View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0017355 | phpList 3 application | Command Line | public | 05-09-14 10:51 | 16-10-14 10:21 |
| Reporter | duncanc | ||||
| Priority | normal | Severity | feature | Reproducibility | sometimes |
| Status | resolved | Resolution | fixed | ||
| Product Version | 3.0.7 | ||||
| Target Version | 3.0.X | Fixed in Version | 3.0.9 | ||
| Summary | 0017355: Recognise php-cgi when run from command line | ||||
| Description | Currently phplist checks the sapi name to be 'cli' to determine whether it is being run from a command line (or equivalently a cron job). Many shared hosts do not provide php-cli, only php-cgi, and to be able to run process queue and process bounces from a cron job people have to use commands such as php /path_to_phplist/admin/index.ph action=processqueue page=pageaction login=zzz password=yyy php /path_to_phplist/admin/index.ph page=processbounces login=zzz password=yyy phplist treats these as web requests, not as commands. Apart from leaking the admin password, this approach means it is not possible to disable the "process the queue" and "process bounces" menu options even when they are being run from cron jobs. Looking at how other packages handle this, Drupal has a function drupal_is_cli() to determine whether php is running as a command or not. function drupal_is_cli() { return (!isset($_SERVER['SERVER_SOFTWARE']) && (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))); } I think that any of a number of $_SERVER variables could be used in place of SERVER_SOFTWARE. I have tested the function and it correctly identifies when php is running as a command - direct linux command - cron job running php-cli - cron job running php-fcgi when php is not running as a command - web page served by apache php mod - web page served by php-fcgi Reviewing the code in admin/index.php there is already a check for something similar # check for commandline and cli version if (!isset($_SERVER["SERVER_NAME"]) && !PHP_SAPI == "cli") { print "Warning: commandline only works well with the cli version of PHP"; } The code never displays the warning because the condition is incorrect - it should be PHP_SAPI != "cli" but do you remember the reason for displaying a warning instead treating it as a fatal error? A warning suggests that the intention is to allow the command but to expect some problems, but the code immediately following allows only a sapi value of "cli", which means that the command is treated as a web request. | ||||
| Tags | No tags attached. | ||||
