Ralph Frost wrote: > I had a php routine on a shared server running as a CGI script that > encrypted and sent email text. > > It was running fine under PHP version 4.3.6. Then the ISP upgraded to > 4.3.10 on December 16, 2004 and several of the features in the gpg > encryption script running in cgi-bin stopped working. > > phpinfo() in a script run from cgi-bin reports Server > API = Apache. Isn't it supposed to be CGI?? Depends on how the ISP set up cgi-bin -- It would be kind of "odd" for them to force that to use PHP as a Module, but perhaps they thought that would be better. > The ISP did something, and got it back so fopen() and mail() works, but Did what? > Isn't running the script in cgi-bin SUPPOSED TO run as myusername rather > than as nobody? Completely dependent on what the ISP put in httpd.conf > What mistakes m I making? Is this a php upgrade/configuration problem > that > the ISP needs to look at, Yes. > or it is a general security issue which used to > work but now is not going to be allowed... Not from PHP itself, but perhaps from your ISP. > and the ISP doesn't want to > tell me? Perhaps they simply don't understand what they used to have set up, nor what they have done now... Or they had problems with users abusing cgi-bin / PHP CGI usage. There *are* issues involved that are not readily solved in the options among CGI and Module usage, and ISPs tend to alter things when they have problems. These usually just open up other, different problems, but there it is. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
