This configuration DOES work. I'm using it in my testing environment right now just to make sure the caching doesn't interfere with my production software, but the application itself is fine.

One note though, the control panel that is distributed with eAccelerator will not work with this configuration. The reason is that the basic authentication via the PHP headers that the file uses does not work when PHP is a CGI. It only works when PHP is an Apache module.

A quick hack I made is to use a simple session key instead. This is a straight dump from vi with the line numbers on, from the eAccelerator 0.9.5.2 control.php file:


31 /* {{{ auth */

32 /*if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_USER']) ||

33 $_SERVER['PHP_AUTH_USER'] != $user || $_SERVER['PHP_AUTH_PW'] != $pw) {

34 header('WWW-Authenticate: Basic realm="eAccelerator control panel"');

35 header('HTTP/1.0 401 Unauthorized');

36 exit;

37 }*/

38 /* }}} */

39 if( $_SESSION['xxx']!=$mykey ) {

40 if( ($_POST['user']!=$user) && ($_POST['pass']!=$pw) ) {

41 ?>

42 <form name="basicauth" method="post">

43 <input name="user" type="text">



44 <input name="pass" type="text">



45 <input type="submit">

46 </form>

47 48 exit;

49 } else {

50 session_start();

51 $_SESSION['xxx'] = $mykey;

52 }

53 }


You can see I've commented out the original auth. I haven't even bothered labeling the form fields here. The form will automatically submit back to the page it is on. The session key is protected by you setting the key value and the key value. It works quite well for a 5 minute hack.