JohnOne

Wordpress help

5 posts in this topic

I just installed wordpress on a site.

When I navigate to the dashboard (http://address.com/wp-admin/) The browser is served up with a php code page like so...

<?php
/**
 * Dashboard Administration Screen
 *
 * @package WordPress
 * @subpackage Administration
 */

/** Load WordPress Bootstrap */
require_once( dirname( __FILE__ ) . '/admin.php' );

/** Load WordPress dashboard API */
require_once(ABSPATH . 'wp-admin/includes/dashboard.php');

wp_dashboard_setup();

wp_enqueue_script( 'dashboard' );
if ( current_user_can( 'edit_theme_options' ) )
    wp_enqueue_script( 'customize-loader' );
if ( current_user_can( 'install_plugins' ) )
    wp_enqueue_script( 'plugin-install' );
if ( current_user_can( 'upload_files' ) )
    wp_enqueue_script( 'media-upload' );
add_thickbox();

etc...

Anyone ever seen this, and know how to fix it?


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites



Never mind.

I was having trouble installing a theme, and a possible solution I found through a web search said to add this to htaccess file

"AddType x-mapp-php5 .php"

It never worked, but page loads normally after removing that line.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites

You're dealing with a misconfiguration of Apache and PHP. Normally your hosting provider does this proper for you, or provides instructions how you can do this yourself. I'd check the latter and if no instructions are provided, I'd email them and if the response is less than satisfactory, I honestly recommend changing hosting partner right away. It's a pain in the ass to work with poor hosting providers and any indication they are bad should be cause to immediately migrate.

Apache has to be told that .php files must be ran through PHP and the output of that interpreter will be the actual page. The way it works inside of Apache is it registers certain programs like PHP to handle specific file types. The way you have posted with using AddType sets the MIME type for .php files to one that Apache understands as needing PHP . PHP then changes the actual MIME type sent to the client to the appropriate type (text/html usually).

So what's wrong with the way you've done it now? Any .php in the file name will execute the file as a PHP file. If a malicious user uploads a file called image.php.png it will be executed as PHP. That's a security risk. It's also a pain to do this in the .htaccess file, it should be in the php.conf file (in httpd/conf.d/php.conf or something) so it is globally enabled in a safe way like this:

<FilesMatch \.php$>
    SetHandler application/x-httpd-php
</FilesMatch>
1 person likes this

Share this post


Link to post
Share on other sites

I make Wordpress websites in my spare time to earn a little on the side. If you need any advice, I've subscribed to this topic.

1 person likes this

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now