Hello Richard.
Thanks for the response, but I finally, finally found and fixed the problem.
It turns out that PGP generates output on STDERR, even when you run it in
+batchmode. This extraneous output makes Apache unhappy, for some reason.
So I fixed the problem by inserting a 2>/dev/null into the pgp command to
flush all the STDERR noise down the terlet. Works great now (whew!).
The working code is below, for those who are interested.
Kurt
<script language="php">
/* set up some strings */
$pgppath = "/usr/home/myhome/.pgp";
$ruid = "Recipient Name <[EMAIL PROTECTED]>";
$suid = "Sender Name <[EMAIL PROTECTED]>";
$to = "[EMAIL PROTECTED]";
$subject = "Seekwit Message";
$from = "[EMAIL PROTECTED]";
$msg = "This is a vewy, vewy seekwit message.";
putenv("PGPPATH=$pgppath");
/*
* the following code snippets work fine as long as the 2>/dev/null is in
there
* to send the extraneous output
* that PGP generates on STDERR into the bit bucket
*/
/*
* I think the following is the most secure way to do it because it doesn't
include the clear text message
* in the command line, so it should be invisible to people running, for
example, ps -auxxx
*/
$cmd = "/usr/local/bin/pgp -feat +force +batchmode '$ruid' -u '$suid'
2>/dev/null | /usr/bin/mail -s '$subject' $to";
$pp = popen($cmd, "w");
fputs($pp, $msg);
pclose($pp);
/* this one does a straight echo | pgp | mail */
$cmd = "echo '$msg' | /usr/local/bin/pgp -feat +force +batchmode '$ruid' -u
'$suid' 2>/dev/null | /usr/bin/mail -s '$subject' $to";
`$cmd`;
/* this one does an echo | pg, captures the stdout using backtick, and mails
it using php mail */
$cmd = "echo '$msg' | /usr/local/bin/pgp -feat +force +batchmode '$ruid' -u
'$suid' 2>/dev/null";
$encrypted = `$cmd`;
$encrypted = "From: $from\n\n" . $encrypted;
mail($to, $subject, "", "$encrypted");
</script>
----- Original Message -----
From: "Richard Lynch" <[EMAIL PROTECTED]>
To: "CO Group Support" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, August 24, 2001 9:05 PM
Subject: [PHP] Re: Problems with PHP calling PGP
> Note: I am running my PHP script through a program called php-cgiwrap
which
> makes the PHP script execute as me on the server rather than as "nobody".
I
> can't let the script execute as "nobody" because "nobody" doesn't have
> permission to run PGP, but I do.
You may want to look at suExec http://apache.org
Try the popen one without the pclose. If that works, upgrade PHP.
Also -- see if you can su to nobody, and run that php-cgiwrap thingie with
this script without Apache being involved.
And, of course, you *ARE* looking at your Apache error_log, right?...
--
WARNING [EMAIL PROTECTED] address is an endangered species -- Use
[EMAIL PROTECTED]
Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm
Volunteer a little time: http://chatmusic.com/volunteer.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
