From: Shane Caraveo <shane@php.net>
Date: Fri, 1 Mar 2002 06:34:08 +0000 (+0000)
Subject: add comment for IIS users
X-Git-Tag: php-4.2.0RC1~231
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=db73f9095348a1d3bdf110a8afb3746769354850;p=php

add comment for IIS users
fix some whitespace
---

diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index 9cc864e96f..c1b939f48f 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -467,20 +467,20 @@ int main(int argc, char *argv[])
 	/* startup after we get the above ini override se we get things right */
 	if (php_module_startup(&cgi_sapi_module)==FAILURE) {
 #ifdef ZTS
-	        tsrm_shutdown();
+		tsrm_shutdown();
 #endif
 		return FAILURE;
 	}
 
 #if FORCE_CGI_REDIRECT
 	/* check force_cgi after startup, so we have proper output */
-        if (cfg_get_long("cgi.force_redirect", &force_redirect) == FAILURE) {
-            force_redirect = 1;
-        }
+	if (cfg_get_long("cgi.force_redirect", &force_redirect) == FAILURE) {
+        force_redirect = 1;
+	}
 	if (cgi && force_redirect) {
-                if (cfg_get_string("cgi.redirect_status_env", &redirect_status_env) == FAILURE) {
-                    redirect_status_env = NULL;
-                }
+        if (cfg_get_string("cgi.redirect_status_env", &redirect_status_env) == FAILURE) {
+            redirect_status_env = NULL;
+        }
 		/* Apache will generate REDIRECT_STATUS,
 		 * Netscape and redirect.so will generate HTTP_REDIRECT_STATUS.
 		 * redirect.so and installation instructions available from
@@ -488,11 +488,11 @@ int main(int argc, char *argv[])
 		 *   -- kk@netuse.de
 		 */
 		if (!getenv("REDIRECT_STATUS") 
-                    && !getenv ("HTTP_REDIRECT_STATUS")
-                    /* this is to allow a different env var to be configured
-                        in case some server does something different than above */
-                    && (!redirect_status_env || !getenv(redirect_status_env))
-                    ) {
+			&& !getenv ("HTTP_REDIRECT_STATUS")
+			/* this is to allow a different env var to be configured
+			    in case some server does something different than above */
+			&& (!redirect_status_env || !getenv(redirect_status_env))
+			) {
 			PUTS("<b>Security Alert!</b>  PHP CGI cannot be accessed directly.\n\
 \n\
 <P>This PHP CGI binary was compiled with force-cgi-redirect enabled.  This\n\
@@ -505,12 +505,13 @@ binary accessible somewhere in your web tree, people will be able to circumvent\
 this is to define doc_root in your php.ini file to something other than your\n\
 top-level DOCUMENT_ROOT.  This way you can separate the part of your web space\n\n\
 which uses PHP from the normal part using .htaccess security.  If you do not have\n\
-any .htaccess restrictions anywhere on your site you can leave doc_root undefined.\n\
+any .htaccess restrictions anywhere on your site you can leave doc_root undefined.\n\n\n\
+If you are running IIS, you may safely set cgi.force_redirect=0 in php.ini.\n\
 \n");
 
 			/* remove that detailed explanation some time */
 #ifdef ZTS
-	                tsrm_shutdown();
+	        tsrm_shutdown();
 #endif
 
 			return FAILURE;