Turn Off Register_globals On A Shared Server

Jul 27, 2005

My shared server provider has register_globals on. I checked by running
php_info(); from within a file. I would like to turn this off, but
asking them to turn it off just for me will not work.

I tried adding the following lines to the .htaccess file:
<IfModule mod_php4.c>
php_flag register_globals off
</IfModule>
but that did not work. I thought that maybe the file is called
something else, and I could not find any file containing mod_php
anywhere on the server. Also, I can see that the addmodule line for
mod_php4.c is commented out in the httpd.conf file for the shared
server.

I do not know how the server can serve php if that line is commented
out?

Bottom line is: is the .htaccess approach the correct one? and does
anyone know how I can find out if I am using the correct filename?

phpinfo() says that I have PHP Version 4.3.11

I will leave phpinfo() running on the main page so that if someone
needs more information,

ADVERTISEMENT

Web Server On Windows, With Register_globals On, How To Turn It Off Just On My Site?

Feb 23, 2006

web server is on windows, with register_globals on, how to turn it off just on my site?
I cannot access the configuration file, and I cannot use .htaccess because it is on windows. How to turn off the register_gobals in this case?

View 2 Replies View Related

How To Turn Off Register_globals

Jul 15, 2002

I used phpinfo() and I found that register_globals variable is ON. I don't have any .htaccess file in the directory provided so there is other way to turn this OFF?

View 11 Replies View Related

Turn On Register_globals?

Jul 24, 2002

for a stats program for a game, logs are sent to a perl file which saves data into a MySQL database then interpreted by PHP. when i try to check the stats it gives the error register_globals must be ENABLED

i went into php.ini and checked for a register_globals variable and i found this:
register_globals = Off
so of course i change it to:
register_globals = On
that didnt work so i also tried:
register_globals = ON
register_globals = on

it keeps saying that register_globals is still disabled though.... what is wrong? php.ini is in the windows folder where it should be.

View 1 Replies View Related

Turn Register_globals Off?

Oct 10, 2005

I just took over the website at work. I am still learning PHP.
Register_globals are on and the script appears to be coded to take
advantage of this. I know how to recode the script, but am unsure how
to turn them off when I am done. I have googled and came up with
placing

php_flag register_globals off

in the .htaccess file.

I did this without recoding the script and the script still worked, so
I am assuming I did not turn them off.

View 17 Replies View Related

Turn Off Register_globals In Php.ini?

Jun 16, 2010

I am running an ecommerce theme on wordpress on a hostgator server, and coming up with this error.

Security warning: set the value
*register_globals* in the php ini to Off !! This theme will not work correctly otherwise.

I can't find the php.ini in any of the folders. I tried creating a file with the added command and putting it in root as suggested via google

View 3 Replies View Related

Turn Off Register_Globals?

Jul 3, 2010

I'm running PHP 5.3.2, and I've checked the ini file, and it has register_globals Off, but when I check phpinfo();, it says that it's on as a Local Value, but Off as a Master Value. I tried echo $ID and inputed ?ID=2 into the URL and it echoes 2, so I'm pretty sure that it's still on. Can anyone tell me how to turn it off?

View 7 Replies View Related

Linux - Turn On Register_globals For Local Scripts Only?

Jan 29, 2011

I am using php as a command line scripting language for executing various system commands.

How can I turn on register_globals locally - to a single script only perhaps? Can this be done via the script itself?

I would prefer not to change global settings if possible.

View 2 Replies View Related

Turn Off Safe_mode Off For A Particular Directory In A Shared Hosting Environment?

Dec 30, 2009

I want to turn off php safe_mode off for my site. My provider gave me a php.ini file and asked me to put it with my settings in my public_html folder to override the settings, but it didn't work.

View 3 Replies View Related

PHP Shared Server Security

Dec 17, 2000

I have a client that brought to my attention a very interesting problem. If he has a website (www.domain.com) and he has a php page on it (order.php) that connects to the database. He has the user and pass in the page.

This is a linux server. It seems that another person on the server could just figure out what directory he is in. Then just do "vi order.php" so they could read the user and pass and then connect to the database and steal information.

View 2 Replies View Related

Drupal On A Shared Server

Jul 23, 2007

I recently installed the Drupal CMS on my shared server. My problem is with "clean urls". When I run the clean urls test it seems to pass ok, but when I then enable clean urls the page loses all of its design (ie. logo, color, links do not work, etc.). I know there are some server things that need to be done and my host is telling me I cant do them because this is a shared server. They then told me that Drupal was not going to work for me. Will Drupal work on my shared server? Why is the site having this clean url problem? If Drupal will not work is there another CMS that already has clean urls?

View 1 Replies View Related

Setting Up Yii On Shared Server?

Feb 8, 2011

I wish to use a PHP Framework such as Yii, however, it seems to set this up I need access to a terminal or console. Unfortunately my only access to the server is via an FTP client as it's shared hosting. Does this rule Yii out as a framework?

View 3 Replies View Related

Ftp _ Connect On Shared Server?

Apr 14, 2009

I have a client that would like to FTP a file from his website on a shared server to another site. We are able to FTP the file manually using FileZilla from my computer to the other site and would like to build the same functionality into a PHP script that executes on the website via a CRON job. The goal is automatic file transfer on a specific date.

The problem I am having is that ftp_connect command in the PHP script fails to connect.

Should I use a port other than 21 in shared environment?

The ISP (Bluehost) says that they are not preventing the connection.

View 9 Replies View Related

PHP Libraries On Shared Server

Mar 10, 2007

I'm currently using a shared web server for projects, and only have FTP access to it.

I'd like to take advantage of PHP libraries like PEAR, and I was wondering if theres a way to install them on a shared server?

View 7 Replies View Related

Server Signuture Turn Off Need Access?

Jun 6, 2011

I want to add the following settings to my server:

ServerSignature Off
ServerTokens Prod

However after research I have to add these settings in my httpd.conf or apache2.conf file. It wont work in my php.ini or .htaccess on my public webroot. If I have not got access to these two server files (httpd.conf or apache2.conf) how can I get access or is there an alternative way to get these settings to work. It is a security issue I need to sort out ASAP.

View 1 Replies View Related

Enable Php Extensions On Shared Server?

Oct 12, 2006

I have a very cheap php-enabled linux hosting account.

Unfortunately, this host does not have some extensions enabled which I
need, namely, the dom-xml and xslt extensions.

Assuming that the server admins ignore my pleas, is there a way to
locally
enable these extensions for my account, with a local copy of php.ini,
or
local copies of the proper *.so files, or some magic in the .htaccess
file?

View 4 Replies View Related

Setting Include_path On Shared Server

Aug 7, 2006

My shared host used to have Php configured such that I could place a
php.ini file into any directory on my site and that was the php.ini file
that the Php cgi would use when it ran scripts.

Since upgrading to Php5.1 that is no longer possible (not allowed in
Php5.1 (?) ).

Anyway, ... this was a very handy way for me to set the include path so
that I could keep files with sensitive data (e.g., database usernames,
passwords) out of the site's public path.

My hosting service has actually rolled back to Php5.0 so that I could
continue doing as I had been ... with the caveat that they will
ultimately have to go with 5.1.

So, I have a set of questions.

1. Is there another way that I can set the include path globally for my
site? (Adding them to htaccess throws a 500 server error.)

2. How much security is really gained by moving sensitive include files
out of the site path (my include files all use the .php extension)?
Should I even be that concerned about this capability?

3. Would I gain the same security if I changed my current include files
(which I would have to put back into the public site path) to do nothing
but set include_path outside the public site and then include a new,
secondary file which actually contains the sensitive data?

4. Does anyone know why I *can* use local php.ini files in 5.01 and not
in 5.1?

View 2 Replies View Related

Securing Sessions On Shared Server

Jan 28, 2005

My website uses sessions for the usual malarkey - user logins, etc. I'm on a shared server, with sessions saved in '/tmp'. I've been told that this is prone to sessions hijacking, since the whole server's session files are stored in that directory, not each domain/subdomain having its own '/tmp' directory. (The server's using Red Hat)

If they're vulnerable in here, what's the best course of action to take? I can't create directories outside my webroot (except in cgi/bin) so a custom directory is out of the question (again, unless I can use cgi/bin? doesn't seem a good idea). I'm thinking then, of a database/cookies solution, storing a 'session' cookie on the user's computer with the value of a hashed session id, which then points to the appropriate row in a 'sessions' table in the database.

Can anyone point me in the direction of a suitable session database class, incidentally?Could anyone advise me on this? What do you gurus do about session handling (please don't say "buy a dedicated server" because I can't! :D ) I've been using the /tmp dir for nearly two years now without any problems, but have only just got round to think seriously about session security.

View 1 Replies View Related

URL Rewriting On A ISAPI Shared Server?

Jan 26, 2010

I need to rewrite URLs. The problem is that I am developing in PHP on an ISAPI server. An additional problem is that I am not the owner/manager of the server.Is there any way to rewrite URLs for PHP on a shared ISAPI server?

View 1 Replies View Related

Install Symfony On Shared Web Server?

May 10, 2010

I have created a project(on my Localhost) in symfony(PHP Framework), and need to upload it on server(i.e the WEB Server), but i dont know how to do that, i got many methods on net, but i was not able to follow that.

View 3 Replies View Related

Creating Web Services On Shared Server

Nov 25, 2010

i want to create a web service on shared server using php

View 2 Replies View Related

Shared-server Security For Python?

Oct 24, 2008

Shared-server environment for various and sundry web services.I think we've settled on setting disable_functions and disable_classes site wide in php.ini and php_admin_value to force open_basedir in each app's httpd.conf for php scripts, and passenger's user switching for ruby scripts.We still need to find something for python though.Passenger does support python, but not for per-application security for specific sub-directories(it's all or nothing at the domain level).(And if any of the previous doesn't make sense-well, I'm the guy who's supposed to set up the python support, not the guy who set up the php or ruby support, so there's still some "and then some magic happens" steps in there from my perspective).

View 3 Replies View Related

Networking - Turn Website Into A Proxy Server?

Jan 19, 2011

i was wondering if there is any way to turn my website into a proxy server ..i found plenty of scripts using PHP but they all require navigating to site in order to use the proxy, but what i really want is a script that enables me to access the site via browser configuration like in firefox when you enter the IP and port number in the options dialog, is there any kind of scripts that does that ?

View 1 Replies View Related

Http - Turn A Script Into A Proxy Server?

Sep 18, 2010

We all know that HTTP uses port 80, what if i put my server's ip and the port 80 in the browser's proxy setting, will the browser sends the HTTP requests to my index.php which will fetch the website from server side and return response headers and body?

View 2 Replies View Related

Calculate Server Load - Turn This Server Load Into A Percentile Scale?

Apr 7, 2011

How do you calculate the server load of PHP/apache? I know in vBulletin forums there's the server load displayed like 0.03 0.01 0.04 but it's not really understandable to a average joe. So I thought about a 1-100 percentile scale. I wanted to display a server load visual that reads from a DIV:

$load = $serverLoad*100;
<div class="serverLoad">
<div style="width: $load%;"></div>//show visual for server load on a 1-100 % scale[code]....

However, I don't know how to detect server load.Is it possible to do turn this server load into a percentile scale? I don't know where to start.

View 4 Replies View Related

Secured Hosting On A Shared Server - Impossible?

Jul 17, 2005

I'm just throwing this question out here as there hasn't been much
discussion recently on the topic of shared hosting. Most people, it seems,
just assume that it's secured. Companies don't sell services that's
insecured by design, right?

Those of us who know better know, of course, that that's not the case. Two
main challenges of sharing a server with other people are hiding your
database login/password and securing session files. Both of these are
necessitated by the fact that Apache runs as the same user for all virtual
hosts. Files that your scripts have access to, those of your server-mates
can access as well.

My questions are thus

(a) Is it possible to host a PHP site securely using a typical (read
"cheap") web hosting account?

(b) Is it possible to set up Apache so that virtual sites are protected from
one and other?

View 10 Replies View Related

Cannot Instantiate Non-existent Class - Shared Server

Feb 28, 2006

I'm having problems with include. I wrote a small example which shows
what's going on...

I should say that the problems started after I moved to a shared
server. All was working fine in my local server...

file test.php
---------------------------------------------------
<?php

echo '<html>'
echo '<head>'
echo '</head>'
echo '<body>'

echo "including inc.php<br>";

include("http://my_site/inc.php");

echo "inc was included<br>";

$clsIncClass = new ClsIncClass;

echo '</body>'
echo '</html>'

?>

file inc.php
---------------------------------------------------
class ClsIncClass {
function ClsIncClass() {
echo "ClsIncClass constructor<br>";
}
}

result in browser:

including inc.php
class ClsIncClass { function ClsIncClass() { echo "ClsIncClass
constructor
"; } }inc was included

Fatal error: Cannot instantiate non-existent class: clsincclass in
/home/ke000067/public_html/test1.php on line 21

Note that it seems that inc.php was included as if it were a text file,
but as you can imagine, it's not my intention...

So, i decided to change

include("http://IP_of_my_site/inc.php");

to

include($_SERVER['DOCUMENT_ROOT']."/my_site/inc.php");

but the result was

including inc.php

including inc.php

Warning: main(/opt/apache/htdocs/~ke000067/public_html/inc.php): failed
to open stream: No such file or directory in
/home/ke000067/public_html/test1.php on line 15

Warning: main(/opt/apache/htdocs/~ke000067/public_html/inc.php): failed
to open stream: No such file or directory in
/home/ke000067/public_html/test1.php on line 15

Warning: main(): Failed opening
'/opt/apache/htdocs/~ke000067/public_html/inc.php' for inclusion
(include_path='.:/opt/apache/lib/php') in
/home/ke000067/public_html/test1.php on line 15
inc was included

Fatal error: Cannot instantiate non-existent class: clsincclass in
/home/ke000067/public_html/test1.php on line 23

View 8 Replies View Related

Session IDs Not Working On GoDaddy.com Shared Server?

Nov 15, 2010

Server: Windows IIS7
PHP 5
Host: godaddy.com shared "deluxe"

I'm having trouble with a login script that uses PHP sessions to store a Session ID on the server. I have used this same exact script on both a Dreamhost site and a Bluehost site without any problems. This is my first time using godaddy.com and I've had nothing but problems. Godaddy does allow you to easily switch over to a Linux server but my client has other sites hosted that were written with ASP.NET and when I switched over those sites didn't work so I had to switch back to Windows.

I've basically used the exact code that I found here:
http://www.troywolf.com/articles/php/class_session/

and I've only changed the login, password, and the location to store the session ID.

The code is split up into 4 files.

login.php
logout.php
class_session.php
a bit of code that you put at the head of a file you want to password protect

here's the error I'm getting:
Object Moved
This document may be found here ("here" is a link that just points back to login.php)

The Class_session.php has a $log variable that allows you to troubleshoot. When I echo it out I get this:
session() called
exists() called
sid: 00fada16b0fb755ea1df7928592c7272
load() called
D:Hosting2556240htmlsid_00fada16b0fb755ea1df7928592c7272 does not exist.
Could not restore session.
save() called
Could not create or open D:Hosting2556240htmlsid_00fada16b0fb755ea1df7928592c7272

I'm thinking the issue is happening in the Class_session.php file so here is the code so you don't have to click on the link:

and I've tried a million variations on the sessdion ID save path here to no avail:
$this->dir = realpath("../")."/";

<?php
/*
* Filename.......: class_session.php
* Author.........: Troy Wolf [troy@troywolf.com]
* Last Modified..: Date: 2005/06/18 14:20:00
* Description....: A session management and password protection class.

This class can be used to perform 2 major functinos:

1. Create and maintain session state between page hits. This class does this using simple session cache files into which the session is stored as a serialized array. This is similar to how PHP's built-in sessions store session data. One big advantage of this class is that you have full control over the session time-out.

2. Password protect PHP pages by requiring authentication. Simply pass in "true" when creating a new session object to use this functionality. You'll also need to create your own login.php script. A sample login.php is packaged with this class.

Be sure you look at the cleanAll() method in this class.

*/
class session {

var $id;
var $data;
var $log;
var $dir;
var $filename;
var $login_page;
/*
The class constructor.
*/
function session($login_required=false) {
$this->log = "session() called<br />";
$ret = true;
/*

All the session variables are available in the data[] array. Unless you know what you are doing, Do not use these array keys as they are used internally by the class:
logged_in page_destination*/
$this->data = array();
/*

If you will have some pages that require login, set your login page here. Defaults to login.php in current dir.

*/
$this->login_page = "login.php";
/*

Define the directory to save session files in. This defaults to the current dir, but this is probably not what you want. For one thing, it is INSECURE! It also will prevent your sessions from working between scripts in different dirs. It is highly recommended that you set this to a non web-accessible dir. End this value with a "/".

*/
$this->dir = realpath("../");
if ($this->exists()) {
$this->log .= "sid: ".$this->id."<br />";
if (!$this->load()) {
/*

This is not necessarily a show-stopper. This will happen if you've previously started a session, but never saved it. This would also occur if you delete the session's cache file during a live session.

*/
$this->log .= "Could not restore session.<br />";
$ret = true;
}
} else {
if (!$this->newId()) {
$this->log .= "Could not create new session.<br />";
$ret = false;
}
$this->log .= "sid: ".$this->id."<br />";
}
if ($login_required) {
$this->log .= "Require login requested<br />";
if (!$this->data['logged_in']) {
$this->log .= "Not logged in, redirecting to "
.$this->login_page."<br />";
$this->data['page_destination'] = $_SERVER['SCRIPT_NAME'];
$this->save();
header("Location: ".$this->login_page);
}
}
return $ret;
}
/*
expire() is useful for a logout feature. It will empty the session data,
delete the session file, and expire the sid cookie.
*/
function expire() {
$this->log .= "expire() called<br />";
$ret = true;
$this->data = array();
if (!file_exists($this->filename)) {
$this->log .= $this->filename." does not exist.<br />";
$ret = false;
} else {
if (!@unlink($this->filename)) {
$this->log .= "session file delete failed for "
.$this->filename."<br />";
$ret = false;
}
}
if (!setcookie('sid' ,$this->id, time()-3600, "/")) {
$this->log .= "sid cookie expire failed. This may be due to browser"
." output started prior.<br />";
$ret = false;
}
return $ret;
}
/*
exists() checks if sid cookie exists on user's computer. If so, set id.
*/
function exists() {
$this->log .= "exists() called<br />";
if (!isset($_COOKIE['sid'])) {
$this->log .= "sid cookie does not exist.<br />";
return false;
}
$this->id = $_COOKIE['sid'];
$this->filename = $this->dir."sid_".$this->id;
return true;
}
/*
newId() generates a 32 character identifier that is extremely difficult to
predict. Save to a cookie to persist between pages.
*/
function newId() {
$this->log .= "newId() called<br />";
$this->id = md5(uniqid(rand(), true));
$this->filename = $this->dir."sid_".$this->id;
if (!setcookie('sid' ,$this->id, null, "/")) {
$this->log .= "sid cookie save failed. This may be due to browser"
." output started prior or the user has disabled cookies.<br />";
return false;
}
return true;
}
/*
load() reads in session data stored in session file.
*/
function load() {
$this->log .= "load() called<br />";
if (!file_exists($this->filename)) {
$this->log .= $this->filename." does not exist.<br />";
return false;
}
if (!$x = @file_get_contents($this->filename)) {
$this->log .= "Could not read ".$this->filename."<br />";
return false;
}
if (!$this->data = unserialize($x)) {
$this->log .= "unserialize failed<br />";
$this->data = array();
return false;
}
return true;
}
/*
save() stores session data in session file to persist data between pages.
*/
function save() {
$this->log .= "save() called<br />";
if (count($this->data) < 1) {
$this->log .= "Nothing to save.<br />";
return false;
}
//create file pointer
if (!$fp=@fopen($this->filename,"w")) {
$this->log .= "Could not create or open ".$this->filename."<br />";
return false;
}
//write to file
if (!@fwrite($fp,serialize($this->data))) {
$this->log .= "Could not write to ".$this->filename."<br />";
fclose($fp);
return false;
}
//close file pointer
fclose($fp);
return true;
}
/*

cleanAll() will clean up your session dir removing all 'sid_' files with a modified date older than the number of minutes passed in. This method is here as a convenience. You probably want to create a cron job that cleans this up on a daily basis.

*/
function cleanAll($minutes) {
$this->log .= "cleanAll() called to delete sessions older than "
.$minutes." minutes<br />";
chdir($this->dir);
$ret = shell_exec("find -type f -name 'sid_*' -maxdepth 1 -mmin +".$minutes." -exec rm -f {} ;");
}
}
?>

View 2 Replies View Related

Upload Progress Bar For Shared Server User?

Jan 16, 2010

i have seen lots of solution, but what is the best stable solutin for no-administrator user who cant config server. i found some of these:

using apc extension perl cgi instead of php flash based using js framework

im not sure i could use extension, not understand perl to control over the process, and totally not use flash in mywebsite because significant percentage of user have not flash. and im not want to use framework because of growing mywebsite size.

i think must be a better ajax | js | php portable solution.

View 1 Replies View Related

Htaccess Mod_deflate Does Not Work On Shared Server?

Jan 26, 2009

I'm developing a website in PHP and I have large JS files that I want to compress. So, I added this in my .htaccess file:

<FilesMatch ".(js|css|html|htm|php|xml)$">
SetOutputFilter DEFLATE
</FilesMatch>

It works great on my local wamp server install but once I move the files on my shared server, the DEFLATE command does not work. I don't know why... mod_deflate is enabled on the webserver, aswell as bz2, gzip. I am allowed to user htaccess, I've cheched...Plus that I have other rules and commands running in htaccess. So the DEFLATE is the only one that does not work... Does anyone know why it works on my localhost and not on my webserver too ? Is there any module/extension that I need to enable on my webserver that I don't know of ?

View 4 Replies View Related

Bulk HTML Email From Shared Server?

Dec 3, 2009

send bulk email (of various quantities) using PHP from a shared server, without causing any problems for any websites being hosted?Would it be best to put the script to sleep() between each email, or only send them off in groups of a couple of hundred? Also, would I benefit from sending them out during the early hours, when there is much less traffic on the server?I'm thinking of offering this as a service and it would be good to use the tools I already have.

View 2 Replies View Related

Develop A New Project In 5.3 Which Would Be Hosted On Shared Server?

Apr 29, 2010

I'm using PHP 5.2.11. I've seen that 5.3 version has several backward incompatibility issues and because of that some code might require changes.

Since my website is hosted on shared server, many have suggested that those server won't upgrade to 5.3 in near future (probably due to incompatibility issues for many shared users).

Would it be wise to develop a new project in 5.3 which would be hosted on shared server?

View 4 Replies View Related

Alternative To Getimagesize () Which Is Disabled On A Shared Server?

May 9, 2011

When I use getimagesize() in my hosting company which is a shared server, I get the following error.

Message: getimagesize() [function.getimagesize]: URL file-access is disabled in the server configuration

Filename: admin/admin_product_home.php

What is the alternative to get the image size of images?

echo "<tr>
";
echo "<td>".$list."</td>
";
$filepath = base_url()."uploads/".$list;

[Code].....

View 1 Replies View Related

Sessions Expiring Too Early On Shared Server - Fix?

Mar 5, 2009

Sessions are expiring too soon in my PHP login, running on a shared server. The server default is 24 minutes, but at times sessions are expiring before that.I say "at times" because the expiry time seems to vary with the time of day (?)I get the impression that this may be due to other sessions "interfering" with mine on the shared server, and that I can overcome this by specifying a new path for session storage on every page.Is this right, and if so, how do I do this?Can I set this up using an htacess file?Can I write the:$session_timeout and the session.gc_maxlifetime there as well? If so, how?I saw an ominous note somewhere, related to this, saying, "...But the .htaccess from your original site might also include directives which cause JPI failure...." What's that about?Should the new directory be outside the public access www level? Does that enhance security?Also, I saw a comment that, "If you are using the subdirectory option for storing session files then garbage collection does *not* happen automatically. *You will need to do your own garbage collection through a shell script, cron entry, or some other method." I'm not quite sure what the "subdirectory option" is, but is this necessary, and if so, what would be the cron job code for this?

View 9 Replies View Related

Hiding MySQL Password On A Shared Server And Some Other Questions

Jul 20, 2003

I have a shared hosting account and have some questions. I would appreciate any help. Even if you have answered this before, please say so so I could search the forums using your name and find your post.

What I have:

CPanel
Apache 1.3
PHP 4.3 as an apache module
MySQL
SuExec
A user and group “sam” in the virtual host container for SuExec use. I am not familiar with perl programming.

My main problem is that MySQL user name and password is visible to other users on the server if they log in using SSH or telnet and brows and read my PHP scripts. I did read many posts but I am not sure about how to solve this problem.

I think I know what I need to do but please confirm or correct my understanding.

1.Can I install PHP as a CGI binary under my home directory even though I don’t have root privileges on the server and how and where should I setup the php.ini file?
2.Would that cause any problems for the other user on the server or for apache?
3.If I run PHP as a CGI will I be able to change PHP configuration using apache .htaccess files or will that only effect the PHP module configuration?
4.Is it possible to have some PHP scripts ran by the PHP module and some by the PHP CGI binary by setting different extensions or directories for the scripts?
5.The only way I can hide my password in these scripts is if I chmod to 700 and run them as a CGI script using SuExec.
6.If I only have one script (say secure.php) with passwords and other configuration information and give it access rights of 700 (to protect it form other users,) how can I include that file in other PHP scripts?
My understanding of this is if apache is running a php script using its php module and the script has an include for the “secure.php” file it can’t include it because it doesn’t have access rights to it. Now, if apache recognizes “secure.php” as a CGI script, it will try to use SuExec and run it and then return to the including script. Is that correct and will the variables and environment be the same? In other words, if I set some variables in “secure.php” and use include from the main script, will the main script have those variables even if “secure.php” is ran by the PHP CGI binary?
7.Should I just run all the scripts as CGI with SuExec and avoid switching between the module and the CGI PHP interpreter.
8.Is there any better solution for this problem other than having a dedicated server?

View 3 Replies View Related

Symfony Project Hosting In Godaddy Shared Server?

Dec 10, 2010

I am try to host my symfony 1.1 project in godaddy shared hosting server.First I have freeze my code and uploaded to server.I have modified php5.ini and .htaccess.But still i have got a redirection error.

Error:Empty module and/or action after parsing the URL "/frontend_dev.php"

View 1 Replies View Related

Fastcgi - Get Linux Server To Use Local Ini In A Shared Environment?

Sep 27, 2009

I'm on shared server environment (Dreamhost.com uses Linux/Debian).

I followed their instructions @ url configuration on setting up a local PHP5 instance on my user account so that I could use APC (php5 accelerator)

A couple of caveats is that I dont have php5 installed on the root directory "/home/php5" as assumed by the instructions/install script

rather I have it in another directory "home/subdir-path/php5", so I had to change the script to address that.

I tried adding this dir to the env $PATH

but when I do phpinfo(), i see that it's not using the local php.ini settings =[

==OR==

If someone could show me the right steps to setup a custom php5 instance, with fastcgi, and APC (php cache/accelerator) that'd be just as great.

View 1 Replies View Related

Enable Mod_rewrite On Shared Hosting Apache Server?

Dec 10, 2010

I have made some changes to a clients website The client was continually being attacked using SQL injection, and at the moment the URL contains variables that the website needs (i.e. index.php?filenmae=home.php).

So after securing the site as best I could using mysql_real_escape_strings and stripslashes, I then came to do URL rewriting in Apache. At the moment, the server the website is currently on doesn't support mod_rewrite (i've checked using phpinfo) and it's not a server belonging to us. Is there anything I can do in my .htaccess file that would enable mod_rewrite for this website?

View 3 Replies View Related

Install A MQTT Broker On Shared Hosting Server

Mar 16, 2011

"Really Small Message Broker" is an MQTT message broker, but I was wondering how could I install a RSMB on my shared hosting server with Justhost

View 1 Replies View Related

Shared Server Multiple Sites Sharing The Same Host?

Mar 12, 2009

Web apps in PHP vs.long-running process using tools such as Django or Turbogears for Python.As far as I know:In PHP, pages are fetched from the hard-disk every time(although I assume the OS keeps files in RAM for a while after they've been accessed)Pages are recompiled into opcode every time(although tools from eg.Zend can keep a compiled version in RAM)Fetching pages every time means reading global and session data every time, and re-opening connections to the DB.

So, I guess PHP makes sense on a shared server(multiple sites sharing the same host)to run apps with moderate use, while a long-running process offers higher performance with apps that run on a dedicated server and are under heavy use?

View 5 Replies View Related

Migration From Shared Hosting To Virtual Server With PLESK?

Jun 20, 2009

In the code used $_SERVER['PHP_SELF'] which no longer works-it points to the wrong place.Migrated from shared hosting to virtual server with PLESK.changed $_SERVER['PHP_SELF'] to just the name of the PHP file and it works mostly now.Question:Can this change affect the code in other ways or should it work as before.There are other errors but don't know if they are separate or if caused them with the change.

View 3 Replies View Related

Script Works On Shared Hosting But Not Dedicated Server?

Nov 25, 2009

i was running php files that sent info from a form the customer filled in to another php file. but this does not work on my dedicated server, i fort it may have been the file permission but Ive checked this and they have the correct file permission. here is a working example [URL] when the files are uploaded to a shared hosting package it works, but if i upload the same files to my dedicated server they dont work (see link below)

[URL]

some one said it may be because the shared hosting is using php4 and the dedicated server is running php5, Could this be the problem? here is the coding for the first php file example.php

Code: [Select]<form name="example1" action="example1.php" method="POST" target="_blank">
<textarea cols=68 rows=27 name="message">

View 1 Replies View Related

Install Xpdf On A Godaddy Linux Shared Hosting Server?

Mar 22, 2010

I'm having trouble determining if it's possible, based on the amount of access I have to my Godaddy server, to install XPDF. Could someone shed some light on this? Here's the link to XPDF. And here is info about the GoDaddy server.

My goal is to convert PDF's to Plain Text automatically using a PHP script on the server. So far, other solutions like code posted in the comments of the PHP website have been insufficient. All research seems to point to XPDF.

View 1 Replies View Related

Caching On Shared Server - Security For Local Cache Directory?

Mar 13, 2011

I am working with this script: http:[url]....Basically the instructions recommend not to use caching if it will be used on a shared server. Now I am using another script which dynamically generates a gif image from a font file and the text I provide and stores it in a local cache drive. Here is part of that code:

$hash = md5(basename($font_file) . $font_size . $font_color .
$background_color . $transparent_background . $text) ;
$cache_filename = $cache_folder . '/' . $hash . $extension ;[code].....

So my 2 questions are:

1) For the code I pasted here, is there any security issue?

2) And can I just use this piece of code which is used for caching with the website url I provided at the beginning ( http:[url]... ) Basically replace their caching method with this one to avoid security issues as mentioned. Or do you recommend some other method?

View 1 Replies View Related

ADVERTISEMENT