I've recently decided to switch from compiled Apache/PHP to RPM's of
both and I'm having a problem I can't seem to solve. I have a Perl
script called php_include.cgi that parses a PHP file for inclusion. It
does this by running "php -f [php include file]" but unfortunately it
no longer works with the RPM:
----------
Security Alert! The PHP CGI cannot be accessed directly.
This PHP CGI binary was compiled with force-cgi-redirect enabled. This
means that a page will only be served up if the REDIRECT_STATUS CGI
variable is set, e.g. via an Apache Action directive.
For more information as to why this behaviour exists, see the manual
page for CGI security.
For more information about changing this behaviour or re-enabling this
webserver, consult the installation file that came with this
distribution, or visit the manual page.
----------
The RPM for PHP obviously compiles with --enable-force-cgi-redirect.
If I either set cgi.force_redirect = 0 in php.ini or set
$ENV{REDIRECT_STATUS}="200"; in my Perl script, this error goes away,
as expected.
The weird part is that I do something like this in my Perl:
print `/usr/bin/php -f /var/www/html/includes/footer.php`;
Which you would expect to parse and output footer.php. Oddly, it
prints the contents of php_include.cgi (the calling Perl script)
instead! If I run the exact same command in a shell (even as my apache
user) it works correctly. When called from the web, it displays the
Perl script, not the php.
I've confirmed this a bunch of different ways.
Yes, I know I could blame this on the RPM, but I'd like to move to a
"standardized" load if possible... Makes updates easier... Also, this
one's got my curiosity...
Any help or insight would be appreciated.
Thanks
Mike
