ID: 44801 User updated by: twm at twmacinta dot com Reported By: twm at twmacinta dot com -Status: Feedback +Status: Open Bug Type: CGI related Operating System: Red Hat Enterprise Linux ES 3 PHP Version: 5.2.5 Assigned To: fb-req-jani New Comment:
Aha, that set off a spark. I think I found something useful... The test script actually worked when I tried this: ./configure --disable-all --disable-cgi Then, I tried no flags at all, and it still worked: ./configure So I went through all of the flags I used originally and discovered that the problem appears when all I add is the safe-mode flag: ./configure --enable-safe-mode Here's the output: ---- Before: 'Tim'\''s Test' After: sh: line 1: /usr/local/php/bin/echo: No such file or directory ---- Note that it was looking for "echo" at a different path. When I created the directory that it was looking for and copied "echo" there, then I got the same incorrect output as before: ---- Before: 'Tim'\''s Test' After: Tim\s Test' ---- So the problem occurs when safe-mode is compiled into the executable even though I am not using safe mode when running the script. I'm using "php -n" which should avoid safe mode (right?) and my "php.ini" also turns safe mode off. I checked the other versions of PHP which I reported on earlier, and the versions which behaved incorrectly had safe mode compiled in but turned off, and those that behaved correctly did not have safe mode compiled in at all. Previous Comments: ------------------------------------------------------------------------ [2008-04-24 18:01:39] [EMAIL PROTECTED] Can you try with this instead: # rm -f config.cache # ./configure --disable-all --disable-cgi ie. Eliminate everything but the core. :) ------------------------------------------------------------------------ [2008-04-24 17:52:47] twm at twmacinta dot com I was actually using the "-n" flag from the start, so that moving part was already eliminated. Here are my "./configure" and "make install" commands: ---- CONF_OLD_PREFIX=/usr CONF_PREFIX=/var/tmp2/php5_take2/targ CONF_SYSCONFDIR=${CONF_PREFIX}/etc CONF_BINDIR=${CONF_PREFIX}/bin ./configure \ --prefix=${CONF_PREFIX} \ --with-config-file-path=${CONF_SYSCONFDIR} \ --enable-force-cgi-redirect \ --enable-fastcgi \ --disable-debug \ --enable-pic \ --disable-rpath \ --enable-inline-optimization \ --with-bz2 \ --with-curl \ --with-dom=${CONF_PREFIX} \ --with-exec-dir=${CONF_BINDIR} \ --with-freetype-dir=${CONF_PREFIX} \ --with-png-dir=${CONF_PREFIX} \ --with-gd \ --enable-gd-native-ttf \ --with-ttf \ --with-gdbm \ --with-gettext \ --with-db4 \ --with-ncurses \ --with-gmp \ --with-iconv \ --with-jpeg-dir=${CONF_PREFIX} \ --with-mm \ --with-openssl \ --with-png \ --with-pspell \ --with-regex=system \ --with-xml \ --with-domxml \ --with-expat-dir=${CONF_PREFIX} \ --with-zlib \ --with-layout=GNU \ --enable-mcal \ --enable-bcmath \ --enable-debugger \ --enable-exif \ --enable-ftp \ --enable-magic-quotes \ --enable-safe-mode \ --enable-sockets \ --enable-sysvsem \ --enable-sysvshm \ --enable-discard-path \ --enable-track-vars \ --enable-trans-sid \ --enable-yp \ --enable-wddx \ --without-oci8 \ --with-imap=shared \ --with-mcrypt \ --with-imap-ssl \ --with-kerberos=/usr/kerberos \ --with-ldap=shared \ --with-mysql=shared,${CONF_PREFIX} \ --with-pgsql=shared \ --with-snmp=shared,${CONF_PREFIX} \ --with-snmp=shared \ --enable-net-snmp-hack \ --with-unixODBC=shared,${CONF_OLD_PREFIX} \ --enable-memory-limit \ --enable-bcmath \ --enable-shmop \ --enable-versioning \ --enable-calendar \ --enable-dbx \ --enable-dio \ --enable-mbstring \ --enable-mbstr-enc-trans make install INSTALL_ROOT=/var/tmp2/php5_take2/targ ------------------------------------------------------------------------ [2008-04-24 17:44:49] [EMAIL PROTECTED] Next obvious question is: How did you build PHP? ie. What configure line, etc. Also to eliminate every last moving parts: run the script like this: # php -n script.php ------------------------------------------------------------------------ [2008-04-24 17:23:47] twm at twmacinta dot com Good idea. I modified my test script as suggested. Here's the output on RHEL3 with the CVS snapshot php5.2-20080423123: ---- Before: 'Tim'\''s Test' After: sh: line 1: /var/tmp2/php5_take2/targ/bin/Tim\s: No such file or directory ---- In case you're wondering about the path, I set "./configure --prefix" to "/var/tmp2/php5_take2/targ" so that I could install it there and test it before overwriting my old PHP 4 installation. PHP 4 on the same machine gives the same output as above, except that it's the usual "/usr/bin/" path. For comparison, here's the output on my other RHEL3 server which has the latest, default version of PHP 4.3 from Red Hat: ---- Before: 'Tim'\''s Test' After: sh: line 1: /usr/bin/'Tim'\''s: No such file or directory ---- I also ran the revised test on Mac OS X 10.5, which has PHP 5.2.5, to get what is the correct output (i.e., what you got): ---- Before: 'Tim'\''s Test' After: sh: Tim's Test: command not found ---- ------------------------------------------------------------------------ [2008-04-24 11:09:06] [EMAIL PROTECTED] ]$ php t.php Before: 'Tim'\''s Test' After: Tim's Test So it works fine using latest CVS (for me). You're using /bin/echo there, what if you simply do this: <?php header("Content-Type: text/plain"); $textEscaped = escapeshellarg("Tim's Test"); print("Before: {$textEscaped}\n"); print("After: "); passthru($textEscaped); ?> That would eliminate one "moving part" here.. Just check the resulting error message what it has. :) ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/44801 -- Edit this bug report at http://bugs.php.net/?id=44801&edit=1