Say I have a block of code I would like to test like this:
<?php
require('wp-blog-header.php');
require('wp-includes/pluggable.php');
..........................
..........................
?>
Nginx:
location ~ /internal_token {
fastcgi_pass unix:/tmp/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME # is possible to execute php some how, without call to filename?
include fastcgi_params;
}
The invisible file have to be in main root directory of WordPress because use require files, I am trying to avoid creating file or symlynks.
Is there an existing solution to this problem?
Update: I building a system like WordPress toolkit of cpanel, so I will add the feature 1-Click Login
2
Answers
If you had an "upstream" you could use nginx’s
auth_request
in order to make an additional request and retrieve data (e.g. server-side authentication token) before continuing with the primary request.e.g. all requests to
/api
trigger anauth_request
to an internal location/auth/check
which returns pass/fail (and optionally data that can be bundled along). If the check passes then the request continues to/api
or whatever.Not sure that helps you and not sure that is possible with
php-fpm
but pretty useful for some use cases.No, it is not possible to execute random PHP code from the context of Nginx configuration.
From the manual
The appropriate / intended use of that directive is to set environment variables, not to pass arbitrary code to an arbitrary fast-cgi interpreter.
If you want to execute a specific script, then use the SCRIPT_FILENAME parameter as described in the manual.
I don’t think the protocol forbids such behavior, because one can send almost anything with FCGI_PARAMS, at least according to my interpretation. However, judging by this implementation the SCRIPT_FILENAME is at least a convention: PHP OOP fastcgi