Forums Archive -> VectorStar News

Services Upgrades... 2002-04-29 10:10:48
by lmbedore
Apache and PHP were upgraded today. We're now on Apache 1.3.24 and PHP 4.2.0.

I am actively working on a complete overhaul of the mail server system. We will be implementing an all-SSL POP3 and SMTP setup, with SMTP AUTH (login via SMTP) required in order to send mail. Local access to sendmail (used by CGIs) will most likely be removed entirely. These upgrades are necessary to ensure we have a secure and spam-free mail system. Users who use POP3 et all will have to make some configuration changes when this upgrade is done. The webmail will also be affected - it may require some rewriting of the webmail to make it work with the new system.

Re: Services Upgrades... 2002-04-29 10:54:35
by Anonymous
The upgrade has caused some problems with my php scripts. Heard many ppl are having this problem too. Something to do with variables.
Re: Services Upgrades... 2002-04-29 11:11:41
by Anonymous
Oh yah. The webmail was affected too? My scripts have the problem logging in too.
Re: Services Upgrades... 2002-04-29 15:34:58
by lmbedore
The PHP guys decided to change some VERY IMPORTANT default settings in PHP 4.2.0, thus causing some significant problems.

I re-enabled "register_globals" for now, which should fix most of your problems. For those of you who run PHP but aren't familiar with register_globals, look up the ARGV and ARGC functions on php's website to find out how to write clean code that doesn't require register_globals.

BTW, the webmail's fixed (I think)... It was plagued by the same problem with register_globals.
Re: Services Upgrades... 2002-04-29 23:24:27
by marasmus
The webmail was being quirky and requiring people to login twice, since the upgrade of PHP... The problem is somehow related to how PHP writes cookies. It doesn't want to create an array in the session and populate it in the same execution, and then push a Header: to a page that must read that cookie. It needs a full page inbetween for some reason. I'm guessing there's some bug in the session/cookie handling changes they made. If any of you are PHP-fu masters, and know more about this wierd quirk, please help me out here so I can take the ugly (but working) hack out of the webmail! :)
Re: Services Upgrades... 2002-04-30 03:51:15
by Anonymous
Oh thanks alot for re-enbling the register_globals. I tried searching for the functions but couldnt find any. Argh. My exams are coming. What a bother it will be to re write the code.
Re: Services Upgrades... 2002-04-30 04:09:07
by Anonymous
does adding global $PHP_AUTH_USER; global $PHP_AUTH_PW; help at all?
Re: Services Upgrades... 2002-04-30 10:14:31
by lmbedore
PHP_AUTH_USER and PHP_AUTH_PW are used on HTTP basic authentication. we use a POST form and cookies for the webmail - so it wouldn't help US much :) Though, if you use HTTP basic authentication, it might be useful.
Re: Services Upgrades... 2002-04-30 11:18:47
by lmbedore
Webmail is officially fixed.

The problem is that in PHP 4.2.0, you can no longer delete an open cookie. Doing so causes really quirky behavior with the handling of that cookie on the next pass.
Re: Services Upgrades... 2002-06-09 12:25:54
by Anonymous
You don't have to disable sendmail altogether. Install an MTA like Exim ( which has all sorts of filtering rules you can play with, and just allow relaying for local addresses, this way people can still use form mailers, and you don't have to worry about spam attacks via those scripts.