You are currently browsing the archives for the OS X category.

PHP 5 and XDebug on OS X Leopard

Posted 1 year, 7 months ago at 1:37 am by Jennifer. 2 comments

It was another frustrating night in the land of X. I went to install XDebug on my Leopard desktop and realized that PHP was no longer running. Interesting, since I know I had the Entropy.ch package installed and running a while back, so what happened? I figured something must have broken during an upgrade, so I poked around my machine and the Entropy user forums to try and resolve the problem.

I ended up reinstalling the Apache 2 version of the PHP 5 package, but found the assertion in the instructions that “PHP should now be up and running” to be incorrect. For some reason the installer script did not add the necessary line to the httpd.conf file, located at /etc/apache2/httpd.conf for me:
LoadModule php5_module /usr/local/php5/libphp5.so
I added this, restarted the server via the Sharing control panel, and… nothing. Now Apache wasn’t even running, despite the green light in the control panel. Running “apachectl configtest” revealed the following error:
httpd: Syntax error on line 116 of /private/etc/apache2/httpd.conf: Cannot load /usr/local/php5/libphp5.so into server: dlopen(/usr/local/php5/libphp5.so, 10): no suitable image found.  Did find:\n\t/usr/local/php5/libphp5.so: no matching architecture in universal wrapper
Ah. OK. This was sounding familiar, and I followed the instructions in this forum post, Problem 2 and Problem 3, to get Apache to play nice with the Entropy package. After this I added the following lines to /usr/local/php5/lib/php.ini to point it to my XDebug .so, installed using “sudo pecl install xdebug”:
[xdebug]
zend_extension=/usr/local/php5/lib/php/extensions/no-debug-non-zts-20060613/xdebug.so
… and all was well. Or was it?

It seems that the problem here is that as part of Leopard, Apple switched over to using a 64-bit version of Apache 2. This was fine for them because their crippled bundled PHP 5 extension was updated to match. However, I was unaware of the issue and since I don’t use my desktop server much, it took me a long time to notice… during which time my PHP code was open to the world.

I want someone to blame here but the only person to blame is really myself… using non-standard packages, and not at least checking my external interfaces after a fairly major upgrade. Let this be a lesson: You never know when a seemingly simple upgrade is going to cause a huge security hole, even on your little home machine. Always take the responsibility of hosting seriously.

P.S. Marc Liyanage, where did you go? If you’re not going to update the packages anymore, please let someone take over for you… there are a lot of books and tutorials pointing to your packages…