downloads | documentation | faq | getting help | mailing lists | licenses | wiki | reporting bugs | php.net sites | links | conferences | my php.net

search for in the

Our source is open

The syntax highlighted source is automatically generated by PHP from the plaintext script. If you're interested in what's behind the several functions we used, you can always take a look at the source of the following files:

Of course, if you want to see the source of this page, we have it available. You can also browse the SVN repository for this website on svn.php.net.

Source of: /manual/en/security.cgi-bin.force-redirect.php

<?php
include_once $_SERVER['DOCUMENT_ROOT'] . '/include/shared-manual.inc';
$TOC = array();
$PARENTS = array();
include_once dirname(__FILE__) ."/toc/security.cgi-bin.inc";
$setup = array (
  'home' =>
  array (
    0 => 'index.php',
    1 => 'PHP Manual',
  ),
  'head' =>
  array (
    0 => 'UTF-8',
    1 => 'en',
  ),
  'this' =>
  array (
    0 => 'security.cgi-bin.force-redirect.php',
    1 => 'Case 2: using cgi.force_redirect',
  ),
  'up' =>
  array (
    0 => 'security.cgi-bin.php',
    1 => 'Installed as CGI binary',
  ),
  'prev' =>
  array (
    0 => 'security.cgi-bin.default.php',
    1 => 'Case 1: only public files served',
  ),
  'next' =>
  array (
    0 => 'security.cgi-bin.doc-root.php',
    1 => 'Case 3: setting doc_root or user_dir',
  ),
);
$setup["toc"] = $TOC;
$setup["parents"] = $PARENTS;
manual_setup($setup);

manual_header();
?>
<div id="security.cgi-bin.force-redirect" class="sect1">
    <h2 class="title">Case 2: using <i>cgi.force_redirect</i></h2>
    <p class="simpara">
     The configuration directive <a href="ini.core.php#ini.cgi.force-redirect" class="link">cgi.force_redirect</a>
     prevents anyone from calling PHP
     directly with a URL like <var class="filename">http://my.host/cgi-bin/php/secretdir/script.php</var>.
     Instead, PHP will only parse in this mode if it has gone through
     a web server redirect rule.
     PHP older than 4.2.0 used <i>--enable-force-cgi-redirect</i>
     compile time option for this.
    </p>
    <p class="simpara">
     Usually the redirection in the Apache configuration is done with
     the following directives:
    </p>
    <div class="example-contents programlisting">
<div class="apache-confcode"><pre class="apache-confcode">Action php-script /cgi-bin/php
AddHandler php-script .php</pre>
</div>
    </div>

    <p class="simpara">
     This option has only been tested with the Apache web server, and
     relies on Apache to set the non-standard CGI environment variable
     <span class="envar">REDIRECT_STATUS</span> on redirected requests.  If your
     web server does not support any way of telling if the request is
     direct or redirected, you cannot use this option and you must use
     one of the other ways of running the CGI version documented
     here.
    </p>
   </div><?php manual_footer(); ?>
 
show source | credits | sitemap | contact | advertising | mirror sites