Gossamer Forum
(Advanced Search)
for
Home : Products : Gossamer Links : Discussions :

How to disable the php part?

Apr 26, 2003, 4:55 AM
maxpico
User (422 posts)
maxpico's avatar
Apr 26, 2003, 4:55 AM
Post #1 of 6
Views: 1753
Shortcut
Quote Reply
How to disable the php part?
How can I disable the php part?
Thanks
Max
The one with Mac OS X Server 10.4 :)
Apr 26, 2003, 5:18 AM
Paul
Veteran (19537 posts)
Apr 26, 2003, 5:18 AM
Post #2 of 6
Views: 1675
Shortcut
Quote Reply
Re: [maxpico] How to disable the php part? In reply to
Delete page.php :)

Last edited by:

Paul: Apr 26, 2003, 5:18 AM
Apr 26, 2003, 5:26 AM
maxpico
User (422 posts)
maxpico's avatar
Apr 26, 2003, 5:26 AM
Post #3 of 6
Views: 1671
Shortcut
Quote Reply
Re: [Paul] How to disable the php part? In reply to
That's enough?
Well.. Wink
Max
The one with Mac OS X Server 10.4 :)
Apr 27, 2003, 8:51 PM
tsingson
User (114 posts)
tsingson's avatar
Apr 27, 2003, 8:51 PM
Post #4 of 6
Views: 1637
Shortcut
Quote Reply
Re: [maxpico] How to disable the php part? In reply to
delete all link to page.php from all templates HTML page.

:)

my MSN: perlchina_at_hotmail.com
Apr 29, 2003, 8:36 AM
Andy
Veteran / Moderator (18441 posts)
Andy's avatar
Apr 29, 2003, 8:36 AM
Post #5 of 6
Views: 1619
Shortcut
Quote Reply
Re: [tsingson] How to disable the php part? In reply to
In Reply To:
delete all link to page.php from all templates HTML page.

:)

There is no need for that, cos the only references to page.php in the templates, are in the php_default folder, located in the /admin/templates folder Tongue Simply deleting page.php is enough.

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
May 2, 2003, 7:53 AM
webmaster33
Veteran (2312 posts)
May 2, 2003, 7:53 AM
Post #6 of 6
Views: 1601
Shortcut
Quote Reply
Re: [Andy] How to disable the php part? In reply to
Unfortunately not enough to delete or revoke permissions of page.php file.

Such URL on your site will unhide any of those template source codes, including all php codes there:
http://www.mysite.com/cgi-bin/lsql/page.cgi?d=1&t=default_php

So the default_php should be also deleted, or moved out from the templates dir!

I think, this may have some security risks.
Alex? What do you think about this?

I assume this is a bug.
  • Best solution would be to add an option into Admin/Setup, so to ignore the 'default_php' directory or not. By default should ignore.
  • Also an easy workaround: probably in SiteHTML.pm there should be also ignored the default_php directory (only when called from *.cgi scripts), similarly as the 'admin' and 'help' directories are ignored.
    Code:
    sub _compile {
    ...
    if ($template_set eq 'admin' or $template_set eq 'help') {
    $template_set = $CFG->{build_default_tpl} || 'default';
    }
    ...
    }

    should be:
    Code:
    sub _compile {
    ...
    if ($template_set eq 'admin' or $template_set eq 'help' or $template_set eq 'default_php') {
    $template_set = $CFG->{build_default_tpl} || 'default';
    }
    ...
    }

    Best regards,
    Webmaster33

    Paid Support     from Webmaster33. Expert in Perl programming & Gossamer Threads applications. (click here for prices)
    Webmaster33's products (upd.2004.09.26) | Private message | Contact me | Was my post helpful? Donate my help...