Hi Folks,
I have a legacy php script that displays a form, accepts input and posts back to itself, where it looks for a non-zero $_POST array to decide if it is processing or displaying. In the event of process, it updates a database and redirects to a thank-you page. Simple.
I put this script in /site/default/files/form.php and I href'd it to a picture. When I click the picture, I get the text of form.php, not the result of processing. I have discovered that if I put the form on a different website, then I do get execution, so apparently Drupal is able to suppress php execution within its URL space. How do I bypass anti-execution restriction for this legacy script? Or, how do I incorporate this legacy script into an existing Drupal site?
Thanks for the help,
Chris.
Have you run the script directly?
What about short tags? Sometime people use short tags : <? instead of long tags : <?php If it is written using short tags, you can make the needed modification or you can make an adjustment to your php.ini - http://php.net/manual/en/language.basic-syntax.phptags.php
I am just getting into Drupal so I cannot comment on how Drupal might be effected by short tags.
On 2015-01-31 11:23, Chris Miller wrote:
Hi Folks,
I have a legacy php script that displays a form, accepts input and posts back to itself, where it looks for a non-zero $_POST array to decide if it is processing or displaying. In the event of process, it updates a database and redirects to a thank-you page. Simple.
I put this script in /site/default/files/form.php and I href'd it to a picture. When I click the picture, I get the text of form.php, not the result of processing. I have discovered that if I put the form on a different website, then I do get execution, so apparently Drupal is able to suppress php execution within its URL space. How do I bypass anti-execution restriction for this legacy script? Or, how do I incorporate this legacy script into an existing Drupal site?
Thanks for the help,
Chris.
File permissions?
Are there directives preventing Apache from executing php scripts in certain directories or limiting the directories in which php scripts executed?
________________________________ From: support-bounces@drupal.org [support-bounces@drupal.org] on behalf of Chris Miller [cjm@tryx.org] Sent: Saturday, January 31, 2015 11:23 AM To: support@drupal.org Subject: [support] Legacy PHP script
Hi Folks,
I have a legacy php script that displays a form, accepts input and posts back to itself, where it looks for a non-zero $_POST array to decide if it is processing or displaying. In the event of process, it updates a database and redirects to a thank-you page. Simple.
I put this script in /site/default/files/form.php and I href'd it to a picture. When I click the picture, I get the text of form.php, not the result of processing. I have discovered that if I put the form on a different website, then I do get execution, so apparently Drupal is able to suppress php execution within its URL space. How do I bypass anti-execution restriction for this legacy script? Or, how do I incorporate this legacy script into an existing Drupal site?
Thanks for the help,
Chris.
Never, never, NEVER put script files inside of the files directory system. Drupal puts mechanisms in to prevent the execution of those files, through .htaccess. If you try to bypass that, it will complain. Of course if you like seeing your site hacked and all your work destroyed, you can just ignore those complaints.
Jamie Holly http://hollyit.net
On 1/31/2015 12:23 PM, Chris Miller wrote:
Hi Folks,
I have a legacy php script that displays a form, accepts input and posts back to itself, where it looks for a non-zero $_POST array to decide if it is processing or displaying. In the event of process, it updates a database and redirects to a thank-you page. Simple.
I put this script in /site/default/files/form.php and I href'd it to a picture. When I click the picture, I get the text of form.php, not the result of processing. I have discovered that if I put the form on a different website, then I do get execution, so apparently Drupal is able to suppress php execution within its URL space. How do I bypass anti-execution restriction for this legacy script? Or, how do I incorporate this legacy script into an existing Drupal site?
Thanks for the help,
Chris.
-
Borwick, James Bryce -
Chris Miller -
Jamie Holly -
Keith Smith