http://bugs.php.net/bug.php?id=23800

Shane Caraveo · Shane Caraveo · commit 67ebb942b66c · 2003-05-25T18:35:18.000Z
change the default for those who cannot
this was actually done a long time ago, but got reverted along the way
diff --git a/php.ini-dist b/php.ini-dist
@@ -444,6 +444,14 @@ enable_dl = On
 ; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
 ; cgi.redirect_status_env = ;
 
+; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
+; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
+; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
+; this to 1 will cause PHP CGI to fix it's paths to conform to the spec.  A setting
+; of zero causes PHP to behave as before.  Default is zero.  You should fix your scripts
+; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
+; cgi.fix_pathinfo=0
+
 ; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
 ; security tokens of the calling client.  This allows IIS to define the
 ; security context that the request runs under.  mod_fastcgi under Apache
diff --git a/php.ini-recommended b/php.ini-recommended
@@ -459,6 +459,14 @@ enable_dl = On
 ; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
 ; cgi.redirect_status_env = ;
 
+; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
+; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
+; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
+; this to 1 will cause PHP CGI to fix it's paths to conform to the spec.  A setting
+; of zero causes PHP to behave as before.  Default is zero.  You should fix your scripts
+; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
+; cgi.fix_pathinfo=1
+
 ; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
 ; security tokens of the calling client.  This allows IIS to define the
 ; security context that the request runs under.  mod_fastcgi under Apache
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
@@ -1062,7 +1062,7 @@ consult the installation file that came with this distribution, or visit \n\
 
 #if ENABLE_PATHINFO_CHECK
 	if (cfg_get_long("cgi.fix_pathinfo", &fix_pathinfo) == FAILURE) {
-		fix_pathinfo = 1;
+		fix_pathinfo = 0;
 	}
 #endif
 

Original file line number	Diff line number	Diff line change
`@@ -1062,7 +1062,7 @@ consult the installation file that came with this distribution, or visit \n\`
`1062`	`1062`
`1063`	`1063`	`#if ENABLE_PATHINFO_CHECK`
`1064`	`1064`	`if (cfg_get_long("cgi.fix_pathinfo", &fix_pathinfo) == FAILURE) {`
`1065`		`- fix_pathinfo = 1;`
	`1065`	`+ fix_pathinfo = 0;`
`1066`	`1066`	`}`
`1067`	`1067`	`#endif`
`1068`	`1068`