php-install Digest 9 Nov 2002 16:30:49 -0000 Issue 1111

php-install-digest-help Sat, 09 Nov 2002 08:32:28 -0800

php-install Digest 9 Nov 2002 16:30:49 -0000 Issue 1111

Topics (messages 9074 through 9077):


Install Problem
        9074 by: Evan Weiner
        9075 by: Marco Tabini

Blocked by security issues of running PHP as a CGI
        9076 by: Paul Trimming

Re: Request entity too large (already seen the FAQ)
        9077 by: Brian Fahrlander

Administrivia:

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        [EMAIL PROTECTED]


----------------------------------------------------------------------

--- Begin Message ---

I am trying to install PHP 4.2.3 on a RedHat 7.2 with Apache 2.4.3.  I
have PHP working fine, but passed variables are only accessible by using
$_GET["variable_name"].  Normally, on other servers, I did not have to
use the $_GET to access a variable.
 
Anyone else encounter this problem?
 
Thanks!
 
Evan
 
--
Evan S. Weiner
Senior Systems Engineer & Team Leader
Venture Networking Services / Velocity IP
501 East Franklin Street
Richmond, Virginia 23219
VNS:    (804) 521-4208                           E-Mail:
[EMAIL PROTECTED] <mailto:evan.weiner@;vnsweb.com>  
VIP:      (804) 521-4212                           24/7 NOC:
[EMAIL PROTECTED] <mailto:noc@;vnsweb.com>  
Direct:   (804) 521-4213
(877) 547-8974
Alpha:   (877) 671-9822                           Fax:
(804) 521-4008

--- End Message ---

--- Begin Message ---

Yep...take a look at register_globals in the documentation--it's been
switched from on to off by default. That's what's causing your variables
not to show up.


Marco
-- 
------------
php|architect - The magazine for PHP Professionals
The first monthly worldwide magazine dedicated to PHP programmers

On Fri, 2002-11-08 at 21:56, Evan Weiner wrote:
> I am trying to install PHP 4.2.3 on a RedHat 7.2 with Apache 2.4.3.  I
> have PHP working fine, but passed variables are only accessible by using
> $_GET["variable_name"].  Normally, on other servers, I did not have to
> use the $_GET to access a variable.
>  
> Anyone else encounter this problem?
>  
> Thanks!
>  
> Evan
>  
> --
> Evan S. Weiner
> Senior Systems Engineer & Team Leader
> Venture Networking Services / Velocity IP
> 501 East Franklin Street
> Richmond, Virginia 23219
> VNS:    (804) 521-4208                           E-Mail:
> [EMAIL PROTECTED] <mailto:evan.weiner@;vnsweb.com>  
> VIP:      (804) 521-4212                           24/7 NOC:
> [EMAIL PROTECTED] <mailto:noc@;vnsweb.com>  
> Direct:   (804) 521-4213
> (877) 547-8974
> Alpha:   (877) 671-9822                           Fax:
> (804) 521-4008
>  
> 
> -- 
> PHP Install Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>

--- End Message ---

--- Begin Message ---

Hello,
I am endeavouring to set up PHP with Xitami web server, which I am able to
run perfectly successfully by itself.  However, when I try to run a PHP
executable, I get the following error in the browser:

Security Alert! The PHP CGI cannot be accessed directly.
This PHP CGI binary was compiled with force-cgi-redirect enabled. This means
that a page will only be served up if the REDIRECT_STATUS CGI variable is
set, e.g. via an Apache Action directive.

I have taken a look at the php.ini file in the relevant section, and I have
the following:

; cgi.force_redirect is necessary to provide security running PHP as a CGI
under
; most web servers.  Left undefined, PHP turns this on by default.  You can
; turn it off here AT YOUR OWN RISK
; **You CAN safely turn this off for IIS, in fact, you MUST.**
cgi.force_redirect=0


; if cgi.force_redirect is turned on, and you are not running under Apache
or Netscape
; (iPlanet) web servers, you MAY need to set an environment variable name
that PHP
; will look for to know it is OK to continue execution.  Setting this
variable MAY
; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
cgi.redirect_status_env=1

I have tried various combinations of force_redirect and redirect_status_env,
but I still get the error.  According to the manual, at
http://www.php.net/manual/en/security.cgi-bin.php, it is possible to use the
above variables to sort the matter out.

I would appreciate some explanation of this so that I can begin learning
PGP!!!!

Thanks very much,

Paul Trimming

--- End Message ---

--- Begin Message ---

On Thu, 7 Nov 2002 11:31:52 -0600, [EMAIL PROTECTED] (Brian Fahrlander) wrote:

    OK, thanks for no help whatsoever.  But I'm not bitter; I'm here to report what I 
found so that the next guy with this problem isn't stuck:

    The PHP docs say to change variables in /etc/php.ini (like the whole world knows 
about) but the key is to *also* look into php.CONF, too.  That's where the problem 
was.  

    And though I don't understand why the second file was there, or why no one piped 
up about it, this is the obscure answer to an obscure problem.
  
------------------------------------------------------------------------
Brian Fahrländer          GNU/Linux Zealot, Conservative, and Technomad
Evansville, IN                    My Voyage: http://www.CounterMoon.com
ICQ  5119262
------------------------------------------------------------------------
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM d- s:+ a C++ UL+++ P+ L+++ E--- W++ N+ o- K+ w---
O- M- V PS- PE+ Y PGP++ t+ 5 X R- tv++ b- DI++ D+
G++ e h r y++++
------END GEEK CODE BLOCK------

--- End Message ---

php-install Digest 9 Nov 2002 16:30:49 -0000 Issue 1111

Reply via email to