ID: 42198 User updated by: hans at parse dot nl Reported By: hans at parse dot nl Status: Open Bug Type: CGI related Operating System: Linux PHP Version: 5.2.4RC1 New Comment:
A little more explanation fyi: The problem is that DOCUMENT_ROOT is always set to the configured document root of the default host or the vhost, even when calling scripts from a userdir. This is not just in Lighttpd/FastCGI, also f.e. in Apache setups. In my testcase DOCUMENT_ROOT is '/var/www/htdocs'. So if i call http://servername/~hans/info.php/foo/bar , We enter this bit of code in init_request_info() in sapi/cgi/cgi_main.c: --- /* figure out docroot SCRIPT_FILENAME minus SCRIPT_NAME */ if (env_document_root) { int l = strlen(env_document_root); int path_translated_len = 0; char *path_translated = NULL; if (l && env_document_root[l - 1] == '/') { --l; } /* we have docroot, so we should have: * DOCUMENT_ROOT=/docroot * SCRIPT_FILENAME=/docroot/info.php * * SCRIPT_NAME is the portion of the path beyond docroot */ env_script_name = pt + l; --- Since env_document_root is pretty much always set, we enter the if. pt is '/home/hans/public_html/info.php' at this point (which is correct). l becomes 15, the strlen of our DOCUMENT_ROOT '/var/www/htdocs'. The "trailing slash check if loop" is skipped since our docroot doesn't have a trailing slash. After this, SCRIPT_NAME is set to pt + l. pt being '/home/hans/public_html/info.php' and l being 15, this results in a invalid SCRIPT_NAME (and thus a PHP_SELF) of 'ic_html/info.php'. My patch adds a userdir check to the 'if (env_document_root)', to prevent from entering this if() with a DOCUMENT_ROOT that doesn't match the actual docroot of the userdir. The code that follows after this if() handles the userdir requests perfectly and results in correct SCRIPT_NAME and PHP_SELF vars. Previous Comments: ------------------------------------------------------------------------ [2007-08-06 16:11:11] hans at parse dot nl ./configure --enable-cgi --enable-fastcgi --enable-force-cgi-redirect --prefix=/usr --sysconfdir=/etc --with-config-file-path=/etc/php --with-openssl --with-bz2 --with-gd --with-mysql --with-mysqli --with-gettext --with-zlib --enable-mbstring --enable-sockets --enable-sysvsem --enable-sysvshm --enable-debug=no Direct link to my patch against php-5.2.3 on lighttpd Trac: http://trac.lighttpd.net/trac/attachment/ticket/405/cgi_main.diff ------------------------------------------------------------------------ [2007-08-06 15:45:15] [EMAIL PROTECTED] What was the configure line used to configure PHP? ------------------------------------------------------------------------ [2007-08-06 08:30:01] hans at parse dot nl Yes, problem found initially in 5.2.3 but i tested and confirmed with 5.2.4RC1 before submitting this bug report. Turning off cgi.fix_pathinfo results in a "No input file specified." message (url being http://servername/~hans/info.php/foo/bar). ------------------------------------------------------------------------ [2007-08-04 14:14:24] [EMAIL PROTECTED] Also, what is the result if cgi.fix_pathinfo = 0 ? ------------------------------------------------------------------------ [2007-08-04 14:13:36] [EMAIL PROTECTED] And you are really using 5.2.4RC1? ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/42198 -- Edit this bug report at http://bugs.php.net/?id=42198&edit=1