little Patch for puretec / schlund -servers

Author Message

Andreas Bockler

Wednesday 21 May 2003 2:34:01 pm

Hi,

we tried to install ez3 on a managed-webserver at Schlund+Partner (IMHO the best provider) which uses php-cgi.

Urls like this:
index.php/standard/content....
generates 404 Errors because of security settings.

I modified ezsys.php (diff is below) and now ez3 generates
index.php?/standard/content/ - links

NOTE:
standard-rewriterules will not work with this patch. it's only for that purpose and I suggest that you disable rewriting. i mean standard-rewriterules since i didn't experiment with it that much.
There is still a problem with URL-encoded PHPSession-ID's

--- ezpublish.orig/lib/ezutils/classes/ezsys.php 18 Apr 2003 10:20:48 -0000 1.2
+++ ezpublish/lib/ezutils/classes/ezsys.php 21 May 2003 21:05:56 -0000
@@ -271,7 +271,7 @@
if ( count( $this->AccessPath ) > 0 )
{
// if ( $text != "" )
- $text .= "/";
+ $text .= "?/";
$text .= implode( '/', $this->AccessPath );
}
return $text;
@@ -522,26 +522,11 @@
else if ( ereg( "(.*)/([^\/]+\.php)$", $phpSelf, $regs ) )
$wwwDir = $regs[1];

- $requestURI = eZSys::serverVariable( 'REQUEST_URI' );
+ $requestURI = eZSys::serverVariable( 'QUERY_STRING' );

// Fallback... Finding the paths above failed, so $_SERVER['PHP_SELF'] is not set right.
if ( $siteDir == "./" )
$phpSelf = $requestURI;
-
- $def_index_reg = str_replace( ".", "\\.", $def_index );
- // Trick: Rewrite setup doesn't have index.php in $_SERVER['PHP_SELF'], so we don't want an $index
- if ( ! ereg( ".*$def_index_reg.*", $phpSelf ) )
- $index = "";
- else
- {
- if ( eZSys::isDebugEnabled() )
- eZDebug::writeNotice( "$wwwDir$index", '$wwwDir$index' );
- // Get the right $_SERVER['REQUEST_URI'], when using nVH setup.
- if ( ereg( "^$wwwDir$index(.*)", $phpSelf, $req ) )
- {
- $requestURI = $req[1];
- }
- }

// Remove url parameters
if ( ereg( "([^?]+)", $requestURI, $regs ) )

Karsten Jennissen

Thursday 22 May 2003 1:27:14 am

That's great. A general solution for PHP as CGI?!

Karsten

Andreas Bockler

Thursday 22 May 2003 3:12:23 am

Hi,

I don't know, if the patch is an general php-cgi-solution, it works for me :)
Maybe the ez-team could point out cavehats, i'm not aware of.
UPDATE:
I noticed one cavehat!:
<form method="get".. does not work
U need to change the line to
<form method="post"

i extended the preceding patch. Now it works with PHPSESSID encoded in the url.
Apply the first patch before you apply this one.
This patch should be more general though, e.g. extract the path element dispite _any_ extra arguments.

bye

--- ezpublish.orig/lib/ezutils/classes/ezsys.php 21 May 2003 21:07:27 -0000 1.3
+++ ezpublish/lib/ezutils/classes/ezsys.php 22 May 2003 10:00:12 -0000
@@ -523,6 +523,11 @@
$wwwDir = $regs[1];

$requestURI = eZSys::serverVariable( 'QUERY_STRING' );
+
+ // take out PHPSESSID, if url-encoded
+ if( preg_match("/(.*)&PHPSESSID=[^&]+(.*)/",$requestURI,$matches ) ) {
+ $requestURI = $matches[1].$matches[2];
+ }

// Fallback... Finding the paths above failed, so $_SERVER['PHP_SELF'] is not set right.
if ( $siteDir == "./" )

Claudius Frank

Thursday 22 May 2003 5:29:16 am

Hi,

What I can do if I can't apply the patch?

How are to understand the lines:

@@ -271,7 +271,7 @@

@@ -522,26 +522,11 @@

@@ -523,6 +523,11 @@

I had the same problem on Schlund's server and I was not able to resolve it.

Could you post the complete file ezsys.php or almost this part(s) which have to be patched? For non-programmer?

Regards
Claudius

Ekkehard Dörre

Thursday 22 May 2003 8:12:14 am

@ Claudius:

Look on http://ez.no/developer/ez_publish_3/forum/developer/offsets_not_working_object_not_available_reported_bugs_

the latest post there is an how to

Greetings
ekke

http://www.coolscreen.de - Over 40 years of certified eZ Publish know-how: http://www.cjw-network.com
CJW Newsletter: http://projects.ez.no/cjw_newsletter - http://cjw-network.com/en/ez-publ...w-newsletter-multi-channel-marketing

Claudius Frank

Thursday 22 May 2003 10:07:14 am

Hi Ekke,

Thank you very much for the link.

Regards
Claudius

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.