Archive for January 12th, 2012

nearlyfreespeech runs with safe mode and safe_mode_gid on, so you can't run shell scripts or other cool things. Usually that's not an issue, but if you do, they let you run CGI scripts, in any of a number of languages. You just have to treat it as a shell script, with a shebang notation of the proper language. There are a few caveats that took me a day to find out:

  1. The correct program is /usr/local/bin/php-cgi (or whereever your server puts PHP), not /usr/local/bin/php. That is the command-line interpreter, which does not output the headers. You can manually do echo "Content-type: text/html\n" etc., followed by a blank line, but who wants to try to debug that?
  2. The script has to be executable. You get a 500 Server Error otherwise. Do a chmod +x scriptname.cgi.
  3. Scripts need the appropriate file and directory permissions to write to the server. Changing the permissions of the server directory is probably too insecure (though for safe mode it's the only way); it's better to set-uid the script, but then keep it under wraps.

So a sample CGI script would be:

#!/usr/local/bin/php-cgi
<?php echo "Hello, world"; ?>

in an executable file with a .cgi extension.

Note that FTP and SFTP can't set the setuid bit, so that if you upload the file (or edit it with an FTP-aware editor like Notepad++), you need to chmod 477 scriptname.cgi again.

I've learned some things about .htaccess, but mostly I've learned that programming it is deep black magic. The most important thing is "Don't use mod-rewrite unless you absolutely need to". All the fancy stuff is better off done by the PHP (or whatever language you're using) code.

Don't do:

RewriteEngine On
RewriteBase /
RewriteRule ^([^/\.]+)/$ /index.php?main=$1&part=$1 [QSA,L]
RewriteRule ^([^/\.]+)/([^/\.]+)$ /index.php?main=$1&part=$2 [QSA,L]

to map your site to your index page; do:

FallbackResource /index.php

And in index.php parse the $_SERVER['REQUEST_URI'] to get your page/subpage arguments. Much easier to debug!

And to use FallbackResource you need to be running Apache 2.2, so get a good web host.