[support] Legacy PHP script
Jamie Holly
hovercrafter at earthlink.net
Sat Jan 31 18:43:35 UTC 2015
Never, never, NEVER put script files inside of the files directory
system. Drupal puts mechanisms in to prevent the execution of those
files, through .htaccess. If you try to bypass that, it will complain.
Of course if you like seeing your site hacked and all your work
destroyed, you can just ignore those complaints.
Jamie Holly
http://hollyit.net
On 1/31/2015 12:23 PM, Chris Miller wrote:
> Hi Folks,
>
> I have a legacy php script that displays a form, accepts input and
> posts back to itself, where it looks for a non-zero $_POST array to
> decide if it is processing or displaying. In the event of process, it
> updates a database and redirects to a thank-you page. Simple.
>
> I put this script in /site/default/files/form.php and I href'd it to a
> picture. When I click the picture, I get the text of form.php, not the
> result of processing. I have discovered that if I put the form on a
> different website, then I do get execution, so apparently Drupal is
> able to suppress php execution within its URL space. How do I bypass
> anti-execution restriction for this legacy script? Or, how do I
> incorporate this legacy script into an existing Drupal site?
>
> Thanks for the help,
>
> Chris.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20150131/25383259/attachment.html
More information about the support
mailing list