The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Fopen wrappers

Discussion in 'General Discussion' started by webicom, Nov 16, 2005.

  1. webicom

    webicom Well-Known Member

    Joined:
    Mar 30, 2004
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Slovenia
    Hello,

    Could anyone tell me if it is possible to disable Fopen wrappers (allow_url_fopen = Off) for one account-domain only? I have lots of accounts and it would be to mach work and informing the customers about the change if I turn url fopen off for everyone. One of my customers uses Virtual War v1.5.0 and it is been compromised by this function which is set to "On" for the server.

    I would realy appreciate if somoen could help.

    Regards, Erik
     
  2. lloyd_tennison

    lloyd_tennison Well-Known Member

    Joined:
    Mar 12, 2004
    Messages:
    698
    Likes Received:
    1
    Trophy Points:
    18
    How about using a different php.ini for just that user?
     
  3. webicom

    webicom Well-Known Member

    Joined:
    Mar 30, 2004
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Slovenia
    Hm....good idea. I will try and will inform you if it is working.

    Erik
     
  4. webicom

    webicom Well-Known Member

    Joined:
    Mar 30, 2004
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Slovenia
    One more thing. If Im right, I must add the command to apache conf file? If so, what is the command?

    Regards, Erik
     
  5. PanelGuy

    PanelGuy Well-Known Member

    Joined:
    Oct 13, 2004
    Messages:
    106
    Likes Received:
    0
    Trophy Points:
    16
    From what I know of this, if you go that route, you have to make a php.ini for Everyone, Individually. For new uses, not too hard, since you could use the cpanel-skel, but for existing users...

    Of course, I may be wrong about this, but the last time I looked into it, that was the impression I got and why I backed off the idea.

    If, I am wrong, someone please correct me and explain how to do it so that you can have a global and only Some individual ones.
     
  6. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    You're right if the system in question has phpsuexec enabled.

    If so, you can create local php.ini files. If a PHP script finds a php.ini file in the directory from which it is executing, the settings in the php.ini file will, in general, override whatever might be present in the global php.ini. There are probably some config settings that are an exception, although I'm not aware of any off the top of my head.
     
  7. lloyd_tennison

    lloyd_tennison Well-Known Member

    Joined:
    Mar 12, 2004
    Messages:
    698
    Likes Received:
    1
    Trophy Points:
    18
    So you are saying that you definitely need a full php.ini in evry user's account in you are running phpsuexec?
     
  8. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    No, you don't. php.ini files that are kept locally only need variables that you want that are different to the main php.ini file.
     
  9. lloyd_tennison

    lloyd_tennison Well-Known Member

    Joined:
    Mar 12, 2004
    Messages:
    698
    Likes Received:
    1
    Trophy Points:
    18
    That's what I would have thought - but I put a php.ini under www and used a different variable - register_globals = on and it ignored it. I also tried putting
    PHP:
     at the top of the file.  Permissions were 644 and it was owned by the user.  If I turned register_globals off in the main php.ini and turned it on in the user php.ini nothing. (I did restart apache - and had a script fail in another uer that used register_globals so I know that the php.ini change took.  I also saw that the add did not take in singel user.)

    Phpsuexec is running - and I was really hoping to use that as I hate having register_globals on for everyone.

    Is there something I am missing?
     
  10. webicom

    webicom Well-Known Member

    Joined:
    Mar 30, 2004
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Slovenia
    Thank you chirpy. Your advice work for me. I have place the php.ini file in users directory where I dont whant his php script to use register_globals On and I turned register_globals to Off and it is working. Thank you wery much. If any one else need this option, just place the php.ini file in the exactly the same directory where you whant to have diferent php settings and should work. Im using apache 1.3.34 and php 4.3.11.

    Regards, Erik
     
  11. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Lloyd,

    As Erik says, you do need to put the php.ini file in the same directory as the php scripts for it to take effect. I don't believe it works in the same way as .htaccess where that applies to that dir plus all subdirs, with php.ini it only applies to that particular dir.
     
Loading...

Share This Page