php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #4287 using php3_* directives in .htaccess causes strange Values
Submitted: 2000-05-01 15:49 UTC Modified: 2002-10-01 13:23 UTC
From: mdobel at kawo2 dot rwth-aachen dot de Assigned:
Status: Wont fix Package: Other
PHP Version: 3.0.16 OS: Linux (Kernel 2.2, Various Distr
Private report: No CVE-ID: None
 [2000-05-01 15:49 UTC] mdobel at kawo2 dot rwth-aachen dot de
When redefining php3_prepend_file and php3_include_path (possibly others, too?) in an .htaccess file, the serving apache process does not reset them to default values afterwards, when there's also a .htaccess file in the next directory accessed.
I reproduced this on 
RedHat 6.1 (Apache/1.3.9 (Unix) (Red Hat/Linux) mod_ssl/2.4.8 OpenSSL/0.9.4 PHP/3.0.16), 
Mandrake 7 (Apache/1.3.9 (NetRevolution Advanced Extranet Server/Linux-Mandrake) mod_ssl/2.4.9 OpenSSL/0.9.4 mod_perl/1.21 PHP/3.0.16) and
Suse 6.2 (Apache/1.3.9 (Unix) (SuSE/Linux) mod_perl/1.21 PHP/3.0.16 mod_ssl/2.4.7 OpenSSL/0.9.4)

In all three cases i used the apache-rpm which came with the distribution and compiled php as a DSO-Module. I'll now describe the third install on Suse, since this was a clean new install with almost no changes in any files. I don't know, what may be important and what may not, so I'll be as verbose as possible.

The configure-line was:

./configure --with-apxs=/usr/sbin/apxs --with-xml --with-mysql=/usr
--with-dbase=yes --with-ftp --with-pdflib --with-libtiff=/usr
--with-libjpeg=/usr --with-gd=/usr --with-zlib=/usr --with-ttf=/usr
--with-config-file-path=/etc/httpd --enable-debug=no
--enable-safe-mode=no --enable-track-vars=yes --enable-magic-quotes=yes
--enable-bcmath=yes --enable-memory-limit=yes --enable-sysvsem
--enable-sysvshm

In httpd.conf i added/changed an "AllowOverride all" for the Directories:

/usr/local/httpd/htdocs
/home/blafasel/public_html

The rest remained unchanged, fresh from the rpm.

In php3.ini 
include_path is "." 
and auto_prepend_file is commented out.

Both directories have a subdir named "test" containing the following files:

in /usr/local/httpd/htdocs/test/:
.htaccess:
php3_magic_quotes_runtime off
order deny,allow
deny from all
allow from xxx.xxx.xxx. yyy.yyy.yyy. (change this so it fits for your network)

index.php3:
<?php phpinfo(); ?>

Those files belong to root.root.

in /home/blafasel/public_html/test/:
.htaccess:
php3_include_path ".:/home/blafasel/public_html/test"
php3_auto_prepend_file "/home/blafasel/public_html/test/include.php3"

index.php3:
<?php phpinfo(); ?>

include.php3 is an empty file (0 bytes)

Those files belong to blafasel.users.


Now i started my browser and opened the URL
http://servername/test/index.php3 
Everything's fine at this time, php3_auto_prepend_file is set to "none", php3_include_path is set to "."

Then i opened the URL http://servername/test/~blafasel/test/index.php3 in my Browser and hit the RELOAD-button a couple of times to "infect" as many httpd-processes as possible, since the bug seems to be "per process". It may be a good idea to adjust MaxClients and MaxSpareServers to some small values for testing this.

Now I reload the first URL, http://servername/test/index.php3
At this point I get the Error Message, that the required File <some random ascii characters> could not be found.

I added the line "php3_auto_prepend_file none" to 
/usr/local/htdocs/test/.htaccess 
to make the phpinfo(); show again, and the include_path was also set to something weird, either some  text fragment from the .htaccess (part of the allowed ip's or the word "order" for example) or also just random ascii characters.

Regards, Markus

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-10-01 13:23 UTC] hholzgra@php.net
We are sorry, but can not support PHP 3 related problems anymore.
Momentum is gathering for PHP 5, and we think supporting PHP 3 will
lead to a waste of resources which we want to put into getting PHP 5
ready. Ofcourse PHP 4 will will continue to be supported for the
forseeable future.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Oct 04 12:01:27 2024 UTC