Ask a Question related to PHP Development, Design and Development.
-
sniper@php.net #1
#25753 [NEW]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files
From: [email]sniper@php.net[/email]
Operating system: *
PHP version: 4CVS-2003-10-04 (stable)
PHP Bug Type: Apache related
Bug description: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files
Description:
------------
If (for example) one virtualhost configuration has
set "php_admin_flag register_globals off", in some situations the setting
persists between requests.
-> php.ini settings are NOT reset between requests.
1. php.ini has register_globals = On
2. Request is made into [url]www.foobar.com[/url]
(which has "php_admin_flag register_globals off")
3. Next request (same apache child) is made into [url]www.barfoo.com[/url] (which
does not have the setting)
This applies to ALL php.ini directives.
Some related reports:
bug #6374 (include_path in .htaccess across multiple vhosts)
bug #7174 (Round-robin -like values for include_path)
bug #19292 (Random error: open_basedir restriction..)
bug #21564 (corrupted paths coming to open_basedir)
bug #23462 ("php_admin_value open_basedir" in httpd.conf)
bug #23580 (Random values for include_path)
bug #24282 (Strange Open Base Dir Restriction Errors)
bug #24974 (random open_basedir errors)
bug #25172 ($HTTP_HOST sometimes empty)
For all who think they're experiencing this problem:
DO NOT add any comments here unless you have some extra information to
give which is not already given in above mentioned reports.
Any comment which has no extra value will be deleted.
--
Edit bug report at [url]http://bugs.php.net/?id=25753&edit=1[/url]
--
Try a CVS snapshot (php4): [url]http://bugs.php.net/fix.php?id=25753&r=trysnapshot4[/url]
Try a CVS snapshot (php5): [url]http://bugs.php.net/fix.php?id=25753&r=trysnapshot5[/url]
Fixed in CVS: [url]http://bugs.php.net/fix.php?id=25753&r=fixedcvs[/url]
Fixed in release: [url]http://bugs.php.net/fix.php?id=25753&r=alreadyfixed[/url]
Need backtrace: [url]http://bugs.php.net/fix.php?id=25753&r=needtrace[/url]
Try newer version: [url]http://bugs.php.net/fix.php?id=25753&r=oldversion[/url]
Not developer issue: [url]http://bugs.php.net/fix.php?id=25753&r=support[/url]
Expected behavior: [url]http://bugs.php.net/fix.php?id=25753&r=notwrong[/url]
Not enough info: [url]http://bugs.php.net/fix.php?id=25753&r=notenoughinfo[/url]
Submitted twice: [url]http://bugs.php.net/fix.php?id=25753&r=submittedtwice[/url]
register_globals: [url]http://bugs.php.net/fix.php?id=25753&r=globals[/url]
PHP 3 support discontinued: [url]http://bugs.php.net/fix.php?id=25753&r=php3[/url]
Daylight Savings: [url]http://bugs.php.net/fix.php?id=25753&r=dst[/url]
IIS Stability: [url]http://bugs.php.net/fix.php?id=25753&r=isapi[/url]
Install GNU Sed: [url]http://bugs.php.net/fix.php?id=25753&r=gnused[/url]
Floating point limitations: [url]http://bugs.php.net/fix.php?id=25753&r=float[/url]
sniper@php.net Guest
-
#25753 [Com]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files
ID: 25753 Comment by: mazurek at shw-networks dot de Reported By: sniper@php.net Status: Critical Bug Type: ... -
#25753 [Ctl]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files
ID: 25753 Updated by: sniper@php.net Reported By: sniper@php.net Status: Critical Bug Type: Apache... -
#25753 [Opn->Ctl]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files
ID: 25753 Updated by: sniper@php.net Reported By: sniper@php.net -Status: Open +Status: Critical... -
#6374 [Csd]: include_path in .htaccess accross multiple vhosts
ID: 6374 Updated by: sniper@php.net Reported By: jesper at jdn dot dk Status: Closed Bug Type: ... -
Use of php_value in .htaccess is not working
Hello Everyone, I am running Red Hat Enterprise Linux ES release 2.1 (Panama). Originally I was using the Red Hat PHP package. This package was...
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
