Php_value, .htaccess, and PHP5


#1

I found this code I use on another site that replaces the default PHP error messages with something much nicer to look at. It can be found here. (In case you ask, that’s not my site/blog/whatever.)

However, after placing it in my .htaccess file, PHP errors still get displayed as plain text. (example) Disabling extra web security in the domain management panel does not fix it. Am I correct in assuming this is because all PHP scripts seem to get routed through a CGI script before getting executed, thus ignoring any changes the .htaccess file may make? Or is changing PHP environment settings through this method just disabled for abuse/security reasons?

I can’t think of anything to put here that won’t offend somebody


#2

You are pretty much "right, on both questions. DH is running PHP as CGI, under suexec, as a security measure. As such, many of the things that you might be able to change via .htaccess are no longer changeable in the DH environment.

–rlparker


#3

Please correct me if I’m wrong, but wouldn’t executing PHP scripts with superuser privilages be a bad idea? :\

Well, thank you for your quick response. I guess I’ll have to live with plain-text PHP error messages.

I can’t think of anything to put here that won’t offend somebody


#4

I’m with you on that, think it would be a very bad idea! :open_mouth: . Running PHP as CGi under suexec however does not do that, it merely allows the script to run with your privileges (as opposed to those of the webserver), which are somewhat less than those of a superuser in the DH environment. :wink:

This enhances security as there is no need to set permission to world readable or writable when running scripts, and that is a “Good Thing ™”.

I’m hoping somebody has addressed your issue before - I have never looked into it myself, as I have never attempted to improve the quality of PHP error reporting. Maybe google will reveal how someone else has dealt with this?

–rlparker


#5

su doesn’t mean superuser - it stands for “set user(id)”.

su with no username means “root” while you can su user to become a another user (assuming you have the password or certificate)

Wholly - Use promo code WhollyMindless for full 97$ credit. Let me know if you want something else!


#6

You are, of course, absolutely correct :wink: - I didn’t give go in to all that, choosing instead just to indicate what suexec does in the DH environment - I’m glad you took the time to explain more fully! :slight_smile:

–rlparker


#7

Your comment was the critical one, I just thought a “why” might satisfy curiosity. I certainly wasn’t correcting rlparker! (grin)

Wholly - Use promo code WhollyMindless for full 97$ credit. Let me know if you want something else!