Re: [PHP] safe_mode and inclusion of files don't work as documented
Lars Torben Wilson ha scritto: Hi Nico, First the obligatory safe_mode is deprecated and not recommended speech. . .but I guess you've already seen that in the docs and decided to use it anyway. I read it, but I don't know if I have to interpret it as php6 wil only work in safe mode or safe_mode is a bad idea ;-) What does the script do if you turn off safe_mode? it works perfectly btw, can I redefine the include_path in safe mode? Yes. Good to know! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] safe_mode and inclusion of files don't work as documented
Lars Torben Wilson ha scritto: 2009/8/28 Nico Sabbi nsa...@officinedigitali.it: Hi, I'm testing one of my sites in safe_mode, but I'm experiencing some strangeness that is not documented. The settings are: in php.ini: include_path = .:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/ in the virtualhost config: php_admin_value safe_mode On php_admin_value safe_mode_include_dir /server/home/nsabbi:/server/home/apache/php4:.:.. The files belong entirely to apache:apache, the user who is running apache. The problem is: *Fatal error*: require_once() [function.require http://nsabbi/login/function.require]: Failed opening required '../include.php' (include_path='.:..:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/') in */server/home/nsabbi/nb4/login/index.php* on line *3 How is it that i can't include files in .. Hi Nico, First the obligatory safe_mode is deprecated and not recommended speech. . .but I guess you've already seen that in the docs and decided to use it anyway. What does the script do if you turn off safe_mode? btw, can I redefine the include_path in safe mode? Yes. Thanks, Nico Regards, Torben one more clue, hopefully; the OS is OpenSolaris. apa...@sviluppo2: /server/home/nsabbi/nb4 $ ps -ef|grep httpd apache 26840 25190 0 12:54:05 ? 0:09 /usr/apache2/2.2/bin/httpd -k start apache 26842 25190 0 12:58:09 ? 0:21 /usr/apache2/2.2/bin/httpd -k start root 25190 1 0 Aug 28 ? 2:27 /usr/apache2/2.2/bin/httpd -k start apache 25191 25190 0 Aug 28 ? 0:00 /usr/apache2/2.2/bin/httpd -k start apache 26844 25190 0 13:00:54 ? 0:21 /usr/apache2/2.2/bin/httpd -k start apache 26864 25190 0 13:05:37 ? 0:01 /usr/apache2/2.2/bin/httpd -k start apache 26890 26872 0 13:11:25 pts/1 0:00 grep httpd apache 26865 25190 0 13:07:24 ? 0:01 /usr/apache2/2.2/bin/httpd -k start apache 26821 25190 0 12:51:08 ? 0:24 /usr/apache2/2.2/bin/httpd -k start apache 26845 25190 0 13:01:44 ? 0:02 /usr/apache2/2.2/bin/httpd -k start apache 26789 25190 0 12:37:25 ? 0:27 /usr/apache2/2.2/bin/httpd -k start apache 26863 25190 0 13:04:18 ? 0:01 /usr/apache2/2.2/bin/httpd -k start apache 26846 25190 0 13:01:45 ? 0:11 /usr/apache2/2.2/bin/httpd -k start *Warning*: require_once() [function.require-once http://nsabbi/login/function.require-once]: SAFE MODE Restriction in effect. The script whose uid is 1 is not allowed to access ../include.php owned by uid 48 in */server/home/nsabbi/nb4/login/index.php* on line *3* *Warning*: require_once(../include.php) [function.require-once http://nsabbi/login/function.require-once]: failed to open stream: No such file or directory in */server/home/nsabbi/nb4/login/index.php* on line *3* *Fatal error*: require_once() [function.require http://nsabbi/login/function.require]: Failed opening required '../include.php' (include_path='.:/server/home/apache/php4/:/var/php/5.2/pear/') in */server/home/nsabbi/nb4/login/index.php* on line *3* why is php using uid 1?? It's as if the parent httpd were serving the page itself, or not? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] safe_mode and inclusion of files don't work as documented
Hi, I'm testing one of my sites in safe_mode, but I'm experiencing some strangeness that is not documented. The settings are: in php.ini: include_path = .:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/ in the virtualhost config: php_admin_value safe_mode On php_admin_value safe_mode_include_dir /server/home/nsabbi:/server/home/apache/php4:.:.. The files belong entirely to apache:apache, the user who is running apache. The problem is: *Fatal error*: require_once() [function.require http://nsabbi/login/function.require]: Failed opening required '../include.php' (include_path='.:..:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/') in */server/home/nsabbi/nb4/login/index.php* on line *3 How is it that i can't include files in .. btw, can I redefine the include_path in safe mode? Thanks, Nico * -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] safe_mode and inclusion of files don't work as documented
hack988 hack988 ha scritto: add this php_admin_value open_basedir done, but it doesn't make a difference: php_admin_value open_basedir /server/home/nsabbi:/server/home/apache/php4:.:.. *Fatal error*: require_once() [function.require http://nsabbi/login/function.require]: Failed opening required '../include.php' (include_path='.:/server/home/apache/php4/:/var/php/5.2/pear/:/usr/php/lib/ezcomponents-2008.2.2/') in */server/home/nsabbi/nb4/login/index.php* on line *3 and the same with *php_admin_value open_basedir none -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to force mod_php to load php.ini ?
Hi, is there a way configure mod_php4 (for apache) so as to be *absolutely* sure that it will always load all definitions in php.ini when apache starts up? Maybe with some directive in http.conf ? Almost every time I reboot my pc apache and php start, but php is not running with /etc/php.ini, so I have to execute /etc/init.d/httpd restart Thanks, Nico Sabbi - Officine Digitali - Bologna Tel. 051 - 4187565 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Shared mod_php doesn't always load php.ini
Hi, I noticed that often mod_php loaded as a shared library by apache doesn't load php.ini, and I have to restart apache to make it work. Apache version is 1.3.28 and Php is 4.3.4, all compiled by me. They are running on an updated RedHat 7.3. Is it a known (and solved) problem? Thanks. Nico Sabbi - Officine Digitali - Bologna Tel. 051 - 4187565 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] ODBC in PHP4.3.4 crashes when used with Mysql 4
Hi, I have Mysql-4.0-14, MyODBC 3.51.06 and unixODBC 2.2.0. They are working perfectly together (isql works correctly) but php-4.3.x always crashes when I try odbc_connect() on the same DSN I use with isql (env vars are correctly set). Is this a known bug? This is a bt of a simplified example that leads to crash: [EMAIL PROTECTED] php-4.3.4]# gdb sapi/cli/php GNU gdb Red Hat Linux (5.1.90CVS-5) Copyright 2002 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type show copying to see the conditions. There is absolutely no warranty for GDB. Type show warranty for details. This GDB was configured as i386-redhat-linux... (gdb) run Starting program: /root/apache/php-4.3.4/sapi/cli/php [New Thread 1024 (LWP 15719)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1024 (LWP 15719)] 0x080839ee in strxmov (dst=0x8513ab9 , src=0x204d Address 0x204d out of bounds) at /root/apache/php-4.3.4/ext/mysql/libmysql/strxmov.c:26 26 while ((*dst++ = *src++)) ; (gdb) bt #0 0x080839ee in strxmov (dst=0x8513ab9 , src=0x204d Address 0x204d out of bounds) at /root/apache/php-4.3.4/ext/mysql/libmysql/strxmov.c:26 #1 0x401fe68a in set_connect_defaults () from /usr/local/lib/libmyodbc3.so #2 0x401fed73 in SQLConnect () from /usr/local/lib/libmyodbc3.so #3 0x400b338a in SQLConnect () from /usr/lib/libodbc.so.1 #4 0x0808b37f in odbc_sqlconnect (conn=0xbfffa1d0, db=0x8520bd4 mysql, uid=0x8520afc root, pwd=0x85130ac root, cur_opt=2, persistent=0) at /root/apache/php-4.3.4/ext/odbc/php_odbc.c:2118 #5 0x0808bd1e in odbc_do_connect (ht=3, return_value=0x851326c, this_ptr=0x0, return_value_used=1, persistent=0) at /root/apache/php-4.3.4/ext/odbc/php_odbc.c:2316 #6 0x0808b019 in zif_odbc_connect (ht=3, return_value=0x851326c, this_ptr=0x0, return_value_used=1) at /root/apache/php-4.3.4/ext/odbc/php_odbc.c:2045 #7 0x0819201f in execute (op_array=0x8233d00) at /root/apache/php-4.3.4/Zend/zend_execute.c:1616 #8 0x08192252 in execute (op_array=0x8222818) at /root/apache/php-4.3.4/Zend/zend_execute.c:1660 #9 0x08175206 in call_user_function_ex (function_table=0x81df0a8, object_pp=0x0, function_name=0x84393f4, retval_ptr_ptr=0xbfffb58c, param_count=2, params=0x8520a24, no_separation=1, symbol_table=0x0) at /root/apache/php-4.3.4/Zend/zend_execute_API.c:567 #10 0x08174998 in call_user_function (function_table=0x81df0a8, object_pp=0x0, function_name=0x84393f4, retval_ptr=0x85209e4, param_count=2, params=0xbfffb618) at /root/apache/php-4.3.4/Zend/zend_execute_API.c:409 #11 0x080ad227 in ps_call_handler (func=0x84393f4, argc=2, argv=0xbfffb618) at /root/apache/php-4.3.4/ext/session/mod_user.c:60 #12 0x080ad3d5 in ps_open_user (mod_data=0x81dabb0, save_path=0x81e46a8 /tmp, session_name=0x81e4760 nemoSession) at /root/apache/php-4.3.4/ext/session/mod_user.c:98 #13 0x080a8eec in php_session_initialize () at /root/apache/php-4.3.4/ext/session/session.c:598 #14 0x080aa366 in php_session_start () at /root/apache/php-4.3.4/ext/session/session.c:1047 #15 0x080abeb4 in zif_session_start (ht=0, return_value=0x852078c, this_ptr=0x0, return_value_used=0) at /root/apache/php-4.3.4/ext/session/session.c:1486 #16 0x0819201f in execute (op_array=0x821e8ec) at /root/apache/php-4.3.4/Zend/zend_execute.c:1616 #17 0x0817fd00 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /root/apache/php-4.3.4/Zend/zend.c:884 #18 0x08147956 in php_execute_script (primary_file=0xbfffe6e0) at /root/apache/php-4.3.4/main/main.c:1729 #19 0x081987ae in main (argc=1, argv=0xbfffe784) at /root/apache/php-4.3.4/sapi/cli/php_cli.c:819 #20 0x42017499 in __libc_start_main () from /lib/i686/libc.so.6 Thanks, Nico -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
