ODBC

decomplexity · ‎30-07-2007

I was one of the many who responded two years ago to 'persuasion' from Ian Wild et al to move my PHP and databases from CCGI to Preview PAYH. And – whoops – remote ODBC which linked my mySQL databases to Microsoft Access stopped working, apparently because port 3306 was firewalled off in PAYH. At the time the block on ODBC was not a big deal and I found other ways to do what I wanted. (The SafeMode restrictions caused by PAYH’s use of an earlier version of Plesk whose Apache did not support FastCGI was a much more painful problem).
I have been away from things for some time, but am now getting involved again. With the redevelopment of the CGI platform which has tightened security, does anyone know:
- if such ODBC links are still supported on CGI
- if PAYH still blocks them
- if suExec on CGI fixes the SafeMode problems
- should I shift everything back? (what are others in the same boat doing?)

Zen from May 17. PN Business account from 2004 - 2017

pjmarsh · ‎06-04-2007

I would have thought if ODBC to the mysql servers worked before, then it will still work. MySQL is separate to the ccgi platform and has not been changed with the upgrade to that.
Phil

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

decomplexity · ‎30-07-2007

Thanks Phil.
And I guess my second point - does PAYH still block 3306 is answered by a PUG change request I have found which was last updated in April and which still shows PAYH as blocking 3306.
Anyone care to comment on the residual related items, particularly whether the use of suExec on CGI fixes the current PAYH Plesk SafeMode restrictions which still cause problems with my phpBB and which would certainly make it worth my moving my phpBB back to CGI

Zen from May 17. PN Business account from 2004 - 2017

pjmarsh · ‎06-04-2007

Since no one else has replied, I'll post my thoughts on this, which maybe incorrect! I would hazzard a guess that Safe Mode isn't enabled on the ccgi platform. The reason being 2 fold. Firstly there hasn't been anyone complaining about problems that would be associated with Safe Mode, as there was with the PAYG platform when it was enabled. Secondly because I think suExec overcomes the main reason for Safe Mode, ie suExec works on a per user basis, in that PHP runs as the user who's site it is. Safe Mode was to stop people reading other peoples files since they are all run as the same user.
Hope that makes sense, and also is correct!
Phil

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

spraxyt · ‎06-04-2007

Safe mode is definitely 'off' on the new ccgi platform, as it was on the old one. register_globals is currently 'on' (as it was on old ccgi), though will be turned 'off' soon (it's 'off' on PAYH). magic_quotes_gpc is 'off' (again as for old ccgi) whereas it is 'on' on PAYH.
suEXEC works fine as long as one is careful to respect its security model requirements, particularly with regard to directory and file permissions. There are also restrictions on what one can override in .htaccess files.
One feature that has caused the odd problem is the introduction of /~username in certain PHP / environment variables, namely SCRIPT_NAME and PHP_SELF. Changing to REQUEST_URI avoids that. DOCUMENT_ROOT is not usable on new ccgi (it wasn't on old ccgi either, but is on PAYH).
A read of the cgi platform php upgrade faq might be helpful to decision making.
David

David

Gabe · ‎29-10-2008

I still have an active site on PAYH and at present have no plans to move it. If the main problem is with safe mode restrictions, there are workarounds which make use of the CLI and CGI versions of PHP on PAYH. One way to avoid the need for safe mode on PAYH is to use a wrapper (cries of "oh no, not again"):
phpwrapper.cgi

#!/opt/php52/bin/php5-cgi
<?php
$_ENV["SCRIPT_NAME"]=$_SERVER['PHP_SELF']=$_SERVER["SCRIPT_NAME"]=$_ENV["REDIRECT_URL"];
$_ENV["SCRIPT_FILENAME"]=$_SERVER["SCRIPT_FILENAME"]=$_SERVER["DOCUMENT_ROOT"].$_ENV["REDIRECT_URL"];
ereg('^(.*)/([^/]*\.php)$', $_ENV["REDIRECT_URL"], $wrap_url);
chdir('/var/www/vhosts/username.plushost.co.uk/httpdocs/'.$wrap_url{1});
include $wrap_url{2};
?>

replacing username. Place in the cgi-bin and add this .htaccess to your root:


rewriteEngine on
RewriteCond %{REQUEST_URI} \.php$
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_URI} !^cgi-bin/phpwrapper\.cgi
RewriteRule .* cgi-bin/phpwrapper.cgi

You may also need to disable phpBB's own .htaccess. Then you can run your site without safe-mode restrictions and with includes permissions on .php files. (NB, to avoid confusion, this wrapper is for PAYH. A slightly different one was recently suggested for ccgi, so solve a different set of problems.)
Gabe

decomplexity · ‎30-07-2007

And - after a bit of experimenting - I can now answer my own question about whether ODBC (via port 3306) is supported in the updated CGI environment: it is - presumbly (as pjmarsh has already posted) because the mySQL servers humbug and rumpus are independent of the CGI platform.
Shame PAYH has to be crippled in this way

Zen from May 17. PN Business account from 2004 - 2017

ODBC

ODBC

Re: ODBC

Re: ODBC

Re: ODBC

Re: ODBC

Re: ODBC

Re: ODBC