Where is my master’s degree coder when I need him. Taking a day off, that’s where. Argh!
sendmail requires the -t switch
That much I know.
About PHP: It isn’t the $, it’s these:
From the KBase:
If you are having trouble with PHP commands like backticks (``), system(), exec(), passthru(), and others that spawn external commands, or are having trouble with errors like:
open_basedir Restrictions in effect, file is in wrong directory
Then you’ve written a script that doesn’t quite conform to our security standards.
We implement strict security for PHP scripts run by Apache, because otherwise, none of our users would be able to sufficiently secure sensitive information (like Database passwords)!
Because PHP normally runs as part of Apache, it runs as Apache’s user and group. This differs from CGI scripts, which, because they run as a separate process outside Apache, run as the owner’s user and group.
To protect your PHP scripts, we’ve disallowed all PHP functions that would let one user possibly open another user’s script (and see sensitive stuff like passwords). Our restrictions work in two parts:
1: OPEN_BASEDIR RESTRICTIONS
open_basedir restrictions prevent any of PHP’s file opening commands from working on any files outside of /home/youruser. Files BELOW that directory WILL WORK:
/home/youruser/phpstuff/some/more/dirs/file.info IS OK! PHP CAN OPEN IT!
If you need to open files in another user’s home directory (assuming both are under you account, of course!) contact TS and they will happily make an exception for you.
NOTE: There have been some strange bugs that appeared with respect to open_basedir. Sometimes files that ARE in your home directory trigger an open_basedir error when they really shouln’t. Notify support when this happens.
2: DISABLED EXECUTION FUNCTIONS
We have disabled the backticks operator (``), system(), exec(), passthru(), and dl() because all of these functions could be used to run naughty external processes as Apache’s user.
If you need to use these functions, we have provided a second PHP system, PHP-CGI, which runs all your PHP scripts as if they were CGI’s, so they run as your user and group. There are no restrictions on these scripts (not even open_basedir restrictions).
TO HAVE A SCRIPT RUN AS PHP-CGI, simply rename the script so that it ends in .pcgi instead of .php.
If you have lots of files you don’t want to rename, and are sure that all files named .php should be run as PHP-CGI, you can make an .htaccess file containing this:
AddType php-cgi .php
Contact support if you have any questions!
FROM DH ANNOUNCEMENTS (Go to your web panel. => STATUS => ANNOUNCEMENTS)
FROM DH 9-10-2001
The first security change will be that your PHP scripts will only be allowed to open other files that reside within your home directory. You WILL be able to share code between domains as long as both are under the same user.
However, if you need to share code between domains that are not in the same user’s home directory we will be able to do a custom setup for you to work around the new restriction. Contact support (email@example.com) and let them know that you’re a special case.
This restriction will be enforced sometime midday (Pacific time) on Monday September 24th.
The second restriction will prevent any PHP script from executing any external commands. The backticks (``) operator will be disabled, as will the system(), passthru(), exec(), and all other related functions that execute external commands. We’re really sorry to have to do this, but it is in everyone’s best interests.
HOWEVER, fear not! We are working around this problem as well. If you desperately need to execute functions from PHP, you will be able to run your scripts as normal CGIs which will then run as your user and group. We haven’t finished the implementation of this feature but it will be ready soon. We absolutely WILL NOT turn off execution without people convert their scripts. It should be painless and pretty much just involve changing the file extension to something like .pcgi.
The execution of all external commands from within PHP scripts will be disallowed as of Monday, October 8, 2001.
Hope that helps. If not, ask again. I notice that the script you have up there is for a header call. Am I right? What are you trying to do?
zentao web design, graphic art and design at www.zentao.com
zentao7, Gallery of Artists and Speculative Novel Writers Groups