by dabempire | Feb 26, 2011 | Knowledgebase, Scripting (HTML, PHP, Perl/CGI)
Phpsuexec is a deprecated feature in cPanel where php is setup as cgi instead of apache module. All shared hosting servers for HostingWebsitez have been updated from phpsuexec to suPHP. This KB applies to such clients that are still using phpsuexec on their VPSs/Dedicated servers. Phpsuexec brings a new level of security to the way php is used. 1) php scripts execute using the permissions of userid of the account holder instead of user “nobody” 2) world writable folders (chmod 777) is not required for file uploads through php 3) The php file need to have ownership of the user to execute in the user account (by default it is). 4) php file (script) does not need 755 permissions. 644 is fine. In fact 400 or 600 is ok too (especially good for sensitive information). 5) php_flag or php_value can NOT be used in .htaccess files (It will result in Internal Server Error). 6) The php flags that do not work in .htaccess can be moved to php.ini file in the same folder where php script exists. However, the php flag/value will be in the format of php.ini and not that of .htaccess. For example this from .htaccess php_flag register_globals off will go into php.ini as: register_globals off If php.ini exists in the folder where the php scripts exists, it will take all values from it (and nothing will be taken from main php.ini. 7) If the folder that contains a php file/script is world writable (chmod 777), it will result in Internal Server Error. This is similar to cgi/perl scripts under suexec that do not like such permissions...
by dabempire | Feb 26, 2011 | Knowledgebase, Scripting (HTML, PHP, Perl/CGI)
This is a development issue and is explained in the php manual: http://www.php.net/session There is great security risk in doing that but if you are being forced to do that for some reasons, you can do that by placing a php.ini file in the folder where you want to do that, and disable cookies for sessions and enable transparent sid support in php.ini i.e. session.use_cookies = 0 session.use_trans_sid = 1 Note: The above instructions for php.ini file are for our shared/sdx account where phpsuexec is enabled and you can get php.ini file from your control...
by dabempire | Feb 26, 2011 | Knowledgebase, Scripting (HTML, PHP, Perl/CGI)
Yes, HTTP authentication works fine through PHP.
by dabempire | Feb 26, 2011 | Knowledgebase, Scripting (HTML, PHP, Perl/CGI)
This can be correctly answered by the developer/vendor of your web applications. If they say that the application will work fine in php5, then you can switch/upgrade to php5. Any application developed for php5 specifically should of course not work in php4, but there is a high probability that an application developed for php4 may work in php5 if it does not use any functionality that is obsolete or deprecated. But again the developer/vendor can provide you a definite...
by dabempire | Feb 26, 2011 | Knowledgebase, Scripting (HTML, PHP, Perl/CGI)
get_browser is a php function that tells what the user’s browser is capable of [1]. You can place php.ini in your account and add this capability. You can get the latest php.ini file for php4 from your control panel or from our FAQ pages. Once you have placed the php.ini in the appropriate folder, please edit php.ini and uncomment this: browscap = browscap.ini Now you need browscap.ini which you can download from [2] “php_browscap.ini Use only with PHP!” A special version of browscap.ini for PHP users only! Please download that file, rename it to browscap.ini and place it somewhere in your account as referenced from the php.ini...
