I thought I’d branch this away from the “nginx 0day exploit for nginx +
fastcgi PHP” so as not to fog up that issue more. As you may know from
my contributions to that thread (starting at Re: nginx 0day exploit for nginx + fastcgi PHP), I
had problems with cgi.fix-pathinfo=0 breaking extensionless php files
that Igor had created locations for back in '08.
Since my regular .php files seem to work fine regardless of the
settings, I thought I’d bite the bullet and create .php versions of my
extensionless scripts and have nginx rewrite the clean urls to the new
.php versions, passing the path info on as a get variable. I’d then just
have my php scripts explode that variable instead of the
$_SERVER[PATH_INFO] one. I’m guessing it’ll make my life (and Igor’s!)
easier.
I created a phpinfo() test case and put a gazoo.php in the root
directory:
location ^~ /gazoo {
rewrite ^/gazoo(/.*$|$) /gazoo.php?mypath=$1 last;
root /usr/local/apache/htdocs;
fastcgi_pass 127.0.0.1:10004;
}
I restarted nginx and went to
http://www.example.com/gazoo/123/457?page=12 for a full on test.
That seemed to work just fine:
_REQUEST[“mypath”] /123/457
_REQUEST[“page”] 12
_GET[“mypath”] /123/457
_GET[“page”] 12
_SERVER[“QUERY_STRING”] mypath=/123/457&page=12
A couple of quick questions:
-
Are there any issues I should be aware of with my location or regex?
I usually preface my comments with “I suck at regex” so I’m proud I made
it htis far. Just want to make sure there are no problems. -
Most of my extensionless files exist in the root but a couple (e.g.
photos) can be found at any depth. Since I’ll have photos.php dotted
over a few different subdirs, what do I need to change to my location
and regex to make sure that:
example.com/nginx-luncheon/2010/photos/12 runs at
example.com/nginx-luncheon/2010/photos.php and
example.com/regexawards/photos/15 runs at
example.com/regexawards/photos.php?
Thanks all!