Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: phpscripts on November 11, 2005, 06:05:35 PM
-
I have read all I can on the problems with Sme 7 although some posts seem to not be any information at all The posts by gbaird seem to be the same issues I am having I have went to the link he provided and no help there just states "find out yourself"
It appears there are no answers for Apache settings not allowing post commands Get commands are a security risk as they can be cached
I have only asked for help hoping not to get the responces that gbaird got as it appears he had valid questions and did provide some places to check for possible problems
-
Hi phpscripts - I am keen to get to the bottom of this.
Please post:
the <filename>.php file you are running when you notice the post error
the text of the error message you get
a step-by-step description of the exact sequence of events that cause the error.
your /etc/php.ini file
if your system is using a different php configuration file while the page is running, please include it also - it's probably at the root of the web site
your /etc/httpd.conf file
the results of running a phpinfo would be nice
a section of your apache log file covering a time when the script was running and the error generated.
I will repost this information for you at
https://sourceforge.net/tracker/?group_id=96750&atid=615772&func=detail&aid=1338466
Of course, you could get a Sourceforge account and post it yourself. It would be a good idea to do this anyway, as the folks building SME 7 may have questions, or need additional information, that only you can provide.
I would be very grateful if you could post this information at sourceforge without including commentary on your opinion of SME Server and/or its developers, pointing to other places where the info exists already, claiming that the statements posted publicly should be enough, etc. This has become something of a sore spot, and there's no logical reason for it - if "Apache won't accept post from php" is a problem, it's because some file is missing or misversioned, some config is incorrect, etc. Pure rational step-by-step work will find it - there's no reason for any particular emotion about it at all. If it isn't a problem, or isn't in the scope of developing SME server, you will have given the developers the info needed to prove that.
Please simply provide the information.
Thanks - RonM
-
It is not a php script post error it is a html post error
-------------php.ini file from server
;------------------------------------------------------------
; DO NOT MODIFY THIS FILE! It is updated automatically by the
; SME Server software. Instead, modify the source template in
; an /etc/e-smith/templates-custom directory. For more
; information, see http://www.e-smith.org/custom/
;
; copyright (C) 2002 Mitel Networks Corporation
;------------------------------------------------------------
[PHP]
engine = On
short_open_tag = On ;
asp_tags = Off
precision = 14
y2k_compliance = Off
output_buffering = Off
output_handler =
implicit_flush = Off
allow_call_time_pass_reference = On
safe_mode = Off
safe_mode_exec_dir =
safe_mode_allowed_env_vars = PHP_
safe_mode_protected_env_vars = LD_LIBRARY_PATH
disable_functions =
highlight.string = #DD0000
highlight.comment = #FF8000
highlight.keyword = #007700
highlight.bg = #FFFFFF
highlight.default = #0000BB
highlight.html = #000000
expose_php = On
max_execution_time = 30
memory_limit = 32M
error_reporting = E_ALL & ~E_NOTICE
display_errors = Off
display_startup_errors = Off
log_errors = On
error_log = syslog
track_errors = Off
warn_plus_overloading = Off
variables_order = "EGPCS"
register_globals = On
register_argc_argv = On
post_max_size =20M
gpc_order = "GPC"
magic_quotes_gpc = On
magic_quotes_runtime= Off
magic_quotes_sybase = Off
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
include_path = ".:/usr/share/pear-addons:/usr/share/pear"
doc_root =
user_dir =
extension_dir = /usr/lib/php4
enable_dl = On
file_uploads = On
upload_max_filesize = 10M
allow_url_fopen = Off
[Syslog]
define_syslog_variables = Off
[mail function]
SMTP = localhost
sendmail_from = me@localhost.com
[Debugger]
debugger.host = localhost
debugger.port = 7869
debugger.enabled = False
[Logging]
[Java]
[SQL]
sql.safe_mode = Off
[ODBC]
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1
[MySQL]
mysql.allow_persistent = On
mysql.max_persistent = -1
mysql.max_links = -1
mysql.default_port =
mysql.default_socket =
mysql.default_host =
mysql.default_user =
mysql.default_password =
[mSQL]
msql.allow_persistent = On
msql.max_persistent = -1
msql.max_links = -1
[PostgresSQL]
pgsql.allow_persistent = On
pgsql.max_persistent = -1
pgsql.max_links = -1
[Sybase]
sybase.allow_persistent = On
sybase.max_persistent = -1
sybase.max_links = -1
sybase.min_error_severity = 10
sybase.min_message_severity = 10
sybase.compatability_mode = Off
[Sybase-CT]
sybct.allow_persistent = On
sybct.max_persistent = -1
sybct.max_links = -1
sybct.min_server_severity = 10
sybct.min_client_severity = 10
[bcmath]
bcmath.scale = 0
[browscap]
[Informix]
ifx.default_host =
ifx.default_user =
ifx.default_password =
ifx.allow_persistent = On
ifx.max_persistent = -1
ifx.max_links = -1
ifx.textasvarchar = 0
ifx.byteasvarchar = 0
ifx.charasvarchar = 0
ifx.blobinfile = 0
ifx.nullformat = 0
[Session]
session.save_handler = files
session.save_path = /tmp
session.use_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.serialize_handler = php
session.gc_probability = 1
session.gc_maxlifetime = 1440
session.referer_check =
session.entropy_length = 0
session.entropy_file =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 1
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
[MSSQL]
mssql.allow_persistent = On
mssql.max_persistent = -1
mssql.max_links = -1
mssql.min_error_severity = 10
mssql.min_message_severity = 10
mssql.compatability_mode = Off
[Assertion]
[Ingres II]
ingres.allow_persistent = On
ingres.max_persistent = -1
ingres.max_links = -1
ingres.default_database =
ingres.default_user =
ingres.default_password =
[Verisign Payflow Pro]
pfpro.defaulthost = "test.signio.com"
pfpro.defaultport = 443
pfpro.defaulttimeout = 30
[Sockets]
sockets.use_system_read = On
-------------httpd.conf
#------------------------------------------------------------
# DO NOT MODIFY THIS FILE! It is updated automatically by the
# SME Server software. Instead, modify the source template in
# an /etc/e-smith/templates-custom directory. For more
# information, see http://www.e-smith.org/custom/
#
# copyright (C) 1999-2003 Mitel Networks Corporation
#------------------------------------------------------------
# HostnameLookups: Log the names of clients or just their IP numbers
# e.g. www.apache.org (on) or 204.62.129.132 (off)
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on.
HostnameLookups off
# ServerAdmin: Your address, where problems with the server should be
# e-mailed.
ServerAdmin admin@eelriver.com
# ServerRoot: The directory the server's config, error, and log files
# are kept in.
# NOTE! If you intend to place this on a NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation,
# you will save yourself a lot of trouble.
ServerRoot /etc/httpd
ServerTokens ProductOnly
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# On SCO (ODT 3) use User nouser and Group nogroup
# On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group nobody on these systems!
User www
Group www
# ErrorLog: The location of the error log file. If this does not start
# with /, ServerRoot is prepended to it.
ErrorLog /var/log/httpd/error_log
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel debug
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Please read the file README.DSO in the Apache 1.3 distribution for more
# details about the DSO mechanism and run httpd -l' for the list of already
# built-in (statically linked and thus always available) modules in your httpd
# binary.
#
# Example:
# LoadModule foo_module libexec/mod_foo.so
#
# Documentation for modules is in "/home/httpd/manual/mod" in HTML format.
LoadModule env_module modules/mod_env.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule mime_module modules/mod_mime.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule status_module modules/mod_status.so
LoadModule info_module modules/mod_info.so
LoadModule include_module modules/mod_include.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule dir_module modules/mod_dir.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule asis_module modules/mod_asis.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule example_module modules/mod_example.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
# Extra Modules
#LoadModule php_module modules/mod_php.so
#LoadModule php3_module modules/libphp3.so
LoadModule external_auth_module modules/mod_auth_external.so
LoadModule php4_module modules/libphp4.so
LoadModule ssl_module modules/mod_ssl.so
AddExternalAuth pwauth /usr/lib/httpd/modules/pwauth
SetExternalAuthMethod pwauth pipe
Listen 0.0.0.0:80
##########################################################
## SSL Global Context Configuration
##
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts
## (unless overridden by virtual hosts)
##
<IfModule mod_ssl.c>
Listen 0.0.0.0:443
SSLEngine off
SSLCertificateFile /home/e-smith/ssl.crt/ns4.eelriver.com.crt
SSLCertificateKeyFile /home/e-smith/ssl.key/ns4.eelriver.com.key
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv2:-EXP
SSLPassPhraseDialog builtin
SSLSessionCache dbm:state/ssl_scache
SSLSessionCacheTimeout 300
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
SSLMutex file:state/ssl_mutex
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
#SSLLogLevel info
SSLProtocol all
</IfModule>
#
# END OF SSL GLOBAL CONTEXT CONFIGURATION
#############################################
# The LockFile directive sets the path to the lockfile used when Apache
# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
# its default value. The main reason for changing it is if the logs
# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
# DISK. The PID of the main server process is automatically appended to
# the filename.
#
#LockFile /var/lock/httpd.lock
# PidFile: The file the server should log its pid to
PidFile /var/run/httpd.pid
# ScoreBoardFile: File used to store internal server process information.
# Not all architectures require this. But if yours does (you'll know because
# this file is created when you run Apache) then you *must* ensure that
# no two invocations of Apache share the same scoreboard file.
ScoreBoardFile /var/run/httpd.scoreboard
# CacheNegotiatedDocs: By default, Apache sends Pragma: no-cache with each
# document that was negotiated on the basis of content. This asks proxy
# servers not to cache the document. Uncommenting the following line disables
# this behavior, and proxies will be allowed to cache the documents.
#CacheNegotiatedDocs Off
# UseCanonicalName: (new for 1.3) With this setting turned on, whenever
# Apache needs to construct a self-referencing URL (a url that refers back
# to the server the response is coming from) it will use ServerName and
# Port to form a "canonical" name. With this setting off, Apache will
# use the hostname:port that the client supplied, when possible. This
# also affects SERVER_NAME and SERVER_PORT in CGIs.
UseCanonicalName off
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined_virtual
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# The location of the access logfile (Common Logfile Format).
# If this does not start with /, ServerRoot is prepended to it.
# CustomLog logs/access_log common
CustomLog /var/log/httpd/access_log combined_virtual
# If you would like to have an agent and referer logfile uncomment the
# following directives.
#CustomLog logs/referer_log referer
#CustomLog logs/agent_log agent
# If you prefer a single logfile with access, agent and referer information
# (Combined Logfile Format) you can use the following directive.
#CustomLog logs/access_log combined
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
KeepAlive On
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We reccomend you leave this number high, for maximum performance.
MaxKeepAliveRequests 100
# KeepAliveTimeout: Number of seconds to wait for the next request
KeepAliveTimeout 15
# Limit on total number of servers running, i.e., limit on the number
# of clients who can simultaneously connect --- if this limit is ever
# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
# It is intended mainly as a brake to keep a runaway server from taking
# Unix with it as it spirals down...
MaxClients 150
# MaxRequestsPerChild: the number of requests each child process is
# allowed to process before the child dies.
# The child will exit so as to avoid problems after prolonged use when
# Apache (and maybe the libraries it uses) leak. On most systems, this
# isn't really needed, but a few (such as Solaris) do have notable leaks
# in the libraries.
MaxRequestsPerChild 100
# Proxy Server directives. Uncomment the following line to
# enable the proxy server:
#ProxyRequests On
# ServerName allows you to set a host name which is sent back to clients for
# your server if it's different than the one the program would get (i.e. use
# "www" instead of the host's real name).
#
# Note: You cannot just invent host names and hope they work. The name you
# define here must be a valid DNS name for your host. If you don't understand
# this, ask your network administrator.
ServerName www.eelriver.com
# Server-pool size regulation. Rather than making you guess how many
# server processes you need, Apache dynamically adapts to the load it
# sees --- that is, it tries to maintain enough server processes to
# handle the current load, plus a few spare servers to handle transient
# load spikes (e.g., multiple simultaneous requests from a single
# Netscape browser).
# It does this by periodically checking how many servers are waiting
# for a request. If there are fewer than MinSpareServers, it creates
# a new spare. If there are more than MaxSpareServers, some of the
# spares die off. These values are probably OK for most sites ---
MinSpareServers 8
MaxSpareServers 20
# Number of servers to start --- should be a reasonable ballpark figure.
StartServers 10
# Timeout: The number of seconds before receives and sends time out
Timeout 300
# DefaultIcon is which icon to show for files which do not have an icon
# explicitly set.
DefaultIcon /icons/unknown.gif
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
# directory index. Separate multiple entries with spaces.
DirectoryIndex index.htm index.html index.shtml index.cgi
DirectoryIndex index.htm index.html index.shtml index.cgi index.php index.php3 index.phtml
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot /home/e-smith/files/ibays/Primary/html
IndexOptions FancyIndexing VersionSort NameWidth=*
# AddIcon tells the server which icon to show for different files or filename
# extensions
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
# AccessFileName: The name of the file to look for in each directory
# for access control information.
AccessFileName .htaccess
# AddDescription allows you to place a short description after a file in
# server-generated indexes.
# Format: AddDescription "description" filename
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
# DefaultType is the default MIME type for documents which the server
# cannot find the type of from filename extensions.
DefaultType text/plain
# IndexIgnore is a set of filenames which directory indexing should ignore
# Format: IndexIgnore name1 name2...
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
TypesConfig /etc/mime.types
# AddEncoding allows you to have certain browsers (Mosaic/X 2.1+) uncompress
# information on the fly. Note: Not all browsers support this.
AddEncoding x-compress Z
AddEncoding x-gzip gz
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
<IfModule mod_php4.c>
AddIcon /icons/php4.gif .php3 .php4 .php .phtml
AddIcon /icons/phps.gif .phps
</IfModule>
# AddLanguage allows you to specify the language of a document. You can
# then use content negotiation to give a browser a file in a language
# it can understand. Note that the suffix does not have to be the same
# as the language keyword --- those with documents in Polish (whose
# net-standard language code is pl) may wish to use "AddLanguage pl .po"
# to avoid the ambiguity with the common suffix for perl scripts.
AddLanguage en .en
AddLanguage fr .fr
AddLanguage de .de
AddLanguage da .da
AddLanguage el .el
AddLanguage it .it
# LanguagePriority allows you to give precedence to some languages
# in case of a tie during content negotiation.
# Just list the languages in decreasing order of preference.
LanguagePriority en fr de
# AddType allows you to tweak mime.types without actually editing it, or to
# make certain files to be certain types.
# Format: AddType type/subtype ext1
# For example, the PHP3 module (not part of the Apache distribution)
# will typically use:
#AddType application/x-httpd-php3 .php3
#AddType application/x-httpd-php3-source .phps
# The following is for PHP/FI (PHP2):
#AddType application/x-httpd-php .phtml
# Fix up default type for .exe files.
AddType application/octet-stream .exe
# Add type for Netscape proxy autoconfiguration
AddType application/x-ns-proxy-autoconfig .pac
AddType image/png .png
# Fix up default type for .rpm files.
AddType application/octet-stream .rpm
# To use server-parsed HTML files
AddType text/html .shtml
AddType application/x-pkcs7-crl .crl
AddType application/x-x509-ca-cert .crt
# The following directives disable keepalives and HTTP header flushes.
# The first directive disables it for Netscape 2.x and browsers which
# spoof it. There are known problems with these.
# The second directive is for Microsoft Internet Explorer 4.0b2
# which has a broken HTTP/1.1 implementation and does not properly
# support keepalive when it is used on 301 or 302 (redirect) responses.
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
# The following directive disables HTTP/1.1 responses to browsers which
# are in violation of the HTTP/1.0 spec by not being able to grok a
# basic 1.1 response.
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
# AddHandler allows you to map certain file extensions to "handlers",
# actions unrelated to filetype. These can be either built into the server
# or added with the Action command (see below)
# Format: AddHandler action-name ext1
# To use CGI scripts:
AddHandler cgi-script .cgi
# Greg added this line
# AddHandler php-script php
AddHandler server-parsed .shtml
# If you wish to use server-parsed imagemap files, use
AddHandler imap-file map
NameVirtualHost 0.0.0.0:80
NameVirtualHost 0.0.0.0:443
<VirtualHost 0.0.0.0:80>
ServerName eelriver.com
ServerAlias ftp.eelriver.com mail.eelriver.com ns4.eelriver.com proxy.eelriver.com wpad.eelriver.com www.eelriver.com
DocumentRoot /home/e-smith/files/ibays/Primary/html
ScriptAlias /cgi-bin /home/e-smith/files/ibays/Primary/cgi-bin
Alias /files /home/e-smith/files/ibays/Primary/files
# esmith::DB::db::Record=HASH(0x885ab24) ibay (web invoice)
ScriptAlias /webinvoice/cgi-bin /home/e-smith/files/ibays/webinvoice/cgi-bin
Alias /webinvoice/files /home/e-smith/files/ibays/webinvoice/files
Alias /webinvoice /home/e-smith/files/ibays/webinvoice/html
# skipping SSL directives
RewriteEngine on
RewriteCond %REQUEST_METHOD ^(TRACE|TRACK)
RewriteRule .* - [F]
RewriteRule ^/server-manager(/.*|$) https://%{HTTP_HOST}/server-manager$1 [L,R]
<Location /server-manager>
order deny,allow
deny from all
allow from 127.0.0.1 192.168.1.0/255.255.255.0
</Location>
RewriteRule ^/server-common(/.*|$) https://%{HTTP_HOST}/server-common$1 [L,R]
<Location /server-common>
order deny,allow
deny from all
allow from 127.0.0.1 192.168.1.0/255.255.255.0
</Location>
RewriteRule ^/user-password(/.*|$) https://%{HTTP_HOST}/user-password$1 [L,R]
<Location /user-password>
order deny,allow
deny from all
allow from 127.0.0.1 192.168.1.0/255.255.255.0
</Location>
RewriteRule ^/webmail(/.*|$) https://%{HTTP_HOST}/webmail$1 [L,R]
RewriteRule ^/horde(/.*|$) https://%{HTTP_HOST}/horde$1 [L,R]
# alias for Apache icons
Alias /icons/ /var/www/icons/
# Alias for server resources
Alias /server-resources/ /home/e-smith/files/server-resources/
</VirtualHost>
<VirtualHost 0.0.0.0:443>
ServerName eelriver.com
ServerAlias ftp.eelriver.com mail.eelriver.com ns4.eelriver.com proxy.eelriver.com wpad.eelriver.com www.eelriver.com
DocumentRoot /home/e-smith/files/ibays/Primary/html
ScriptAlias /cgi-bin /home/e-smith/files/ibays/Primary/cgi-bin
Alias /files /home/e-smith/files/ibays/Primary/files
# esmith::DB::db::Record=HASH(0x885ba0c) ibay (web invoice)
ScriptAlias /webinvoice/cgi-bin /home/e-smith/files/ibays/webinvoice/cgi-bin
Alias /webinvoice/files /home/e-smith/files/ibays/webinvoice/files
Alias /webinvoice /home/e-smith/files/ibays/webinvoice/html
# SSL Directives
SSLEngine on
RewriteEngine on
RewriteCond %REQUEST_METHOD ^(TRACE|TRACK)
RewriteRule .* - [F]
ProxyPass /server-manager http://127.0.0.1:980/server-manager/
<Location /server-manager>
order deny,allow
deny from all
allow from 127.0.0.1 192.168.1.0/255.255.255.0
</Location>
ProxyPass /server-common http://127.0.0.1:980/server-common/
<Location /server-common>
order deny,allow
deny from all
allow from 127.0.0.1 192.168.1.0/255.255.255.0
</Location>
ProxyPass /user-password http://127.0.0.1:980/user-password/
<Location /user-password>
order deny,allow
deny from all
allow from 127.0.0.1 192.168.1.0/255.255.255.0
</Location>
Alias /webmail /home/httpd/html/horde/imp
Alias /horde /home/httpd/html/horde
# alias for Apache icons
Alias /icons/ /var/www/icons/
# Alias for server resources
Alias /server-resources/ /home/e-smith/files/server-resources/
</VirtualHost>
# First, we configure the "default" to be a very restrictive set of
# permissions.
<Directory />
Options None
AllowOverride None
order deny,allow
deny from all
allow from none
</Directory>
# Horde specific configuration files.
<Directory /home/httpd/html/horde>
<FilesMatch "test.php$">
Order Deny,Allow
Deny from all
</FilesMatch>
Options Indexes Includes FollowSymLinks
AllowOverride None
order allow,deny
allow from all
AddType application/x-httpd-php .php .php3
php_value include_path '/usr/share/pear-addons:/usr/share/pear'
# php_value auto_prepend_file /home/httpd/horde-phplib/prepend.php3
php_flag magic_quotes_gpc off
php_flag track_vars on
php_flag session.use_trans_sid off
php_admin_flag allow_url_fopen on
</Directory>
<Directory /home/httpd/html/horde/config>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/lib>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/locale>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/templates>
order deny,allow
deny from all
</Directory>
# IMP specific access configuration
<Directory /home/httpd/html/horde/imp/config>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/imp/lib>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/imp/locale>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/imp/templates>
order deny,allow
deny from all
</Directory>
# INGO specific access configuration
<Directory /home/httpd/html/horde/ingo/config>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/ingo/lib>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/ingo/locale>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/ingo/templates>
order deny,allow
deny from all
</Directory>
# Server resources access configuration
<Directory /home/e-smith/files/server-resources>
Options +Indexes
order deny,allow
deny from all
allow from 127.0.0.1 192.168.1.0/255.255.255.0
</Directory>
# IMP specific access configuration
<Directory /home/httpd/html/horde/turba/config>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/turba/lib>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/turba/locale>
order deny,allow
deny from all
</Directory>
<Directory /home/httpd/html/horde/turba/templates>
order deny,allow
deny from all
</Directory>
# phpMyAdmin
Alias /phpmyadmin /opt/phpmyadmin
<Directory /opt/phpmyadmin>
SSLRequireSSL
Options -Indexes
AllowOverride None
order deny,allow
deny from all
allow from all
AuthName "phpMyAdmin"
AuthType Basic
AuthExternal pwauth
require user admin
Satisfy all
AddType application/x-httpd-php .php .php3
php_flag magic_quotes_gpc on
php_flag track_vars on
</Directory>
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#------------------------------------------------------------
# icons directory
#------------------------------------------------------------
<Directory /var/www/icons>
Options Indexes
AllowOverride None
order deny,allow
deny from all
allow from all
</Directory>
#------------------------------------------------------------
# Information bay directories
#------------------------------------------------------------
#------------------------------------------------------------
# Primary ibay directories (Primary i-bay)
#------------------------------------------------------------
<Directory /home/e-smith/files/ibays/Primary/html>
Options None
Options +Indexes
Options +Includes
AllowOverride None
order deny,allow
deny from all
allow from all
</Directory>
<Directory /home/e-smith/files/ibays/Primary/cgi-bin>
Options ExecCGI
AllowOverride None
order deny,allow
deny from all
allow from all
</Directory>
<Directory /home/e-smith/files/ibays/Primary/files>
AllowOverride None
order deny,allow
deny from all
allow from all
</Directory>
#------------------------------------------------------------
# webinvoice ibay directories (web invoice)
#------------------------------------------------------------
<Directory /home/e-smith/files/ibays/webinvoice/html>
Options None
Options +Indexes
Options +Includes
AllowOverride None
order deny,allow
deny from all
allow from all
</Directory>
<Directory /home/e-smith/files/ibays/webinvoice/cgi-bin>
Options ExecCGI
AllowOverride None
order deny,allow
deny from all
allow from all
</Directory>
<Directory /home/e-smith/files/ibays/webinvoice/files>
AllowOverride None
order deny,allow
deny from all
allow from all
</Directory>
<Directory /home/e-smith/files/ibays/Primary/html>
AddType application/x-httpd-php .php .php3 .phtml
AddType application/x-httpd-php-source .phps
php_admin_value open_basedir /home/e-smith/files/ibays/Primary
</Directory>
<Directory /home/e-smith/files/ibays/webinvoice/html>
AddType application/x-httpd-php .php .php3 .phtml
AddType application/x-httpd-php-source .phps
php_admin_value open_basedir /home/e-smith/files/ibays/webinvoice
</Directory>
Alias /wpad.dat /etc/httpd/conf/proxy/proxy.pac
<Location /wpad.dat>
order deny,allow
deny from all
allow from 127.0.0.1 192.168.1.0/255.255.255.0
</Location>
Alias /proxy.pac /etc/httpd/conf/proxy/proxy.pac
<Location /proxy.pac>
order deny,allow
deny from all
allow from 127.0.0.1 192.168.1.0/255.255.255.0
</Location>
-------------index.html file
<html>
<head>
<title>webINVOICE - log in</title>
<link rel="stylesheet" href="inc/style.css" type="text/css">
<script language="">
<!--
function cursor(){document.login.name.focus();}
// -->
</script>
</head>
<body bgcolor="#FFFFFF" text="#000000" onLoad=cursor()>
<img src="images/title.gif" width="308" height="82">
<blockquote><center>
<p><b><font color = navy><h2>Please login</h2></font></b></p>
<table border="0" cellspacing="0" cellpadding="2">
<form action="login.php" method="post" name=login>
<tr>
<td>Username</td>
<td>
<input type="Text" name="name" size="15">
</td>
</tr>
<tr>
<td height="6">Password</td>
<td height="6">
<input type="password" name="password" size="15">
</td>
</tr>
<tr>
<td colspan="2">
<input type="Submit" name="submit" value="Login">
</td>
</tr>
</form>
</table>
<br>
© 2005 Eelriver Networks Software - <a href = "http://www.eelriver.com/software">webINVOICEplus</a>
</center>
</blockquote>
</body>
</html>
--------------login.php file
<?
include("inc/config.php");
$connection = mysql_connect($hostname, $user, $pass) or die ("Unable to connect!");
$query = "SELECT * FROM clients WHERE name = '$name' AND password = PASSWORD('$password')";
$result = mysql_db_query($database, $query, $connection);
if (mysql_num_rows($result) == 1)
{
session_start();
session_register("client_id");
session_register("client_name");
session_register("client_email");
session_register("client_ref");
session_register("client_title");
list($clientid, $name, $pass, $email, $ref, $title) = mysql_fetch_row($result);
$client_id = $clientid;
$client_name = $name;
$client_email = $email;
$client_ref = $ref;
$client_title = $title;
header("Location: menu.php");
mysql_free_result ($result);
mysql_close($connection);
}
else
{
mysql_free_result ($result);
mysql_close($connection);
header("Location: index.html");
exit;
}
?>
--------------http access log from server
eelriver.com 192.168.1.17 - - [11/Nov/2005:17:37:27 -0800] "GET /webinvoice HTTP/1.1" 301 243 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050909 Fedora/1.0.6-1.2.fc4 Firefox/1.0.6"
eelriver.com 192.168.1.17 - - [11/Nov/2005:17:37:27 -0800] "GET /webinvoice/ HTTP/1.1" 200 1084 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050909 Fedora/1.0.6-1.2.fc4 Firefox/1.0.6"
eelriver.com 192.168.1.17 - - [11/Nov/2005:17:37:27 -0800] "GET /webinvoice/inc/style.css HTTP/1.1" 200 557 "http://ns4.eelriver.com/webinvoice/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050909 Fedora/1.0.6-1.2.fc4 Firefox/1.0.6"
eelriver.com 192.168.1.17 - - [11/Nov/2005:17:37:27 -0800] "GET /webinvoice/images/title.gif HTTP/1.1" 200 4692 "http://ns4.eelriver.com/webinvoice/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050909 Fedora/1.0.6-1.2.fc4 Firefox/1.0.6"
eelriver.com 192.168.1.17 - - [11/Nov/2005:17:37:37 -0800] "POST /webinvoice/login.php HTTP/1.1" 302 - "http://ns4.eelriver.com/webinvoice/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050909 Fedora/1.0.6-1.2.fc4 Firefox/1.0.6"
eelriver.com 192.168.1.17 - - [11/Nov/2005:17:37:38 -0800] "GET /webinvoice/index.html HTTP/1.1" 200 1084 "http://ns4.eelriver.com/webinvoice/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050909 Fedora/1.0.6-1.2.fc4 Firefox/1.0.6"
httpd logs set to debug to try to find problem
other than that no other server mods by phpmyadmin provided by DMay
-
Thanks! One question while I look at this a bit -
in httpd.conf, doesn't the line:
# AddHandler php-script php
need to be
AddHandler php-script .php
for Apache to know to parse the login.php file as php?
RonM
-
No to answer your question it is a Line I added from reviewing a Sme 6.01 server config file tried it didn't seem to make a difference so I commented it out
Also have noticed the auth_db module may be a typo in conf.d file states load module mysql_auth_module module/mod_auth_external.so
Don't know if it is even loading though my Centos httpd.conf has a line in it to load the conf.d files by using
include /conf.d
In reviewing the Sme setup I find that the Apache 2 setup doesn't seem to be correct as described in the Apache docs
Apache 2 uses the conf.d directory for extra modules info while Sme has put the module settings all in the httpd.conf
IE:
php module info
pauth module info
ssl module info
I have tried the include /conf.d line as Centos uses and Sme squaks loading httpd that php ssl & pauth are already loaded
Problems may be from Sme not conforming to the NEW Apaches standards for settings - just a thought
-
Please report any bugs to the bugtracker at smeserver.sourceforge.net. THe forums is not the place to discuss fixes to SME 7 Beta.
-
The error codes
(avail http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html )
say
10.3.2 301 Moved Permanently
The requested resource has been assigned a new permanent URI and any future references to this resource SHOULD use one of the returned URIs. Clients with link editing capabilities ought to automatically re-link references to the Request-URI to one or more of the new references returned by the server, where possible. This response is cacheable unless indicated otherwise.
The new permanent URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s).
If the 301 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.
Note: When automatically redirecting a POST request after
receiving a 301 status code, some existing HTTP/1.0 user agents
will erroneously change it into a GET request.
10.3.3 302 Found
The requested resource resides temporarily under a different URI. Since the redirection might be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. This response is only cacheable if indicated by a Cache-Control or Expires header field.
The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s).
If the 302 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.
Note: RFC 1945 and RFC 2068 specify that the client is not allowed
to change the method on the redirected request. However, most
existing user agent implementations treat 302 as if it were a 303
response, performing a GET on the Location field-value regardless
of the original request method. The status codes 303 and 307 have
been added for servers that wish to make unambiguously clear which
kind of reaction is expected of the client.
I'm wondering if we're simply letting Apache look in the wrong place. You might be able to test this by changing
<form action="login.php" method="post" name=login>
to
<form action="http://ns4.eelriver.com/webinvoice/login.php" method="post" name=login>
if that's the correct URL for login.php. Just a test, obviously not a fix.
I've posted what I found so far on sourceforge:
http://sourceforge.net/tracker/index.php?func=detail&aid=1356058&group_id=96750&atid=615772
RonM