Updated version, OS, Summary, reclassified as documentation problem.

As mentioned already, the way to go is to set

  cgi.force_redirect = 0

in php.ini . It's now documented in php4/win32/install.txt but needs to be properly documented in the manual too (especially in the ini settings and the http://php.net/security.cgi-bin page).

Ok .. Big Oops

No BUG!

Big lesson: 
This is to do with permission settings when installing php. Make sure your IIS user or everybody has permissions to access php and dlls in the php directory.

Sorry guys :)

I read bug this bug and have changed my security setting on IIS and it makes
no difference. I'm also using Zend, Smarty & ADODB. In addition I'm
running on a pentium 4. I am
having major problems in our login program and took the code out into a
seperate test problem, and am still having the same redirect problems.

I have been checking the Forums in the PHP community for the last week and
find this seems to be a problem. I've tested the following code and it
only will re-direct 1 time out of 5 or 6 times, of executing the code(with
no code changes). It gives an error message the other times.

Here is my test program:

<?
include_once("config.inc"); // Include files smarty etc.
include_once("conn.inc"); // ADODB Connection
	session_start();
	$sess_key=session_id();
	$access = 'grant';
	$page_name='page1.php';
	$login='shelley';
	$HTTP_SESSION_VARS['saccess'] = $access;
	$HTTP_SESSION_VARS['susername'] = 'Shelley Jones';
	$HTTP_SESSION_VARS['suserid'] = $login;
	$HTTP_SESSION_VARS['suseris'] = 'Cust';
	$HTTP_SESSION_VARS['spage'] = $page_name;
header("Location:page2.php?K=".$sess_key."&L=".$login);
flush();
exit; 


Error Msg recieving.

CGI Error
The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are:

Shelley

I too had the same problem.  I read that I had to set cgi.force_redirect=0 I did this and nothing happened.  I tried everything, only to find out that my php.ini file was not in c:\winnt like the docs said they it would be.  No the binary distro put it in c:\documents and settings\administrator\windows  I copied that file to c:\winnt and the php part is working.

Hello shelley

win2000 + iis + php

I had the same problem with header("Location....) redirects.
And I don't have a solution only have one ugly code to do the same... 

echo "<script language='javascript'> document.location.href=$url</script>";

I hope change this code on the future, when somebody will have a solution.

DJF

This still looks like a problem to me, am marking as a PWS problem until resolved.

Also it's important to know the correct php.ini is being edited as this seems to be the cause of many peoples problems.  So before reporting information to this bug report, please be sure to state where phpinfo() says it is.

If a PWS expert knows this is still a documentation problem, please reclassify with an explanation.

This is still a documentation problem, document that people should check their php.ini is actually read by PHP.

This is now documented:
http://cvs.php.net/cvs.php/phpdoc/en/chapters/install.iis.xml

Thanks for the report :)

Some of the problems on this page I have fixed by making sure register gloabal variables is turned on in php.ini.  Also an easy fix to the Security alert is to make sure php.ini has security set to everyone.  Be sure only to change security for that file, not for the winnt or windows dir.  Also make sure cgi.force_redirect is set to 0, as everyone has said.  Good luck.

I was having the same problem, and the it was related to improper NT permissions. Please be sure that your IUSR_MACHINENAME has read permissions to the php.ini file. When I had this file in the c:\winnt folder, only Administrators and the System accounts had read access. This was fine while running PHP as an ISAPI module because IIS was loading the DLL using the System account, but once I switched to a CGI module, I started having problems. This was because IIS was now launching the exe file as IUSR_MACHINENAME which is did not have correct read access to the php.ini file.

The issue of IIS permissions is related to this report but is difficult (at least for me) to come up with a straight forward comment on the issue.  In doing some research it appears there are many factors that come into play here most of which fall under "IIS Administration".  A few PHP related resources:

http://www.iis-resources.com/modules/news/article.php?storyid=4
http://forums.devshed.com/archive/5/2002/10/3/45479

Basically the IIS user (usually IUSR_MACHINENAME) needs permission to read various files and directories, such as php.ini, docroot, and the session tmp directory...  I don't feel comfortable documenting this without raising potential security issues (aka chmod 777 everything!!!) but will reopen for future comment.  Maybe someone has a nice solution to this problem and actually knows the topic (I don't).

Also some people have treated this report as a support forum, well, it's not.  Do not ask support questions here.

I have the solution for the reported problem by "domingodjf at terra dot es":
He says that with iis+php he had to generate redirects by javascript.

I also had the same problem.

I solved the problem when I switched to full absolute URL. For example:
header( 'Location: http://' . $_SERVER['HTTP_HOST'] . $path );

I hope this will help.

i using php 4.3.0 with PWS on a Win98 system.
when i try to run phpinfo to test for the installation it comes like below:
Security Alert! PHP CGI cannot be accessed directly. 
This PHP CGI binary was compiled with force-cgi-redirect enabled. This
means that a page will only be served up if the REDIRECT_STATUS CGI
variable is set. This variable is set, for example, by Apache's Action
directive redirect. 
i try a lot of way to do but still the same. t set the cgi.force_redirect to 0 , the error will ( no file selected) i am sure that pws is not the problem because i already test for which i type http://localhost.
pls help me to solve this problem , i already try for two but still cannot solve it.
thanks

To Everyone complaining that cgi.force_redirect = 0 is not working, I must say that remove ; (semi-colon) before that line.  That is for comment. Remove line and it might work.

i tried all that on win2003 machine , noting works at all 
full permissions , restart , file copy and the =0 option and register globals . 
I closed the window and opened the door and still not working .  any ideas ?

WOW! This is a 3 year old bug.

Ok. My comment would be to drop IIS/PWS. I use Sambar (http://www.sambar.com) which is free and has a commercial license for those needing more support (and a lot of additional facilities). NOTE: Sambar and Samba are NOT related.

Both the PHP manual and the Sambar documentation have details about using each other. I've used Sambar from Win98SE up to Windows 2000 Server. I've used it on customer sites for intranet web servers.

If you can't fix the issue, then try something else. I'd normally get Sambar, PHP5 and  mySQL installed and running in under 15 minutes. Nothing goes into the Windows directory other than a few INI files. All the apps run from there own directories. The registry is not polluted either.

Nice and clean and liked by me!

Richard.

This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation better.

"The IIS user (usually IUSR_MACHINENAME) needs permission to read various files and directories, such as php.ini, docroot, and the session tmp directory."

It is possible to set rights for individual users under Windows, there's no need of chmod 777.