I have a quick question about changing the file types PHP parses. This website gave this line:
AddType application/x-httpd-php .php
But I'm not clear what file this goes into. Any help would be appreciated - thanks!
That line goes into a file called .htaccess, that changes the Apache server configuration for the folder it is on, and all its subfolders (Unless otherwise specified)
Your server should parse php files with the .php file extension by default though. You could use that to add custom file formats for example.
To parse .mp4 files, like you said in the comments, add to your .htaccess:
AddType application/x-httpd-php .mp4
You need to write that in your .htaccess file.
That makes Apache parse .php files through the PHP interpreter.
You can either add that to your .htaccess or httpd.conf file, depending on what you have access to.
Related
for a certain folder on my local Apache-Server (running with Ubuntu) I'd like that all *php-files will be displayed as if they were plain text-files. I need this since I only want to see the source code of these files and NOT run them.
While searching, I found that most people have the opposite problem :-) and couldn't really find a solution for me.
What would I need to include in the .htacces-file of my folder?
THANKS!
THE ANSWER:
in .htaccess-file type
php_flag engine off
#This will prevent apache from executing *.php-files
AddType text/plain php
#this wil display php-files in browser (if not, browser will want to download file!)
Thanks to Brad!
My Godaddy setup wont allow me to edit the httpd.conf files, and the php_flag command doesn't work due to how they've implemented php for me.
I was able to use this in my .htaccess file:
SetHandler default-handler
AddType text/plain php
I put this in the directory above where my FTP user is allowed to access, which forces all PHP files in that directory, as well as all sub-directories to show php as plain text.
This will work for other file types as well. All you need to do is add another line with whatever extension of file you want to be forced to display in plain text. AddType text/plain cgi for example
Look at your httpd.conf file for the AddType of .php extension, and change it fortext/plain, and php_flag engine to the offvalue just as sait by Sam Bisbee.
But prefer do these change in the httpd.conf, the .htaccess are useless if you have a dedicated server, and lowing your perfs.
But you can also just change the extensions of your PHP scripts...
Two solutions off the top of my head...
Change their file name extensions to .phps. Ex., index.phps.
Change the Content-type for them in the .htaccess file. AddType text/plain .php uses mod_mime to do this. More info at http://httpd.apache.org/docs/2.2/mod/mod_mime.html#addtype
Turn off the the PHP module in apache? (if you won't be needing php execution, of course)
I have a habit of making file backups by adding the .bak extension (file.ext.bak).
Imagine if I have a config in PHP, config.php and I want to backup that file by adding the .bak extension, will the file get parsed or will you see the source code if a client accidentally end up at that url? Is it server dependent?
I've tried some tests on a MAMP server but it seems to be parsing
It depends on the server configuration. It is a bad habit to keep those files accessible by browsers anyway, but should you want to, check your httpd.conf for these lines:
<IfModule mod_php5.c>
AddType application/x-httpd-php .php .phtml .php3
AddType application/x-httpd-php-source .phps
</IfModule>
This will tell the webserver that .php files actually contain code to be executed.
You could add the .bak file there (but it remains a bad habit).
Another workaround would be to just rename the file to file.bak.ext
instead).
The best solution remains moving the files to somewhere where the
browser can't access them, out of the document root and other
mappings.
will the file get parsed or will you see the source code if a client accidentally end up at that url?
Usually, you will see the source code because the .bak extension is not registered to be parsed with PHP. Needless to say, this is very dangerous!
Is it server dependent?
Yes. It is possible to configure the server to parse those files, but it's not part of any default configuration I know.
The better solution is to do it the other way round: filename.bak.php
for a certain folder on my local Apache-Server (running with Ubuntu) I'd like that all *php-files will be displayed as if they were plain text-files. I need this since I only want to see the source code of these files and NOT run them.
While searching, I found that most people have the opposite problem :-) and couldn't really find a solution for me.
What would I need to include in the .htacces-file of my folder?
THANKS!
THE ANSWER:
in .htaccess-file type
php_flag engine off
#This will prevent apache from executing *.php-files
AddType text/plain php
#this wil display php-files in browser (if not, browser will want to download file!)
Thanks to Brad!
My Godaddy setup wont allow me to edit the httpd.conf files, and the php_flag command doesn't work due to how they've implemented php for me.
I was able to use this in my .htaccess file:
SetHandler default-handler
AddType text/plain php
I put this in the directory above where my FTP user is allowed to access, which forces all PHP files in that directory, as well as all sub-directories to show php as plain text.
This will work for other file types as well. All you need to do is add another line with whatever extension of file you want to be forced to display in plain text. AddType text/plain cgi for example
Look at your httpd.conf file for the AddType of .php extension, and change it fortext/plain, and php_flag engine to the offvalue just as sait by Sam Bisbee.
But prefer do these change in the httpd.conf, the .htaccess are useless if you have a dedicated server, and lowing your perfs.
But you can also just change the extensions of your PHP scripts...
Two solutions off the top of my head...
Change their file name extensions to .phps. Ex., index.phps.
Change the Content-type for them in the .htaccess file. AddType text/plain .php uses mod_mime to do this. More info at http://httpd.apache.org/docs/2.2/mod/mod_mime.html#addtype
Turn off the the PHP module in apache? (if you won't be needing php execution, of course)
I'd like to accept other type of files that contains PHP code. For example, it would be nice to read an .aspx file by PHP as if it were .php.
Add this to your .htaccess file in Apache to make html parse as PHP:
AddType application/x-httpd-php .html
You can extrapolate what you need to do from there. :-)
Use this htaccess rule:
AddType application/x-httpd-php .php .aspx
Yes, this is done in your Apache configuration. You tell apache what kind of files you want it to send to the PHP engine. You can do this configuration the same way you do other apache configuration - in the main config file, per site, or in .htaccess files.
I'm trying to set up my .htaccess file correctly and I'm having an issue.
The only thing my .htaccess file at the moment is:
AddType application/x-httpd-php .php .html .htm
This is included because my server is not parsing php in my html files.
However when this is included in my .htaccess file, when I open a page in my browser, the user is prompted to save or open the file locally.
I believe the answer to my issues is setting up an action to be done (run with php) however I cannot find out the path to my php files.
Any help is appreciated.
You will need to edit the configuration for enabled modules. On a Debian/Ubuntu type system this will be in /etc/apache2/mods-enabled The file you are looking for is php5.conf
So far all you have done is specify that (dot) htm, html or php files should be served -by default- as application/x-httpd-php, and to my knowledge there is not a single web browser that would attempt to interpret such content -- hence the save-as dialog.
Either you could fix your .htaccess file not to be broken (it is broken behaviour to serve html files as application/x-httpd-php), or you could manually output the correct HTTP headers using the PHP header() function.
Unfortunately, everyone seems to love abusing AddType (and then complain e.g. that MultiViews is broken). See this article, please.
This is not supposed to work in all cases. It depends on the AllowOverride directive of the web server.
You shoud specify the AddType in the serveur config file rather than in the htaccess.