Source for file phpagi-fastagi.php

Documentation is available at phpagi-fastagi.php

  1. #!/usr/local/bin/php -q
    2. 

  2. <?php
    3. 

  3.  /**
    4. 

  4.   * phpagi-fastagi.php : PHP FastAGI bootstrap
    5. 

  5.   * Website: http://phpagi.sourceforge.net
    6. 

  6.   *
    7. 

  7.   * $Id: phpagi-fastagi.php,v 1.2 2005/05/25 18:43:48 pinhole Exp $
    8. 

  8.   *
    9. 

  9.   * Copyright (c) 2004, 2005 Matthew Asham <matthewa@bcwireless.net>, David Eder <david@eder.us>
    10. 

  10.   * All Rights Reserved.
    11. 

  11.   *
    12. 

  12.   * This software is released under the terms of the GNU Lesser General Public License v2.1
    13. 

  13.   * A copy of which is available from http://www.gnu.org/copyleft/lesser.html
    14. 

  14.   *
    15. 

  15.   * We would be happy to list your phpagi based application on the phpagi
    16. 

  16.   * website.  Drop me an Email if you'd like us to list your program.
    17. 

  17.   *
    18. 

  18.   * @package phpAGI
    19. 

  19.   * @version 2.0
    20. 

  20.   * @example docs/fastagi.xinetd Example xinetd config file
    21. 

  21.   */
    22. 

  22.  
    23. 

  23.  /**
    24. 

  24.   * Written for PHP 4.3.4, should work with older PHP 4.x versions.
    25. 

  25.   * Please submit bug reports, patches, etc to http://sourceforge.net/projects/phpagi/
    26. 

  26.   * Gracias. :)
    27. 

  27.   *
    28. 

  28.   */
    29. 

  29.  
    30. 

  30.   require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'phpagi.php');
    31. 

  31.  
    32. 

  32.   $fastagi = new AGI();
    33. 

  33.  
    34. 

  34.   $fastagi->verbose(print_r($fastagi, true));
    35. 

  35.  
    36. 

  36.   if(!isset($fastagi->config['fastagi']['basedir']))
    37. 

  37.     $fastagi->config['fastagi']['basedir'] = dirname(__FILE__);
    38. 

  38.  
    39. 

  39.   // perform some security checks
    40. 

  40.  
    41. 

  41.   $script = $fastagi->config['fastagi']['basedir'] . DIRECTORY_SEPARATOR . $fastagi->request['agi_network_script'];
    42. 

  42.  
    43. 

  43.   // in the same directory (or subdirectory)
    44. 

  44.   $mydir = dirname($fastagi->config['fastagi']['basedir']) . DIRECTORY_SEPARATOR;
    45. 

  45.   $dir = dirname($script) . DIRECTORY_SEPARATOR;
    46. 

  46.   if(substr($dir, 0, strlen($mydir)) != $mydir)
    47. 

  47.   {
    48. 

  48.     $fastagi->conlog("$script is not allowed to execute.");
    49. 

  49.     exit;
    50. 

  50.   }
    51. 

  51.  
    52. 

  52.   // make sure it exists
    53. 

  53.   if(!file_exists($script))
    54. 

  54.   {
    55. 

  55.     $fastagi->conlog("$script does not exist.");
    56. 

  56.     exit;
    57. 

  57.   }
    58. 

  58.  
    59. 

  59.   // drop privileges
    60. 

  60.   if(isset($fastagi->config['fastagi']['setuid']) && $fastagi->config['fastagi']['setuid'])
    61. 

  61.   {
    62. 

  62.     $owner = fileowner($script);
    63. 

  63.     $group = filegroup($script);
    64. 

  64.     if(!posix_setgid($group) || !posix_setegid($group) || !posix_setuid($owner) || !posix_seteuid($owner))
    65. 

  65.     {
    66. 

  66.       $fastagi->conlog("failed to lower privileges.");
    67. 

  67.       exit;      
    68. 

  68.     }
    69. 

  69.   }
    70. 

  70.  
    71. 

  71.   // make sure script is still readable
    72. 

  72.   if(!is_readable($script))
    73. 

  73.   {
    74. 

  74.     $fastagi->conlog("$script is not readable.");
    75. 

  75.     exit;
    76. 

  76.   }
    77. 

  77.  
    78. 

  78.   require_once($script);
    79. 

  79. ?>
    80.

Documentation generated on Wed, 16 Nov 2005 12:49:04 -0700 by phpDocumentor 1.3.0RC3