Redirect loop when using FastCGI #34

New Issue

Open

opened 2015-09-25 04:56:19 +00:00 by deon · 2 comments

deon commented 2015-09-25 04:56:19 +00:00 (Migrated from gitlab.dege.au)

Copy Link

There is a redirect loop when using FastCGI. The problem is that in this case $_SERVER['SCRIPT_NAME'] is not filled with the running PHP script but the CGI wrapper. So PLA will redirect to index.php over and over again.

This patch for lib/common.php fixes the issue.

diff --git a/lib/common.php b/lib/common.php
index 1ab1672..5b77d34 100644
--- a/lib/common.php
+++ b/lib/common.php
@@ -40,18 +40,19 @@ $app['direct_scripts'] = array('cmd.php','index.php',
 
 # Which script was invoked.
 $app['script_running'] = $_SERVER['SCRIPT_NAME'];
+$app['script_request_uri'] = $_SERVER['REQUEST_URI'];
 
 foreach ($app['direct_scripts'] as $script) {
 	$app['scriptOK'] = false;
 
-	if (preg_match('/'.$script.'$/',$app['script_running'])) {
+	if (preg_match('/'.$script.'$/',$app['script_running']) || preg_match('/[^\\?]*'.$script.'/',$app['script_request_uri'])) {
 		$app['scriptOK'] = true;
 		break;
 	}
 }
 
 # Anything in the tools dir or cron dir can be executed directly.
-if ((! $app['scriptOK'] && preg_match('/^\/[cron|tools]/',$app['script_running'])) || ! isset($_SERVER['SERVER_SOFTWARE']))
+if ((! $app['scriptOK'] && (preg_match('/^\/[cron|tools]/',$app['script_running']) || preg_match('/^\/[cron|tools]/',$app['script_request_uri']))) || ! isset($_SERVER['SERVER_SOFTWARE']))
 	$app['scriptOK'] = true;
 
 if (! $app['scriptOK']) {

There is a redirect loop when using FastCGI. The problem is that in this case $_SERVER['SCRIPT_NAME'] is not filled with the running PHP script but the CGI wrapper. So PLA will redirect to index.php over and over again. This patch for lib/common.php fixes the issue. ```diff diff --git a/lib/common.php b/lib/common.php index 1ab1672..5b77d34 100644 --- a/lib/common.php +++ b/lib/common.php @@ -40,18 +40,19 @@ $app['direct_scripts'] = array('cmd.php','index.php', # Which script was invoked. $app['script_running'] = $_SERVER['SCRIPT_NAME']; +$app['script_request_uri'] = $_SERVER['REQUEST_URI']; foreach ($app['direct_scripts'] as $script) { $app['scriptOK'] = false; - if (preg_match('/'.$script.'$/',$app['script_running'])) { + if (preg_match('/'.$script.'$/',$app['script_running']) || preg_match('/[^\\?]*'.$script.'/',$app['script_request_uri'])) { $app['scriptOK'] = true; break; } } # Anything in the tools dir or cron dir can be executed directly. -if ((! $app['scriptOK'] && preg_match('/^\/[cron|tools]/',$app['script_running'])) || ! isset($_SERVER['SERVER_SOFTWARE'])) +if ((! $app['scriptOK'] && (preg_match('/^\/[cron|tools]/',$app['script_running']) || preg_match('/^\/[cron|tools]/',$app['script_request_uri']))) || ! isset($_SERVER['SERVER_SOFTWARE'])) $app['scriptOK'] = true; if (! $app['scriptOK']) { ```

deon commented 2015-09-25 05:03:11 +00:00 (Migrated from gitlab.dege.au)

Copy Link

This can be addressed by setting the appropriate fastcgi variable. I struck the issue when using nginx, and the following config allowed phpldapadmin to work without modification (assuming you know where to put it):

fastcgi_param SCRIPT_NAME $fastcgi_script_name;

This can be addressed by setting the appropriate fastcgi variable. I struck the issue when using nginx, and the following config allowed phpldapadmin to work without modification (assuming you know where to put it): `fastcgi_param SCRIPT_NAME $fastcgi_script_name;`

deon commented 2020-08-23 02:36:10 +00:00 (Migrated from gitlab.dege.au)

Copy Link

mentioned in commit e46579b34e

mentioned in commit e46579b34ef99e37bec9a6742b833af672cc1f78

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

BRANCH-2.0

BRANCH-1.2

SANDPIT.new

SANDPIT

documentation

BRANCH-1.1

BRANCH-1.0

BRANCH-0.9.7

BRANCH-0.9.8

BRANCH-0.9.6

BRANCH-0.9.4

1.2.6.6

1.2.6.5

1.2.6.4

1.2.6.3

1.2.6.2

1.2.6.1

1.2.6

1.2.5

1.2.4

RELEASE-1.2.3

1.2.3

RELEASE-1.2.2

RELEASE-1.2.1.1

RELEASE-1.2.1

RELEASE-1.2.0.5

RELEASE-1.2.0.4

RELEASE-1.2.0.3

RELEASE-1.2.0.2

RELEASE-1.2.0.1

RELEASE-1.2.0

RELEASE-1.2.0-rc1

RELEASE-1.1.0.7

RELEASE-1.1.0.6

RELEASE-1.1.0.5

RELEASE-1.1.0.4

RELEASE-1.1.0.3

RELEASE-1.1.0.2

RELEASE-1.0.2

RELEASE-1.0.1

RELEASE-0.9.8.5

RELEASE-0.9.8.4

RELEASE-0.9.8.3

RELEASE-0.9.8.2

RELEASE-1.1.0.1

RELEASE-1.1.0

RELEASE-1.0.0

RELEASE-0.9.8.1

RELEASE-0.9.8

RELEASE-0.9.7.2

RELEASE-0.9.7.1

RELEASE-0.9.7

RELEASE-0.9.6c

RELEASE-0.9.6b

RELEASE-0.9.6a

RELEASE-0.9.6

RELEASE-0.9.5

RELEASE-0.9.4b

RELEASE-0.9.4a

RELEASE-0.9.4

RELEASE-0.9.3

RELEASE-0.9.2

RELEASE-0.9.1

RELEASE-0.9.0

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: deon/phpldapadmin#34

No description provided.