After a recent update of PHP we where confronted with sessions getting lost between two files. The two files are of different extensions but both PHP. After research we found the .php files are served Server API Apache 2.0 in PHP version 7.3.22. The proprietary extension (pext) however is served by Server API FPM/FastCGI also in PHP version 7.3.22. We assume this is the reason the session is not transferred.
We use this rule in htaccess to get our proprietary extension served as PHP:
AddType application/x-httpd-php .php .pext
We would like to know how to setup so both extensions are served by the same Server API so the can share session data.
Found it: from php 7.2 another php.conf file is created: php72-php.conf which do not copy the following setting;
<FilesMatch .(php|pext)$>
SetHandler proxy:fcgi://php-fpm
Therefor - as per default - the new php.conf set Server API Apache to php and pext was left with FPM. After adding above and restarting FPM and Apache all was fine and sessions are shared again.
I've got a server that is running Linux Debian and have apache2 and php5 installed but I have no control over its apache configuration. If I create a .htaccess file on the server to do for instance a basic authentication on a directory it works. However if I want to use any extension to be executable as PHP such as file.abc with AddType it makes it downloadable. Although PHP extensions such as php1, php2, php3, php4, php5 and phtml are perfectly executable as PHP on this server.
My Question is If Basic Auth is working but any.ext cannot be executable as PHP does that mean AllowOverride is set to None? Then how basic Auth is working? And am I able to make any.ext executable as PHP on this server?
I completed a php/mysql project for a client and yesterday went about to deploy it onto the client's box - and promptly failed. To be honest, it's my fault I didn't do enough checking before I started - but the project is fully self-contained and I didn't need anything currently on the client's server.
I developed the project using php 5.3 and PDO for mysql connection. When I got access to the client's server, turned out that they have VERY old installation that was last upgraded in 2008 (yes, seriously). They have Apache 2.0 and php 5.2, which is configured/compiled without PDO and with minimum everything.
I do have root access to the server, but I can't go and blindly start upgrading things. They've got a whole live site, with live shopping cart, etc. on that server and any general upgrade of php would require thorough testing. Therefore I'm looking at ways to run my new project using a separate install of php 5.3, which I compiled from sources with all required stuff included and installed into a separate directory (/opt/php53).
I am thinking along the lines of enabling fastcgi on the server and then using that to run php form my separate install. If I do this inside apache <Directory> where my project is install, it should only affect that one directory - and should leave everything else as is. Things are made more complicated because I don't have any kind of test server where I could play/test configurations - I have to work on the live server directly.
I'm wondering whether this fastcgi approach is valid or maybe there are some other options I should consider.
You can try to use different ports on fastcgi for the various PHP versions.
Another approach: http://linuxplayer.org/2011/05/intall-multiple-version-of-php-on-one-server
I've done some further digging/experimenting (taking advantage of the fact that I'm in UK and the client and its customers are in the USA - so it's still night there). The following setup seems to have worked - this utilises php-cgi without recourse to fastcgi - and I still get a good response time.
1) Leave pretty much everything intact in apache httpd.conf file - that includes existing libphp5.so that utilises existing 5.2 installation.
2) Install php 5.3 into a separate directory - in my case /opt/php53.
3) In httpd.conf, add the following (or ensure it's already there)
ScriptAlias /cgi-bin/ /var/www/mainsite/cgi-bin
AddHandler cgi-script .cgi
<Directory /var/www/mainsite/newapp>
Options -Indexes FollowSymLinks +ExecCGI
AllowOverride AuthConfig FileInfo
AddHandler php5-cgi .php
Action php5-cgi /cgi-bin/php.cgi
DirectoryIndex index.php index.html
Order allow,deny
Allow from all
</Directory>
4) In directory /var/www/mainsite/cgi-bin/ create file php.cgi with the following content:
#!/bin/bash
PHP_CGI=/opt/php53/bin/php-cgi
PHP_FCGI_CHILDREN=5
PHP_FCGI_MAX_REQUESTS=1000
### no editing below ###
export PHP_FCGI_CHILDREN
export PHP_FCGI_MAX_REQUESTS
exec $PHP_CGI
5) Restart apache: /etc/init.d/httpd restart
After this, I placed a file with <?php phpinfo(); ?> into the root of the web server and into my newapp directory. Executed from the root of the server it produced (among other things):
PHP Version 5.2.5
Build Date Dec 11 2008 19:04:47
Server API Apache 2.0 Handler
When executed from the newapp directory, it produced:
PHP Version 5.3.28
Build Date Feb 13 2014 17:00:43
Server API CGI/FastCGI
Which is exactly what I want.
There are some tutorials out there telling me how to override PHP configuration when it is running in CGI mode. But I'm still confused because lots of them assume that the server is running on Linux. While I need to do that also on Windows.
My hosting is indeed using Linux but my local development computer is using Windows XP with Xampp 1.7.3. So I need to do that in my local computer first, then I want to change the configuration on hosting server.
The PHP in my hosting server is already run as CGI while in my local computer still run as Apache module.
At this point, the processes that I understand are:
Change PHP to work in CGI mode. I did this by commenting these two line in "httpd-xampp.conf":
# LoadFile "C:/xampp/php/php5ts.dll"
# LoadModule php5_module modules/php5apache2_2.dll
My PHP is now running as CGI. I checked this with phpinfo(). It tells me that the Server API is now CGI/FastCGI. Now I want to override php configuration.
Create "cgi-bin" directory in DocumentRoot. My DocumentRoot is in "D:\www\" (I'm using apache with virtual host). So it is now "D:\www\cgi-bin".
Change the default "cgi-bin" directory settings from "C:/xampp/cgi-bin/" to "D:\www\cgi-bin":
ScriptAlias /cgi-bin/ "D:/www/cgi-bin/"
<Directory "D:\www\cgi-bin">
Options MultiViews Indexes SymLinksIfOwnerMatch Includes ExecCGI
AllowOverride All
Allow from All
</Directory>
Copy 'php.ini' file to "D:\www\cgi-bin" and modify upload_max_filesize setting from 128M to 10M.
Create 'php.cgi' file in "D:\www\cgi-bin" and put these code inside the file:
#!/bin/sh
/usr/local/cpanel/cgi-sys/php5 -c /home/user/public_html/cgi-bin/
That's it. I'm stuck at this point. All of tutorials tell me to create 'php.cgi' file and put shell code inside the file.
How to do the 6th step on Windows? I know the next step is to create handler in .htaccess file to load that 'php.cgi'.
And also, because I will also need to change PHP configuration on my hosting server (Linux), is the 6th step above right? Some tutorial tells to insert these lines instead of above:
#!/bin/sh
export PHPRC=/site/ini/1
exec /cgi-bin/php5.cgi
I'm sorry if my question is not clear. I'm a new member and this is my first question in this site.
Thank you.
If your server is already running PHP as cgi, and you do not need to run multiple PHP configurations, steps 5 and 6 are not necessary. Just change the default php.ini
I have a VisualSVN Server installed on a Windows server, serving several repositories.
Since the web-viewer built into VisualSVN server is a minimalistic subversion browser, I'd like to install WebSVN on top of my repositories.
The problem, however, is that I can't seem to get authentication to work. Ideally I'd like my current repository authentication as specified in VisualSVN to work with WebSVN, so that though I see all the repository names in WebSVN, I can't actually browse into them without the right credentials.
By visiting the cached copy of the topmost link on this google query you can see what I've found so far that looks promising.
(the main blog page seems to have been destroyed, domain of the topmost page I'm referring to is the-wizzard.de)
There I found some php functions I could tack onto one of the php files in WebSVN. I followed the modifications there, but all I succeeded in doing was make WebSVN ask me for a username and password and no matter what I input, it won't let me in.
Unfortunately, php and apache is largely black magic to me.
So, has anyone successfully integrated WebSVN with VisualSVN hosted repositories?
I got WebSVN authentication working with VisualSVN server, albeit with a lot of hacking/trial-error customization of my own.
Here's how I did it:
If you haven't already, install PHP manually by downloading the zip file and going through the online php manual install instructions. I installed PHP to C:\PHP
Extract the websvn folder to C:\Program Files\VisualSVN Server\htdocs\
Go through the steps of configuring the websvn directory, i.e. rename configdist.php to config, etc. My repositories were located in C:\SVNRepositories, so to configure the authentication file, I set the config.php line so: $config->useAuthenticationFile('C:/SVNRepositories/authz'); // Global access file
Add the following to C:\Program Files\VisualSVN Server\conf\httpd-custom.conf :
# For PHP 5 do something like this:
LoadModule php5_module "c:/php/php5apache2_2.dll"
AddType application/x-httpd-php .php
# configure the path to php.ini
PHPIniDir "C:/php"
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
<Location /websvn/>
Options FollowSymLinks
AuthType Basic
AuthName "Subversion Repository"
Require valid-user
AuthUserFile "C:/SVNRepositories/htpasswd"
AuthzSVNAccessFile "C:/SVNRepositories/authz"
SVNListParentPath on
SVNParentPath "C:/SVNRepositories/"
</Location>
This worked for me, and websvn will only show those directories that are authorized for a given user. Note that in order for it to work right, you have to provide "Main Level" access to everybody, and then disable access to certain sub-directories for certain users. For example, I have one user who doesn't have main level access, but does have access to a sub-level. Unfortunately, this person can't see anything in websvn, even if he links directly to filedetails.php for a file he's authorized to see. In my case it's not a big deal because I don't want him accessing websvn anyway, but it's something you'll want to know.
Also, this sets the server up for an ssl connection, so once you've set it up, the address will be and https:// address, not the regular http://.
I'm using VisualSVN Server and I just got done installing Trac. My goal was to get a better web-based repository browser, and Trac is definitely one of the better ones I've seen for Subversion. Go to http://www.visualsvn.com/server/trac/ installation is really quite straightforward. Yes, Trac has a ticket tracking and a wiki system, which you may not be looking for, but the repository and log browser sell it for me.
Now, I have found that it is possible to disable the wiki and ticket tracking systems that come with Trac through simply appending
[components]
trac.ticket.* = disabled
trac.wiki.* = disabled
to the end of the trac.ini configuration file. This causes the start page of the wiki to throw an error that the wiki module cannot be found so you have to set Trac to open with either the Timeline (log view) or Repository Browser on startup by editing the trac.ini again by adding the following under the [trac] heading:
for the log timeline as default
default_handler = TimelineModule
for the repository browser as default
default_handler = BrowserModule
I got this to work with windows authentication (which is actually AuthType VisualSVN) The trick is to comment out the svn auth and replace it with the same sort of auth text found in the main config file. Thanks to Anthony Johnson for working out all the other details.
# For PHP 5 do something like this:
LoadModule php5_module "F:/wamp/bin/php/php5.3.0/php5apache2_2.dll"
AddType application/x-httpd-php .php
# configure the path to php.ini
PHPIniDir "f:/wamp/bin/php/php5.3.0/"
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
#Alias /websvn/ "F:/Program Files/VisualSVN Server/htdocs/websvn-2.3.1/"
<Location /websvn-2.3.1/>
Options FollowSymLinks
AuthName "Subversion Repositories"
AuthType VisualSVN
AuthzVisualSVNAccessFile "F:/Repositories/authz-windows"
AuthnVisualSVNBasic on
AuthnVisualSVNIntegrated off
AuthnVisualSVNUPN Off
Require valid-user
SVNListParentPath on
SVNParentPath "f:/Repositories/"
</Location>
If you are looking for a web-based repository browser which is more feature-rich than the default one and you use VisualSVN Server, then upgrade to VisualSVN Server 3.2 or newer.
VisualSVN Server has a rich web interface for Subversion repositories. Unlike WebSVN, VisualSVN Server's built-in web client works out of the box and does not require an administrator to perform any configuration tasks.
You can see the live demo here: http://demo-server.visualsvn.com/!/
I am the author of the article you mentioned. The information I published was only meant for WebSVN running on IIS. It is my understanding that the software should "just work" when you use PHP on Apache, although I have never set it up in that environment. Have you tried doing some "echo"-debugging (for the lack of a better term) to see where exactly the authentication fails?