php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #9515 PHP misbehaves when run as a script with SERVER_NAME environment variable def'd
Submitted: 2001-03-01 19:01 UTC Modified: 2010-11-24 09:35 UTC
From: bram at xspace dot com Assigned:
Status: Not a bug Package: *General Issues
PHP Version: 4.0.4pl1 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: bram at xspace dot com
New email:
PHP Version: OS:

 

 [2001-03-01 19:01 UTC] bram at xspace dot com
In order to run a php script under a separate account while serving a web page, I use suexec to run php script as a shell.

Problem:  When the environment variable SERVER_NAME is defined, PHP misbelieves that it is NOT a shell script.

In reality, it is a shell script.  Bug 8898 is more less the same problem with another symptom.

Some functions simply do not work correctly.  GetMyUID() returns nothing when PHP is running as a shell script, but the environment variable SERVER_NAME is defined.

As a last resort, an invocation flag option should be available to inform PHP that it is a shell script being invoked by a web server.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-03-01 22:57 UTC] bbonev@php.net
a working setup is:

ScriptAlias /cgi-bin/ /home/someuser/cgi-bin/
AddType application/x-httpd-php .php
AddHandler php-script .php
Action php-script /cgi-bin/php

a way to solve the SERVER_NAME, PATH_INFO, etc. vars problem is to make an 'unset' wrapper. plase note that when these vars are set php will get the script name to execute from them. if for instance from a php script you exec (not include) another one starting with #!/path-to-php/php the latter invocation will execute the page requested by http again.

there are two cases:
1) php is invoked as shell script and shall process command line only no matter what env vars are set
2) php is invoked the way described above and shall preffer env vars (for security reasons - the /cgi-bin/php/etc/passwd issue) if no - command line

please note that php itself cannot distinguish those cases - #2 is the expected behaviour for all cgi setups, while IMHO #1 does not exist and may be activated through an option

 [2001-03-01 23:00 UTC] bbonev@php.net
ooops. forgot to change type - this is expected behav, not a problem
 [2010-11-24 09:35 UTC] jani@php.net
-Status: Open +Status: Bogus -Package: Feature/Change Request +Package: *General Issues
 [2010-11-24 09:35 UTC] jani@php.net
No bug nor feature requested here.
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC