Redirect loop when using FastCGI #34

Open
opened 2015-09-25 04:56:19 +00:00 by deon · 2 comments
deon commented 2015-09-25 04:56:19 +00:00 (Migrated from gitlab.dege.au)

There is a redirect loop when using FastCGI. The problem is that in this case $_SERVER['SCRIPT_NAME'] is not filled with the running PHP script but the CGI wrapper. So PLA will redirect to index.php over and over again.

This patch for lib/common.php fixes the issue.

diff --git a/lib/common.php b/lib/common.php
index 1ab1672..5b77d34 100644
--- a/lib/common.php
+++ b/lib/common.php
@@ -40,18 +40,19 @@ $app['direct_scripts'] = array('cmd.php','index.php',
 
 # Which script was invoked.
 $app['script_running'] = $_SERVER['SCRIPT_NAME'];
+$app['script_request_uri'] = $_SERVER['REQUEST_URI'];
 
 foreach ($app['direct_scripts'] as $script) {
 	$app['scriptOK'] = false;
 
-	if (preg_match('/'.$script.'$/',$app['script_running'])) {
+	if (preg_match('/'.$script.'$/',$app['script_running']) || preg_match('/[^\\?]*'.$script.'/',$app['script_request_uri'])) {
 		$app['scriptOK'] = true;
 		break;
 	}
 }
 
 # Anything in the tools dir or cron dir can be executed directly.
-if ((! $app['scriptOK'] && preg_match('/^\/[cron|tools]/',$app['script_running'])) || ! isset($_SERVER['SERVER_SOFTWARE']))
+if ((! $app['scriptOK'] && (preg_match('/^\/[cron|tools]/',$app['script_running']) || preg_match('/^\/[cron|tools]/',$app['script_request_uri']))) || ! isset($_SERVER['SERVER_SOFTWARE']))
 	$app['scriptOK'] = true;
 
 if (! $app['scriptOK']) {
There is a redirect loop when using FastCGI. The problem is that in this case $_SERVER['SCRIPT_NAME'] is not filled with the running PHP script but the CGI wrapper. So PLA will redirect to index.php over and over again. This patch for lib/common.php fixes the issue. ```diff diff --git a/lib/common.php b/lib/common.php index 1ab1672..5b77d34 100644 --- a/lib/common.php +++ b/lib/common.php @@ -40,18 +40,19 @@ $app['direct_scripts'] = array('cmd.php','index.php', # Which script was invoked. $app['script_running'] = $_SERVER['SCRIPT_NAME']; +$app['script_request_uri'] = $_SERVER['REQUEST_URI']; foreach ($app['direct_scripts'] as $script) { $app['scriptOK'] = false; - if (preg_match('/'.$script.'$/',$app['script_running'])) { + if (preg_match('/'.$script.'$/',$app['script_running']) || preg_match('/[^\\?]*'.$script.'/',$app['script_request_uri'])) { $app['scriptOK'] = true; break; } } # Anything in the tools dir or cron dir can be executed directly. -if ((! $app['scriptOK'] && preg_match('/^\/[cron|tools]/',$app['script_running'])) || ! isset($_SERVER['SERVER_SOFTWARE'])) +if ((! $app['scriptOK'] && (preg_match('/^\/[cron|tools]/',$app['script_running']) || preg_match('/^\/[cron|tools]/',$app['script_request_uri']))) || ! isset($_SERVER['SERVER_SOFTWARE'])) $app['scriptOK'] = true; if (! $app['scriptOK']) { ```
deon commented 2015-09-25 05:03:11 +00:00 (Migrated from gitlab.dege.au)

This can be addressed by setting the appropriate fastcgi variable. I struck the issue when using nginx, and the following config allowed phpldapadmin to work without modification (assuming you know where to put it):

fastcgi_param SCRIPT_NAME $fastcgi_script_name;

This can be addressed by setting the appropriate fastcgi variable. I struck the issue when using nginx, and the following config allowed phpldapadmin to work without modification (assuming you know where to put it): `fastcgi_param SCRIPT_NAME $fastcgi_script_name;`
deon commented 2020-08-23 02:36:10 +00:00 (Migrated from gitlab.dege.au)

mentioned in commit e46579b34e

mentioned in commit e46579b34ef99e37bec9a6742b833af672cc1f78
Sign in to join this conversation.
No Label
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: deon/phpldapadmin#34
No description provided.