Mental Health and Wellness support

You are here

PHP on Sandcastle

Running PHP scripts on Sandcastle

For security reasons, PHP scripts on Sandcastle are run as CGI scripts rather than through the PHP module in the webserver. This means that there are some specific requirements that are not documented in most discussions of PHP programming.

Step 1 - Calling the executable

In a CGI script file the first line of the script must identify the program that is going to be used to run the script file. On Sandcastle the PHP executable is located at: /usr/bin/php-cgi so the first line of any PHP file which is accessed by the browser must be:

#!/usr/bin/php-cgi

The file must have the extension .php and it is important that the file is in the proper text format. If the file was created on a Windows system then it will have incorrect line endings. To check if this is the case you can log into Sandcastle through SSH, navigate to the directory containing the file and type 'cat -v filename' and if the file is in DOS text mode you will see a ^M character at the end of each line. If that is the case you can use the program 'dos2unix filename' to convert the file.
Note: PHP include files (if they are never directly accessed by the the browsers) do not need the #!/usr/bin/php-cgi line.

Step 2 - Setting permissions

As a CGI script, the file will be run as the owner and must have the user executable bit set for the permissions. The permissions on the file should be 700 (rwxr-----) so that the webserver can execute the file. If the PHP file or any directory above it in the tree, is writable by anyone other than the user account the webserver will refuse to execute the file (so permissions 777 and 666 will prevent access). To set the permissions you can run the command 'chmod 700 filename' from the directory containing the file. The directories containing your website should have permissions 701 (rwx-----x) for maximum security.

Set 3 - In case of errors

If you get an error when you try to view your PHP file you should first check the permissions and if they are OK try running the command 'php-cgi -l -f filename' from a shell to test for syntax errors. If all else fails try running the file from command line and see if any obvious errors are reported. You can also find out what modules and settings are active on the server by using the function phpinfo(); in a PHP page, it will return the current values of all the settings.