The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP 4.4.2 and PHPSuexec

Discussion in 'General Discussion' started by tAzMaNiAc, Feb 16, 2006.

  1. tAzMaNiAc

    tAzMaNiAc Well-Known Member

    Joined:
    Feb 16, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sachse, TX
    I just recognized that a few of my servers will not like local php.ini parameters that users use for modifying so that their applications work better.

    Any idea what happened. Did PHP change some security hole or something to be more secure?

    Before I would do this:

    Main php.ini -- all good stuff in there..
    .
    user's directory with php app i.e. gallery or WHMAP: Use local php.ini to specify paramters to modify i.e. changing the session directory to local /tmp file for the user.


    Now cPanel tells me that it was always a behavior of the module part. I am confused since module = .htaccess and phpsuexec = local php.ini and not .htaccess.

    Anyone want to shed light on this? I know I'm not stupid and cPanel is telling me as if I was from another world and "this is supposed to not be doing it".. I had it like this for a couple years!!!!

    Brenden
     
  2. tAzMaNiAc

    tAzMaNiAc Well-Known Member

    Joined:
    Feb 16, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sachse, TX
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Have you checked in a local phpinfo() whether the changes you're making in the local php.ini are taking or not? That might be the first place to start - certainly sounds odd.
     
  4. tAzMaNiAc

    tAzMaNiAc Well-Known Member

    Joined:
    Feb 16, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sachse, TX
    It's supposed to work that way right?

    PHPSuexec = local php.ini with values to modify instead of php_value in .htaccess.

    Seems when I use it it will bomb the program and load defaults as if it didn't load the main php.ini but defaulted to load the local php.ini only.

    Brenden
     
  5. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,384
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    I think you need to copy the php.ini from the default location (perhaps /usr/local/Zend/etc/php.ini but it could be different) to the directory that contains these PHP scripts on your account. Then you will need to adjust the php.ini file so that it contains the modified values as stated on the link your provided. Simply placing a php.ini file in that directory solely with the values you have listed, then it is not loading the other values from the main php.ini file. This means that some values may not be properly represented, because the PHP scripts in your directory is only loading the stated values in the php.ini file in that directory.
     
  6. tAzMaNiAc

    tAzMaNiAc Well-Known Member

    Joined:
    Feb 16, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sachse, TX
    That would be an excelent workaround only it didn't need to do that *before*. That is my point..

    Just wondering what changed.


    Server #1: PHP 4.4.2, RH 7.3 (don't laugh), PHPSuexec.
    Copied it to Server #2.

    Server #2: PHP 4.4.2, RH Enterprise 3, PHPSuexec.

    Both updated to latest.

    Server #1 works just fine with local php.ini only m odifying the needed values.

    New Server #2 refuses to.

    I also found that my other RHEL 3 boxes do the same behavior after I updated to php 4.4.2 or maybe sometime before that. Just wondering what's different.. heh..

    Brenden
     
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Brenden,

    Have you gone down the directories trees on both servers (working and non-working) of /home right down to where the local php.ini is and checked whether the file permissions/ownerships are equivalent.

    Also, compare the two servers main php.ini

    Lastly, just incase, check httpd.conf and make sure that the mod_php modules have indeed all been removed, just incase on the non-working server you're using the module without realising it ;)
     
  8. 4u123

    4u123 Well-Known Member
    PartnerNOC

    Joined:
    Jan 2, 2006
    Messages:
    765
    Likes Received:
    1
    Trophy Points:
    18
    Ive noticed something similar...

    In previous PHP versions if a user wanted to override certain ini setting in their own ini file they could do this - such as register_globals etc. If their application required Zend - it would work fine.

    Recently since upgrading to 4.4.x I've noticed that the same users are now having a problem - their application is saying that zend is not installed. Adding the zend includes into their php.ini file circumvensts this but it was never required before. Its a pain in the ass because the zend includes are version specific and the customer will need to change their ini file every time we upgrade zend.

    Its as though their ini file replaces the servers, instead of the specific variables overriding it.
     
    #8 4u123, Feb 18, 2006
    Last edited: Feb 18, 2006
  9. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    The entire local php.ini file has always been required. If the local php.ini file only has a few values then the defaults for the missing values are loaded - they are not loaded from serverwide php.ini. phpsuexec will load one php.ini file only. It has been this way for as long as i've been using phpsuexec (couple of years).
     
  10. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,384
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page