PageBox: presentation deployment using PHP PageBox

Rationale FAQ Dev site PHP version Install Security Customization Demo Distributed Application

PageBox for PHP


PageBox for PHP is a version of PageBox written in PHP.

For more information about PageBox concept you can read:

The Presentation document

The Rationale document


Through PageBox for PHP implements the same concept as Java PageBox,

PageBox for PHP is the prototype of a new design that we also implemented in .NET


If you don!#8217;t yet know PHP, you can read:

PHP is the most used server page technology as you can see on Security Space statistics.

PHP is a server plug-in. It needs a server that can be:

You can download PHP 4 from Zend site.

PageBox for PHP has been tested with PHP 4.0.6, PHP 4.2, Apache 1.3.22 and BadBlue 1.6 beta.



PageBoxes deploy presentations. Users query presentations and presentations call Web services.

A PageBox host is not necessarily an ASP. On Internet it can be any host with a static IP address. On Intranet it can be any server.

The Application Server can be any Web Server configured with the PHP module.

The presentation can be in any format supported by the PageBox host, for instance:


PageBoxes subscribe to repositories. Presentation providers publish presentations. The repository deploys the presentations on subscribing PageBoxes.

A PageBox repository is essentially a well-known point where:

PageBox repository is implemented as a set of PHP pages.

Presentation provider

The Presentation provider publishes presentations on repositories.

Support of distributed applications

PageBox for PHP 0.0.4 and above has a Web service API allowing distributed applications to find their peers installed from the same repository. This API uses SOAP.

Distributed applications can then call Web services (here Location) on its peer instances. Typically these Web services answer questions: Where? What? Is the good available? Which price? Which data do you own?


See the Installation guide to download and install PageBox for PHP.

See the Customization guide for more information about the implementation and configuration files.

See the Security guide for Apache configuration.

We recommend in the Security guide to use HTTPS, which means for instance to use mod_ssl with Apache. You get two things with HTTPS:

  1. The publishers can check that they connect to your repository

  2. The traffic (upload and deployment) is encrypted and checksumed

The first point can be a problem: publishers trust the repository as much as they trust the HTTPS server certificate. You can generate self-signed certificates with Open SSL but such certificates just say: "I certify that I'm myself." Otherwise you can buy a certificate to a Certificate Authority (CA). More you pay for your certificate more trustable the certificate is, because the CA checks more things. A low price certificate just says: "Someone with this mail address was charged for $xx on its credit card and didn!#8217;t complain later on."

It is frustrating to give something for free and then to say that for Internet usage, you should pay someone but the certification process implies recurring administrative cost and legal risk. Furthermore ASPs often provide HTTPS only with their more expensive subscriptions. It can change. Look for instance at

Super Cert Hosting: Secure SSL hosting with support for PHP, PERL, and more.
2001-2004 Alexis Grandemange. Last modified .