#25753 [Com]: php_value|flag / php_admin_* settings "leak" from vhosts/.htaccess files
ID: 25753 Comment by: joris at ideeel dot nl Reported By: [EMAIL PROTECTED] Status: Critical Bug Type: Apache related Operating System: * PHP Version: 4CVS, 5CVS New Comment: We experience this problem, but different PHP programs are differently susceptible to it problem: extra slashes before quotation marks (\" instead of ") vulnerable: PHPsysinfo & PHPnuke not vulnerable: Squirrelmail, phpBB, phpMyAdmin Tested on RH73 standard setup. joris Previous Comments: [2003-11-28 10:07:31] blitzer at cutery dot fi A workaround I did seems to work until this is fixed: make php.ini automatically prepend a .php file that will reload the variables from the .ini file. [2003-11-08 12:38:07] simon at implix dot com We have a similar problem. We've got overlapping virtualhosts (as they are required for one of our application) and sometimes PHP returns register_globals = Off, even though = On is set in php.ini. We are using php 4.3.4 + apache 2.0.48. The problem doesn't exist when we use php 4.3.1. [2003-10-30 09:35:44] fs at nessus dot at no thats false. this bug occours on apache 1.3.x too (tested it with 1.3.27). i think thats very essential... greetings, Florian Schicker www.nessus.at [2003-10-28 04:13:33] mattias at segerdahl dot info This bug only appears when and if you have overlapping virtualhosts in apache2. Using fqdn's that have IN A or CNAME to an ipaddress on the server seems to fix it. This is only an observation that seems to have gotten rid of the problem for me. // bad2da [2003-10-22 04:01:39] mattias at segerdahl dot info Sniper, I accidently ran into this bug a few moments ago. I talked to Derick about it in the channel and we agreed I would do some testing. There are some particular strange behaviour. I will try to explain as well as include the files needed to reproduce this error. But first let me point out one thing that I find really weird. This only occurs when the apache server has not been accessed for a while, if you reload the page directly after you've encountered this error message, it will work perfectly. The error message is: Warning: Unknown(): open_basedir restriction in effect. File(/var/www/users.bitcom.se/index.php) is not within the allowed path(s): (/var/www/www.sol.se) in Unknown on line 0 Warning: Unknown(/var/www/users.bitcom.se/index.php): failed to open stream: Operation not permitted in Unknown on line 0 Warning: (null)(): Failed opening '/var/www/users.bitcom.se/index.php' for inclusion (include_path='.:/usr/local/php//lib/php') in Unknown on line 0 My php.ini file http://www.segerdahl.info/25753/php.ini My httpd.conf file http://www.segerdahl.info/25753/httpd.conf Server version: Apache/2.0.47 Server built: Oct 20 2003 18:39:21 PHP 4.3.4RC4 configured as: './configure' '--with-apxs2=/usr/local/httpd/bin/apxs' '--enable-mbstring' '--with-pear' '--with-mysql' '--enable-magic-quotes' '--with-ftp' '--sysconfdir=/etc/php' '--with-config-file-path=/etc/php' '--prefix=/usr/local/php/' '--enable-mbstring' '--with-curl' '--enable-ftp' APACHE configured as: ./configure --sysconfdir=/etc/httpd/conf --enable-ssl --prefix=/usr/local/httpd --enable-modules=dso,most Contact me on efnet if you need more information... // bad2da The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/25753 -- Edit this bug report at http://bugs.php.net/?id=25753&edit=1
#26444 [Opn]: magic_quotes turned on at random
ID: 26444 User updated by: joris at ideeel dot nl Reported By: joris at ideeel dot nl Status: Open Bug Type: *Configuration Issues Operating System: RH73 PHP Version: Irrelevant New Comment: Bug HTML output at: http://eenvoortwee.nl/php_wrong.html Picture at: http://eenvoortwee.nl/php-bug.jpg Notice that the bar graph pictures do load correctly Previous Comments: [2003-11-28 03:34:53] joris at ideeel dot nl Description: Using PHP4.1.2-7.3.6 (standard RH73). Magic_quotes seems to turn on at random, displaying \" in the output instead of ". Reloading the page switches this behaviour between correct and wrong output at random. There is no pattern and sometimes the problem does not appear for hours. Restarting httpd sets PHP pages back to correct output for about 1 hour. We experience the problem with PHPsysinfo and PHPNuke, but not with PHPmyadmin, Squirrelmail or phpBB. I've recompiled PHP without enable_magic_quotes but this does not help. I've added a check for the setting of the magic_quotes variable but this always returns 0, even though slashed quotes are present in the page. PHPinfo can be viewed on http://eenvoortwee.nl/. Upgrading to PHP4.2+ is not really an option unless absolutely necessary (production machine). PHPsysinfo output can be viewed on http://eenvoortwee.nl/si/ Reproduce code: --- http://eenvoortwee.nl/si/ as mentioned; the problem is displayed at random and my not be visible every time. Expected result: SNIP http://bugs.php.net/?id=26444&edit=1
#26444 [NEW]: magic_quotes turned on at random
From: joris at ideeel dot nl Operating system: RH73 PHP version: Irrelevant PHP Bug Type: *Configuration Issues Bug description: magic_quotes turned on at random Description: Using PHP4.1.2-7.3.6 (standard RH73). Magic_quotes seems to turn on at random, displaying \" in the output instead of ". Reloading the page switches this behaviour between correct and wrong output at random. There is no pattern and sometimes the problem does not appear for hours. Restarting httpd sets PHP pages back to correct output for about 1 hour. We experience the problem with PHPsysinfo and PHPNuke, but not with PHPmyadmin, Squirrelmail or phpBB. I've recompiled PHP without enable_magic_quotes but this does not help. I've added a check for the setting of the magic_quotes variable but this always returns 0, even though slashed quotes are present in the page. PHPinfo can be viewed on http://eenvoortwee.nl/. Upgrading to PHP4.2+ is not really an option unless absolutely necessary (production machine). PHPsysinfo output can be viewed on http://eenvoortwee.nl/si/ Reproduce code: --- http://eenvoortwee.nl/si/ as mentioned; the problem is displayed at random and my not be visible every time. Expected result: SNIP http://bugs.php.net/?id=26444&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=26444&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=26444&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=26444&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=26444&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=26444&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=26444&r=needscript Try newer version: http://bugs.php.net/fix.php?id=26444&r=oldversion Not developer issue:http://bugs.php.net/fix.php?id=26444&r=support Expected behavior: http://bugs.php.net/fix.php?id=26444&r=notwrong Not enough info:http://bugs.php.net/fix.php?id=26444&r=notenoughinfo Submitted twice:http://bugs.php.net/fix.php?id=26444&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=26444&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=26444&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=26444&r=dst IIS Stability: http://bugs.php.net/fix.php?id=26444&r=isapi Install GNU Sed:http://bugs.php.net/fix.php?id=26444&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=26444&r=float