Page 2 of 2
Re: IM With PHP exec ()
Posted: 2007-11-24T08:57:54-07:00
by Bonzo
Its not something I have ever had to do and to be honist if there was a problem I would expect my hosts to sort it out.
There is this function but again you can only modify what your host allows you to:
http://uk2.php.net/putenv
Re: IM With PHP exec ()
Posted: 2007-11-25T17:54:09-07:00
by anthony
Having read the function, I can see that it can be difficult to set PATH in that way due to 'security concerns'. Arrrggghhh.....
This is a pain, and means you need have to rely on the servers system administrators to, 'set things up right', whcih I am starting to feel is a rare occurance, as they are more interested in just getting it running without understanding the in's and out's. I know I am one of them in my normal real world work.
The only workaround then is to set the PATH yourself for each and every system() or exec() like command, or call a seperate 'cgi-like' script to do all the processing outside PHP. Neither is very good from a higher level programming point of view.
Re: IM With PHP exec ()
Posted: 2007-11-26T13:09:43-07:00
by Bonzo
I found the coments below in my php.ini file and as you say it still depends on the server setup and permissions.
; Setting certain environment variables may be a potential security breach.
; This directive contains a comma-delimited list of prefixes. In Safe Mode,
; the user may only alter environment variables whose names begin with the
; prefixes supplied here. By default, users will only be able to set
; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
;
; Note: If this directive is empty, PHP will let the user modify ANY
; environment variable!
safe_mode_allowed_env_vars = PHP_
; This directive contains a comma-delimited list of environment variables that
; the end user won't be able to change using putenv(). These variables will be
; protected even if safe_mode_allowed_env_vars is set to allow to change them.
safe_mode_protected_env_vars = LD_LIBRARY_PATH
Re: IM With PHP exec ()
Posted: 2007-11-26T17:48:14-07:00
by anthony
Yes. and that is probably the default setting. Very secure, especially to prevent a hacker say changing PATH and/or LD_LIBRARY_PATH, to cause a PHP script to call a hacked version of a program or library.
But it does make in more inconvenient to PHP script writers when the default PATH and LD_LIBRARY_PATH settings passed to the web server and thus PHP does not include the desired ImageMagick, Ghostscript and other delegate applications and libraries.
Setting these variables intelligently is not generally on the 'how to install' guides for setting up Web servers with PHP, which makes use of IM.
So we are back to the PHP application programmer figuring out specific system settings needed for calling IM. Whether it is the location of "convert", a PATH setting for "gs" or just LD_LIBRARY_PATH settings needed to find libraries such as "libjpeg.so" or more unusual libraries PHP itself does not require like "librsvg.so".
"Oh the pain! The pain!" -- Doctor Smith, Lost in Space