Rich
asked on
phpinfo() not showing any output
Hi,
I am having an issue with the php copy function and wanted to check some system variables, but for some reason phpinfo() will not output any data. phpis working on the server, (Apache), and the print statement outputs to the browser OK, but otherwise a blank screen. I am sure that this used to work. The code for the file version.php is below.
Any ideas?
Thanks,
Rich
-------------------------- ----versio n.php code -------------------------- ---------- ----
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>PHP Version Info</title>
</head>
<body>
<?php
print ("The following is the phpinfo<br>");
phpinfo();
?>
</body>
</html>
-------------------------- ----- end of version.php -------------------------- ---
I am having an issue with the php copy function and wanted to check some system variables, but for some reason phpinfo() will not output any data. phpis working on the server, (Apache), and the print statement outputs to the browser OK, but otherwise a blank screen. I am sure that this used to work. The code for the file version.php is below.
Any ideas?
Thanks,
Rich
--------------------------
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>PHP Version Info</title>
</head>
<body>
<?php
print ("The following is the phpinfo<br>");
phpinfo();
?>
</body>
</html>
--------------------------
ASKER
<? phpinfo() ?>
alone in the file prints nothing. The view page source is totally empty.
alone in the file prints nothing. The view page source is totally empty.
brad2575 was asking you to create a page with:
<?php phpinfo() ?>
. . . to see if the direct call to php would produce output. Did you do that?
Also, and I am NOT a php guy, it seems like I had trouble terminating php tag lines in some version of php and I had to enable short-tags. Actually, I think that's a bad idea, but as I recall it fixed a problem similar to what you are describing.
Good luck,
Steve
<?php phpinfo() ?>
. . . to see if the direct call to php would produce output. Did you do that?
Also, and I am NOT a php guy, it seems like I had trouble terminating php tag lines in some version of php and I had to enable short-tags. Actually, I think that's a bad idea, but as I recall it fixed a problem similar to what you are describing.
Good luck,
Steve
1. phpinfo() does create a whole HTML page, but that doesn't explain no output.
2. as steve pointed yout the initial tag is <?php, but also a semicolon isn't optional, even for the only command.
Simple reason for not getting any output is php is not at all configured in your webserver, or the error reporting is setup to just log and not show errors, then an error is aborting output and you get no source, while the error is just logged. Then search and look into php*_errors.log
Bye, Olaf.
2. as steve pointed yout the initial tag is <?php, but also a semicolon isn't optional, even for the only command.
Simple reason for not getting any output is php is not at all configured in your webserver, or the error reporting is setup to just log and not show errors, then an error is aborting output and you get no source, while the error is just logged. Then search and look into php*_errors.log
Bye, Olaf.
ASKER
Steve, Olaf
Yes, I did create a new file called version.php and it is exactly the following one line:
<?php phpinfo(); ?>
This file used to work just fine, and I have a large php implementation running on the same domain/server, so I know it is currently working properly. I almost remember reading somewhere that this function can be disabled for security reasons in the php.ini file, which I do not have control of. Is this possible that the server admin might have disabled it?
Rich
Yes, I did create a new file called version.php and it is exactly the following one line:
<?php phpinfo(); ?>
This file used to work just fine, and I have a large php implementation running on the same domain/server, so I know it is currently working properly. I almost remember reading somewhere that this function can be disabled for security reasons in the php.ini file, which I do not have control of. Is this possible that the server admin might have disabled it?
Rich
Yes, that's certainly possible and desirable in an environment where security is tight, or where an administrator thinks it should be tight.
I think you can do a "disable_functions = phpinfo" in the php.ini file or some other syntax in the .htaccess file.
Good luck,
Steve
I think you can do a "disable_functions = phpinfo" in the php.ini file or some other syntax in the .htaccess file.
Good luck,
Steve
That's true, in php.ini there can be an option disabling a list of functions.
You could try to use ini_set() to override that option:
If the ini_set is not disabled, too, it could enable to call that function this way, and don't be afraid, this will just override it for that current session.
Most probably, though, ini_set() would also be disabled, to prevent that.
Bye, Olaf.
You could try to use ini_set() to override that option:
<?php
ini_set('disable_functions', '');
phpinfo();
?>
If the ini_set is not disabled, too, it could enable to call that function this way, and don't be afraid, this will just override it for that current session.
Most probably, though, ini_set() would also be disabled, to prevent that.
Bye, Olaf.
ASKER
Thanks for the info Olaf, but that did not work. I will open a support ticket with the admin to see if they disabled it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you're working with a hosting company that has disabled phpinfo(), don't waste any more of your time trying to debug their problem. This is a technically incompetent thing to do, and it will likely just be the tip of the iceberg of hosting problems. Instead, find a better hosting company and move right now. I use and am pleased to recommend ChiHost.com. I have also had good experiences with LiquidWeb and HostGator. For larger sites, you might choose SliceHost or RackSpace.
If you want to give the hosting company one last chance, install this script (shown here in its entirety) in the web root and run it. If you get no output, get off that host and move to one of the recommended ones!
If you want to give the hosting company one last chance, install this script (shown here in its entirety) in the web root and run it. If you get no output, get off that host and move to one of the recommended ones!
<?php
error_reporting(E_ALL);
ini_set('display_errors', TRUE);
phpinfo();
Good luck, ~Ray
Makes me wonder, Ray.
I think it's arguable, if this is a bad sign. Disabling phpinfo() is security by obfuscation. You can argue that disabling through hiding this info is meaning the hoster has no confidence, the version or it's configuration is secure.
Not showing the info doesn't make the host more secure. But then phpinfo shows both php version and versions of other components besides many paths and settings. And even the best hosters will only be able to install the latest stable release for best security and make the best possible config.
But even that can have known security flaws, so in the end even a secure hoster might rather disable phpinfo(), like you also disable displaying errors, if you don't want to invite hackers just forcing errors to happen to gather info about your code and vulnerabilities.
See here: http://security.stackexchange.com/questions/12474/is-there-a-good-reason-to-turn-off-phpinfo
I'd ask for your own php error log from your hoster. If you don't get at this, this is a worse sign than disabled phpinfo. Indeed disabled error display as default is recommended for production use, you should install php on your pc for development and testing and not learn and test at a hosting.
Bye, Olaf.
I think it's arguable, if this is a bad sign. Disabling phpinfo() is security by obfuscation. You can argue that disabling through hiding this info is meaning the hoster has no confidence, the version or it's configuration is secure.
Not showing the info doesn't make the host more secure. But then phpinfo shows both php version and versions of other components besides many paths and settings. And even the best hosters will only be able to install the latest stable release for best security and make the best possible config.
But even that can have known security flaws, so in the end even a secure hoster might rather disable phpinfo(), like you also disable displaying errors, if you don't want to invite hackers just forcing errors to happen to gather info about your code and vulnerabilities.
See here: http://security.stackexchange.com/questions/12474/is-there-a-good-reason-to-turn-off-phpinfo
Is there a really good reason to leave phpinfo() on?
Security through obscurity isn't a valid means of protecting servers but, conversely, there's no point in telling the "bad guys" which buggy version of a piece of software you're running. They need to work for their exploits.
For authorized users, the info from phpinfo should be easily attainable from other sources.
I'd ask for your own php error log from your hoster. If you don't get at this, this is a worse sign than disabled phpinfo. Indeed disabled error display as default is recommended for production use, you should install php on your pc for development and testing and not learn and test at a hosting.
Bye, Olaf.
ASKER
Thanks for the help! It was the hosting company - not sure if they specifically disabled phpinfo() or there was some sort of error, but opening a tech support ticket got it working as it should work.
Try JUST THIS on the page: <?php phpinfo() ?> nothing else, if nothing displays view source, maybe it is not printing to screen correctly