suPHP and .phps PHP code highlighting support
Today a user on one of my web servers asked me why .phps files would only download and not show the highlighted PHP code as expected.
This is usually done by adding the following to your “httpd.conf”…
AddType ‘application/x-httpd-php-source’ .phps
We use the cPanel web hosting control panel and to improve security cPanel recommend using suPHP, which allows PHP scripts to run as a user rather than “nobody”.
This means that adding the above line to “httpd.conf” does not work with suPHP.
So what can be done?
The official word is located in the suPHP FAQ, which says:
Does suPHP support code highlighting by using the “.phps” extension?
suPHP itself has no support for code highlighting. The main reason is that PHP-CGI does not support any input parameter to activate code highlighting. However there is a solution based on a small PHP script and some rewrite rules. You can find the discussion at http://forums.macosxhints.com/archive/index.php/t-23595.html.
So I decided to checkout the suggested link.
I noticed that even though the FAQ suggested using rewrite rules, the forum did not provide any kind of working solution.
Using the PHP code supplied, and a bit of rewrite ingenuity we can get this working as expected.
First, create a file called “phpsource.php”, in this file paste the following code:
<?php
if (substr($_GET['file'],strpos($_GET['file'],’.')) == ‘.phps’) {
highlight_file($_GET['file']);
}
?>
Then, in your “.htaccess”, paste the following code:
RewriteRule ^(.+\.phps)$ phpsource.php?file=$1 [L]
Note: If you don’t already have rewrites turned on in your “.htaccess” file, you will also need the line “RewriteEngine On” at the top.
What this will do is pass all “.phps” files through your “phpsource.php” script, and output a highlighted version.
The benefits of this solution is that it’s portable (will work on any server); it won’t(/shouldn’t) break when you upgrade apache or PHP; it’s pretty secure as it’ll only handle .phps files, as expected; it’s quick and effective.
Related posts:
- Friendly URLs (revisited) Turn dynamic URLs into friendly URLs I’m sure we’re all...
- PHP getmxrr() support for windows As many of you may be aware there’s a lack...
- Creating subdomains from directories using mod_rewrite in Apache .htaccess The idea was to have the ability to create unlimited...
- Storing mySQL database settings for php and perl in one file I have a situation where there’s two scripts. The main...
- HM2K’s code repository HM2K’s code repository is now open for business! This repository...
Zeeshan said,
August 1, 2008 @ 2:27 pm
Investigate send_parsed_php_source() in mod_php4/5.c to see how it handles the “application/x-httpd-php-source” handler type or form a second handler (or third handler) in suPHP which specifically points to a PHP CGI that contains the initial param of ‘-s’. Assign “application/x-httpd-php-source” to suPHP’s new handler and any file then given to this PHP CGI binary will output syntax highlighted source code.
TeeCee said,
December 6, 2008 @ 11:20 am
Hi!
There is some problem with this code…
1.) The highlight_file() is often disabled because the safe_mode = ON setting. This can be eliminatedwith some workaround, since highlight_string() is working in that case…
2.) The substr… strpos… checking is bad, because it splits the string at the first dot in the path!
My version that works on my safe_mode running server:
if ( strtolower(@array_pop(explode(‘.’,$_GET['file']))) === ‘phps’) {
highlight_string(join(”, file($_GET['file'])));
}
NiLon said,
December 13, 2009 @ 12:29 pm
To apache confs add handler for .phps
AddType application/x-httpd-php-source .phps
suPHP_AddHandler application/x-httpd-php-source
then go to suphp.conf and add binaries that handle requests, for source I use wrapper
application/x-httpd-php=php:/usr/bin/php-cgi
application/x-httpd-php-source=php:/tmp/php-cgi-source
/tmp/php-cgi-source is file containing only line:
#!/usr/bin/php-cgi -s
restart webserver and you are good to go