php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #15133 SSI
Submitted: 2002-01-20 21:43 UTC Modified: 2011-01-01 00:17 UTC
Votes:1
Avg. Score:1.0 ± 0.0
Reproduced:0 of 1 (0.0%)
From: tim dot lokot at s1 dot com dot au Assigned:
Status: Not a bug Package: *General Issues
PHP Version: 4.1.1 OS: Windows
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: tim dot lokot at s1 dot com dot au
New email:
PHP Version: OS:

 

 [2002-01-20 21:43 UTC] tim dot lokot at s1 dot com dot au 
Is it possible to enable future versions of PHP to be run as an SSI directive so that languages like Perl do not have to be used instead for this purpose?  Currently PHP sends out the X-Powered-By headers everytime it's run including all the other default headers making it difficult to run PHP as SSI without having all the headers display to the screen.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-01-20 22:00 UTC] daniel@php.net 
At least on UN*X systems you can run PHP perfectly as SSI - just do a SSI include

<!--#include virtual="phpscript.cgi" -->

where phpscript.cgi is a script which first line points to your PHP executable:

#!/usr/bin/php

which could also be c:\progra~\php\php.exe (I think).

Or did I completely misunderstand you?

Also the X-Powered-By can be switched off. Either by 

  /usr/bin/php -q

which omits all HTTP-headers (such as Content-type and X-Powered-By) or by configuration directive:

  expose_php = On  ; Decides whether PHP may expose the fact that it is installed
      ; server (e.g., by adding its signature to the Web server header).
      ; It is no security threat in any way, but it makes it possible
      ; to determine whether you use PHP on your server or not.


Kind Regards,
  Daniel Lorch
 [2002-01-20 22:02 UTC] rasmus@php.net 
Adding -q is sufficient.  No PHP changes needed here.
 [2002-01-20 22:04 UTC] tim dot lokot at s1 dot com dot au 
You kind of understood ....

I was aware of the expose setting in the ini file, but it would be nice to be able to modify this at runtime.

How can you run that -q command from within a windows environment like IIS?
 [2002-01-20 22:08 UTC] rasmus@php.net 
"php.exe -q" doesn't work on Windows?
 [2002-01-20 22:11 UTC] tim dot lokot at s1 dot com dot au 
Under IIS you specify what script engine runs your php file.  Basically says that all files with extension .php are run by c:/php/php.exe or whatever the executable is.

You COULD put the -q in there, but that would apply for all users.  Can you specify -q at runtime so that my ISP (or any ISP for that matter) doesn't have to set explicit settings for this?  That way it gets left up to the programmer HOW they want their php scripts run.

Forcing -q on all users would mean that everyone of the ISP's clients would have to output all the headers just to get their scripts running.
 [2002-01-20 22:28 UTC] daniel@php.net 
But this a completely intended behaviour. On UN*X you have to provide the -q as well in _every script_ which should be used as output called from a SSI directive.

Where do you have to make this setting? Globally for all PHP scripts? Or can it be done in every script. I don't know IIS, sorry.

Kind Regards,
  Daniel Lorch
 [2002-01-20 22:32 UTC] tim dot lokot at s1 dot com dot au 
Under IIS, you do not have to supply the path to the executable in every script.  That's the nature of windows.  It works via file extension association.

My solution is to create a function called set_expose("off") or whatever fits in with the php naming conventions so that this can be set at runtime from within the script.  Thus forcing php to not send out any headers by itself.
 [2002-01-20 23:56 UTC] daniel@php.net 
Well, on UN*X, too you don't have to supply the path to PHP.

But as you are implying, a script is either called "normally" OR from a SSI include. So every script which is called by SSI could have a "php -q" at the beginning, right? Your set_expose would therefore be redundant (unless -q is not possible from within IIS).

Is it possible, or not, to run a PHP-script with -q on IIS?

Kind Regards,
  Daniel Lorch
 [2002-01-21 02:04 UTC] imajes@php.net 
alternatively, why not have your isp make a new filtered extension, like .pssi or something, which has the executable set as php.exe -q ?
 [2002-01-21 17:31 UTC] tim dot lokot at s1 dot com dot au 
Ok, I've run some tests on my server and I can setup another filtered extension.  I guess this is one way to run it.  Seeing as this was a feature request, I thought it might be useful to be able to control this setting programatically.

If this isn't going to be added to the list of things to add, then please put this in some kind of configuration documentation somewhere. This question comes up a lot more than obviously you guys are aware of.
 [2011-01-01 00:17 UTC] jani@php.net
-Status: Open +Status: Bogus -Package: Feature/Change Request +Package: *General Issues
 [2011-01-01 00:17 UTC] jani@php.net 
Nope.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun May 05 14:01:31 2024 UTC