PDO 连接从命令行工作,而不是通过 Apache?
我有一个非常简单的测试脚本:
I have a very simple test script:
<?php
$DSN = "mysql:host=db.example.edu;port=3306;dbname=search_data";
try {
$DB = new PDO($DSN, "username", "super-secret-password!");
} catch (PDOException $e) {
header('Content-Type: text/plain');
print "Could not connect to database, rawr. :-(";
exit;
}
$SQL = "SELECT phrase FROM search ORDER BY RAND() LIMIT 10";
foreach($DB->query($SQL) as $row){
print $row['phrase']."
";
}
?>
当我从命令行执行此脚本时,它运行良好:
When I execute this script from the command line, it works perfectly:
$ php test.php
corporal punishment
Stretches
voluntary agencies and the resettlement of refugees
music and learning
Nike Tiger Woods Scandal
Hermeneia
PSYCHINFO
anthony bourdain
Black-White Couples and their Social Worlds
colonization, hodge
但是当我通过网络浏览器访问完全相同的脚本时,它说:
But when I access the exact same script through my web browser, it says:
Could not connect to database, rawr. :-(
我已经尝试了 var_dump
解决错误,消息是:SQLSTATE[HY000] [2003] 无法连接到 MySQL 服务器上的 'db.example.edu' (13)".
I've tried var_dump
on the error, and the message is: "SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'db.example.edu' (13)".
这令人费解.这是完全相同的服务器上的完全相同的脚本——为什么当我从命令行执行它时它可以工作,但当 Apache 执行它时却失败?
This is puzzling. It's the exact same script on the exact same server -- why does it work when I execute it from the command line, but fail when Apache executes it?
推荐答案
如果这是运行 SELinux(或任何使用 SELinux 的任何非 Red Hat 衍生产品)的 Red Hat 衍生发行版(RHEL、CentOS、Fedora、ScientificLinux),则默认撰写本文时的策略设置是禁止 Apache 与其他服务器或数据库建立外部连接.作为 root,您必须启用以下两个 SELinux 布尔值.使用 -P
选项在重新启动后保持更改.
If this is a Red Hat-derived distribution (RHEL, CentOS, Fedora, ScientificLinux) running SELinux (or any non Red Hat derivative using SELinux), the default policy setting at time of this writing is to prohibit Apache from making external connections to other servers or databases. As root, you must enable the following two SELinux booleans. Use the -P
option to persist the change across a reboot.
setsebool -P httpd_can_network_connect=1
setsebool -P httpd_can_network_connect_db=1
请注意,httpd_can_network_connect
可能不是必需的.首先尝试仅打开 httpd_can_network_connect_db
.
Note that httpd_can_network_connect
may not be necessary. Try it first turning on only httpd_can_network_connect_db
.
相关文章