ID: 24502 Updated by: [EMAIL PROTECTED] Reported By: gwang at litespeedtech dot com -Status: Open +Status: Bogus Bug Type: CGI related Operating System: Linux PHP Version: 4.3.4 dev Assigned To: shane New Comment:
Read the note above the cgi.fix_pathinfo in php.ini-dist (found in the release tarball). There is no bug. Previous Comments: ------------------------------------------------------------------------ [2003-09-29 16:06:07] gwang at litespeedtech dot com BTW: I tested the latest stable snapshot. ------------------------------------------------------------------------ [2003-09-29 16:03:36] gwang at litespeedtech dot com Thank you for the response. Here is the result. Testing url /phpinfo.php/path/info?a=b is used, when set cgi.fix_pathinfo=0, same result (0 is the default according to the comments in the ini file), "no input file" is returned. set cgi.fix_pathinfo=1, the php information page is returned, but _SERVER["PATH_INFO"] and _SERVER["PATH_TRANSLATED"] contain no value and the vlaue of _SERVER["ORIG_XXXX"] environment variables are all correct. I don't think set cgi.fix_pathinfo=1 is the right fix for this bug. All correct values are provided in the first place, why waste CPU cycles to try to guess them from other sources? I think the cleanest and probably the easiest fix is to provide a configuration directive to skip all the reverse hacking code. best regards, LiteSpeed Team ------------------------------------------------------------------------ [2003-09-29 05:58:48] [EMAIL PROTECTED] No feedback was provided. The bug is being suspended because we assume that you are no longer experiencing the problem. If this is not the case and you are able to provide the information that was requested earlier, please do so and change the status of the bug back to "Open". Thank you. ------------------------------------------------------------------------ [2003-09-24 12:03:07] [EMAIL PROTECTED] Check php.ini for cgi.fix_pathinfo and try setting it to 1 or 0. ------------------------------------------------------------------------ [2003-08-25 16:28:02] gwang at litespeedtech dot com This has not been completely fixed in 4.3.3. When there is no PATH_INFO, it works fine. When PATH_INFO is populated, it breaks. Try something like /phpinfo.php/path/info?a=b The reason it breaks is PATH_TRANSLATED is used as the path to the PHP script file instead of SCRIPT_FILENAME when PAHT_INFO is popluated. As our LiteSpeed web server follows the CGI specification, all the code controled by macro #if !DISCARD_PATH and #if ENABLE_PATHINFO_CHECK are not necessory. If PHP is configured with following options, ./configure --enable-fastcgi --enable-discard-path --disable-path-info-check then the testing URL /phpinfo.php/path/info?a=b works just fine except the PHP and Zend logos are missing due to the wrong value of PHP_SELF. According to the comments in the code that the way PHP_SELF populated is to provide backward compatibility for version before 4.3. My question is, is this another reverse hacking for web server that does not follow CGI spec, like Apache? By doing so, PHP_SELF is happen to be the right value for them? If so, those code should be moved inside the section controled by macro ENABLE_PATHINFO_CHECK or !DISCARD_PATH. I think it is better to seperate the reserve hacking code for Apache's fast CGI interface from the others as it is the only odd guy. The code could be much cleaner. Just some suggestions. Sincerely, LiteSpeed Team . ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/24502 -- Edit this bug report at http://bugs.php.net/?id=24502&edit=1