Never, never, NEVER put script files inside of the files directory system. Drupal puts mechanisms in to prevent the execution of those files, through .htaccess. If you try to bypass that, it will complain. Of course if you like seeing your site hacked and all your work destroyed, you can just ignore those complaints. 
Jamie Holly
http://hollyit.net
On 1/31/2015 12:23 PM, Chris Miller wrote:
Hi Folks,

I have a legacy php script that displays a form, accepts input and posts back to itself, where it looks for a non-zero $_POST array to decide if it is processing or displaying. In the event of process, it updates a database and redirects to a thank-you page. Simple.

I put this script in /site/default/files/form.php and I href'd it to a picture. When I click the picture, I get the text of form.php, not the result of processing. I have discovered that if I put the form on a different website, then I do get execution, so apparently Drupal is able to suppress php execution within its URL space. How do I bypass anti-execution restriction for this legacy script? Or, how do I incorporate this legacy script into an existing Drupal site?

Thanks for the help,

Chris.