Can't Access Includes Above Current Directory - Typo correction

This is a multi-part message in MIME format.

------_=_NextPart_001_01C3C34D.03F13686
Content-Type: text/plain;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

> Hi,
>
Please note my earlier post had a typo in the path of an include
example, all actual include paths have been checked and are valid.

> I'm relatively new to your list and configuring Apache with the SSL
> module enabled and have a newbie configuration glitch I've not been
> able to resolve.
>
> My configuration is:
>
> RH Linux Kernel 2.4.20-8, Apache 2.0.48, OpenSSL -0.9.6l, PHP 4.3.4,
> Apache was compiled with SSL and SSL appears to work OK.
>
> My document root is http - /www/sd/htdocs, https - /www/sd/htdocs/jobs
>
> I don't want anyone accessing the jobs directory so I have a redirect
> in httpd.conf to send requests for http://www/sd/htdocs/jobs to
> https://www/sd/htdocs/jobs instead.
>
> All seems to work fine with http and https access with one blaring
> exception.
>
> My PHP scripts have include directives which pull include files from
> /www/sd/htdocs/include and that all works fine if run from one of the
> http subdirectories i.e.
>
> <?php
> include("../include/prepend.php");
> ....
> ?>
>
> But if I try the above code from a https directory, say
> https://www/sd/hddocs/jobs the it will fail with:
> PHP Warning: main(../include/prepend.php): failed to open stream: No
> such file or directory in /www/sd/htdocs/jobs/index.php on line 4
>
> There is no problem if I change the include location to
> /www/sd/htdocs/jobs/include, I can run the scripts fine. So it seems
> I can include at the same level or below but not up any level in the
> directory tree if using https.
>
> I've also tried SSI to include a file (for testing) with a similar
> result:
>
> <!--#include file=3D"../include/middle.html" -->
> unable to include file "../include/middle.html" in parsed file
> /www/sdfair.com/htdocs/jobs/index.shtml
>
> Fails as you can see from the https side but works fine if run from
> http://www/sd/htdocs/test (an area where SSL is not enabled).
>
> This is the case with all other parts of the web site without SSL, all
> scripts with include directives work fine.
>
> I've searched the web and SSL documentation but I seem to be missing
> something here and am just banging my head against a wall. I've
> modified both httpd.conf and ssl.conf 'til I'm blue with no change in
> function.
>
> I imagine this is some SSL configuration oversight on my part but so
> far I've been unable to find it and would ask for anyone who may be
> able to help to please give suggestions on what directive(s) are
> causing this. I'd really appreciate a point in the right direction on
> a resolution.
>
> Thanks for your help,
>
> .......... Steve

------_=_NextPart_001_01C3C34D.03F13686
Content-Type: text/html;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
6.0.6249.1">
<TITLE>Can't Access Includes Above Current Directory - Typo =
correction</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->

<P><FONT SIZE=3D2 FACE=3D"Arial">Hi,</FONT>
</P>

<P><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">Please note my =
earlier post had a typo in the path of an include example, all actual =
include paths have been checked and are valid.</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">I'm relatively new to your list and =
configuring Apache with the SSL module enabled and have a newbie =
configuration glitch I've not been able to resolve.</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">My configuration is:</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">RH Linux Kernel 2.4.20-8, Apache =
2.0.48, OpenSSL -0.9.6l, PHP 4.3.4,  Apache was compiled with SSL =
and SSL appears to work OK.</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">My document root is http - =
/www/sd/htdocs, https - /www/sd/htdocs/jobs</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">I don't want anyone accessing the jobs =
directory so I have a redirect in httpd.conf to send requests for <A =
HREF=3D"http://www/sd/htdocs/jobs">http://www/sd/htdocs/jobs</A> to <A =
HREF=3D"https://www/sd/htdocs/jobs">https://www/sd/htdocs/jo bs</A> =
instead.</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">All seems to work fine with http and =
https access with one blaring exception.</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">My PHP scripts have include directives =
which pull include files from /www/sd/htdocs/include and that all works =
fine if run from one of the http subdirectories i.e.</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial"><?php </FONT>

<BR><FONT SIZE=3D2 FACE=3D"Arial">    =
include("../include/prepend.php");</FONT>

<BR><FONT SIZE=3D2 FACE=3D"Arial">    ....</FONT>

<BR><FONT SIZE=3D2 FACE=3D"Arial">?></FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">But if I try the above code from a =
https directory, say <A =
HREF=3D"https://www/sd/hddocs/jobs">https://www/sd/hddocs/jo bs</A> the =
it will fail with:</FONT>

<BR><FONT SIZE=3D2 FACE=3D"Arial">PHP Warning:  =
main(../include/prepend.php): failed to open stream: No such file or =
directory in /www/sd/htdocs/jobs/index.php on line 4</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">There is no problem if I change the =
include location to /www/sd/htdocs/jobs/include, I can run the scripts =
fine.  So it seems I can include at the same level or below but not =
up any level in the directory tree if using https.</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">I've also tried SSI to include a file =
(for testing) with a similar result:</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial"><!--#include =
file=3D"../include/middle.html" --></FONT>

<BR><FONT SIZE=3D2 FACE=3D"Arial">unable to include file =
"../include/middle.html" in parsed file =
/www/sdfair.com/htdocs/jobs/index.shtml</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">Fails as you can see from the https =
side but works fine if run from <A =
HREF=3D"http://www/sd/htdocs/test">http://www/sd/htdocs/test</A>  =
(an area where SSL is not enabled).</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">This is the case with all other parts =
of the web site without SSL, all scripts with include directives work =
fine.</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">I've searched the web and SSL =
documentation but I seem to be missing something here and am just =
banging my head against a wall.  I've modified both httpd.conf and =
ssl.conf 'til I'm blue with no change in function.</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">I imagine this is some SSL =
configuration oversight on my part but so far I've been unable to find =
it and would ask for anyone who may be able to help to please give =
suggestions on what directive(s) are causing this.  I'd really =
appreciate a point in the right direction on a resolution.</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">Thanks for your help,</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">.......... Steve</FONT>
</P>

</BODY>
</HTML>
------_=_NextPart_001_01C3C34D.03F13686--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users [at] modssl.org
Automated List Manager majordomo [at] modssl.org
Steve Benson [ Mo, 15 Dezember 2003 21:50 ] [ ID #147311 ]
Webserver » gmane.comp.apache.mod-ssl.user » Can't Access Includes Above Current Directory - Typo correction

Vorheriges Thema: RE: Cannot Access Includes Above Current Directory
Nächstes Thema: Can't Access Includes Above Current Directory

[ Startseite ] [ Administrator ] [ Suche ] [ Hinweise ] [ Impressum ]

Powered by FudForum