I've recently upgraded Apache and PHP on my VPS, and one of the unpleasant surprises was that some scripts which tried including pages from remote sites (I know, not the most secure approach, but there were reasons for that) got broken.
allow_url_fopen
Traditionally, all the websites Google finds suggest that you double-check that your php.ini config has the allow_url_fopen enabled:
allow_url_fopen = On
Well, in my case it was enabled, but scripts were still broken. The really weird thing was that the upgrade procedure didn't include changing the php.ini in any way, so it was fully working before and I kind of expected it to continue working.
allow_url_include
After some quick research, I've found out that PHP 5.1 introduced a new security option to accompany the allow_url_fope, and this was exactly the option which broke my scripts:
allow_url_include = On
There you have it, hope it helps you next time you come across this problem!
No comments:
Post a Comment