[FGS] Re: tclhttpd with PHP
Daniel Morissette
dmorissette at dmsolutions.ca
Thu Jul 29 11:41:43 EDT 2004
Nicolas Boretos wrote:
>
> Doing this, it seems that php files run, but they then need a .cgi
> extension...
> The server can be configured for running .php extensions in other
> directories, but the system then compalins that
> php was compiled with FORCE_REDIRECT........
This is a "feature" to prevent use of the PHP CGI to read protected
files on your site.
The best way to solve this would be to have tclhttpd set the environment
variable REDIRECT_STATUS=1 after it found a .phpfile and before calling
the PHP CGI. You could always set this globally, but then someone could
use the CGI to read any file on the server and create a security hole.
Another option is to build with --disable-force-cgi-redirect, which
will remove that test, but leave the CGI hole open.
> and her's where I lose it/interest wrt to php.....
Is the source of your hacked tclhttpd available somewhere? Perhaps
Guillaume could try to get things running.
Daniel
--
------------------------------------------------------------
Daniel Morissette dmorissette at dmsolutions.ca
DM Solutions Group http://www.dmsolutions.ca/
------------------------------------------------------------
More information about the Foss-gis-suite
mailing list