Sujet fermé
Note de ce sujet :
  • Moyenne : 0 (0 vote(s))
  • 1
  • 2
  • 3
  • 4
  • 5

[Résolu] REQUEST_METHOD _POST ne marche pas
#1

Citation :#~~~~~ DEBUT BLOC A NE PAS SUPPRIMER ~~~~~
#~ Version du CMS: #1.9.4.3
#~ Url du site : http://www.christinedeveyrac.fr
#~ Hébergeur / Soft : Serveur dédié OVH (debian Wheezy)
#~ Informations Système :
#~ Linux 3.0.0-1-amd64 x86_64
#~ PHP Version 5.3.8-1
#~ Apache API Version 20051115
#~ This server is protected with the Suhosin Extension 0.9.32.1
#~~~~~ FIN BLOC A NE PAS SUPPRIMER ~~~~~


Bonjour,

Je viens de transférer le site http://www.christinedeveyrac.fr d'un serveur a un autre, en mettant, par la même occasion, à jour cmsmadesimple.
Mon soucis est que depuis, le formulaire de cette page: http://www.christinedeveyrac.fr/contact/ ne marche plus quand on clique sur 'envoyer'.

Qu'a cela ne tienne, je me suis lancé dans la création d'une balise utilisateur pour créer le formulaire à la main (je sais, ce n'est pas très propre mais bon...).
Ce nouveau formulaire est disponible ici: http://www.christinedeveyrac.fr/test-2/
Quand vous cliquez sur 'envoyer', la page affiche la variable '$_SERVER'.
Et la, SURPRISE: [REQUEST_METHOD] => GET
Donc on ne reçoit rien du _POST du formulaire => ceci peut expliquer pourquoi le formulaire de la page http://www.christinedeveyrac.fr/contact/, créé avec FormBuilder, ne fonctionne pas.

Je me retrouve donc bloqué. Si quelqu’un a une idée Big Grin

Merci d'avance!
#2

Bonjour et bienvenue,
plutôt que d'afficher $_SERVER, peux-tu afficher $_POST?

{SEO}
Inscrivez-vous à notre Newsletter sur le site (colonne de droite, en bas).
Vous appréciez CMSMS et l'aide qui vous est fournie ici, aidez-nous en participant au projet.
Formation CMS Made Simple | Création de site CMS Made Simple.

C'est en se plantant qu'on devient cultivé.
J'ai un string dans l'Array (Paris Hilton)
#3

Merci de t’intéresser a mon problème.

Voici le code que j'ai rajouté:
Code :
echo("SERVER:");
print_r($_SERVER);
echo("<br/><br/>");
echo("POST:");
print_r($_POST);
echo("<br/><br/>");

On constate bien que la page ne reçoit rien en POST...
#4

bonjour,
et si tu ajoutes echo $_GET?
Ce qui est bizarre dans le formulaire de formbuilder, c'est qu'il ne prefixe pas les noms des champs comme d'habitude. Chez toi, il mets f62b34 alors jusqu'à présent, il y a cntnt01.

{SEO}
Inscrivez-vous à notre Newsletter sur le site (colonne de droite, en bas).
Vous appréciez CMSMS et l'aide qui vous est fournie ici, aidez-nous en participant au projet.
Formation CMS Made Simple | Création de site CMS Made Simple.

C'est en se plantant qu'on devient cultivé.
J'ai un string dans l'Array (Paris Hilton)
#5

Il n'y pas le Copyright dans ton site
ce n'est pas normal, pas de respect du droit d'auteur

<meta name="Generator" content="CMS Made Simple - Copyright © 2004-10 Ted Kulp. All rights reserved." />
et bientot 2004-11 Smile

J-C Etiemble v 2.2.xx
#6

Citation :Il n'y pas le Copyright dans ton site
ce n'est pas normal, pas de respect du droit d'auteur

<meta name="Generator" content="CMS Made Simple - Copyright © 2004-10 Ted Kulp. All rights reserved." />
et bientot 2004-11 Smile

Voila qui est fait! En fait je viens de reprendre ce site qui à été fait par une autre personne que moi, donc si tu vois d'autres problemes/erreur/manques, n'hesite surtout pas. Big Grin


Citation :bonjour,
et si tu ajoutes echo $_GET?
Ce qui est bizarre dans le formulaire de formbuilder, c'est qu'il ne prefixe pas les noms des champs comme d'habitude. Chez toi, il mets f62b34 alors jusqu'à présent, il y a cntnt01.

Je viens de rajouté l'affichage du $_GET, et il contient: array ( [page] => test-2/ )

Même si FormBuilder à un pb, il n'est pas normal que je n'arrive pas a récupérer les malheurs de mon formulaire via POST.
#7

et si tu faisais un autre formulaire avec formbuilder pour voir?

{SEO}
Inscrivez-vous à notre Newsletter sur le site (colonne de droite, en bas).
Vous appréciez CMSMS et l'aide qui vous est fournie ici, aidez-nous en participant au projet.
Formation CMS Made Simple | Création de site CMS Made Simple.

C'est en se plantant qu'on devient cultivé.
J'ai un string dans l'Array (Paris Hilton)
#8

J'ai fais trois formulaires: celui d'origine sans rien changer, un nouveau après avoir installé la dernière version de formBuilder en utilisant le XML de celui d'origine, et un 100% nouveau, dans tous les cas quand on clique sur 'envoyer' ça ne change pas de page.

Je suis désespéré la :/
#9

salut,
n'y a-t-il rien dans php.ini qui foute le bazard???
J'avoue ne plus avoir d'idée là :mad:

{SEO}
Inscrivez-vous à notre Newsletter sur le site (colonne de droite, en bas).
Vous appréciez CMSMS et l'aide qui vous est fournie ici, aidez-nous en participant au projet.
Formation CMS Made Simple | Création de site CMS Made Simple.

C'est en se plantant qu'on devient cultivé.
J'ai un string dans l'Array (Paris Hilton)
#10

Citation :salut,
n'y a-t-il rien dans php.ini qui foute le bazard???
J'avoue ne plus avoir d'idée là :o

Je n'ai moi non plus plus d'idée Sad

phpinfo():
Code :
PHP Version 5.3.8-1


System    Linux andrieu 3.0.0-1-amd64 #1 SMP Sat Aug 27 16:21:11 UTC 2011 x86_64
Build Date    Aug 24 2011 11:20:46
Server API    Apache 2.0 Handler
Virtual Directory Support    disabled
Configuration File (php.ini) Path    /etc/php5/apache2
Loaded Configuration File    /etc/php5/apache2/php.ini
Scan this dir for additional .ini files    /etc/php5/apache2/conf.d
Additional .ini files parsed    /etc/php5/apache2/conf.d/gd.ini, /etc/php5/apache2/conf.d/mcrypt.ini, /etc/php5/apache2/conf.d/mysql.ini, /etc/php5/apache2/conf.d/mysqli.ini, /etc/php5/apache2/conf.d/pdo.ini, /etc/php5/apache2/conf.d/pdo_mysql.ini, /etc/php5/apache2/conf.d/suhosin.ini
PHP API    20090626
PHP Extension    20090626
Zend Extension    220090626
Zend Extension Build    API220090626,NTS
PHP Extension Build    API20090626,NTS
Debug Build    no
Thread Safety    disabled
Zend Memory Manager    enabled
Zend Multibyte Support    disabled
IPv6 Support    enabled
Registered PHP Streams    https, ftps, compress.zlib, compress.bzip2, php, file, glob, data, http, ftp, phar, zip
Registered Stream Socket Transports    tcp, udp, unix, udg, ssl, sslv3, tls
Registered Stream Filters    zlib.*, bzip2.*, convert.iconv.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, dechunk, mcrypt.*, mdecrypt.*

This server is protected with the Suhosin Patch 0.9.10
Copyright (c) 2006-2007 Hardened-PHP Project Copyright (c) 2007-2009 SektionEins GmbH

This program makes use of the Zend Scripting Language Engine:
Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies
    with Suhosin v0.9.32.1, Copyright (c) 2007-2010, by SektionEins GmbH

PHP Credits

Configuration

apache2handler

Apache Version    Apache
Apache API Version    20051115
Server Administrator    [no address given]
Hostname:Port    admin.andrieu.com:0
User/Group    www-data(33)/33
Max Requests    Per Child: 0 - Keep Alive: on - Max Per Connection: 100
Timeouts    Connection: 300 - Keep-Alive: 5
Virtual Server    Yes
Server Root    /etc/apache2
Loaded Modules    core mod_log_config mod_logio prefork http_core mod_so mod_alias mod_auth_basic mod_auth_digest mod_authn_file mod_authz_default mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_cgi mod_dav mod_dav_fs mod_dav_lock mod_deflate mod_dir mod_env mod_mime mod_negotiation mod_php5 mod_proxy mod_proxy_http mod_reqtimeout mod_rewrite mod_setenvif mod_ssl mod_status

Directive    Local Value    Master Value
engine    1    1
last_modified    0    0
xbithack    0    0

Apache Environment

Variable    Value
HTTPS    on
SSL_TLS_SNI    admin.andrieu.com
HTTP_HOST    admin.andrieu.com
HTTP_CONNECTION    keep-alive
HTTP_USER_AGENT    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.163 Safari/535.1
HTTP_ACCEPT    text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_REFERER    https://admin.andrieu.com/
HTTP_ACCEPT_ENCODING    gzip,deflate,sdch
HTTP_ACCEPT_LANGUAGE    fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
HTTP_ACCEPT_CHARSET    ISO-8859-1,utf-8;q=0.7,*;q=0.3
HTTP_COOKIE    __utma=159588717.1267071713.1297009424.1297017735.1297020321.3; __utma=252639065.939906447.1291915250.1316187045.1316550330.32; __utmc=252639065; __utmz=252639065.1308924084.16.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
PATH    /usr/local/bin:/usr/bin:/bin
SERVER_SIGNATURE    no value
SERVER_SOFTWARE    Apache
SERVER_NAME    admin.andrieu.com
SERVER_ADDR    88.191.92.23
SERVER_PORT    443
REMOTE_ADDR    78.227.65.169
DOCUMENT_ROOT    /home/web/admin/
SERVER_ADMIN    [no address given]
SCRIPT_FILENAME    /home/web/admin/php_info.php
REMOTE_PORT    20080
REMOTE_USER    ben
AUTH_TYPE    Basic
GATEWAY_INTERFACE    CGI/1.1
SERVER_PROTOCOL    HTTP/1.1
REQUEST_METHOD    GET
QUERY_STRING    no value
REQUEST_URI    /php_info.php
SCRIPT_NAME    /php_info.php

HTTP Headers Information

HTTP Request Headers
HTTP Request    GET /php_info.php HTTP/1.1
Host    admin.andrieu.com
Connection    keep-alive
Authorization    Basic YmVuOkNWMjAxMC0y
User-Agent    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.163 Safari/535.1
Accept    text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer    https://admin.andrieu.com/
Accept-Encoding    gzip,deflate,sdch
Accept-Language    fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset    ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie    __utma=159588717.1267071713.1297009424.1297017735.1297020321.3; __utma=252639065.939906447.1291915250.1316187045.1316550330.32; __utmc=252639065; __utmz=252639065.1308924084.16.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP Response Headers
X-Powered-By    PHP/5.3.8-1
Vary    Accept-Encoding
Content-Encoding    gzip

bcmath

BCMath support    enabled

Directive    Local Value    Master Value
bcmath.scale    0    0

bz2

BZip2 Support    Enabled
Stream Wrapper support    compress.bzip2://
Stream Filter support    bzip2.decompress, bzip2.compress
BZip2 Version    1.0.5, 10-Dec-2007

calendar

Calendar support    enabled

Core

PHP Version    5.3.8-1

Directive    Local Value    Master Value
allow_call_time_pass_reference    Off    Off
allow_url_fopen    On    On
allow_url_include    Off    Off
always_populate_raw_post_data    Off    Off
arg_separator.input    &    &
arg_separator.output    &    &
asp_tags    Off    Off
auto_append_file    no value    no value
auto_globals_jit    On    On
auto_prepend_file    no value    no value
browscap    no value    no value
default_charset    no value    no value
default_mimetype    text/html    text/html
define_syslog_variables    Off    Off
disable_classes    no value    no value
disable_functions    no value    no value
display_errors    Off    Off
display_startup_errors    Off    Off
doc_root    no value    no value
docref_ext    no value    no value
docref_root    no value    no value
enable_dl    Off    Off
error_append_string    no value    no value
error_log    no value    no value
error_prepend_string    no value    no value
error_reporting    22527    22527
exit_on_timeout    Off    Off
expose_php    On    On
extension_dir    /usr/lib/php5/20090626    /usr/lib/php5/20090626
file_uploads    On    On
highlight.bg    #FFFFFF    #FFFFFF
highlight.comment    #FF8000    #FF8000
highlight.default    #0000BB    #0000BB
highlight.html    #000000    #000000
highlight.keyword    #007700    #007700
highlight.string    #DD0000    #DD0000
html_errors    Off    Off
ignore_repeated_errors    Off    Off
ignore_repeated_source    Off    Off
ignore_user_abort    Off    Off
implicit_flush    Off    Off
include_path    .:/usr/share/php:/usr/share/pear    .:/usr/share/php:/usr/share/pear
log_errors    On    On
log_errors_max_len    1024    1024
magic_quotes_gpc    Off    Off
magic_quotes_runtime    Off    Off
magic_quotes_sybase    Off    Off
mail.add_x_header    On    On
mail.force_extra_parameters    no value    no value
mail.log    no value    no value
max_execution_time    70    70
max_file_uploads    20    20
max_input_nesting_level    64    64
max_input_time    60    60
memory_limit    128M    128M
open_basedir    no value    no value
output_buffering    4096    4096
output_handler    no value    no value
post_max_size    16M    16M
precision    14    14
realpath_cache_size    16K    16K
realpath_cache_ttl    120    120
register_argc_argv    Off    Off
register_globals    Off    Off
register_long_arrays    Off    Off
report_memleaks    On    On
report_zend_debug    On    On
request_order    GP    GP
safe_mode    Off    Off
safe_mode_exec_dir    no value    no value
safe_mode_gid    Off    Off
safe_mode_include_dir    no value    no value
sendmail_from    no value    no value
sendmail_path    /usr/sbin/sendmail -t -i     /usr/sbin/sendmail -t -i
serialize_precision    100    100
short_open_tag    On    On
SMTP    localhost    localhost
smtp_port    25    25
sql.safe_mode    Off    Off
track_errors    Off    Off
unserialize_callback_func    no value    no value
upload_max_filesize    16M    16M
upload_tmp_dir    no value    no value
user_dir    no value    no value
user_ini.cache_ttl    300    300
user_ini.filename    .user.ini    .user.ini
variables_order    GPCS    GPCS
xmlrpc_error_number    0    0
xmlrpc_errors    Off    Off
y2k_compliance    On    On
zend.enable_gc    On    On

ctype

ctype functions    enabled

date

date/time support    enabled
"Olson" Timezone Database Version    0.system
Timezone Database    internal
Default timezone    Europe/Berlin

Directive    Local Value    Master Value
date.default_latitude    31.7667    31.7667
date.default_longitude    35.2333    35.2333
date.sunrise_zenith    90.583333    90.583333
date.sunset_zenith    90.583333    90.583333
date.timezone    no value    no value

dba

DBA support    enabled
Supported handlers    cdb cdb_make db4 inifile flatfile qdbm

Directive    Local Value    Master Value
dba.default_handler    flatfile    flatfile

dom

DOM/XML    enabled
DOM/XML API Version    20031129
libxml Version    2.7.8
HTML Support    enabled
XPath Support    enabled
XPointer Support    enabled
Schema Support    enabled
RelaxNG Support    enabled

ereg

Regex Library    Bundled library enabled

exif

EXIF Support    enabled
EXIF Version    1.4 $Id: exif.c 314376 2011-08-06 14:47:44Z felipe $
Supported EXIF Version    0220
Supported filetypes    JPEG,TIFF

Directive    Local Value    Master Value
exif.decode_jis_intel    JIS    JIS
exif.decode_jis_motorola    JIS    JIS
exif.decode_unicode_intel    UCS-2LE    UCS-2LE
exif.decode_unicode_motorola    UCS-2BE    UCS-2BE
exif.encode_jis    no value    no value
exif.encode_unicode    ISO-8859-15    ISO-8859-15

fileinfo

fileinfo support    enabled
version    1.0.5-dev

filter

Input Validation and Filtering    enabled
Revision    $Revision: 313665 $

Directive    Local Value    Master Value
filter.default    unsafe_raw    unsafe_raw
filter.default_flags    no value    no value

ftp

FTP support    enabled

gd

GD Support    enabled
GD Version    2.0
FreeType Support    enabled
FreeType Linkage    with freetype
FreeType Version    2.4.6
T1Lib Support    enabled
GIF Read Support    enabled
GIF Create Support    enabled
JPEG Support    enabled
libJPEG Version    unknown
PNG Support    enabled
libPNG Version    1.2.46
WBMP Support    enabled

Directive    Local Value    Master Value
gd.jpeg_ignore_warning    0    0

gettext

GetText Support    enabled

hash

hash support    enabled
Hashing Engines    md2 md4 md5 sha1 sha224 sha256 sha384 sha512 ripemd128 ripemd160 ripemd256 ripemd320 whirlpool tiger128,3 tiger160,3 tiger192,3 tiger128,4 tiger160,4 tiger192,4 snefru snefru256 gost adler32 crc32 crc32b salsa10 salsa20 haval128,3 haval160,3 haval192,3 haval224,3 haval256,3 haval128,4 haval160,4 haval192,4 haval224,4 haval256,4 haval128,5 haval160,5 haval192,5 haval224,5 haval256,5

iconv

iconv support    enabled
iconv implementation    glibc
iconv library version    2.13

Directive    Local Value    Master Value
iconv.input_encoding    ISO-8859-1    ISO-8859-1
iconv.internal_encoding    ISO-8859-1    ISO-8859-1
iconv.output_encoding    ISO-8859-1    ISO-8859-1

json

json support    enabled
json version    1.2.1

libxml

libXML support    active
libXML Compiled Version    2.7.8
libXML Loaded Version    20708
libXML streams    enabled

mbstring

Multibyte Support    enabled
Multibyte string engine    libmbfl
HTTP input encoding translation    disabled

mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.

Multibyte (japanese) regex support    enabled
Multibyte regex (oniguruma) version    5.9.1

Directive    Local Value    Master Value
mbstring.detect_order    no value    no value
mbstring.encoding_translation    Off    Off
mbstring.func_overload    0    0
mbstring.http_input    pass    pass
mbstring.http_output    pass    pass
mbstring.http_output_conv_mimetypes    ^(text/|application/xhtml\+xml)    ^(text/|application/xhtml\+xml)
mbstring.internal_encoding    no value    no value
mbstring.language    neutral    neutral
mbstring.strict_detection    Off    Off
mbstring.substitute_character    no value    no value

mcrypt

mcrypt support    enabled
mcrypt_filter support    enabled
Version    2.5.8
Api No    20021217
Supported ciphers    cast-128 gost rijndael-128 twofish arcfour cast-256 loki97 rijndael-192 saferplus wake blowfish-compat des rijndael-256 serpent xtea blowfish enigma rc2 tripledes
Supported modes    cbc cfb ctr ecb ncfb nofb ofb stream

Directive    Local Value    Master Value
mcrypt.algorithms_dir    no value    no value
mcrypt.modes_dir    no value    no value

mhash

MHASH support    Enabled
MHASH API Version    Emulated Support

mysql

MySQL Support    enabled
Active Persistent Links    0
Active Links    0
Client API version    5.1.58
MYSQL_MODULE_TYPE    external
MYSQL_SOCKET    /var/run/mysqld/mysqld.sock
MYSQL_INCLUDE    -I/usr/include/mysql
MYSQL_LIBS    -L/usr/lib -lmysqlclient_r

Directive    Local Value    Master Value
mysql.allow_local_infile    On    On
mysql.allow_persistent    On    On
mysql.connect_timeout    60    60
mysql.default_host    no value    no value
mysql.default_password    no value    no value
mysql.default_port    no value    no value
mysql.default_socket    /var/run/mysqld/mysqld.sock    /var/run/mysqld/mysqld.sock
mysql.default_user    no value    no value
mysql.max_links    Unlimited    Unlimited
mysql.max_persistent    Unlimited    Unlimited
mysql.trace_mode    Off    Off

mysqli

MysqlI Support    enabled
Client API library version    5.1.58
Active Persistent Links    0
Inactive Persistent Links    0
Active Links    0
Client API header version    5.1.58
MYSQLI_SOCKET    /var/run/mysqld/mysqld.sock

Directive    Local Value    Master Value
mysqli.allow_local_infile    On    On
mysqli.allow_persistent    On    On
mysqli.default_host    no value    no value
mysqli.default_port    3306    3306
mysqli.default_pw    no value    no value
mysqli.default_socket    no value    no value
mysqli.default_user    no value    no value
mysqli.max_links    Unlimited    Unlimited
mysqli.max_persistent    Unlimited    Unlimited
mysqli.reconnect    Off    Off

openssl

OpenSSL support    enabled
OpenSSL Library Version    OpenSSL 1.0.0d 8 Feb 2011
OpenSSL Header Version    OpenSSL 1.0.0d 8 Feb 2011

pcre

PCRE (Perl Compatible Regular Expressions) Support    enabled
PCRE Library Version    8.12 2011-01-15

Directive    Local Value    Master Value
pcre.backtrack_limit    1000000    1000000
pcre.recursion_limit    100000    100000

PDO

PDO support    enabled
PDO drivers    mysql

pdo_mysql

PDO Driver for MySQL    enabled
Client API version    5.1.58

Phar

Phar: PHP Archive support    enabled
Phar EXT version    2.0.1
Phar API version    1.1.1
SVN revision    $Revision: 314419 $
Phar-based phar archives    enabled
Tar-based phar archives    enabled
ZIP-based phar archives    enabled
gzip compression    enabled
bzip2 compression    enabled
OpenSSL support    enabled

Phar based on pear/PHP_Archive, original concept by Davey Shafik.
Phar fully realized by Gregory Beaver and Marcus Boerger.
Portions of tar implementation Copyright (c) 2003-2009 Tim Kientzle.

Directive    Local Value    Master Value
phar.cache_list    no value    no value
phar.readonly    On    On
phar.require_hash    On    On

posix

Revision    $Revision: 313665 $

Reflection

Reflection    enabled
Version    $Revision: 313665 $

session

Session Support    enabled
Registered save handlers    files user
Registered serializer handlers    php php_binary wddx

Directive    Local Value    Master Value
session.auto_start    Off    Off
session.bug_compat_42    Off    Off
session.bug_compat_warn    Off    Off
session.cache_expire    180    180
session.cache_limiter    nocache    nocache
session.cookie_domain    no value    no value
session.cookie_httponly    Off    Off
session.cookie_lifetime    0    0
session.cookie_path    /    /
session.cookie_secure    Off    Off
session.entropy_file    no value    no value
session.entropy_length    0    0
session.gc_divisor    1000    1000
session.gc_maxlifetime    1440    1440
session.gc_probability    0    0
session.hash_bits_per_character    5    5
session.hash_function    0    0
session.name    PHPSESSID    PHPSESSID
session.referer_check    no value    no value
session.save_handler    files    files
session.save_path    /var/lib/php5    /var/lib/php5
session.serialize_handler    php    php
session.use_cookies    On    On
session.use_only_cookies    On    On
session.use_trans_sid    0    0

shmop

shmop support    enabled

SimpleXML

Simplexml support    enabled
Revision    $Revision: 314376 $
Schema support    enabled

soap

Soap Client    enabled
Soap Server    enabled

Directive    Local Value    Master Value
soap.wsdl_cache    1    1
soap.wsdl_cache_dir    /tmp    /tmp
soap.wsdl_cache_enabled    1    1
soap.wsdl_cache_limit    5    5
soap.wsdl_cache_ttl    86400    86400

sockets

Sockets Support    enabled

SPL

SPL support    enabled
Interfaces    Countable, OuterIterator, RecursiveIterator, SeekableIterator, SplObserver, SplSubject
Classes    AppendIterator, ArrayIterator, ArrayObject, BadFunctionCallException, BadMethodCallException, CachingIterator, DirectoryIterator, DomainException, EmptyIterator, FilesystemIterator, FilterIterator, GlobIterator, InfiniteIterator, InvalidArgumentException, IteratorIterator, LengthException, LimitIterator, LogicException, MultipleIterator, NoRewindIterator, OutOfBoundsException, OutOfRangeException, OverflowException, ParentIterator, RangeException, RecursiveArrayIterator, RecursiveCachingIterator, RecursiveDirectoryIterator, RecursiveFilterIterator, RecursiveIteratorIterator, RecursiveRegexIterator, RecursiveTreeIterator, RegexIterator, RuntimeException, SplDoublyLinkedList, SplFileInfo, SplFileObject, SplFixedArray, SplHeap, SplMinHeap, SplMaxHeap, SplObjectStorage, SplPriorityQueue, SplQueue, SplStack, SplTempFileObject, UnderflowException, UnexpectedValueException

standard

Dynamic Library Support    enabled
Path to sendmail    /usr/sbin/sendmail -t -i

Directive    Local Value    Master Value
assert.active    1    1
assert.bail    0    0
assert.callback    no value    no value
assert.quiet_eval    0    0
assert.warning    1    1
auto_detect_line_endings    0    0
default_socket_timeout    60    60
from    no value    no value
safe_mode_allowed_env_vars    PHP_    PHP_
safe_mode_protected_env_vars    LD_LIBRARY_PATH    LD_LIBRARY_PATH
url_rewriter.tags    a=href,area=href,frame=src,input=src,form=fakeentry    a=href,area=href,frame=src,input=src,form=fakeentry
user_agent    no value    no value

suhosin

This server is protected with the Suhosin Extension 0.9.32.1

Copyright (c) 2006-2007 Hardened-PHP Project
Copyright (c) 2007-2010 SektionEins GmbH

Directive    Local Value    Master Value
suhosin.apc_bug_workaround    Off    Off
suhosin.cookie.checkraddr    0    0
suhosin.cookie.cryptdocroot    On    On
suhosin.cookie.cryptkey    [ protected ]    [ protected ]
suhosin.cookie.cryptlist    no value    no value
suhosin.cookie.cryptraddr    0    0
suhosin.cookie.cryptua    On    On
suhosin.cookie.disallow_nul    1    1
suhosin.cookie.disallow_ws    1    1
suhosin.cookie.encrypt    Off    Off
suhosin.cookie.max_array_depth    50    50
suhosin.cookie.max_array_index_length    64    64
suhosin.cookie.max_name_length    64    64
suhosin.cookie.max_totalname_length    256    256
suhosin.cookie.max_value_length    10000    10000
suhosin.cookie.max_vars    100    100
suhosin.cookie.plainlist    no value    no value
suhosin.coredump    Off    Off
suhosin.disable.display_errors    Off    Off
suhosin.executor.allow_symlink    Off    Off
suhosin.executor.disable_emodifier    Off    Off
suhosin.executor.disable_eval    Off    Off
suhosin.executor.eval.blacklist    no value    no value
suhosin.executor.eval.whitelist    no value    no value
suhosin.executor.func.blacklist    no value    no value
suhosin.executor.func.whitelist    no value    no value
suhosin.executor.include.allow_writable_files    On    On
suhosin.executor.include.blacklist    no value    no value
suhosin.executor.include.max_traversal    0    0
suhosin.executor.include.whitelist    no value    no value
suhosin.executor.max_depth    0    0
suhosin.filter.action    no value    no value
suhosin.get.disallow_nul    1    1
suhosin.get.disallow_ws    0    0
suhosin.get.max_array_depth    50    50
suhosin.get.max_array_index_length    64    64
suhosin.get.max_name_length    64    64
suhosin.get.max_totalname_length    256    256
suhosin.get.max_value_length    512    512
suhosin.get.max_vars    100    100
suhosin.log.file    0    0
suhosin.log.file.name    no value    no value
suhosin.log.phpscript    0    0
suhosin.log.phpscript.is_safe    Off    Off
suhosin.log.phpscript.name    no value    no value
suhosin.log.sapi    0    0
suhosin.log.script    0    0
suhosin.log.script.name    no value    no value
suhosin.log.syslog    no value    no value
suhosin.log.syslog.facility    no value    no value
suhosin.log.syslog.priority    no value    no value
suhosin.log.use-x-forwarded-for    Off    Off
suhosin.mail.protect    0    0
suhosin.memory_limit    0    0
suhosin.mt_srand.ignore    On    On
suhosin.multiheader    Off    Off
suhosin.perdir    0    0
suhosin.post.disallow_nul    1    1
suhosin.post.disallow_ws    0    0
suhosin.post.max_array_depth    50    50
suhosin.post.max_array_index_length    64    64
suhosin.post.max_name_length    64    64
suhosin.post.max_totalname_length    256    256
suhosin.post.max_value_length    1000000    1000000
suhosin.post.max_vars    1000    1000
suhosin.protectkey    On    On
suhosin.request.disallow_nul    1    1
suhosin.request.disallow_ws    0    0
suhosin.request.max_array_depth    50    50
suhosin.request.max_array_index_length    64    64
suhosin.request.max_totalname_length    256    256
suhosin.request.max_value_length    1000000    1000000
suhosin.request.max_varname_length    64    64
suhosin.request.max_vars    1000    1000
suhosin.server.encode    On    On
suhosin.server.strip    On    On
suhosin.session.checkraddr    0    0
suhosin.session.cryptdocroot    On    On
suhosin.session.cryptkey    [ protected ]    [ protected ]
suhosin.session.cryptraddr    0    0
suhosin.session.cryptua    Off    Off
suhosin.session.encrypt    On    On
suhosin.session.max_id_length    128    128
suhosin.simulation    Off    Off
suhosin.sql.bailout_on_error    Off    Off
suhosin.sql.comment    0    0
suhosin.sql.multiselect    0    0
suhosin.sql.opencomment    0    0
suhosin.sql.union    0    0
suhosin.sql.user_postfix    no value    no value
suhosin.sql.user_prefix    no value    no value
suhosin.srand.ignore    On    On
suhosin.stealth    On    On
suhosin.upload.disallow_binary    0    0
suhosin.upload.disallow_elf    1    1
suhosin.upload.max_uploads    25    25
suhosin.upload.remove_binary    0    0
suhosin.upload.verification_script    no value    no value

sysvmsg

sysvmsg support    enabled
Revision    $Revision: 313665 $

tokenizer

Tokenizer Support    enabled

wddx

WDDX Support    enabled
WDDX Session Serializer    enabled

xml

XML Support    active
XML Namespace Support    active
libxml2 Version    2.7.8

xmlreader

XMLReader    enabled

xmlwriter

XMLWriter    enabled

zip

Zip    enabled
Extension Version    $Id: php_zip.c 313665 2011-07-25 11:42:53Z felipe $
Zip version    1.9.1
Libzip version    0.9.0

zlib

ZLib Support    enabled
Stream Wrapper support    compress.zlib://
Stream Filter support    zlib.inflate, zlib.deflate
Compiled Version    1.2.1.1
Linked Version    1.2.3.4

Directive    Local Value    Master Value
zlib.output_compression    Off    Off
zlib.output_compression_level    -1    -1
zlib.output_handler    no value    no value

Additional Modules

Module Name
sysvsem
sysvshm

Environment

Variable    Value
APACHE_RUN_DIR    /var/run/apache2
APACHE_PID_FILE    /var/run/apache2.pid
PATH    /usr/local/bin:/usr/bin:/bin
APACHE_LOCK_DIR    /var/lock/apache2
LANG    C
APACHE_RUN_USER    www-data
APACHE_RUN_GROUP    www-data
APACHE_LOG_DIR    /var/log/apache2
PWD    /

PHP Variables

Variable    Value
_COOKIE["__utma"]    159588717.1267071713.1297009424.1297017735.1297020321.3
_COOKIE["__utmc"]    252639065
_COOKIE["__utmz"]    252639065.1308924084.16.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
_SERVER["HTTPS"]    on
_SERVER["SSL_TLS_SNI"]    admin.andrieu.com
_SERVER["HTTP_HOST"]    admin.andrieu.com
_SERVER["HTTP_CONNECTION"]    keep-alive
_SERVER["HTTP_USER_AGENT"]    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.163 Safari/535.1
_SERVER["HTTP_ACCEPT"]    text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
_SERVER["HTTP_REFERER"]    https://admin.andrieu.com/
_SERVER["HTTP_ACCEPT_ENCODING"]    gzip,deflate,sdch
_SERVER["HTTP_ACCEPT_LANGUAGE"]    fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
_SERVER["HTTP_ACCEPT_CHARSET"]    ISO-8859-1,utf-8;q=0.7,*;q=0.3
_SERVER["HTTP_COOKIE"]    __utma=159588717.1267071713.1297009424.1297017735.1297020321.3; __utma=252639065.939906447.1291915250.1316187045.1316550330.32; __utmc=252639065; __utmz=252639065.1308924084.16.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
_SERVER["PATH"]    /usr/local/bin:/usr/bin:/bin
_SERVER["SERVER_SIGNATURE"]    no value
_SERVER["SERVER_SOFTWARE"]    Apache
_SERVER["SERVER_NAME"]    admin.andrieu.com
_SERVER["SERVER_ADDR"]    88.191.92.23
_SERVER["SERVER_PORT"]    443
_SERVER["REMOTE_ADDR"]    78.227.65.169
_SERVER["DOCUMENT_ROOT"]    /home/web/admin/
_SERVER["SERVER_ADMIN"]    [no address given]
_SERVER["SCRIPT_FILENAME"]    /home/web/admin/php_info.php
_SERVER["REMOTE_PORT"]    20080
_SERVER["REMOTE_USER"]    ben
_SERVER["AUTH_TYPE"]    Basic
_SERVER["GATEWAY_INTERFACE"]    CGI/1.1
_SERVER["SERVER_PROTOCOL"]    HTTP/1.1
_SERVER["REQUEST_METHOD"]    GET
_SERVER["QUERY_STRING"]    no value
_SERVER["REQUEST_URI"]    /php_info.php
_SERVER["SCRIPT_NAME"]    /php_info.php
_SERVER["PHP_SELF"]    /php_info.php
_SERVER["PHP_AUTH_USER"]    xxx
_SERVER["PHP_AUTH_PW"]    xxx
_SERVER["REQUEST_TIME"]    1316713778


php.ini:
[code]
root@andrieu:/home/ben# cat /etc/php5/apache2/php.ini
[PHP]

;;;;;;;;;;;;;;;;;;;
; About php.ini ;
;;;;;;;;;;;;;;;;;;;
; PHP's initialization file, generally called php.ini, is responsible for
; configuring many of the aspects of PHP's behavior.

; PHP attempts to find and load this configuration from a number of locations.
; The following is a summary of its search order:
; 1. SAPI module specific location.
; 2. The PHPRC environment variable. (As of PHP 5.2.0)
; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0)
; 4. Current working directory (except CLI)
; 5. The web server's directory (for SAPI modules), or directory of PHP
; (otherwise in Windows)
; 6. The directory from the --with-config-file-path compile time option, or the
; Windows directory (C:\windows or C:\winnt)
; See the PHP docs for more specific information.
; http://php.net/configuration.file

; The syntax of the file is extremely simple. Whitespace and Lines
; beginning with a semicolon are silently ignored (as you probably guessed).
; Section headers (e.g. [Foo]) are also silently ignored, even though
; they might mean something in the future.

; Directives following the section heading [PATH=/www/mysite] only
; apply to PHP files in the /www/mysite directory. Directives
; following the section heading [HOST=www.example.com] only apply to
; PHP files served from www.example.com. Directives set in these
; special sections cannot be overridden by user-defined INI files or
; at runtime. Currently, [PATH=] and [HOST=] sections only work under
; CGI/FastCGI.
; http://php.net/ini.sections

; Directives are specified using the following syntax:
; directive = value
; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
; Directives are variables used to configure PHP or PHP extensions.
; There is no name validation. If PHP can't find an expected
; directive because it is not set or is mistyped, a default value will be used.

; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a
; previously set variable or directive (e.g. ${foo})

; Expressions in the INI file are limited to bitwise operators and parentheses:
; | bitwise OR
; ^ bitwise XOR
; & bitwise AND
; ~ bitwise NOT
; ! boolean NOT

; Boolean flags can be turned on using the values 1, On, True or Yes.
; They can be turned off using the values 0, Off, False or No.

; An empty string can be denoted by simply not writing anything after the equal
; sign, or by using the None keyword:

; foo = ; sets foo to an empty string
; foo = None ; sets foo to an empty string
; foo = "None" ; sets foo to the string 'None'

; If you use constants in your value, and these constants belong to a
; dynamically loaded extension (either a PHP extension or a Zend extension),
; you may only use these constants *after* the line that loads the extension.

;;;;;;;;;;;;;;;;;;;
; About this file ;
;;;;;;;;;;;;;;;;;;;
; PHP comes packaged with two INI files. One that is recommended to be used
; in production environments and one that is recommended to be used in
; development environments.

; php.ini-production contains settings which hold security, performance and
; best practices at its core. But please be aware, these settings may break
; compatibility with older or less security conscience applications. We
; recommending using the production ini in production and testing environments.

; php.ini-development is very similar to its production variant, except it's
; much more verbose when it comes to errors. We recommending using the
; development version only in development environments as errors shown to
; application users can inadvertently leak otherwise secure information.

;;;;;;;;;;;;;;;;;;;
; Quick Reference ;
;;;;;;;;;;;;;;;;;;;
; The following are all the settings which are different in either the production
; or development versions of the INIs with respect to PHP's default behavior.
; Please see the actual settings later in the document for more details as to why
; we recommend these changes in PHP's behavior.

; allow_call_time_pass_reference
; Default Value: On
; Development Value: Off
; Production Value: Off

; display_errors
; Default Value: On
; Development Value: On
; Production Value: Off

; display_startup_errors
; Default Value: Off
; Development Value: On
; Production Value: Off

; error_reporting
; Default Value: E_ALL & ~E_NOTICE
; Development Value: E_ALL | E_STRICT
; Production Value: E_ALL & ~E_DEPRECATED

; html_errors
; Default Value: On
; Development Value: On
; Production value: Off

; log_errors
; Default Value: Off
; Development Value: On
; Production Value: On

; magic_quotes_gpc
; Default Value: On
; Development Value: Off
; Production Value: Off

; max_input_time
; Default Value: -1 (Unlimited)
; Development Value: 60 (60 seconds)
; Production Value: 60 (60 seconds)

; output_buffering
; Default Value: Off
; Development Value: 4096
; Production Value: 4096

; register_argc_argv
; Default Value: On
; Development Value: Off
; Production Value: Off

; register_long_arrays
; Default Value: On
; Development Value: Off
; Production Value: Off

; request_order
; Default Value: None
; Development Value: "GP"
; Production Value: "GP"

; session.bug_compat_42
; Default Value: On
; Development Value: On
; Production Value: Off

; session.bug_compat_warn
; Default Value: On
; Development Value: On
; Production Value: Off

; session.gc_divisor
; Default Value: 100
; Development Value: 1000
; Production Value: 1000

; session.hash_bits_per_character
; Default Value: 4
; Development Value: 5
; Production Value: 5

; short_open_tag
; Default Value: On
; Development Value: Off
; Production Value: Off

; track_errors
; Default Value: Off
; Development Value: On
; Production Value: Off

; url_rewriter.tags
; Default Value: "a=href,area=href,frame=src,form=,fieldset="
; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"

; variables_order
; Default Value: "EGPCS"
; Development Value: "GPCS"
; Production Value: "GPCS"

;;;;;;;;;;;;;;;;;;;;
; php.ini Options ;
;;;;;;;;;;;;;;;;;;;;
; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini"
;user_ini.filename = ".user.ini"

; To disable this feature set this option to empty value
;user_ini.filename =

; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes)
;user_ini.cache_ttl = 300

;;;;;;;;;;;;;;;;;;;;
; Language Options ;
;;;;;;;;;;;;;;;;;;;;

; Enable the PHP scripting language engine under Apache.
; http://php.net/engine
engine = On

; This directive determines whether or not PHP will recognize code between
; <? and ?> tags as PHP source which should be processed as such. It's been
; recommended for several years that you not use the short tag "short cut" and
; instead to use the full <?php and ?> tag combination. With the wide spread use
; of XML and use of these tags by other languages, the server can become easily
; confused and end up parsing the wrong code in the wrong context. But because
; this short cut has been a feature for such a long time, it's currently still
; supported for backwards compatibility, but we recommend you don't use them.
; Default Value: On
; Development Value: Off
; Production Value: Off
; http://php.net/short-open-tag
short_open_tag = On

; Allow ASP-style <% %> tags.
; http://php.net/asp-tags
asp_tags = Off

; The number of significant digits displayed in floating point numbers.
; http://php.net/precision
precision = 14

; Enforce year 2000 compliance (will cause problems with non-compliant browsers)
; http://php.net/y2k-compliance
y2k_compliance = On

; Output buffering is a mechanism for controlling how much output data
; (excluding headers and cookies) PHP should keep internally before pushing that
; data to the client. If your application's output exceeds this setting, PHP
; will send that data in chunks of roughly the size you specify.
; Turning on this setting and managing its maximum buffer size can yield some
; interesting side-effects depending on your application and web server.
; You may be able to send headers and cookies after you've already sent output
; through print or echo. You also may see performance benefits if your server is
; emitting less packets due to buffered output versus PHP streaming the output
; as it gets it. On production servers, 4096 bytes is a good setting for performance
; reasons.
; Note: Output buffering can also be controlled via Output Buffering Control
; functions.
; Possible Values:
; On = Enabled and buffer is unlimited. (Use with caution)
; Off = Disabled
; Integer = Enables the buffer and sets its maximum size in bytes.
; Note: This directive is hardcoded to Off for the CLI SAPI
; Default Value: Off
; Development Value: 4096
; Production Value: 4096
; http://php.net/output-buffering
output_buffering = 4096

; You can redirect all of the output of your scripts to a function. For
; example, if you set output_handler to "mb_output_handler", character
; encoding will be transparently converted to the specified encoding.
; Setting any output handler automatically turns on output buffering.
; Note: People who wrote portable scripts should not depend on this ini
; directive. Instead, explicitly set the output handler using ob_start().
; Using this ini directive may cause problems unless you know what script
; is doing.
; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
; and you cannot use both "ob_gzhandler" and "zlib.output_compression".
; Note: output_handler must be empty if this is set 'On' !!!!
; Instead you must use zlib.output_handler.
; http://php.net/output-handler
;output_handler =

; Transparent output compression using the zlib library
; Valid values for this option are 'off', 'on', or a specific buffer size
; to be used for compression (default is 4KB)
; Note: Resulting chunk size may vary due to nature of compression. PHP
; outputs chunks that are few hundreds bytes each as a result of
; compression. If you prefer a larger chunk size for better
; performance, enable output_buffering in addition.
; Note: You need to use zlib.output_handler instead of the standard
; output_handler, or otherwise the output will be corrupted.
; http://php.net/zlib.output-compression
zlib.output_compression = Off

; http://php.net/zlib.output-compression-level
;zlib.output_compression_level = -1

; You cannot specify additional output handlers if zlib.output_compression
; is activated here. This setting does the same as output_handler but in
; a different order.
; http://php.net/zlib.output-handler
;zlib.output_handler =

; Implicit flush tells PHP to tell the output layer to flush itself
; automatically after every output block. This is equivalent to calling the
; PHP function flush() after each and every call to print() or echo() and each
; and every HTML block. Turning this option on has serious performance
; implications and is generally recommended for debugging purposes only.
; http://php.net/implicit-flush
; Note: This directive is hardcoded to On for the CLI SAPI
implicit_flush = Off

; The unserialize callback function will be called (with the undefined class'
; name as parameter), if the unserializer finds an undefined class
; which should be instantiated. A warning appears if the specified function is
; not defined, or if the function doesn't include/implement the missing class.
; So only set this entry, if you really want to implement such a
; callback-function.
unserialize_callback_func =

; When floats & doubles are serialized store serialize_precision significant
; digits after the floating point. The default value ensures that when floats
; are decoded with unserialize, the data will remain the same.
serialize_precision = 100

; This directive allows you to enable and disable warnings which PHP will issue
; if you pass a value by reference at function call time. Passing values by
; reference at function call time is a deprecated feature which will be removed
; from PHP at some point in the near future. The acceptable method for passing a
; value by reference to a function is by declaring the reference in the functions
; definition, not at call time. This directive does not disable this feature, it
; only determines whether PHP will warn you about it or not. These warnings
; should enabled in development environments only.
; Default Value: On (Suppress warnings)
; Development Value: Off (Issue warnings)
; Production Value: Off (Issue warnings)
; http://php.net/allow-call-time-pass-reference
allow_call_time_pass_reference = Off

; Safe Mode
; http://php.net/safe-mode
safe_mode = Off

; By default, Safe Mode does a UID compare check when
; opening files. If you want to relax this to a GID compare,
; then turn on safe_mode_gid.
; http://php.net/safe-mode-gid
safe_mode_gid = Off

; When safe_mode is on, UID/GID checks are bypassed when
; including files from this directory and its subdirectories.
; (directory must also be in include_path or full path must
; be used when including)
; http://php.net/safe-mode-include-dir
safe_mode_include_dir =

; When safe_mode is on, only executables located in the safe_mode_exec_dir
; will be allowed to be executed via the exec family of functions.
; http://php.net/safe-mode-exec-dir
safe_mode_exec_dir =

; Setting certain environment variables may be a potential security breach.
; This directive contains a comma-delimited list of prefixes. In Safe Mode,
; the user may only alter environment variables whose names begin with the
; prefixes supplied here. By default, users will only be able to set
; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
; Note: If this directive is empty, PHP will let the user modify ANY
; environment variable!
; http://php.net/safe-mode-allowed-env-vars
safe_mode_allowed_env_vars = PHP_

; This directive contains a comma-delimited list of environment variables that
; the end user won't be able to change using putenv(). These variables will be
; protected even if safe_mode_allowed_env_vars is set to allow to change them.
; http://php.net/safe-mode-protected-env-vars
safe_mode_protected_env_vars = LD_LIBRARY_PATH

; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; http://php.net/open-basedir
;open_basedir =

; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; http://php.net/disable-functions
disable_functions =

; This directive allows you to disable certain classes for security reasons.
; It receives a comma-delimited list of class names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; http://php.net/disable-classes
disable_classes =

; Colors for Syntax Highlighting mode. Anything that's acceptable in
; <span style="color: ???????"> would work.
; http://php.net/syntax-highlighting
;highlight.string = #DD0000
;highlight.comment = #FF9900
;highlight.keyword = #007700
;highlight.bg = #FFFFFF
;highlight.default = #0000BB
;highlight.html = #000000

; If enabled, the request will be allowed to complete even if the user aborts
; the request. Consider enabling it if executing long requests, which may end up
; being interrupted by the user or a browser timing out. PHP's default behavior
; is to disable this feature.
; http://php.net/ignore-user-abort
;ignore_user_abort = On

; Determines the size of the realpath cache to be used by PHP. This value should
; be increased on systems where PHP opens many files to reflect the quantity of
; the file operations performed.
; http://php.net/realpath-cache-size
;realpath_cache_size = 16k

; Duration of time, in seconds for which to cache realpath information for a given
; file or directory. For systems with rarely changing files, consider increasing this
; value.
; http://php.net/realpath-cache-ttl
;realpath_cache_ttl = 120

;;;;;;;;;;;;;;;;;
; Miscellaneous ;
;;;;;;;;;;;;;;;;;

; Decides whether PHP may expose the fact that it is installed on the server
; (e.g. by adding its signature to the Web server header). It is no security
; threat in any way, but it makes it possible to determine whether you use PHP
; on your server or not.
; http://php.net/expose-php
expose_php = On

;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;

; Maximum execution time of each script, in seconds
; http://php.net/max-execution-time
; Note: This directive is hardcoded to 0 for the CLI SAPI
max_execution_time = 70

; Maximum amount of time each script may spend parsing request data. It's a good
; idea to limit this time on productions servers in order to eliminate unexpectedly
; long running scripts.
; Note: This directive is hardcoded to -1 for the CLI SAPI
; Default Value: -1 (Unlimited)
; Development Value: 60 (60 seconds)
; Production Value: 60 (60 seconds)
; http://php.net/max-input-time
max_input_time = 60

; Maximum input variable nesting level
; http://php.net/max-input-nesting-level
;max_input_nesting_level = 64

; Maximum amount of memory a script may consume (128MB)
; http://php.net/memory-limit
memory_limit = 128M

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Error handling and logging ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; This directive informs PHP of which errors, warnings and notices you would like
; it to take action for. The recommended way of setting values for this
; directive is through the use of the error level constants and bitwise
; operators. The error level constants are below here for convenience as well as
; some common settings and their meanings.
; By default, PHP is set to take action on all errors, notices and warnings EXCEPT
; those related to E_NOTICE and E_STRICT, which together cover best practices and
; recommended coding standards in PHP. For performance reasons, this is the
; recommend error reporting setting. Your production server shouldn't be wasting
; resources complaining about best practices and coding standards. That's what
; development servers and development settings are for.
; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This
; means it pretty much reports everything which is exactly what you want during
; development and early testing.
;
; Error Level Constants:
; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0)
; E_ERROR - fatal run-time errors
; E_RECOVERABLE_ERROR - almost fatal run-time errors
; E_WARNING - run-time warnings (non-fatal errors)
; E_PARSE - compile-time parse errors
; E_NOTICE - run-time notices (these are warnings which often result
; from a bug in your code, but it's possible that it was
; intentional (e.g., using an uninitialized variable and
; relying on the fact it's automatically initialized to an
; empty string)
; E_STRICT - run-time notices, enable to have PHP suggest changes
; to your code which will ensure the best interoperability
; and forward compatibility of your code
; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
; initial startup
; E_COMPILE_ERROR - fatal compile-time errors
; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
; E_USER_ERROR - user-generated error message
; E_USER_WARNING - user-generated warning message
; E_USER_NOTICE - user-generated notice message
; E_DEPRECATED - warn about code that will not work in future versions
; of PHP
; E_USER_DEPRECATED - user-generated deprecation warnings
;
; Common Values:
; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.)
; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices)
; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors)
; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.)
; Default Value: E_ALL & ~E_NOTICE
; Development Value: E_ALL | E_STRICT
; Production Value: E_ALL & ~E_DEPRECATED
; http://php.net/error-reporting
error_reporting = E_ALL & ~E_DEPRECATED

; This directive controls whether or not and where PHP will output errors,
; notices and warnings too. Error output is very useful during development, but
; it could be very dangerous in production environments. Depending on the code
; which is triggering the error, sensitive information could potentially leak
; out of your application such as database usernames and passwords or worse.
; It's recommended that errors be logged on production servers rather than
; having the errors sent to STDOUT.
; Possible Values:
; Off = Do not display any errors
; stderr = Display errors to STDERR (affects only CGI/CLI binaries!)
; On or stdout = Display errors to STDOUT
; Default Value: On
; Development Value: On
; Production Value: Off
; http://php.net/display-errors
display_errors = Off

; The display of errors which occur during PHP's startup sequence are handled
; separately from display_errors. PHP's default behavior is to suppress those
; errors from clients. Turning the display of startup errors on can be useful in
; debugging configuration problems. But, it's strongly recommended that you
; leave this setting off on production servers.
; Default Value: Off
; Development Value: On
; Production Value: Off
; http://php.net/display-startup-errors
display_startup_errors = Off

; Besides displaying errors, PHP can also log errors to locations such as a
; server-specific log, STDERR, or a location specified by the error_log
; directive found below. While errors should not be displayed on productions
; servers they should still be monitored and logging is a great way to do that.
; Default Value: Off
; Development Value: On
; Production Value: On
; http://php.net/log-errors
log_errors = On

; Set maximum length of log_errors. In error_log information about the source is
; added. The default is 1024 and 0 allows to not apply any maximum length at all.
; http://php.net/log-errors-max-len
log_errors_max_len = 1024

; Do not log repeated messages. Repeated errors must occur in same file on same
; line unless ignore_repeated_source is set true.
; http://php.net/ignore-repeated-errors
ignore_repeated_errors = Off

; Ignore source of message when ignoring repeated messages. When this setting
; is On you will not log errors with repeated messages from different files or
; source lines.
; http://php.net/ignore-repeated-source
ignore_repeated_source = Off

; If this parameter is set to Off, then memory leaks will not be shown (on
; stdout or in the log). This has only effect in a debug compile, and if
; error reporting includes E_WARNING in the allowed list
; http://php.net/report-memleaks
report_memleaks = On

; This setting is on by default.
;report_zend_debug = 0

; Store the last error/warning message in $php_errormsg (boolean). Setting this value
; to On can assist in debugging and is appropriate for development servers. It should
; however be disabled on production servers.
; Default Value: Off
; Development Value: On
; Production Value: Off
; http://php.net/track-errors
track_errors = Off

; Turn off normal error reporting and emit XML-RPC error XML
; http://php.net/xmlrpc-errors
;xmlrpc_errors = 0

; An XML-RPC faultCode
;xmlrpc_error_number = 0

; When PHP displays or logs an error, it has the capability of inserting html
; links to documentation related to that error. This directive controls whether
; those HTML links appear in error messages or not. For performance and security
; reasons, it's recommended you disable this on production servers.
; Note: This directive is hardcoded to Off for the CLI SAPI
; Default Value: On
; Development Value: On
; Production value: Off
; http://php.net/html-errors
html_errors = Off

; If html_errors is set On PHP produces clickable error messages that direct
; to a page describing the error or function causing the error in detail.
; You can download a copy of the PHP manual from http://php.net/docs
; and change docref_root to the base URL of your local copy including the
; leading '/'. You must also specify the file extension being used including
; the dot. PHP's default behavior is to leave these settings empty.
; Note: Never use this feature for production boxes.
; http://php.net/docref-root
; Examples
;docref_root = "/phpmanual/"

; http://php.net/docref-ext
;docref_ext = .html

; String to output before an error message. PHP's default behavior is to leave
; this setting blank.
; http://php.net/error-prepend-string
; Example:
;error_prepend_string = "<font color=#ff0000>"

; String to output after an error message. PHP's default behavior is to leave
; this setting blank.
; http://php.net/error-append-string
; Example:
;error_append_string = "</font>"

; Log errors to specified file. PHP's default behavior is to leave this value
; empty.
; http://php.net/error-log
; Example:
;error_log = php_errors.log
; Log errors to syslog (Event Log on NT, not valid in Windows 95).
;error_log = syslog

;;;;;;;;;;;;;;;;;
; Data Handling ;
;;;;;;;;;;;;;;;;;

; The separator used in PHP generated URLs to separate arguments.
; PHP's default setting is "&".
; http://php.net/arg-separator.output
; Example:
;arg_separator.output = "&amp;"

; List of separator(s) used by PHP to parse input URLs into variables.
; PHP's default setting is "&".
; NOTE: Every character in this directive is considered as separator!
; http://php.net/arg-separator.input
; Example:
;arg_separator.input = ";&"

; This directive determines which super global arrays are registered when PHP
; starts up. If the register_globals directive is enabled, it also determines
; what order variables are populated into the global space. G,P,C,E & S are
; abbreviations for the following respective super globals: GET, POST, COOKIE,
; ENV and SERVER. There is a performance penalty paid for the registration of
; these arrays and because ENV is not as commonly used as the others, ENV is
; is not recommended on productions servers. You can still get access to
; the environment variables through getenv() should you need to.
; Default Value: "EGPCS"
; Development Value: "GPCS"
; Production Value: "GPCS";
; http://php.net/variables-order
variables_order = "GPCS"

; This directive determines which super global data (G,P,C,E & S) should
; be registered into the super global array REQUEST. If so, it also determines
; the order in which that data is registered. The values for this directive are
; specified in the same manner as the variables_order directive, EXCEPT one.
; Leaving this value empty will cause PHP to use the value set in the
; variables_order directive. It does not mean it will leave the super globals
; array REQUEST empty.
; Default Value: None
; Development Value: "GP"
; Production Value: "GP"
; http://php.net/request-order
request_order = "GP"

; Whether or not to register the EGPCS variables as global variables. You may
; want to turn this off if you don't want to clutter your scripts' global scope
; with user data.
; You should do your best to write your scripts so that they do not require
; register_globals to be on; Using form variables as globals can easily lead
; to possible security problems, if the code is not very well thought of.
; http://php.net/register-globals
register_globals = Off

; Determines whether the deprecated long $HTTP_*_VARS type predefined variables
; are registered by PHP or not. As they are deprecated, we obviously don't
; recommend you use them. They are on by default for compatibility reasons but
; they are not recommended on production servers.
; Default Value: On
; Development Value: Off
; Production Value: Off
; http://php.net/register-long-arrays
register_long_arrays = Off

; This directive determines whether PHP registers $argv & $argc each time it
; runs. $argv contains an array of all the arguments passed to PHP when a script
; is invoked. $argc contains an integer representing the number of arguments
; that were passed when the script was invoked. These arrays are extremely
; useful when running scripts from the command line. When this directive is
; enabled, registering these variables consumes CPU cycles and memory each time
; a script is executed. For performance reasons, this feature should be disabled
; on production servers.
; Note: This directive is hardcoded to On for the CLI SAPI
; Default Value: On
; Development Value: Off
; Production Value: Off
; http://php.net/register-argc-argv
register_argc_argv = Off

; When enabled, the SERVER and ENV variables are created when they're first
; used (Just In Time) instead of when the script starts. If these variables
; are not used within a script, having this directive on will result in a
; performance gain. The PHP directives register_globals, register_long_arrays,
; and register_argc_argv must be disabled for this directive to have any affect.
; http://php.net/auto-globals-jit
auto_globals_jit = On

; Maximum size of POST data that PHP will accept.
; http://php.net/post-max-size
post_max_size = 16M

; Magic quotes are a preprocessing feature of PHP where PHP will attempt to
; escape any character sequences in GET, POST, COOKIE and ENV data which might
; otherwise corrupt data being placed in resources such as databases before
; making that data available to you. Because of character encoding issues and
; non-standard SQL implementations across many databases, it's not currently
; possible for this feature to be 100% accurate. PHP's default behavior is to
; enable the feature. We strongly recommend you use the escaping mechanisms
; designed specifically for the database your using instead of relying on this
; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is
; scheduled for removal in PHP 6.
; Default Value: On
; Development Value: Off
; Production Value: Off
; http://php.net/magic-quotes-gpc
magic_quotes_gpc = Off

; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
; http://php.net/magic-quotes-runtime
magic_quotes_runtime = Off

; Use Sybase-style magic quotes (escape ' with '' instead of \').
; http://php.net/magic-quotes-sybase
magic_quotes_sybase = Off

; Automatically add files before PHP document.
; http://php.net/auto-prepend-file
auto_prepend_file =

; Automatically add files after PHP document.
; http://php.net/auto-append-file
auto_append_file =

; By default, PHP will output a character encoding using
; the Content-type: header. To disable sending of the charset, simply
; set it to be empty.
;
; PHP's built-in default is text/html
; http://php.net/default-mimetype
default_mimetype = "text/html"

; PHP's default character set is set to empty.
; http://php.net/default-charset
;default_charset = "iso-8859-1"

; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is
; to disable this feature.
; http://php.net/always-populate-raw-post-data
;always_populate_raw_post_data = On

;;;;;;;;;;;;;;;;;;;;;;;;;
; Paths and Directories ;
;;;;;;;;;;;;;;;;;;;;;;;;;

; UNIX: "/path1:/path2"
;include_path = ".:/usr/share/php"
;
; Windows: "\path1;\path2"
;include_path = ".;c:\php\includes"
;
; PHP's default setting for include_path is ".;/path/to/php/pear"
; http://php.net/include-path

; The root of the PHP pages, used only if nonempty.
; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
; if you are running php as a CGI under any web server (other than IIS)
; see documentation for security issues. The alternate is to use the
; cgi.force_redirect configuration below
; http://php.net/doc-root
doc_root =

; The directory under which PHP opens the script using /~username used only
; if nonempty.
; http://php.net/user-dir
user_dir =

; Directory in which the loadable extensions (modules) reside.
; http://php.net/extension-dir
; extension_dir = "./"
; On windows:
; extension_dir = "ext"

; Whether or not to enable the dl() function. The dl() function does NOT work
; properly in multithreaded servers, such as IIS or Zeus, and is automatically
; disabled on them.
; http://php.net/enable-dl
enable_dl = Off

; cgi.force_redirect is necessary to provide security running PHP as a CGI under
; most web servers. Left undefined, PHP turns this on by default. You can
; turn it off here AT YOUR OWN RISK
; **You CAN safely turn this off for IIS, in fact, you MUST.**
; http://php.net/cgi.force-redirect
;cgi.force_redirect = 1

; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
; every request. PHP's default behavior is to disable this feature.
;cgi.nph = 1

; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
; will look for to know it is OK to continue execution. Setting this variable MAY
; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
; http://php.net/cgi.redirect-status-env
;cgi.redirect_status_env = ;

; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting
; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting
; of zero causes PHP to behave as before. Default is 1. You should fix your scripts
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
; http://php.net/cgi.fix-pathinfo
;cgi.fix_pathinfo=1

; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
; security tokens of the calling client. This allows IIS to define the
; security context that the request runs under. mod_fastcgi under Apache
; does not currently support this feature (03/17/2002)
; Set to 1 if running under IIS. Default is zero.
; http://php.net/fastcgi.impersonate
;fastcgi.impersonate = 1;

; Disable logging through FastCGI connection. PHP's default behavior is to enable
; this feature.
;fastcgi.logging = 0

; cgi.rfc2616_headers configuration option tells PHP what type of headers to
; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
; is supported by Apache. When this option is set to 1 PHP will send
; RFC2616 compliant header.
; Default is zero.
; http://php.net/cgi.rfc2616-headers
;cgi.rfc2616_headers = 0

;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;

; Whether to allow HTTP file uploads.
; http://php.net/file-uploads
file_uploads = On

; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
; http://php.net/upload-tmp-dir
;upload_tmp_dir =

; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 16M

; Maximum number of files that can be uploaded via a single request
max_file_uploads = 20

;;;;;;;;;;;;;;;;;;
; Fopen wrappers ;
;;;;;;;;;;;;;;;;;;

; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
; http://php.net/allow-url-fopen
allow_url_fopen = On

; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
; http://php.net/allow-url-include
allow_url_include = Off

; Define the anonymous ftp password (your email address). PHP's default setting
; for this is empty.
; http://php.net/from
;from="john@doe.com"

; Define the User-Agent string. PHP's default setting for this is empty.
; http://php.net/user-agent
;user_agent="PHP"

; Default timeout for socket based streams (seconds)
; http://php.net/default-socket-timeout
default_socket_timeout = 60

; If your scripts have to deal with files from Macintosh systems,
; or you are running on a Mac and need to deal with files from
; unix or win32 systems, setting this flag will cause PHP to
; automatically detect the EOL character in those files so that
; fgets() and file() will work regardless of the source of the file.
; http://php.net/auto-detect-line-endings
;auto_detect_line_endings = Off

;;;;;;;;;;;;;;;;;;;;;;
; Dynamic Extensions ;
;;;;;;;;;;;;;;;;;;;;;;

; If you wish to have an extension loaded automatically, use the following
; syntax:
;
; extension=modulename.extension
;
; For example, on Windows:
;
; extension=msql.dll
;
; ... or under UNIX:
;
; extension=msql.so
;
; ... or with a path:
;
; extension=/path/to/extension/msql.so
;
; If you only provide the name of the extension, PHP will look for it in its
; default extension dir...
#11

En modifiant la méthode post en get (avec l'extension webdevelopper), on obtient ceci :
http://www.christinedeveyrac.fr/contact/?mact=FormBuilder%252Cm62b34%252Cdefault%252C1&m62b34returnid=42&page=42&m62b34fbrp_callcount=1&m62b34form_id=4&m62b34fbrp_continue=2&m62b34fbrp_done=1&m62b34fbrp__30=test&m62b34fbrp__31=test%2540gmail.com&m62b34fbrp__32=&m62b34fbrp__33=brux&m62b34fbrp__34=aine&m62b34fbrp__35=test&m62b34fbrp__36=test&m62b34fbrp_submit=Envoyer

Sur aucun de mes formulaires, je n'ai trouvé cette slash avant le point d'interrogation. Ton .htaccess doit sans doute l'ajouter. Essaye en enlevant cette réécriture, on ne sait jamais Wink

Et avant toute chose remettre le copyright en place et corriger le code :
http://validator.w3.org/check?verbose=1&...contact%2F
#12

Pour le copyright, je ne comprend pas, j'ai bien mis la balise dans les meta (ligne 18 du code HTML), que dois-je rajouter de plus?

voici le .htaccess a la racine du site:
Code :
Options +FollowSymLinks
RewriteEngine on
RewriteBase /

# 301 Redirect all requests that don't contain a dot or trailing slash to
# include a trailing slash
RewriteCond %{REQUEST_URI} !/$
RewriteCond %{REQUEST_URI} !\.
RewriteRule ^(.*) %{REQUEST_URI}/ [R=301,L]

# Rewrites urls in the form of /parent/child/
# but only rewrites if the requested URL is not a file or directory
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ index.php?page=$1 [QSA]


Voici la conf apache du site:
Citation :<VirtualHost *:80>
DocumentRoot /home/web/christinedeveyrac.fr/
ServerName christinedeveyrac.fr
ServerAlias www.christinedeveyrac.fr
ServerAlias christinedeveyrac.andrieu.com
ServerAlias www.christinedeveyrac.andrieu.com
<Directory />
#AllowOverride AuthConfig
allow from all
Options +FollowSymLinks
# RewriteEngine on
# RewriteBase /

# 301 Redirect all requests that don't contain a dot or trailing slash to
# include a trailing slash
# RewriteCond %{REQUEST_URI} !/$
# RewriteCond %{REQUEST_URI} !\.
# RewriteRule ^(.*) %{REQUEST_URI}/ [R=301,L]

# Rewrites urls in the form of /parent/child/
# but only rewrites if the requested URL is not a file or directory
# RewriteCond %{REQUEST_FILENAME} !-f
# RewriteCond %{REQUEST_FILENAME} !-d
# RewriteRule ^(.+)$ index.php?page=$1 [QSA]
</Directory>
</VirtualHost>

Effectivement j'ai tout mis en commentaire sur les params du site, mais j'ai oublié le .htaccess
Que me conseil tu de faire comme modif?
#13

supprime le 'RewriteBase /'

{SEO}
Inscrivez-vous à notre Newsletter sur le site (colonne de droite, en bas).
Vous appréciez CMSMS et l'aide qui vous est fournie ici, aidez-nous en participant au projet.
Formation CMS Made Simple | Création de site CMS Made Simple.

C'est en se plantant qu'on devient cultivé.
J'ai un string dans l'Array (Paris Hilton)
#14

ça marche!!!! Cool
Voici le .htaccess qui fonction:
Code :
Options +FollowSymLinks
RewriteEngine on
#RewriteBase /

# 301 Redirect all requests that don't contain a dot or trailing slash to
# include a trailing slash
RewriteCond %{REQUEST_URI} !/$
RewriteCond %{REQUEST_URI} !\.
#RewriteRule ^(.*) %{REQUEST_URI}/ [R=301,L]

# Rewrites urls in the form of /parent/child/
# but only rewrites if the requested URL is not a file or directory
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ index.php?page=$1 [QSA]

Il y avait bien un "RewriteRule" a commenter, par contre si je commente les autres le site fonctionne bizarrement (url avec le get apparent, WYSIWYG qui ne fonctionne plus....).

Merci beaucoup pour votre aide.

Me reste quand même du tag pour me mettre aux normes W3C...
#15

Désolé pour le copyright, il est correct, je ne l'avais pas vu.

Voici un .htaccess avec les rewrite rules, une sécurité renforcée pour ovh (je te le conseille, il y a énormément d'attaques pour le moment, je viens d'en subir) et quelques petites fonctions utiles.

Code :
RewriteEngine On
SetEnv REGISTER_GLOBALS 0
SetEnv ZEND_OPTIMIZER 1
SetEnv MAGIC_QUOTES 1
SetEnv PHP_VER 5
#option to remove directory listings in all folder (avoid publishing unwanted contents)
Options -Indexes
Options +FollowSymLinks
# Deny access to config.php
# This can be useful if php ever breaks or dies
# Use with caution, this may break other functions of CMSms that use a config.php
# file.  This may also break other programs you have running under your CMSms
# install that use config.php.  You may need to add another .htaccess file to those
# directories to specifically allow config.php.
# <Files "config.php">
#     order allow,deny
#    deny from all
# </Files>
# No sense advertising what we are running
ServerSignature Off
###FILTRE CONTRE ROBOTS DES PIRATES ET ASPIRATEURS DE SITE WEB
### LISTE ICI: http://www.bg-pro.com/?goto=badbot
## EXCEPTION: TOUS LES ROBOTS MEMES ANONYMES OU BANNIS PEUVENT ACCEDER A CES FICHIERS
RewriteCond %{REQUEST_URI} !^/robots.txt
RewriteCond %{REQUEST_URI} !^/sitemap.xml
## EXCEPTION: SI UTILISATION DE *PAYPAL INSTANT NOTIFICATION PAYMENT*, COMME PAYPAL N'UTILISE PAS DE HTTP_USER_AGENT, L'IPN NE MARCHERA PAS.
RewriteCond %{REQUEST_URI} !^/paypal-ipn.php
##
RewriteCond %{HTTP_USER_AGENT} ^-?$ [OR]
## ANONYMES
RewriteCond %{HTTP_USER_AGENT} ^[bcdfghjklmnpqrstvwxz\ ]{8,}|^[0-9a-z]{15,}|^[0-9A-Za-z]{19,}|^[A-Za-z]{3,}\ [a-z]{4,}\ [a-z]{4,} [OR]
## CEUX QUI INVENTENT DES NOMS AU HASARD
RewriteCond %{HTTP_USER_AGENT} ^<sc|<\?|8484\ Boston\ Project|autoemailspider|@nonymouse|ADSARobot|Advanced\ Email\ Extractor|^adwords|ah-ha|aktuelles|amzn_assoc|Anarchie|anonymous|Art-Online|ASPSeek|ASSORT|ATHENS|Atomz|attach|autoemailspider|BackWeb|Bandit|BatchFTP|bdfetch|big.brother|BlackWidow|blogsearchbot-martin|bmclient|Boston\ Project|BravoBrian\ SpiderEngine\ MarcoPolo|Bullseye|bumblebee|capture|CherryPicker|ChinaClaw|CICC|clipping|compatible\ \;|Crescent|Crescent\ Internet|Custo|cyberalert|Deweb|diagem|Digger|Digimarc|DIIbot|DirectUpdate|disco|DISCoFinder|Downloader|Download\ Accelerator|Download\ Demon|Download\ Wonder|Drip|DSurf15a|DTS.Agent|EasyDL|eCatch|echo\ extense|ecollector|efp@gmx\.net|EirGrabber|EmailCollector|EmailSiphon|Email\ Siphon|EmailWolf|Email\ Extractor|Express\ WebPictures|ExtractorPro [NC,OR]
## VRAIS ET FAUX ROBOTS NE RESPECTANT PAS LES REGLES
RewriteCond %{HTTP_USER_AGENT} EyeNetIE|fastlwspider|FavOrg|Favorites\ Sweeper|^Fetch|FEZhead|FileHound|flashget|FlashGet\ WebWasher|FlickBot|fluffy|frontpage|GalaxyBot|Generic|Getleft|GetRight|GetSmart|GetWeb!|GetWebPage|gigabaz|Girafabot|Go!Zilla|go-ahead-got-it|GornKer|Grabber|GrabNet|Grafula|Green\ Research|grub-client|grub\ crawler|hanzoweb|Harvest|hhjhj@yahoo|hloader|HMView|HomePageSearch|HTTPConnect|httpdown|httplib|HttpProxy|HTTP\ agent|http\ generic|HTTrack|ia_archive|IBM_Planetwide|IDBot|id-search|imagefetch|Image\ Stripper|Image\ Sucker|IncyWincy|Indy\ Library|informant|Ingelin|InterGET|InternetLinkAgent|InternetSeer\.com|^Internet\ Explorer|Internet\ Ninja|IPiumBot|Iria|Irvine|Jakarta\ Commons|JBH*Agent [NC,OR]
## VRAIS ET FAUX ROBOTS NE RESPECTANT PAS LES REGLES
RewriteCond %{HTTP_USER_AGENT} JetCar|JOC|JOC\ Web\ Spider|JustView|Kapere|KWebGet|Lachesis|larbin|LeechFTP|LexiBot|lftp|likse|Link*Sleuth|LINKS\ ARoMATIZED|LinkWalker|Mac\ Finder|Mag-Net|Magnet|Mass\ Downloader|MCspider|Microsoft\ URL|Microsoft\ Data|MIDown\ tool|minibot\(NaverRobot\)|Mirror|Missigua|Mister\ PiX|MJ12bot|MMMtoCrawl\/UrlDispatcherLLL|Movable\ Type|Moozilla|^Mozilla$|^MSIE|Murzillo|MSProxy|multithreaddb|nationaldirectory|Navroad|NearSite|NetAnts|NetCarta|NetMechanic|netprospector|NetResearchServer|NetSpider|NetZIP|NetZippy|NetZip\ Downloader|Net\ Vampire|NEWT|nicerspro|NICErsPRO|NPBot|Nutch|Nutscrape/|Octopus|Offline\ Explorer|Offline\ Navigator|OmniExplorer|OpaL|Openfind|OpenTextSiteCrawler [NC,OR]
## VRAIS ET FAUX ROBOTS NE RESPECTANT PAS LES REGLES
##RewriteCond %{HTTP_USER_AGENT} OrangeBot|PackRat|PageGrabber|Papa\ Foto|pavuk|pcBrowser|PersonaPilot|PingALink|Pockey|Program\ Shareware|Proxy|psbot|PSurf|psycheclone|^puf|Pump|PushSite|PussyCat|PycURL|python|QRVA|QuepasaCreep|RealDownload|Reaper|Recorder|ReGet|replacer|RepoMonkey|almaden|Robozilla|Rover|RPT-HTTPClient|Rsync|SearchExpress|searchhippo|searchterms\.it|Second\ Street\Research|Seeker|Shai|sitecheck|SiteMapper|SiteSnagger|SlySearch|SmartDownload|snagger|SpaceBison|Spegla|SpiderBot|SqWorm|Star\Downloader|Stripper|sucker|SuperBot|SuperHTTP|Surfbot|SurfWalker|SurveyBot|Szukacz|tAkeOut|tarspider|Teleport\Pro|Telesoft|Templeton|TrackBack|TrueRobot|Turing|TurnitinBot [NC,OR]
## VRAIS ET FAUX ROBOTS NE RESPECTANT PAS LES REGLES
RewriteCond %{HTTP_USER_AGENT} TV33_Mercator|UIowaCrawler|URL_Spider_Pro|^user|^User\ Agent:\ |^User-Agent:\ |UtilMind|Vacuum|vagabondo|vayala|visibilitygap|vobsub|VoidEYE|vspider|w3mir|WebaltBot|WebAuto|webbandit|WebCapture|Webclipping|webcollage|webcollector|WebCopier|webcraft@bea|WebDAV|webdevil|webdownloader|Webdup|WebEmailExtractor|WebFetch|WebGo\ IS|WebHook|Webinator|WebLeacher|WEBMASTERS|WebMiner|WebMirror|webmole|WebReaper|WebSauger|WEBsaver|Website\ eXtractor|Website\ Quester|WebSnake|Webster|WebStripper|websucker|webvac|webwalk|webweasel|WebWhacker|WebZIP|Web\ Data\ Extractor|Web\ Downloader|Web\ Image\ Collector|Web\ Sucker|web\.by\.mail|whizbang|WhosTalking|Widow|Widows|WISEbot|WISEnutbot|WUMPUS|Wweb|WWWOFFLE|Wysigot|x-Tractor|Xaldon\ WebSpider|XGET|Yandex|Zeus|Zeus.*Webster [NC]
## VRAIS ET FAUX ROBOTS NE RESPECTANT PAS LES REGLES
RewriteCond %{HTTP_USER_AGENT} ^curl|^Fetch\ API\ Request|GT\:\:WWW|^HTTP\:\:Lite|httplib|^Java/1.|^Java\ 1.|^LWP|libWeb|libwww|^PEAR|PECL\:\:HTTP|PHPCrawl|^Program\ Shareware|python|Rsync|Snoopy|^URI\:\:Fetch|WebDAV|^Wget [NC]
## BIBLIOTHEQUES / CLASSES HTTP DONT ON NE VEUT PAS. ATTENTION, CELA PEUT BLOQUER CERTAINES FONCTIONS DE VOTRE CMS. NE PAS TOUT EFFACER, MAIS CHERCHEZ LE NOM DE LA CLASSE HTTP CONCERNEE (DEMANDEZ AUX DEVELOPPEURS DE VOTRE CMS). CETTE LISTE BLOQUE 80% DES ROBOTS SPAMMEURS. IL FAUT LA CONSERVER.
RewriteRule (.*) - [F]
### DES FAUX URLS, ON LES NEUTRALISE
RedirectMatch gone ^/_vti.*
RedirectMatch gone ^/MSOffice.*
RedirectMatch gone ^[-_a-z0-9/\.]*//.*
RedirectMatch gone ^.*/etc/passwd.*
### FILTRE CONTRE XSS, REDIRECTIONS HTTP, base64_encode, VARIABLE PHP GLOBALS VIA URL, MODIFIER VARIABLE _REQUEST VIA URL, TEST DE FAILLE PHP, INJECTION SQL SIMPLE
RewriteCond %{REQUEST_METHOD} (GET|POST) [NC]
RewriteCond %{QUERY_STRING} ^(.*)(%3C|<)/?script(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)(%3D|=)?javascript(%3A|:)(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)document\.location\.href(.*)$ [OR]
RewriteCond %{QUERY_STRING} ^(.*)(%3D|=)http(%3A|:)(/|%2F){2}(.*)$ [NC,OR]
## ATTENTION A CETTE REGLE. ELLE PEUT CASSER CERTAINES REDIRECTIONS RESSEMBLANT A: http://www.truc.fr/index.php?r=http://www.google.fr ##
RewriteCond %{QUERY_STRING} ^(.*)base64_encode(.*)$ [OR]
RewriteCond %{QUERY_STRING} ^(.*)GLOBALS(=|[|%[0-9A-Z]{0,2})(.*)$ [OR]
RewriteCond %{QUERY_STRING} ^(.*)_REQUEST(=|[|%[0-9A-Z]{0,2})(.*)$ [OR]
RewriteCond %{QUERY_STRING} ^(.*)(SELECT|INSERT|DELETE|CHAR\(|UPDATE|REPLACE|LIMIT)(.*)$
### ON EVITE LE VOL D'IMAGES, VIDEO, SON, FEUILLE DE STYLE, PDF ET ZIP
### LES VISITEURS DOIVENT PASSER PAR LE SITE.
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://[-_a-z0-9.]*christinedeveyrac\.fr$ [NC]
RewriteCond %{HTTP_REFERER} !^http://[-_a-z0-9.]*christinedeveyrac\.fr/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://mediaplan\.ovh\.net/~promojeu/.*$ [NC] // à modifier
RewriteRule .*\.(gif|jpe?g?|jp2|png|svgz?|ico|css|pdf|zip|gz|js|mp3|m4a|mp4|mov|divx|avi|wma?v?|wmp|swf|flv|docx?|xlsx?|pptx?|vbs|rtf|asf?x?|odt|ods|odp|odg|odb)$ - [NC,F]
<FilesMatch "\.(ico|flv|jpe?g|png|gif|js|css|swf)$">
ExpiresActive On
ExpiresDefault "access plus 1 month"
</FilesMatch>
<IfModule mod_deflate.c>
    # Insert filter on all content
    SetOutputFilter DEFLATE
    # Insert filter on selected content types only
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
    # Netscape 4.x has some problems...
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    # Netscape 4.06-4.08 have some more problems
    BrowserMatch ^Mozilla/4\.0[678] no-gzip
    # MSIE masquerades as Netscape, but it is fine
    BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
    # Don't compress images
    SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
    # Make sure proxies don't deliver the wrong content
    Header append Vary User-Agent env=!dont-vary
</IfModule>
FileETag MTime Size

# URL Filtering helps stop some hack attempts
#IF the URI contains a "http:"
RewriteCond %{QUERY_STRING} http\: [OR]

#OR if the URI contains a "["
RewriteCond %{QUERY_STRING} \[ [OR]

#OR if the URI contains a "]"
RewriteCond %{QUERY_STRING} \] [OR]

#OR if the URI contains a "<script>"
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]

#OR if the script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]

#OR if any script is trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]

#OR if the URI contains UNION
RewriteCond %{QUERY_STRING} UNION [OR]

#OR if the URI contains a double slash
RewriteCond %{QUERY_STRING} // [OR]

#OR if the URI contains a *
RewriteCond %{QUERY_STRING} \*

#then deny the request (403)
RewriteRule ^.*$ - [F,L]

# End URL Filtering

# CMSMS Rewriting
# Set assume mod_rewrite to true in config.php and clear CMSMS cache
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ index.php?page=$1 [QSA]
# END CMSMS
# END Rewrite rules

Une ligne à modifier pour être en corrélation avec ton serveur :
RewriteCond %{HTTP_REFERER} !^http://*****mediaplan\.ovh\.net/~*****/.*$ [NC]
Voir article 6 dans le post sur le forum ovh : http://forum.ovh.com/showthread.php?t=19263
#16

c'est du touffu ce .htaccess :lol:
#17

pfffouou,
on est spécialistes html, css, php, javascript, shell, sql, smarty, sécurité, référencement, hébergement, merise, uml, poo, graphisme...si j'en oublie, ne m'en voulez pas Big Grin

Et dans l'inconscient collectif, le web, c'est gratuit et facile!

Bon, en tout cas, ben500fr, si ton problème est résolu, marque-le dans le titre du premier post.

{SEO}
Inscrivez-vous à notre Newsletter sur le site (colonne de droite, en bas).
Vous appréciez CMSMS et l'aide qui vous est fournie ici, aidez-nous en participant au projet.
Formation CMS Made Simple | Création de site CMS Made Simple.

C'est en se plantant qu'on devient cultivé.
J'ai un string dans l'Array (Paris Hilton)
#18

Touffu oui, mais je préfère un petit copier-coller que de passer des heures pour supprimer les hacks. Un de mes sites était devenu un pishing pour récupérer le login et mdp du crédit général et un autre servait à envoyer des milliers de spams chaque jour...
Et tous mes sites sont passés en chmod 404 pour les .php et 505 pour les dossiers + un petit code php pour vérifier si un des fichiers a été modifié (code provenant du forum ovh, voir lien plus haut) :
Code :
<?php
/*
Donne la liste des derniers fichiers créés ET modifiés.
Très utile en cas de piratage pour savoir quels fichiers sont ajoutés et ceux qui ont été modifiés. Utile pour comprendre le comportement d'un script ou d'un CMS et voir quels fichiers ont été manipulés.

Mettez ce script dans votre hébergement, ouvrez-le avec votre navigateur web, donnez le nombre de jours représentant la période à vérifier, puis le nom du dossier à analyser.
Ce script ne va donner la liste que des dossiers à partir du chemin /home/votreloginftp/www/ de votre hébergement mutualisé chez OVH.

Crédits: Les 4/5 du code sont l'oeuvre de Linda MacPhee-Cobb (http://timestocome.com)
*/

    $go_back = 0;                        // affiche résultat ou non
    $i = 0;                                // compteur de boucle
    $dir_count = 0;                        // initialisation de la boucle
    $date = time();                        // date et heure actuelle
    $one_day = 86400;                    // nombre de secondes pour une journée
    $days = preg_replace("/[^0-9]/i",'', $_POST["jours"]);    // nombre de jours à vérifier
    $path = preg_replace("/[^_A-Za-z0-9-\.%\/]/i",'', $_POST["chemin"]);    // chemin de fichier absolu (avec nettoyage contre piratage)
    $path = preg_replace("/\.\.\//",'', $path);    // on interdit la commande ../
    define('ABSPATH', dirname(__FILE__));
    $path = ABSPATH.$path;    // chemin de fichier absolu de votre compte OVH du genre /home/loginftp/www/ etc.
    $directories_to_read[$dir_count] = $path;
    
    // Formulaire pour remonter le temps
    print "<html><body><h3>Contr&ocirc;le des derniers fichiers modifi&eacute;s <br />dans votre h&eacute;bergement mutualis&eacute; chez OVH.</h3>";
    print "<table><tr><td>";
    print "<form method=\"post\">";
    print "<tr><td>Nombre de jours &agrave; v&eacute;rifier 1-99: </td>";
    print "<td>&nbsp;&nbsp;<input type=\"text\" name=\"jours\" maxlength=\"2\" size=\"2\"></td></tr>";
    print "<tr><td>Nom du r&eacute;pertoire &agrave; contr&ocirc;ler: </td>";
    print "<td>".ABSPATH." <input type=\"text\" name=\"chemin\" maxlength=\"80\" size=\"30\" value=\"/\" > (mettre un / &agrave; la fin)</td></tr>";
    print "<tr><td> </td><td><input type=\"submit\" value=\" V&eacute;rifier Fichiers \">";
    print "</form>";
    print "</td></tr></table>";
    // Affichage du résultat
    $go_back = $one_day * $days;
    print "<br /> Retour sur les <strong>" . ($go_back/$one_day) ."</strong> derniers jours. <br /><br />";

    if ( $go_back > 0 ){
        print "<table><tr><th>Nom du Fichier</th><th>Date de modification</th></tr>";
        $diff = $date - $go_back;
        
        while ( $i <= $dir_count ){
            $current_directory = $directories_to_read[$i];
        
            // obtenir info fichier
            $read_path = opendir( $directories_to_read[$i] );
            while ( $file_name = readdir( $read_path)){
                if (( $file_name != '.' )&&( $file_name != '..' )){
                    if ( is_dir( $current_directory . "/"  . $file_name ) == "dir" ){
                        // besoin d'obtenir tous les fichiers d'un répertoire
                        $d_file_name = "$current_directory" . "$file_name";
                        $dir_count++;
                        $directories_to_read[$dir_count] = $d_file_name . "/";
                    }else{
                        $file_name = "$current_directory" . "$file_name";                                
                        // Si temps modifiés plus récent que x jours, affiche, sinon, passe
                        if ( (filemtime( $file_name)) > $diff  ){
                            print "<tr><td> $file_name </td>";
                            $date_changed = filemtime( $file_name );
                            $pretty_date = date("d/m/Y H:i:s", $date_changed);
                            print  "<td> ::: $pretty_date</td></tr>" ;
                        }
                    }
                }
            }
            closedir ( $read_path );
            $i++;    
        }
            print "</table>";    
            print "</body></html>";    
    } // if go_back > 0 )            
?>
#19

Je vais essayer le .htaccess et ce code php ce week-end, je vous tiens au courant ( le "SetEnv PHP_VER 5" je ne pense pas que ça marche en dehors des hébergements ovh).
Sujet fermé


Atteindre :


Utilisateur(s) parcourant ce sujet : 4 visiteur(s)