Langages :: PHP :: Can <?php phpinfo() ?> be wrong? |
|||
Par : TunaMaxx  |
Date : 05/09/2003 00:00:00  |
Points: 300 | État : Répondue Qualité : Excellente |
|
A number of searches have not revealed an answer, so sorry if this topic has already been discussed. I am brand new to PHP and am in the middle of building a PHP-Nuke / phpBB site. I've managed to get everything setup and running, and it seems to be working for the most part. However, I was trying to track down a potential sendmail problem and used analyze.php as suggested in many forums. Analyze.php is available here: <A HREF="http://nukecops.com/downloads-file-13-details-Analyzer.html">http://nukecops.com/downloads-file-13-details-Analyzer.html</a> Anyway, the result of the script was alarming in that it told me the version of PHP running on the hosted server (v4.2.2) was insecure, and I should contact the webhost and get them to upgrade to 4.3.2 or higher. I trimmed the results of analyze.php and posted it here: <A HREF="http://www.jerobee.com/php_warning.html">http://www.jerobee.com/php_warning.html</a> I wrote to the host and gave them this information. Their response was: "...that server is already running PHP Version 4.3.2. We suspect that you are returned this error because PHP is currently set to run in safe mode. There is no problem with our server." While I certainly don't think I know more about running a webserver then they do, the response didn't seem accurate. I ran a <?php phpinfo() ?> and the results were puzzling. The first bit of text in the resulting tables said: "PHP Version 4.2.2" and any references to 'safe_mode' were "disabled," "off," or "no value." My question is, is there anyway to tell from the information I have given whether: (1) The webhost is telling the truth, and 4.3.2 run in safe mode will report itself as 4.2.2 (2) They've made a mistake and think that the server is running a higher version of PHP than it actually is. -or- (3) It's too much work to upgrade to 4.3.2 or better, so they lied to me? If it turns out to be #2 (or especially #3) can you assist me in what I need to say to them in order to secure the server? Thanks, Tuna |
|||
| Par : FaithRaven | Date : 06/09/2003 05:14:00 | |
Type : Commentaire |
| Hello You get that insecure warning only because a new version of php has been released. (1) Even if you PHP is in safe mode, phpinfo() would not retrive incorect data (2) Err, I really don't think that they are so idiots. (3) At big hosting companies is preaty hard to upgrade something. Many companies don't upgrade every version, only at 2-3 versions. It's not a problem if PHP 4.2.2 is running and not 4.3.2 because I never heard about an exploit for PHP 4.2.2 . The big problem is if the lie you. From my own experience from installing a lot php versions on almoust all kind of servers, i know that phpinfo() never "lie" Yours, FaithRaven |
|||
| Par : VGR | Date : 06/09/2003 19:04:00 | |
Type : Commentaire |
| answer is (2) for sure because of (1) :D |
|||
| Par : VGR | Date : 06/09/2003 19:05:00 | |
Type : Commentaire |
| BTW, don't trust "analyse.php" : it's human-made too :D PHP 4.2.2 works perfectly well also |
|||
| Par : VGR | Date : 06/09/2003 19:06:00 | |
Type : Commentaire |
| after having read the ONLY warning from <A HREF="http://www.jerobee.com/php_warning.html">http://www.jerobee.com/php_warning.html</a>, I think it's a rather improbable event don't worry, be happy |
|||
| Par : TunaMaxx | Date : 06/09/2003 19:13:00 | |
Type : Commentaire |
| Ananlyze.php made such a big deal out it that I thought maybe the sky was falling! However, more research and the comments from you two has lead me to believe that maybe 4.2.2 isn't so bad after all. So if it... walks like a duck [phpinfo = 4.2.2] quacks like a duck [analyze.php = 4.2.2] then it must be a duck [PHP ver 4.2.2] right? So now, what do I tell the host? I wonder why they'd mislead me... |
|||
| Par : FaithRaven | Date : 06/09/2003 19:22:00 | |
Type : Réponse |
| I didn't told him to trust analyse.php, i just sayed that phpinfo() can't do a mistake like that, also i never saw phpinfo() showing eronate info. TunaMaxx, stay calm, PHP 4.2.2 is a preaty new version, you can install ABSOLUTLY what you want on it, you will find no script that will say that this version is too old. Also don't worry about security, until now it haven't been found a bug that can be remote exploited. I also want to (re)tell you that analyse.php told that your current version is old ONLY because it detected a new version released. I think that your only real problem is your hosting, because i think they lie you. I think it's impossible to be so idiots that they don't know their PHP version. In conclusion, stay calm, nothing bad can happend with you, but you should slap your hosting a little. Yours, FaithRaven |
|||
| Par : VGR | Date : 06/09/2003 19:24:00 | |
Type : Assistance |
| perhaps they's many hosts and don't took the time to look at that particular one. Look in phpinfo()-who-never-lies, get the server IP@ or hostname, double-check that the PHP version is really 4.2.2 (they may have upgraded in the meantime ;-)))) and then send to them an email with those "proofs" asking for them to upgrade THAT server, "as the online support told me the other hosts were" don't count on it though, 'cause it's ***at least*** 10 seconds of ***real*** work to downlmoad & upgrade a PHP 4.2.2 in 4.3.x :D |
|||
| Par : TunaMaxx | Date : 06/09/2003 19:28:00 | |
Type : Commentaire |
| Thank you both for your excellent help. Man, I love European Experts Exchange! |
|||
| Par : FaithRaven | Date : 06/09/2003 19:36:00 | |
Type : Commentaire |
| Ah, don't love European Experts Exchange, love me and VGR :) (just jokings, EEE rocks) Also could you do something for me ? Give me all points. Also VGR need to agree :) Yours, FaithRaven |
|||
| Par : TunaMaxx | Date : 06/09/2003 19:39:00 | |
Type : Commentaire |
| I think it's too late. I cranked up the value and gave you both 100 points... |
|||
| Par : FaithRaven | Date : 06/09/2003 19:40:00 | |
Type : Commentaire |
| Ah, nope. you gaved me 100 and him 400 :) |
|||
| Par : TunaMaxx | Date : 06/09/2003 19:44:00 | |
Type : Commentaire |
| I did? How the heck did I do that? I upped the value to 200 when I made my 'EE rocks!' post. Then when I accepted your answer and his assistance, I *thought* I gave 100 each. It even siad that I couldn't award more than 200... |
|||
| Par : FaithRaven | Date : 06/09/2003 19:50:00 | |
Type : Commentaire |
| You gaved me 100, him 100, but you needed to award 500 points, so the rest of 300 was awarded to VGR. So i got 100 and he got 400. Yours, FaithRaven |
|||
| Par : FaithRaven | Date : 06/09/2003 19:51:00 | |
Type : Commentaire |
| Ah sorry, i though it was another question with 500 points, im online for about 15 hours and i think i'm tired :( It's fine don't worry. Thanks for your points and next time you need help use EEE :) Yours, FaithRaven |
|||
| Par : TunaMaxx | Date : 06/09/2003 19:54:00 | |
Type : Commentaire |
| 500? How? I'm tired and have to go to bed. Maybe I made some dumb mistake, but if anyone can fix this... Oh wait! You just reposted. Yes, I am tired too. I'm glad it all worked out... Thank you both for the help. You rock! Thanks, Tuna Zzzzz..... zzzzzz.... Zzzzzz.... zzzz |
|||
| Par : VGR | Date : 06/09/2003 19:58:00 | |
Type : Commentaire |
| na na na you gave me 100 pts with grade A which amounts to 400 and I guess you gave 100 to FaithRaven, but forgot the grade "A" Am I right ? |
|||
| Par : TunaMaxx | Date : 06/09/2003 20:05:00 | |
Type : Commentaire |
| ahhhh... This is what I MEANT to do: Award 100 points each to Raven and VGR and give "A" grades to both as well. If there is anyone that can fix this for me (us) please make it that way. Or, if there is something I have to do, please instruct me. Thanks! Going to sleep now. |
|||
| Par : FaithRaven | Date : 06/09/2003 20:05:00 | |
Type : Commentaire |
| Yes VGR, you are completely right, i just though wrong, in the same time i worked at a 500 points question and i comfuzed it with this one. I just need 1300 points and i hope to make em' today so i'm in a points hurry :) Yours, FaithRaven |
|||
| Par : TunaMaxx | Date : 06/09/2003 21:02:00 | |
Type : Commentaire |
| I wrote and asked how the server could be running PHP 4.3.2 when both Analyze and PHPinfo say it is 4.2.2. This is their response: "Actually that information provided to you was taken from your server. We do not know why that report is given to you, but we can assure you that your server is currently using PHP version 4.3.2." So maybe the answer really is: (2) They've made a mistake and think that the server is running a higher version of PHP than it actually is. |
|||
| Par : VGR | Date : 07/09/2003 05:22:00 | |
Type : Commentaire |
| they are crazy |
|||
| Par : FaithRaven | Date : 07/09/2003 12:39:00 | |
Type : Commentaire |
| They are nuts and continue evading the truth, or they are really idiots ... Yours, FaithRaven |
|||
|
Inscrivez-vous pour répondre |
|||
| Add This Article To: | |||
 Del.icio.us |
 Digg |
 Google |
 Spurl |
 Blink |
 Wong |
 Simpy |
 Y! MyWeb |
Contact
- Privauté
- Contactez-nous
- Conditions d'usage
- Jobs for our Experts
- our friend ActuLab
- Carcasherdotcom Seocontest
- Add Your Link
- Bee Web Directory
- Discover Directory
- FFind Directory
- Link Velocity Directory
- The Little Web Directory
- Red Links
- Tranix
- 2space Global Directory
Fully downloaded more than 1313 Million times
Copyright © 2003 - 2010 The IT European Experts Organization
dernière màj le : 23/07/2008 09:41:27 GMT 0 (CEST)
