Register or have you forgotten your password?
Get the most out of Surmunity, read our tips here! Need an interesting blog to read? You've got to read the Surpass Blog!
| Welcome! Please register to access all of our features.
November 9th, 2006, 11:36 PM
|
#1 (permalink) |
|
Registered User
Fresh Surpasser
Joined in Jun 2006
Lives in New Brunswick, Canada
8 posts
Gave thanks: 0
Thanked 0 times
|
register_globals
I've been working hard at my new page as of late. I installed Joomla and when I log in under Administrator to add content to my page, a very large red warning comes up that I would like to make go away.
Following PHP Server Settings are not optimal for Security and it is recommended to change them:
Is this something that I can get fixed here? I looked for this in my cPanel and could not find it. I did some research and got the impression that I should go grovelling to my hosting company to ask them if they would change it for me. So, because I have so many user names and passwords and links and stuff I just do not understand about this webpage, I have come here for answers, if y'all have any. Anyone know who it is I should contact to get this particular setting fixed? And please treat me like a complete and utter noob regarding this. It's a wonder how I have a webpage up at all. Ninjun. |
|
    
|
|
November 9th, 2006, 11:43 PM
|
#2 (permalink) |
|
minor deity
Super #1
Joined in Apr 2004
Lives in Georgia
Hosted on XEON
7,394 posts
Gave thanks: 28
Thanked 94 times
|
If your server is running PHPsuexec I belive you can turn it off using a pHP.INI file..
__________________
Proud to be a Surmunity Mod! XEON Make a fundamental difference! My Sites: Curious about Brewing Beer? Join the community! >>>>> Some Change is GOOD! Keep your paycheck! Support the Fair Tax Get into an Art museum Victorian London It's your brain -ON WEB - mybrainhost.com (under development) What SHOULD Government do? Much Less than it Does! |
|
|
|
|
November 9th, 2006, 11:51 PM
|
#3 (permalink) |
|
Registered User
Fresh Surpasser
Joined in Jun 2006
Lives in New Brunswick, Canada
8 posts
Gave thanks: 0
Thanked 0 times
|
Yes, I found that solution before. I am really new, so I did not understand how that fixes the problem. I placed such files in most of the folders I could find in cPanel, yet still, Joomla says what it says.
|
|
|
|
|
November 10th, 2006, 12:01 AM
|
#4 (permalink) |
|
minor deity
Super #1
Joined in Apr 2004
Lives in Georgia
Hosted on XEON
7,394 posts
Gave thanks: 28
Thanked 94 times
|
place a ticket with support. They may have to set something to allow your phpsuexec version to run with globals off.
__________________
Proud to be a Surmunity Mod! XEON Make a fundamental difference! My Sites: Curious about Brewing Beer? Join the community! >>>>> Some Change is GOOD! Keep your paycheck! Support the Fair Tax Get into an Art museum Victorian London It's your brain -ON WEB - mybrainhost.com (under development) What SHOULD Government do? Much Less than it Does! |
|
|
|
|
November 10th, 2006, 12:31 AM
|
#6 (permalink) |
|
minor deity
Super #1
Joined in Apr 2004
Lives in Georgia
Hosted on XEON
7,394 posts
Gave thanks: 28
Thanked 94 times
|
desk.surpasshosting.com
search the forum for PHP INFO() If you are on a new server, it is likely that it is running phpsuexec.
__________________
Proud to be a Surmunity Mod! XEON Make a fundamental difference! My Sites: Curious about Brewing Beer? Join the community! >>>>> Some Change is GOOD! Keep your paycheck! Support the Fair Tax Get into an Art museum Victorian London It's your brain -ON WEB - mybrainhost.com (under development) What SHOULD Government do? Much Less than it Does! |
|
|
|
|
December 21st, 2006, 6:38 PM
|
#8 (permalink) |
|
Registered User
Fresh Surpasser
Joined in Dec 2005
12 posts
Gave thanks: 2
Thanked 3 times
|
Joomla register_globals
Hopefully your problem has long since been fixed. If not, the following should come in handy:
Edited version of https://desk.surpasshosting.com/inde...articleid=176: "For those wishing to turn on or turn off PHP register_globals, you can edit files within your account to set this setting locally. Depending on if the machine you are on is using PHPSUEXEC or not will determine which method you use. For NON-PHPsuexec servers: 1) Using a file manager from cPanel or FTP: locate the ".htaccess" file located in each directory. *NOTE* If you want this setting for your entire site, edit the .htaccess in public_html if not, edit the .htaccess file within the folder you want it for. 2) Once you have this file opened with an editor, add the below line onto a new line in the file: php_flag register_globals off (Change it to On to turn it on) 3) Save the file, and your done! For PHPsuexec servers: 1) Using a file manager from cPanel or FTP: Create a file named "php.ini" in the directory of your choice. 2) Now open it with a text editor and add the following line: register_globals = Off (Change to On if you want this enabled) 3) Now save the file, and your done! This process can be followed for many other similar php settings. Bear in mind that for a phpsuexec file, a local php.ini file only affects the directory that it's directly put in. Subdirectories are not affectd." How do you know if you have PHPsuexec installed? Only servers SH88+ and Pass48+ have phpsuexec installed. If phpsuexec is installed, you will see "Server API: CGI" instead of "Server API: Apache" in phpinfo. (Joomla users can find this info in the back-end: System>System Info>PHP Info tab... near the top.) On shared servers, php.ini must be installed in every directory! There are a few very easy to use scripts that will do the legwork for you: http://forum.joomla.org/index.php/topic,93191.0.html. (That's a Joomla forum, but the scripts are not Joomla-specific.) |
|
|
|
|
February 8th, 2007, 11:05 AM
|
#9 (permalink) | |
|
Registered User
Seasoned Poster
Joined in Jan 2004
Lives in Atlanta, GA, USA
Hosted on PASS3
67 posts
Gave thanks: 7
Thanked 0 times
|
Closer and closer
The link to the Joomla forum above has expired.
Check the date of this post and consider this link which references the following code by joomla.org member dhuelsmann: (I have not tested this process out as I am not on a phpsuexec enabled server yet) Quote:
Code:
[<?php
// set this value to Y if you only want to overwrite old php.ini files
// set this value to N if you want to put a php.ini file in every directory
$overwriteOnly = "N";
if ($overwriteOnly == "Y") echo "Operating in Overwrite Only Mode<br><br>";
$path = "/home/" . get_current_user() . "/public_html";
$source = $path . "/php.ini";
if (!file_exists($source)) die('Error - no source php.ini file');
function search($dir) {
global $source;
global $overwriteOnly;
$dh = opendir($dir);
while (($filename = readdir($dh)) !== false) {
if ( $filename !== '.' AND $filename !== '..' AND $filename !== 'cgi-bin' AND is_dir("$dir/$filename") ) {
$path = $dir."/".$filename;
$target = $path . "/php.ini";
if (!file_exists($target) AND $overwriteOnly == "Y") {
echo "$path <b>skipped - no php.ini file</b><br>";
} else {
echo "$target <br>";
if (!copy($source,$target)) echo "<b>Write failed for $target </b><br>";
if (file_exists($target)) chmod($target,0600);
}
search($path);
}
}
closedir($dh);
}
search($path);
echo "<br>Done.";
?>
Code:
<?php
// this script will delete all your php.ini files
$path = "/home/" . get_current_user() . "/public_html";
function search($dir) {
$dh = opendir($dir);
while (($filename = readdir($dh)) !== false) {
if ( $filename !== '.' AND $filename !== '..' AND $filename !== 'cgi-bin' AND is_dir("$dir/$filename") ) {
$path = $dir."/".$filename;
$target = $path . "/php.ini";
if (file_exists($target)) {
echo "Deleting - $target <br>";
if (!unlink($target)) echo "<b>Delete failed for $target </b><br>";
}
search($path);
}
}
closedir($dh);
}
$target = $path . "/php.ini";
if (file_exists($target)) {
echo "Deleting - $target <br>";
if (!unlink($target)) echo "<b>Delete failed for $target </b><br>";
}
search($path);
echo "<br>Done.";
?>
__________________
Server: Pass3 (72.29.75.151) Last edited by Fuyu; February 8th, 2007 at 11:09 AM.. Reason: Added haven't tested this blurb |
|
|
|
|
