Navigation
User login
Quote
Handy WebDAV Hint: GET + PHP = Bad
Here is a good bit for everyone to file away:
I have a local server where the document path's available published as a WebDAV folder. We usually don't put PHP scripts in that folder. But we added one: a PHP utility script.
When I tried opening that script in that folder, I got the page's HTML contents without the PHP. What gives?
WebDAV guru Jim Whitehead explains: since WebDAV uses HTTP GET to fetch a file, the web server will dutifully execute the PHP as it sends it..
Arrgh! Self.isClueless == true.
Solutions:
* Don't put PHP files in WebDAV shares.
* If you do, don't edit them. PUT a new copy when you make changes.
* Using some sort of alias and set-handler-fu you could probably set up an alternate path to the share which doesn't execute PHP.
* Scott Reynen adds: opening the file as .phps if you've enabled it in your Apache configuration.
TotSP Search
Community
Chatter
- You don't need anything
1 sec ago - Hey nice article however, i
2 days 13 hours ago - Appreciation
4 days 9 hours ago - thanks for information...
6 days 6 hours ago - In total agreement on this one
2 weeks 17 hours ago - Suggested change to wrapper
2 weeks 4 days ago - Hmmmm...i jus called it and
2 weeks 4 days ago - I just quit!
2 weeks 4 days ago - Touche!
Pun intended.
2 weeks 6 days ago - Re-pricing the Touch
2 weeks 6 days ago
Comments
RE: Handy WebDAV Hint: GET + PHP = Bad
Yeah that seems like a pretty simple one to handle with .phps or with an httpd setup where the web-dav folder does not EXECUTE php. (And the same would go for server side includes, jsp, etc, if the web server is configured to process them in chained order?)
RE: Handy WebDAV Hint: GET + PHP = Bad
Yeah, I have to wonder about this. Makes me wonder what svn does with PHP pages.