Department of Computing | Imperial College |
PHP |
This page needs updating - mail us if you have any queries.
The benefit of using the CGI version of PHP is that the permissions on the file can be more strict. Either as a personal user or as a group member (with group webspace), you can hide data like passwords from malicious users.
The following example shows files, permissions and a test script for a user called 'help'.
CGI setup for user help |
$ pwd /homes/help/public_html $ ld -lad /homes/help/public_html drwxr-xr-x 20 help csg 8192 Feb 1 14:10 ./ $ ls -la test.cgi -rwx------ 1 help csg 44 Feb 1 13:45 test.cgi $ cat test.cgi #!/usr/bin/php <?php echo "hello world"; ?> |
Notice that the file suffix is .cgi
, but .php
will be understood as CGI as well. At the top of the file
we have added the directive #!/usr/bin/php
. Finally the
permissions mean that only the user may read, write and execute this file.
How does the webserver serve this page? For a definitive answer see
the Apache suEXEC pages.
Files must be in Unix format, not Windows. The Programmer's File Editor
(Start -> Programs -> Editors -> PFE
) on Windows workstations
has an option under "File/Save As" to use Unix format, or from the Linux
command line dos2unix
can be used to convert Windows files.
Pay particular attention to the permissions on the containing directory. The group must match your primary group and under no circumstances must group or other have write permissions. The same is true of the CGI file itself.
Finally, help goes to http://www.doc.ic.ac.uk/~help/test.cgi to view the results.
Errors can be checked in the suexec log which for home directory accesses is now in/vol/wwwhomeslogs/suexec_log
/vol/project/...
).
chmod g+s
done on
them to cause newly created files and directories inside them to inherit
the parent directory group (eg. g0436204B) rather than using the creating
user's primary group (eg. jmc3).
public_html
should be accessible by "other" at all - and
they should be readable and executable only.
PEAR is short for "PHP Extension and Application Repository". PEAR libraries are available both on the webserver and on user workstations. While we establish a reliable mechanism for maintaining the DoC PEAR install, there may be differences between packages installed on the webserver and elsewhere.
Webserver installed PEAR packages |
Installed packages: =================== +----------------------+---------+--------+ | Package | Version | State | | Archive_Tar | 1.0 | stable | | Auth | 1.2.0 | stable | | Auth_HTTP | 1.0.1 | stable | | Auth_SASL | 1.0.0 | stable | | Cache | 1.5.2 | stable | | Cache_Lite | 1.0.1 | stable | | Config | 1.1 | beta | | Console_Getopt | 1.0 | stable | | Console_Table | 1.0 | stable | | DB | 1.3 | stable | | DBA | 1.0 | stable | | DB_DataObject | 0.14 | stable | | DB_QueryTool | 0.9.2 | stable | | Date | 1.3 | stable | | File | 1.0.3 | stable | | File_Find | 0.2.0 | stable | | File_HtAccess | 1.0.0 | stable | | File_SearchReplace | 1.0.1 | stable | | HTML_Common | 1.0 | stable | | HTML_Crypt | 1.1 | stable | | HTML_Form | 1.0 | stable | | HTML_Javascript | 1.0.0 | stable | | HTML_QuickForm | 2.7 | stable | | HTML_Select_Common | 1.1 | stable | | HTML_Table | 1.3 | stable | | HTML_Template_IT | 1.1.1 | stable | | HTML_Template_Xipe | 1.7.2 | stable | | HTML_TreeMenu | 1.1.2 | stable | | HTTP | 1.2 | stable | | HTTP_Request | 1.1.1 | stable | | HTTP_Upload | 0.8.1 | stable | | Image_Color | 0.4 | stable | | Image_GIS | 1.0.0 | stable | | Image_GraphViz | 1.0.1 | stable | | Log | 1.6.0 | stable | | Mail | 1.0.2 | stable | | Mail_Mime | 1.2.1 | stable | | Mail_Queue | 1.0 | stable | | Math_Basex | 0.2 | stable | | Math_Integer | 0.8 | stable | | Math_TrigOp | 1.0 | stable | | Net_CheckIP | 1.1 | stable | | Net_DNS | 0.03 | stable | | Net_Dict | 1.0.3 | stable | | Net_Dig | 0.1 | stable | | Net_Finger | 1.0.0 | stable | | Net_NNTP | 0.1 | stable | | Net_POP3 | 1.2 | stable | | Net_Ping | 1.0.1 | stable | | Net_Portscan | 1.0.1 | stable | | Net_SMTP | 1.1.2 | stable | | Net_Socket | 1.0.1 | stable | | Net_URL | 1.0.7 | stable | | Net_UserAgent_Detect | 1.0 | stable | | PEAR | 1.0.1 | stable | | PEAR_Frontend_Web | 0.2.2 | beta | | Pager | 1.0.7 | stable | | Pager_Sliding | 1.3 | stable | | Payment_Clieop | 0.1.1 | stable | | Science_Chemistry | 1.0.3 | stable | | Stream_SHM | 1.0.0 | stable | | System_Command | 1.0 | stable | | TCLink | 3.3.1 | stable | | Translation | 1.2.3 | stable | | Var_Dump | 0.2 | stable | | XML_CSSML | 1.1 | stable | | XML_Parser | 1.0 | stable | | XML_RPC | 1.0.4 | stable | | XML_RSS | 0.9.1 | stable | | XML_Transformer | 0.8 | stable | | XML_Tree | 1.1 | stable | | XML_fo2pdf | 0.97 | stable | | XML_image2svg | 0.1 | stable | +----------------------+---------+--------+ |
CSG / 2003 |