For I do not do the good I want, but the evil I do not want is what I keep on doing. 20 Now if I do what I do not want, it is no longer I who do it, but sin that dwells within me.

21 So I find it to be a law that when I want to do right, evil lies close at hand. 22 For I delight in the law of God, in my inner being, 23 but I see in my members another law waging war against the law of my mind and making me captive to the law of sin that dwells in my members. 24 Wretched man that I am! Who will deliver me from this body of death?

ESV

If Paul felt this way, then for sure, backsliding is something we all experience in our lives, from time to time. These days though, I’m starting to wonder if most people you’d describe as “backsliders” were in fact never Christians at all. Check out 1 John 1:5-10:

5 This is the message we have heard from him and proclaim to you, that God is light, and in him is no darkness at all. 6 If we say we have fellowship with him while we walk in darkness, we lie and do not practise the truth. 7 But if we walk in the light, as he is in the light, we have fellowship with one another, and the blood of Jesus his Son cleanses us from all sin. 8 If we say we have no sin, we deceive ourselves, and the truth is not in us. 9 If we confess our sins, he is faithful and just to forgive us our sins and to cleanse us from all unrighteousness. 10 If we say we have not sinned, we make him a liar, and his word is not in us.

ESV

Once someone has the Holy Spirit indwelling, he is still capable of sin, but that goes against his new nature. This grieves the Holy Spirit. A Christian must inevitably show increased fruit of the Spirit – this is an unstoppable power at work in him. See Romans 8:11:

If the Spirit of him who raised Jesus from the dead dwells in you, he who raised Christ Jesus from the dead will also give life to your mortal bodies through his Spirit who dwells in you.

ESV

So generally for “backslider”, I read “wasn’t a Christian in the first place”. But that probably sounds harsh and I certainly don’t make it a rule. Ultimately only God truly knows the state of a man’s heart. 1 Samuel 16:7:

But the Lord said to Samuel, “Do not look on his appearance or on the height of his stature, because I have rejected him. For the Lord sees not as man sees: man looks on the outward appearance, but the Lord looks on the heart.”

ESV

“Depressed” image copyright © Sander van der Wel, licensed under Creative Commons. Used with permission.

Easily host your own web sites | part 3: networking

Contents


network cablesSo far in this series, we’ve set up our server hardware and installed and configured the operating system and web hosting application. In today’s article, we’ll look at how you enable people to browse content on your server (wherever they and it may be).

Port forwarding

Most SOHO routers are configured to prevent unsolicited inbound traffic. If you want people to be able to view web sites on your server therefore, you need to create a conduit through which web traffic can pass. This is usually called “port forwarding”. Broadly speaking, ports segregate different types of network traffic. Web traffic comes in on port 80 (TCP), SSH traffic on port 22 (TCP), encrypted web traffic (HTTPS) on port 443 (TCP) and so on. So you need to configure your router to forward port 80 traffic to the static IP address you configured for your server (see part 2). You may also wish to forward port 10000 (Webmin) and port 22 (SSH) so you can administer your server remotely, but be warned that as soon as you do, so-called “script kiddies” will start trying to break into your server. So proceed with caution, and read up on the risks. You’re pretty safe forwarding port 80, provided your web sites are well designed.

To find out how to set up port forwarding on your router, read the manual, or check out the references at portforward.com. Once you’ve done that, check that the port is forwarded by browsing to your network’s external IP address. How do you find that out? From within the network, browse to icanhazip.com.

If you’ve forwarded the port correctly, and if you’re not caught by the hairpin NAT gotcha (see below), you should see the default web page from your new web server. On my new server, the page looks like this:

It works!

This is the default web page for this server.

The web server software is running but no content has been added, yet.

Dynamic vs. Static IP addresses

If you are going to be hosting any kind of internet service (like a web server), it is easiest to have a static IP address. DNS (the Domain Name System) converts “human-friendly” web addresses such as “pomeroy.me” into “computer-friendly” IP addresses such as “178.248.39.218”. This is great if your network’s external IP address never changes, but for many customers on cable, broadband or dial-up connections, their IP address is “dynamic”, meaning that it might be different each time the modem or router reboots. There is a workaround for dynamic IP addresses (see the section on Dynamic DNS, below), but in the long run, it might be easiest simply to ask your ISP for a static IP address. In many cases that costs little or no more than a dynamic address.

Dynamic DNS

With Dynamic DNS (DDNS), your router or server contacts a DDNS service provider on the internet and reports its current external IP address. The DDNS server then transmits this information through the internet via the DNS system. Changes can take a while to take effect, but it’s better than nothing. My current DDNS provider of choice is changeip.com. ChangeIP.com has a free service, where you use a sub-domain from one of several domains they have available (e.g. fredbloggs.changeip.org).

Many routers can speak DDNS, meaning that as soon as the router reboots, it can check in with the DDNS provider and let it know if the IP address has changed. See your router’s manual for more information. If your router doesn’t directly support this, you can install software on your server that will periodically update the DDNS service. Read ChangeIP.com’s page on DDNS clients. You’ll need to install one of the scripts on your server, and set up a cron job to run the script as often as you like (providing you don’t breach the DDNS provider’s terms of service). You can of course use Webmin to set up your cron job.

Regular DNS

If you have your own domain registered, like me, and you’re using a static IP address, all you need to do is point your domain to your external IP address. Log into your domain host and add “A records” as needed.

Note: Did you know that the customary “www.” prefix on many websites is an unnecessary hangover from earlier in the internet’s history? You can use www.mydomain.com if you like, or simply mydomain.com. Note however that when you set up a “mydomain.com” web site using Virtualmin, Virtualmin automatically makes a “www.mydomain.com” alias, so that either will resolve to the same web site code. If you want DNS to work with both, you’ll need to add two A records: one for “@” and one for “www”.

Hairpin NAT

For most people, that’s it. You should now be able to create web sites on your server, use DNS or DDNS to broadcast those web sites to the outside world, and receive visitors from all around the world. But there’s a very significant “gotcha” with some routers, when you’re attempting to browse your web site from your LAN. If you’re on the same physical network as your web server, when you enter the web address in your browser, it should attempt to browse to your network’s external IP address. In other words, your web query goes out and attempts to come back in again. This out-and-back-again behaviour is known as “hairpin NAT” and not all routers can handle it.

If you’re one of the unlucky ones and you don’t want to swap your router for a better one, you have two main options. Technically, the best option is to run your own private DNS server (which you can do on the same server), but that is complicated and a bit of a hassle. If you’re only browsing from a single PC, the quick-and-dirty solution is to edit your hosts file. This file is located somewhere like “C:\Windows\System32\drivers\etc\hosts”. There are a lot of resources on the internet that will explain to you more about this file, but let me help you over one little hurdle: if you’re using Windows Vista or later, you need to edit this file as an Administrator. To do that, right-click Notepad and choose “Run as Administrator”. Then open the hosts file from within Notepad. You’ll need to change the files filter to “*.* (All files)”.

The default hosts file contains details about the format of entries. Suffice it to say that you’ll put here the DNS name of your web site and the internal LAN IP address of your web server. Your web browser, when looking up an IP address, should check the hosts file first, so in this scenario, you won’t be going out and back again. If you then take that computer somewhere else (e.g. it’s a laptop and you’ve taken it to work), you’ll need to remove the relevant hosts file entries, in order to browse to the external IP address of your network.


Networking is a complicated area and I have only scratched the surface here, in an effort to get most people up and running quickly. By all means if you’re stuck at a particular point, post a comment and, time permitting, I’ll try to point you in the right direction. In the meantime, stay tuned for part 4 of this series in which I will provide some initial pointers on building your own web site.

Cables image copyright © Pascal Charest, licensed under Creative Commons. Used with permission.

Easily host your own web sites | part 2: server

Contents


If you followed part 1 of this series, you’ll now have a physical machine ready for installation of your new server operating system and applications. In this post, part 2 of the series, I’ll be focusing on the operating system and one application – the application which will provision your websites.

Operating system

ubuntu logoAlthough you’ll most likely be very familiar with Microsoft Windows or Apple’s OS X, we will be using Linux to power this server. Linux is an operating system well suited to web servers, but most compellingly, you can freely download it and don’t need to worry about costs or client/device access licences.

Note: some people prefer you to refer to the operating system as “GNU/Linux”. I am not promoting any particular viewpoint here; I simply feel this article would become even more cumbersome to read if I wrote “GNU/Linux” all the time. I shall stick to “Linux”, which is also the term with which most people are familiar, for better or worse.

There are many, many flavours (“distributions”) of Linux available. I’ve been through this loop quite a few times, so let me save you some time and point you in the direction of a distribution that I have found most suitable for this “home web server” scenario: Ubuntu. There are several editions of Ubuntu, but the most appropriate is Ubuntu Server, which you can download here. Make sure you download the 32-bit version, if you’re not running a 64-bit machine.

Why Ubuntu?

There are many reasons for choosing Ubuntu for this project, but here are my top five:

  1. The apache2-suexec-custom package: This is delving into detail very early, so for now just take my word for it that this Ubuntu package is going to make your life a lot easier when we set up Virtualmin (see below). Other Linux distributions lack this package and you end up having to recompile the Apache server to enable virtual hosting. For most readers, that’s an unnecessary complication.
  2. Community support: at the time of writing, the official Ubuntu forums had heading towards two million members. That translates into a huge pool of knowledgeable people willing to help with problems.
  3. Heritage: Ubuntu is based on Debian, one of the granddaddy Linux distributions. Ubuntu’s mission was to bring Linux into the mainstream, making it more user-friendly, without sacrificing the features that make Debian such a robust and stable system.
  4. Long-term support: each iteration of Ubuntu has an “LTS” version, confirming it will remain in support for five years from the date of first release. Most significantly, this means that one can expect security patches to be available for a predictable period of time.
  5. Simplicity: installing Ubuntu is usually very easy. It detects an extremely wide range of hardware and makes many sensible choices for the end user, which results in a straightforward installation process. Once installed, many packages are readily available to enhance and extend the features of the server.

Installation

So, you’ve downloaded Ubuntu Server and burnt your installation DVDs. There are many places on the internet that take you through the installation of your Ubuntu server. Here, I will simply concentrate on the critical settings and options that will ensure your server is ready to host websites from day 1.

Network configuration

The first “gotcha” relates to networking. If you connect your server to a network on which a DHCP server is running, Ubuntu will automatically use DHCP. You could later change this, but it’s much easier to get it right during the installation. With 12.04, very early on in the installation wizard, and just after DHCP configuration has taken place, you’ll see a dialogue box headed “Configure the network”. This has a “Hostname” field and a “Go Back” button. After you’ve entered your desired host name, I recommend choosing the “Go Back” button. This in fact takes you to a screen you’ve not seen previously in the installation, which contains an option to configure the network manually. Choose that option and then give your server a static IP address on your LAN.

Software selection

At The basic software selection wizard screen, make sure you choose at least the following:

  • OpenSSH server
  • LAMP server
  • Mail server

You may also wish to install the PostgreSQL database, if you’re supporting that in addition to, or instead of MySQL.

Postfix (email server)

At the Postfix Configuration screen, you probably want to choose “Internet with smarthost”. We’ll deal with the detailed configuration of Postfix later. When asked for the SMTP relay host, enter the address of the mail server that will accept outward-bound email from this system (your ISP’s mail server, or an Exchange server already on your LAN, for example).

Post-installation

You now have a functioning server. At this point you should be able to disconnect the mouse, keyboard and monitor you borrowed previously and connect via SSH. When I need a command line/shell, I use PuTTY and PuTTY Connection Manager to connect to most of the Linux and Unix servers I administer, but any SSH-capable terminal emulator will do.

root

At the moment, you can’t log on as the all-powerful root user. You’re supposed to use sudo as a non-privileged user, to avoid inadvertent damage to your server. But the way we’ll be using this server, you’ll quickly find that a pain. So log in as the user you created during installation and then issue the following command:
sudo passwd root
You can set a password for root and log on as root from that point onwards.

Note: I don’t recommend doing this on a production server or in any environment where security is a particular concern.

Package manager

Ubuntu comes with a lot (I mean a phenomenal quantity) of “packages” (programs) that you can freely install to enhance the functionality of your server. We use a package manager to add, remove and upgrade these packages.

This server does not have a graphical user interface installed, but that doesn’t mean we have to use a command line to install every package we want, or to process updates. Start by issuing this command:
apt-get upgrade -y; apt-get install aptitude -y
You may need to reboot your server after this, particularly if the Linux kernel (the core of your operating system) has been upgraded during this process.

You now have a console based semi-graphical package manager at your disposal called aptitude. At the command line, issue the following command:
aptitude
Once aptitude has loaded, take some time to explore the help facility to learn how to use it (press ?).

Packages to install

I recommend installing at least the following packages (several of which will be needed by Webmin – see below):

  • apache2-suexec-custom
  • any php5 modules you think you’ll need (search for “php5”)
  • a console-based text editor; I prefer vim, which should already be installed, but “joe” has a much gentler learning curve
  • libnet-ssleay-perl
  • libauthen-pam-perl
  • libio-pty-perl
  • apt-show-versions
  • libapt-pkg-perl
  • bind9
  • webalizer

How to find stuff

Most Linux distributions are configured with “locate”. This command helps you to track down files by name. Typically, the locate database updates overnight. You can force an update by running the command “updatedb”. You could then use that (for example) to find the file we’re about to edit in the next step.

Configure the apache2-suexec-custom package

On my test system, the suexec configuration file is at /etc/apache2/suexec/www-data. The first line probably contains the text “/var/www”. We need to be able to serve up web pages under the /home directory, so change that line to “/home” and save the file.

Enable additional Apache modules

Virtualmin depends on some otherwise optional modules for Apache (the web server program). Enable these modules and force Apache to load them with the following commands:
a2enmod suexec
a2enmod actions
service apache2 restart

Virtual hosting application: Virtualmin

Virtualmin logoThere are a few virtual hosting applications around – software that helps you to host multiple websites on a single server, without having to edit Apache’s config files by hand. My favourite application is Virtualmin, which has community and professional variants. The free community variant is more than sufficient for our purpose.

Virtualmin is actually a module for the server management software, Webmin, so we’ll be installing both. Again, Webmin is one of many tools available, which allow you to administer your server remotely. Once Webmin is installed, you’ll very rarely need to use the command line.

Install Webmin

The instructions for downloading and installing Webmin are here. If the reference to Debian confuses you, remember that Ubuntu is based on Debian. You can download the software anywhere you like on your server, but I’ve taken to creating a folder at /root/installed-packages, so I can easily track what I’ve installed outside the package management system. On my test system, I’m issuing the following commands:
mkdir /root/installed-packages
cd /root/installed-packages
wget http://prdownloads.sourceforge.net/webadmin/webmin_1.610_all.deb
dpkg --install webmin_1.610_all.deb

Note: you can use the Webmin APT repository to install Webmin and instructions are on the same page, but it’s a bit more fiddly.

Install Virtualmin

The Webmin site includes some instructions for installing Virtualmin here, but I think there’s a better way. Copy the link from that page for the “Virtualmin module in Webmin format” – ignore the Debian module. Then, browse to the Webmin interface (https://your.server’s.ip.address:10000) and go to Webmin–>Webmin Configuration–>Webmin Modules. Select the radio button next to “From ftp or http URL” and paste the link you copied into the field. Then click “Install Module”. Do the same for the link for the “Virtualmin theme in Webmin format”.

After the install, go to Webmin–>Webmin Configuration–>Webmin Themes. From the drop-down box, choose “Virtualmin framed theme” and click “Change”. Ignore the “Post-Installation Wizard” for now, and hit F5 to refresh your browser and use the Virtualmin theme for Webmin.

Post-installation Wizard

You may need to go through this wizard several times, fixing issues as you go along. Here are the things I needed to fix. After fixing each item, go back to the wizard. Eventually you’ll be using the “Check Configuration” wizard; a kind of post-post-install routine…

MySQL

You need to enter your MySQL username and password.

DNS zones

We won’t be running a DNS server initially, so in the wizard, click “Skip check for resolvability”. Within Virtualmin’s “Features and Plugins” page, uncheck “BIND DNS domain”.

Postfix

You’ll probably see an error message when you run the “Check configuration” wizard that says “A problem was found with your Postfix virtual maps : No map sources were found in the Postfix configuration”. To fix this, follow the “Postfix configuration” link, then click the “Virtual Domains” icon. Set “Domain mapping lookup tables” to “hash:/etc/postfix/virtual”.

Apache

I’ve found that Virtualmin can complain that certain modules (which we enabled earlier) are not available. Fix this by going to: Webmin–>Servers–>Apache Webserver–>Configure Apache Modules. You shouldn’t need to change anything – just click the “Enable Selected Modules” button.

Deal with this error message: “Apache configuration file /etc/apache2/mods-enabled/php5.conf contains SetHandler lines that prevent PHP from running with domain owner permissions. These lines must be removed.” as follows by editing the file in question (using your command-line text editor installed earlier). You’ll probably see some text along the following lines:

<FilesMatch "\.ph(p3?|tml)$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>

Delete that in its entirety and save the file. Then issue the following command:
service apache2 reload

Final check/refresh configuration

Your final “Check configuration” will run successfully, but may issue two warnings: one about the IP address of the web server and another about FTP access. You can safely ignore both of these.

Next steps

Great! Now your server is ready to host multiple websites. Explore the “Create Virtual Server” link within Virtualmin to see the options now available to you.

Of course you want these websites to be accessible from the internet, so in part 3, I’ll deal with the hurdles you’ll need to jump before you can inflict your new web sites on the unsuspecting public. Until then, happy tinkering!

Ubuntu logo copyright © Canonical Ltd. Virtualmin logo copyright © Virtualmin, Inc. All rights acknowledged.

The daily STAB Prayer

Submit to the
Trinity
At
Breakfast

(or at the Beginning of a task, project, year, etc.)

The STAB prayer is a simple formula, intended to anchor your focus on God at the beginning of the day. No prayer should become religious or formulaic, rather the STAB Prayer provides a framework or a reminder of how we can pray. Although it can never compete with the Lord’s Prayer, it can certainly complement it.

The structure, which you can use as an outline, is as follows:

Father, You are my God; I worship you.
Jesus, thank You for being my Saviour; be also my Lord.
Holy Spirit, fill me today; I need You.

First, we concentrate on the supremacy of God the Father, and give Him the worship He deserves.
Secondly, we remember with gratitude the salvation bought for us by Christ. But we don’t stop at accepting His salvation; we also submit to His lordship over our lives.
Thirdly, we look to the Holy Spirit, to fill us afresh and to guide us through the day.

Simple, but powerful.

This image is a simple encapsulation of the STAB Prayer. Why not print it out and put it somewhere where you’ll see it at the start of the day?

The STAB prayer

Easily host your own web sites | part 1: hardware

Contents


Web serversThere is no shortage of cheap web hosting companies, offering packages from pennies per month. If you’re looking for more control and flexibility and you’re not planning to host a mission-critical eCommerce website though, self-hosting is quite rewarding and not as difficult as it sounds.

This is the first in a series of posts where I outline some options for becoming a small-time web host. In this article, I discuss the hardware you’re going to need.


You’re best off coming to terms with the idea that you’ll be leaving your new web server switched on 24 hours a day. Whether we admit it or not, ultimately we’re hoping that whatever websites we host will become popular and reach a worldwide audience. That means your server must theoretically be available and reachable round the clock. In my view, as a bare minimum you should have:

  • A computer. Doesn’t need to be fancy or modern. Preferably less than five years old, but it won’t be a deal breaker, if not. We’ll call this box “the server”. It won’t need a monitor, keyboard and mouse attached full-time. You’ll only need to borrow these for the initial setup. We’ll be connecting to the server remotely as soon as possible and from that point onwards, we can run this server “headless” (i.e. with nothing attached other than the UPS).
  • An uninterruptible power supply (UPS). Your UPS protects your server from the vagaries of your household power supply. It doesn’t do a server much good to lose power suddenly. A UPS is a battery backup which can enable your server to shut down gracefully in the event of a power cut. The better UPSes also clean the incoming power, protecting the server from “bucks” and “boosts”.
  • A router capable of port forwarding. Shouldn’t be too much of a problem – most routers can do this. I’m assuming here that you’re on some kind of “always on” internet connection like broadband or cable.

The server

Unless you’re hosting a lot of websites, getting a lot of traffic, or building very complex websites, this machine won’t need much power. And it doesn’t need to break the bank. You could consider using a Raspberry Pi for example (although that will be harder to set up than an ordinary PC). I’ve used second-hand computers, old laptops and all sorts to host web sites. Currently I have an old IBM xSeries tower server in my loft, but you probably don’t need that kind of power or resilience when you start out with web hosting. You could even just use a virtual machine on your home computer, if you’re happy to leave that switched on all the time. I’m going to assume that you’re using a dedicated machine though. I’m also going to assume that we’ll be using typical PC hardware; you can self-host with Mac hardware quite easily, but that’s not where the majority of my experience lies.

The UPS

We’re going to be running Linux on this server, so the primary requirement is that your UPS is supported by Linux. APC UPSes used to be supported under Linux by the apcupsd program (a so-called ‘daemon’, which runs continuously on the server). In recent years however, APC short-sightedly changed their UPS range so they could no longer communicate with apcupsd (to the considerable anguish of the Linux community). Your best bet is either to source an old APC UPS – you can still easily find the replacement batteries – or buy any Eaton UPS. Eaton UPSes are supported by the Network UPS Tools daemon and I know that Eaton is commercially committed to the Linux platform for the foreseeable future.

The router

As long as your router supports port forwarding, you’ll be okay. A lot of routers are capable of being upgraded with aftermarket “firmwares” to provide previously unavailable capabilities. This is a good way of obtaining a near enterprise-class router on the cheap. Probably the most famous of these firmwares is DD-WRT. Have a look on that website for a list of supported routers if you want to go down this route (ahem).


So that’s it for this post. Short and sweet. While you’re off sourcing your hardware, I’ll be hard at work thinking about part 2, in which we’ll start to set up your new server’s operating system and supporting applications. See you soon!

Servers image copyright © Widjaya Ivan, licensed under Creative Commons. Used with permission.

Rackspace API for CodeIgniter

Logo_lockup_version-2 SPOTRackspace is a great email hosting company, providing, amongst other things, a handy API for creating bespoke email solutions. The exercise of integrating that API into your application is of course left to the end user. I’ve spent some time working on a Rackspace API library for the PHP programming framework, CodeIgniter. This is not functionally complete – I have only implemented the interfaces that I needed – but it should provide a useful springboard for your own projects.

Configuration

In /system/application/config/RackspaceAPI.php:

<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

$config['user_key']   = 'your user key';
$config['secret_key']     = 'your secret key';
$config['user_agent']     = 'name of your app';
$config['api_version']    = 'v0'; // amend if necessary
$config['rackspace_host'] = 'api.emailsrvr.com'; // amend if necessary

/* End of file RackspaceAPI.php */
/* Location: ./system/application/config/RackspaceAPI.php */

Library

<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
 * Uses curl and pecl_http
 */
class Rackspace_API {
    
  /**
   * Store recent http_message
   * @var object
   */
  protected $_http_message;
  
  /**
    * CI object
    * @var object
    */
  protected $_ci;

  /**
   * Rackspace config items
   */
  protected $_user_key;
  protected $_secret_key;
  protected $_user_agent;
  protected $_api_version;
  protected $_rackspace_host;
  
  function __construct() {
    $this->_ci =& get_instance();
    $this->_ci->config->load('RackspaceAPI', TRUE);
    $this->_user_key = $this->_ci->config->item('user_key', 'RackspaceAPI');
    $this->_secret_key = $this->_ci->config->item('secret_key', 'RackspaceAPI');
    $this->_user_agent = $this->_ci->config->item('user_agent', 'RackspaceAPI');
    $this->_api_version = $this->_ci->config->item('api_version', 'RackspaceAPI');
    $this->_rackspace_host = $this->_ci->config->item('rackspace_host', 'RackspaceAPI');
  }


  /**
   * Get info about a domain
   * @param string $domain
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  public function getDomainInfo($domain) {
    return $this->genericGet('/customers/me/domains/'.$domain);
  }

  
  /**
   * Get all domain names
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | array (domains)
   */
  public function getDomains() {
    $obj = $this->genericGet('/customers/me/domains');
    if(!$obj->error){
      // Reformat into an array of domains
      foreach($obj->result->domains as $domain) {
        $domains[]=$domain->name;
      }
      $obj->result = $domains;
    }
    return $obj;
  }


  /**
   * Get info about a mailbox ($domain@$id)
   * @param string $domain
   * @param string $id
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  public function getMailboxInfo($domain, $id) {
    return $this->genericGet('/customers/me/domains/'.$domain.'/rs/mailboxes/'.$id);
  }
   
 
  /**
   * Used by Get functions above - generalised use case
   * @param string $url - see the API; constructed by the calling function
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  private function genericGet($url) {
    $this->get(
        $url,
        'application/json');
    if($this->_http_message->getResponseCode() == 200) {
      // Call worked.  JSON is missing enclosing brackets, apparently needed by json_decode
      $json = '['.$this->_http_message->getBody().']';
      if(is_string($json)) {
        $obj = json_decode($json);
        $result->error = false;
        $result->result = $obj[0];
      } else {
        // JSON failure
        $result->error = true;
        $result->result = 'Failed to parse JSON';
      }
    } else {
      // API call failed
      $result->error = true;
      $result->result = $this->_http_message->getHeader("x-error-message");
    }
    return $result;
  }
  

  /**
   * Create a mailbox ($domain@$id)
   * @param string $domain
   * @param string $id
   * @param string $first: First name
   * @param string $last: Last name
   * @param string $name: Display as
   * @param string $office: Name of office/profit centre
   * @param string $locno: Office/profit centre number
   * @param string $password
   * @param string $fwd: comma-separated forwarding address(es) - max 4 off domain
   * @param string $save: save forwarded email - 'true' or 'false'
   * saveForwardedEmail
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  public function addMailbox($domain, $id, $first, $last, $name, $office,
          $locno, $password, $fwd, $save='true') {
    $fields = array(
        'password' => $password, 
        'emailForwardingAddresses' => $fwd,
        'firstName' => $first,
        'lastName' => $last,
        'displayName' => $name,
        'saveForwardedEmail' => $save,
        'organization' => $office,
        'organizationUnit' => $locno);
    return $this->genericPost( '/customers/me/domains/'.$domain.'/rs/mailboxes/'.$id, $fields);
  }


  /**
   * Used by Post functions above - generalised use case
   * Note: Rackspace API suggests use POST to add, PUT to edit
   * @param string $url - see the API; constructed by the calling function
   * @param array $fields - data to be POSTed
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  private function genericPost($url, $fields) {
    $this->post(
        $url,
        $fields,
        'application/json');
    if($this->_http_message->getResponseCode() == 200) {
      $result->error = false;
      $result->result = $this->_http_message->getBody();
    } else {
      // API call failed
      $result->error = true;
      $result->result = $this->_http_message->getHeader("x-error-message");
    }
    return $result;
  }


  /**
   * Edit user's forwarding
   * @param string $domain
   * @param string $id
   * @param string $fwd: comma-separated forwarding address(es) - max 4 off domain
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  public function changeForwarding($domain, $id, $fwd) {
    $fields = array(
        'emailForwardingAddresses' => $fwd
        );
    return $this->genericPut( '/customers/me/domains/'.$domain.'/rs/mailboxes/'.$id, $fields);
  }
  
    
  /**
   * Edit user's location
   * @param string $domain
   * @param string $id
   * @param string $office: Name of office/profit centre
   * @param string $locno: Office/profit centre number
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  public function changeLocation($domain, $id, $office, $locno) {
    $fields = array(
        'organization' => $office,
        'organizationUnit' => $locno);
    return $this->genericPut( '/customers/me/domains/'.$domain.'/rs/mailboxes/'.$id, $fields);
  }
  
    
  /**
   * Edit user's name
   * @param string $domain
   * @param string $id
   * @param string $first: First name
   * @param string $last: Last name
   * @param string $name: Display as
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  public function changeName($domain, $id, $first, $last, $name) {
    $fields = array(
        'firstName' => $first,
        'lastName' => $last,
        'displayName' => $name);
    return $this->genericPut( '/customers/me/domains/'.$domain.'/rs/mailboxes/'.$id, $fields);
  }
  
    
  /**
   * Edit user's password
   * @param string $domain
   * @param string $id
   * @param string $password
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  public function changePassword($domain, $id, $password) {
    $fields = array(
        'password' => $password);
    return $this->genericPut( '/customers/me/domains/'.$domain.'/rs/mailboxes/'.$id, $fields);
  }
  
    
  /**
   * Used by Put functions above - generalised use case
   * Note: Rackspace API suggests use PUT to edit, POST to add
   * @param string $url - see the API; constructed by the calling function
   * @param array $fields - data to be PUT
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  private function genericPut($url, $fields) {
    $this->put(
        $url,
        $fields);
    if($this->_http_message->getResponseCode() == 200) {
      $result->error = false;
      $result->result = $this->_http_message->getBody();
    } else {
      // API call failed
      $result->error = true;
      $result->result = $this->_http_message->getHeader("x-error-message");
    }
    return $result;
  }


  /**
   * Delete a mailbox
   * @param string $domain
   * @param string $id
   * @return stdClass Object ( 'error'  => bool,
   *                           'result' => string (error message) | stdClass Object
   */
  public function deleteMailbox($domain, $id) {
    return $this->genericDelete("/customers/me/domains/$domain/rs/mailboxes/$id");
  }
  
  
  /**
   * Used by Get functions above - generalised use case
   * @param string $url - see the API; constructed by the calling function
   * @return stdClass Object ( 'error'  => bool,
   *                           ['result' => string (error message)]
   */
  private function genericDelete($url) {
    $this->delete($url);
    if($this->_http_message->getResponseCode() == 200) {
      // Call worked.
      $result->error = false;
    } else {
      if($this->_http_message->getResponseCode() == 500) {
        // Internal server error
        $result->error = true;
        $result->result = 'An internal server error occurred deleting  object.  Url: '.$url;
      } else {
        // API call failed
        $result->error = true;
        $result->result = $this->_http_message->getHeader("x-error-message");
        
      }
    }
    return $result;
  }
  

  
  // The remainder of this file is mostly lifted from Rackspace's examples: http://api-wiki.apps.rackspace.com/api-wiki/index.php/PHP_Examples_(Rest_API)
  private function get($url_string, $format) {
      $headers = array("Accept: $format");
      $curl_session = self::construct_session($url_string, $headers);
      $this->_http_message = self::send_request($curl_session);
  }

  private function post($url_string, $fields, $format) {
      $headers = array("Accept: $format");
      $curl_session = self::construct_session($url_string, $headers);
      curl_setopt($curl_session, CURLOPT_POST, true);
      curl_setopt($curl_session, CURLOPT_POSTFIELDS, $fields);
      $this->_http_message = self::send_request($curl_session);
  }

  private function put($url_string, $fields) {
      $curl_session = self::construct_session($url_string, array());
      curl_setopt($curl_session, CURLOPT_CUSTOMREQUEST, 'PUT');
      curl_setopt($curl_session, CURLOPT_POSTFIELDS, $fields);
      $this->_http_message = self::send_request($curl_session);
  }
  
  private function delete($url_string) {
      $curl_session = self::construct_session($url_string, array());
      curl_setopt($curl_session, CURLOPT_CUSTOMREQUEST, 'DELETE');
      $this->_http_message = self::send_request($curl_session);
  }

  private function send_request($curl_session) {
      $response = curl_exec($curl_session);
      curl_close($curl_session);
      /* Reponse string may contain two HTTP sessions, if there was an initial
         "HTTP/1.1 100 Continue" response.  So strip that first response out.  Eg:
                  HTTP/1.1 100 Continue
                  Via: 1.1 [proxy]

                  HTTP/1.1 400 Bad Request
                  Via: 1.1 [proxy]
                  Connection: Keep-Alive
                  Proxy-Connection: Keep-Alive      
                  ...     
       * 
       */
      $response = preg_replace('|HTTP/1.1 100.*HTTP/1.1|isU', 'HTTP/1.1', $response);
      return new HttpMessage($response);
  }

  private function construct_session($url_string, $existing_headers) {
      $headers = array_merge(
              self::authorization_headers(), $existing_headers);
      $url = self::construct_uri($url_string);
      $curl_session = curl_init($url);
      curl_setopt($curl_session, CURLOPT_HEADER, true);
      curl_setopt($curl_session, CURLOPT_HTTPHEADER, $headers);
      curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, true);
      return $curl_session;
  }

  private function authorization_headers() {
      $time_stamp = date('YmdHis');
      $data_to_sign = $this->_user_key . $this->_user_agent .
          $time_stamp. $this->_secret_key;
      $signature = base64_encode(sha1($data_to_sign, true));
      $headers = array();
      $headers[] = "User-Agent: " . $this->_user_agent;
      $headers[] = 'X-Api-Signature: ' .
          $this->_user_key . ":$time_stamp:$signature";
      return $headers;
  }

  private function construct_uri($url_string) {
      $url = 'http://' .  $this->_rackspace_host . '/' . $this->_api_version . $url_string;
      return $url;
  }
}

?>

Example

Example usage:

function testRackspace() {
    $this->load->library('Rackspace_API');
    $client = new Rackspace_API();
    $obj = $client->getMailboxInfo('somedomain.com', 'test.user');
    if($obj->error) {
      echo 'Error: '.$obj->result;
    } else {
      var_dump($obj);
    }
  }

Image copyright © Rackspace Ltd. All rights acknowledged.

Connecting to Windows/MSSQL 2008 from Linux/CodeIgniter/PHP

Update: I’ve written a new article, covering CodeIgniter 3 and Ubuntu 14/16. Read it here.

Microsoft SQL Connecting to Microsoft SQL Express 2008 from Linux/PHP is a lot trickier than I expected. These notes are really for my own benefit so I can reproduce the setup, but maybe they’ll help you too. One of the problems is that many existing PHP drivers for MS SQL have difficulty talking to SQL 2008. Here’s a workaround using FreeTDS and ODBC.

My web application is built using CodeIgniter, the PHP application framework. It resides on an Ubuntu Server box, running Apache. Prerequisites on that Ubuntu Server (which I installed using Aptitude, but your favourite package manager will do):

  • unixODBC
  • FreeTDS
  • FreeTDS development package/(header files and libraries)

To my freetds.conf file (in /etc/freetds on my server) I added a section that looks something like this:

[my-server]
host = my.server.local
port = 1433
tds version = 9.0

Note: TDS version 9.0 should work with SQL 2008.

In /etc/odbcinst.ini, add the following ODBC driver (32-bit):

[TDS]
Driver = /usr/lib/odbc/libtdsodbc.so
Description = FreeTDS driver
Setup = /usr/lib/odbc/libtdsS.so

or 64-bit:

[TDS]
Driver = /usr/lib64/libtdsodbc.so
Description = FreeTDS driver
Setup = /usr/lib64/libtdsS.so

(You may need to check the precise location of the driver and setup files.)

And to /etc/odbc.ini, I inserted a DSN similar to the following:

[my-server]
Driver = TDS
Description = My Server
ServerName = my-server
Database = my-db

Generally within CodeIgniter, I am connecting to MySQL databases and that’s how my default connection is configured. I therefore added a second configuration to my database.php configuration file, like this:

$db['my_server']['hostname'] = "dsn=my-server;uid=myusername;pwd=mypassword";
$db['my_server']['username'] = '';
$db['my_server']['password'] = '';
$db['my_server']['database'] = '';
$db['my_server']['dbdriver'] = 'odbc';
$db['my_server']['dbprefix'] = '';
$db['my_server']['pconnect'] = TRUE;
$db['my_server']['db_debug'] = TRUE;
$db['my_server']['cache_on'] = FALSE;
$db['my_server']['cachedir'] = '';
$db['my_server']['char_set'] = 'utf8';
$db['my_server']['dbcollat'] = 'utf8_general_ci';

Now the ODBC driver within CodeIgniter can produce queries that MS SQL doesn’t like. We can fix this with a hack. You really REALLY shouldn’t do it this way (!) but to get things working and as described >here<, I edited the CodeIgniter core file system/database/drivers/odbc_driver.php. The function _from_tables() has a line reading:

return '('.implode(', ', $tables).')';

I changed it to this:

return implode(', ', $tables);

(In other words, we’re removing the spurious parentheses.)

I created a database method m_my_server.php like this:

/**
 * NOTE: We're using a feature-incomplete driver here.  Don't attempt to use
 * CodeIgniter's ActiveRecord Class or num_rows().  Use bare queries instead.
 */
class M_my_server extends Model {

  var $my_server;

  function M_my_server() {
      parent::Model();
      $this->my_server = $this->load->database('my_server', TRUE);
  }

  function get() {
    $query = $this->my_server->query('SELECT TOP(100) * FROM dbo.tblUserSummary');
    $result = $query->result_array();  // note ->num_rows() doesn't work with this driver
    if(count($result) > 0) {
      return $result;
    } else {
      return false;
    }

  }
}

/* End of file m_my_server.php */
/* Location: ./application/models/m_my_server.php */

At the SQL Server end, I set up a new standard SQL user (myusername/mypassword) rather than attempting to get Windows authentication to work (I bet it wouldn’t).

My SQL instance wasn’t listening to TCP/IP connections by default. I fired up SQL Server Configuration Manager and browsed to SQL Server Network Configuration –> Protocols for [my db instance]. Then you have to right-click TCP/IP and click Enable.

With all that in place, the following controller produces successful results:

  function SQLtest() {
    $this->load->model('m_my_server');
    $result = $this->m_my_server->get();
    if($result) {
      print_r($result);
    } else {
      echo 'nada';
    }
    exit;
  }

It’s not ideal; for one thing, bare SQL queries involve learning Microsoft’s particular dialect of SQL (whereas I’m used to MySQL). The tables I’m querying are generated by Microsoft Forefront TMG though, so I’m basically stuck with MSSQL. At least now I can query those tables from my favourite PHP application framework.

Image copyright © Microsoft. Used with permission from Microsoft.