From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows 98) Description of problem: Is impossible disable php script execution in some directories on webserver Version-Release number of selected component (if applicable): httpd-2.0.40-21.1 php-4.2.2-17 How reproducible: Always Steps to Reproduce: 1. key sections from webserver configuration : <Directory "/home/httpd/html"> AllowOverride AuthConfig Limit Order allow,deny Allow from all </Directory> <Directory "/home/httpd/html/nophp/"> php_flag engine off php_admin_flag engine off php_value engine 0 php_admin_value engine 0 </Directory> <Directory "/home/httpd/html/nophp"> php_flag engine off php_admin_flag engine off php_value engine 0 php_admin_value engine 0 </Directory> 2. in /home/httpd/html/nophp is file x.php and contains : <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <TITLE>Test PHP</TITLE> </HEAD> <BODY> <? $DATUM = date("YmdHis",time()); echo "Date $DATUM <BR>"; echo "<BR>"; ?> </BODY> </HTML> Actual Results: access the script /nophp/x.php on webserver produce proper output - Date 20030508205402 - on the page. Expected Results: nothing to display and page source must contain : <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <TITLE>Test PHP</TITLE> </HEAD> <BODY> <? $DATUM = date("YmdHis",time()); echo "Date $DATUM <BR>"; echo "<BR>"; ?> </BODY> </HTML>
Thanks for the report.
Thanks for the report. This is a mass bug update; since this release of Red Hat Linux is no longer supported, please either: a) try and reproduce the bug with a supported version of Red Hat Enterprise Linux or Fedora Core, and re-open this bug as appropriate after changing the Product field, or, b) if relevant, try and reproduce this bug using the current version of the upstream package, and report the bug upstream. c) report the bug to the Fedora Legacy project who may wish to continue maintenance of this package.