I've been struggling for a few days with this and I've finally discovered the problem but not necessarily the solution.
In a previous post, I explained how you can use suhosin to disable dangerous php functions, and enable them on a site-by-site basis if needed. This isn't possible with php's own disable function system, if I remember correctly.
Unfortunately my method of re-enabling a function, which is to use php_admin_value in vhost.conf, does not work when the site is running php in fastcgi mode.
So I added it to the site's own site-specific php.ini but that didn't work either and that really threw me.
Eventually I discovered the problem. At least I think so. config load order.
On my system, using the ART suhosin rpm, the suhosin config goes in /etc/php.d/suhosin.ini
This is loaded after the global php.ini (which obviously gets loaded first).
Unfortunately, suhosin.ini also gets loaded after any site-specific php.ini and so any changes I make in that php.ini gets overriden by suhosin.ini which has all dangerous functions disabled.
My intended solution is to put the suhosin disable function list line (and only that line) back in php.ini and remove it from suhosin.ini. I think that will solve the problem, as the site specific php.ini will be loaded after the global php.ini and therefore override it, while the suhosin.ini won't have that line and can't override my override.
But is there a better way? Any comments?
(incidentally, I'm certain this will work, as putting suhosin into simulation mode does work when you add it to the site-specific php.ini. It works because the default is off but there is no specific line in suhosin.ini setting it off, so it doesn't override the entry in the site-specific php.ini.
suhosin and php-fastcgi config load order problem
suhosin and php-fastcgi config load order problem
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>