Home > Mobile >  Execute php block without saving to a file, without changing internal path
Execute php block without saving to a file, without changing internal path

Time:11-13

Say I have a block of code I would like to test like this:

<?php 
 
 require('wp-blog-header.php');
 require('wp-includes/pluggable.php');
 ..........................
 ..........................
?>

Nginx:

location ~ /internal_token { 
    fastcgi_pass   unix:/tmp/php-fpm.sock;
    fastcgi_param  SCRIPT_FILENAME  # is possible to execute php some how, without call to filename?
    include        fastcgi_params;
}

The invisible file have to be in main root directory of WordPress because use require files, I am trying to avoid creating file or symlynks.

Is there an existing solution to this problem?

Update: I building a system like WordPress toolkit of cpanel, so I will add the feature 1-Click Login

CodePudding user response:

No, it is not possible to execute random PHP code from the context of Nginx configuration.

From the manual

Syntax: fastcgi_param parameter value [if_not_empty]; Default: — Context: http, server, location Sets a parameter that should be passed to the FastCGI server. The value can contain text, variables, and their combination. These directives are inherited from the previous configuration level if and only if there are no fastcgi_param directives defined on the current level.

The following example shows the minimum required settings for PHP:

fastcgi_param SCRIPT_FILENAME /home/www/scripts/php$fastcgi_script_name; fastcgi_param QUERY_STRING $query_string;

The appropriate / intended use of that directive is to set environment variables, not to pass arbitrary code to an arbitrary fast-cgi interpreter.

If you want to execute a specific script, then use the SCRIPT_FILENAME parameter as described in the manual.

I don't think the protocol forbids such behavior, because one can send almost anything with FCGI_PARAMS, at least according to my interpretation. However, judging by this implementation the SCRIPT_FILENAME is at least a convention: PHP OOP fastcgi

CodePudding user response:

If you had an "upstream" you could use nginx's auth_request in order to make an additional request and retrieve data (e.g. server-side authentication token) before continuing with the primary request.

e.g. all requests to /api trigger an auth_request to an internal location /auth/check which returns pass/fail (and optionally data that can be bundled along). If the check passes then the request continues to /api or whatever.

Not sure that helps you and not sure that is possible with php-fpm but pretty useful for some use cases.

Page link:https//www.codepudding.com/Mobile/188980.html

Prev:Nginx root directory with nested symlinks
Next:No nmp command to use to install moralis-admin-cli
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding