Server side includes not working on .php files

[msklut]

Due to the CMS framework we are using (OpenCart), we had to go with server side includes (SSI) to load text content on our webpages (which are dynamic PHP). No doubt php_include would be ideal, however the page templates does not allow php for security reasons. At any rate, we are able to get SSI to work on .html pages, but not on .php. The Apache configuration files and loaded modules are listed below. Any suggestions would be greatly appreciated!

Example code for the SSI on an .html page
<!--#include virtual="/includes/content_123.html" -->

.htaccess (public_html)
Options +Includes
AddOutputFilter INCLUDES .html .php

/etc/httpd/conf/httpd.conf
# Further relax access to the default document root:
<Directory "/var/www/html">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options +Includes
AddOutputFilter INCLUDES .php .html

# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
XBitHack on
#
# Controls who can get stuff from this server.
#
Require all granted
</Directory>

#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
<FilesMatch "\.(php|shtml|html)$">
SetHandler application/x-httpd-php
</FilesMatch>

Loaded Modules
core_module (static)
so_module (static)
http_module (static)
mpm_prefork_module (shared)
systemd_module (shared)
cgi_module (shared)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
expires_module (shared)
file_cache_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
log_config_module (shared)
log_forensic_module (shared)
logio_module (shared)
mime_module (shared)
mime_magic_module (shared)
negotiation_module (shared)
proxy_module (shared)
proxy_fcgi_module (shared)
proxy_http_module (shared)
proxy_wstunnel_module (shared)
remoteip_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_shmcb_module (shared)
socache_redis_module (shared)
speling_module (shared)
status_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
bwlimited_module (shared)
ssl_module (shared)
security2_module (shared)
ruid2_module (shared)

 

[cPRex]

Hey there! Would you happen to be running LiteSpeed or just Apache? This is a known limitation of the LiteSpeed server:

https://support.cpanel.net/hc/en-us/articles/1500008286862-LiteSpeed-cannot-parse-both-PHP-and-SSI-in-same-HTML-file

Other than that, I'm not finding much on my end for this particular issue so it might be best to submit a ticket to our team so we can check the machine.

 

[msklut]

Hey there! Would you happen to be running LiteSpeed or just Apache? This is a known limitation of the LiteSpeed server:

https://support.cpanel.net/hc/en-us/articles/1500008286862-LiteSpeed-cannot-parse-both-PHP-and-SSI-in-same-HTML-file

Other than that, I'm not finding much on my end for this particular issue so it might be best to submit a ticket to our team so we can check the machine.

[~]# ps aux | grep litespeed
root 14699 0.0 0.0 112808 976 pts/1 R+ 10:29 0:00 grep --color=auto litespeed

I attempted to use the code from this cPanel support article to switch to Apache from LiteSpeed, but it would not work.

 

[cPRex]

The daemon is actually "lsws" and you would likely know if you were running LiteSpeed as there is an additional fee for that tool.

It would likely be best to create a ticket so we can see this behavior on your machine.

 

[msklut]

OK. We have the LiteSpeed PHP extensions enabled under EasyApache4:

php71-php-litespeed
php72-php-litespeed
php73-php-litespeed
php74-php-litespeed

That wouldn't affect this right?

I'll go ahead and create a ticket in the mean time.

 

[cPRex]

I wouldn't expect those to be related to the issue.

If you can post the ticket number here once that is submitted I can follow along on my end and make sure the thread gets an update once we have a resolution.

 

[msklut]

I wouldn't expect those to be related to the issue.

If you can post the ticket number here once that is submitted I can follow along on my end and make sure the thread gets an update once we have a resolution.

Ticket #94436544

 

[cPRex]

Thanks for that - I'm following along with that ticket on my end now.

 

[msklut]

Solution:
1. WHM » MultiPHP Manager
change PHP handler from cgi to dso for active PHP version

2. WHM » Software » EasyApache4 » Apache Modules
enable mod_ruid2 module

3. WHM » Restart Services » HTTP Server (Apache)
restart Apache

4. WHM » MultiPHP INI Editor » Editor Mode
change output_buffering from Off to 4096 or higher (Production Value: 4096)

 

[cPRex]

Thanks for posting the details!

 

[msklut]

Does anyone have suggestions for the following error message?

PHP Warning: Response::output(): Headers already sent. You cannot change the session module's ini settings at this time in /home/admin_user/public_html/system/library/response.php on line 118

We tried add ob_start(); to the index.php file, however it still shows these errors in the log.

 

[Spirogg]

Does anyone have suggestions for the following error message?

PHP Warning: Response::output(): Headers already sent. You cannot change the session module's ini settings at this time in /home/admin_user/public_html/system/library/response.php on line 118

We tried add ob_start(); to the index.php file, however it still shows these errors in the log.

You
Might try reading this answer

How to fix "Headers already sent" error in PHP

When running my script, I am getting several errors like this: Warning: Cannot modify header information - headers already sent by (output started at /some/file.php:12) in /some/file.php on line...

stackoverflow.com

 

[msklut]

You
Might try reading this answer

How to fix "Headers already sent" error in PHP

When running my script, I am getting several errors like this: Warning: Cannot modify header information - headers already sent by (output started at /some/file.php:12) in /some/file.php on line...

stackoverflow.com

OK. The article references that the echo function produces 'output' which can terminate sending HTTP headers. The warning/error message indicates line 118 in the response.php file below is the issue.

Response::output(): Headers already sent. You cannot change the session module's ini settings at this time in /home/admin_user/public_html/system/library/response.php on line 118

class Response {
    private $headers = array();
    private $level = 0;
    private $output;

    /**
     * Constructor
     *
     * @param    string    $header
     *
     */
    public function addHeader($header) {
        $this->headers[] = $header;
    }
    
    /**
     * 
     *
     * @param    string    $url
     * @param    int        $status
     *
     */
    public function redirect($url, $status = 302) {
        header('Location: ' . str_replace(array('&', "\n", "\r"), array('&', '', ''), $url), true, $status);
        exit();
    }
    
    /**
     * 
     *
     * @param    int        $level
     */
    public function setCompression($level) {
        $this->level = $level;
    }
    
    /**
     * 
     *
     * @return    array
     */
    public function getOutput() {
        return $this->output;
    }
    
    /**
     * 
     *
     * @param    string    $output
     */    
    public function setOutput($output) {
        $this->output = $output;
    }
    
    /**
     * 
     *
     * @param    string    $data
     * @param    int        $level
     * 
     * @return    string
     */
    private function compress($data, $level = 0) {
        if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false)) {
            $encoding = 'gzip';
        }

        if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'x-gzip') !== false)) {
            $encoding = 'x-gzip';
        }

        if (!isset($encoding) || ($level < -1 || $level > 9)) {
            return $data;
        }

        if (!extension_loaded('zlib') || ini_get('zlib.output_compression')) {
            return $data;
        }

        if (headers_sent()) {
            return $data;
        }

        if (connection_status()) {
            return $data;
        }

        $this->addHeader('Content-Encoding: ' . $encoding);

        return gzencode($data, (int)$level);
    }
    
    /**
     * 
     */

108   public function output() {
109        if ($this->output) {
110           $output = $this->level ? $this->compress($this->output, $this->level) : $this->output;
111         
112            if (!headers_sent()) {
113               foreach ($this->headers as $header) {
114                   header($header, true);
115                      }
116           }
117         
118            echo $output;
        }
    }
}

Any thoughts? Seems like this issue only presented itself when we updated PHP from 7.2 to 7.3 a few weeks back. We never had these error messages before.

 

[Spirogg]

OK. The article references that the echo function produces 'output' which can terminate sending HTTP headers. The warning/error message indicates line 118 in the response.php file below is the issue.

Response::output(): Headers already sent. You cannot change the session module's ini settings at this time in /home/admin_user/public_html/system/library/response.php on line 118

class Response {
    private $headers = array();
    private $level = 0;
    private $output;

    /**
     * Constructor
     *
     * @param    string    $header
     *
     */
    public function addHeader($header) {
        $this->headers[] = $header;
    }
   
    /**
     *
     *
     * @param    string    $url
     * @param    int        $status
     *
     */
    public function redirect($url, $status = 302) {
        header('Location: ' . str_replace(array('&', "\n", "\r"), array('&', '', ''), $url), true, $status);
        exit();
    }
   
    /**
     *
     *
     * @param    int        $level
     */
    public function setCompression($level) {
        $this->level = $level;
    }
   
    /**
     *
     *
     * @return    array
     */
    public function getOutput() {
        return $this->output;
    }
   
    /**
     *
     *
     * @param    string    $output
     */   
    public function setOutput($output) {
        $this->output = $output;
    }
   
    /**
     *
     *
     * @param    string    $data
     * @param    int        $level
     *
     * @return    string
     */
    private function compress($data, $level = 0) {
        if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false)) {
            $encoding = 'gzip';
        }

        if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'x-gzip') !== false)) {
            $encoding = 'x-gzip';
        }

        if (!isset($encoding) || ($level < -1 || $level > 9)) {
            return $data;
        }

        if (!extension_loaded('zlib') || ini_get('zlib.output_compression')) {
            return $data;
        }

        if (headers_sent()) {
            return $data;
        }

        if (connection_status()) {
            return $data;
        }

        $this->addHeader('Content-Encoding: ' . $encoding);

        return gzencode($data, (int)$level);
    }
   
    /**
     *
     */

108   public function output() {
109        if ($this->output) {
110           $output = $this->level ? $this->compress($this->output, $this->level) : $this->output;
111        
112            if (!headers_sent()) {
113               foreach ($this->headers as $header) {
114                   header($header, true);
115                      }
116           }
117        
118            echo $output;
        }
    }
}

Any thoughts? Seems like this issue only presented itself when we updated PHP from 7.2 to 7.3 a few weeks back. We never had these error messages before.

Just wondering if you could update to 7.4 might be more stable than 7.3. If not I would suggest try to switch back to 7.2 and see if the issue persists now.
sorry I don’t have much more to offer you in the way ofhelp. Hopefully @cPRex might be able to tomorrow when he is on the forums

 

[msklut]

Just wondering if you could update to 7.4 might be more stable than 7.3. If not I would suggest try to switch back to 7.2 and see if the issue persists now.
sorry I don’t have much more to offer you in the way ofhelp. Hopefully @cPRex might be able to tomorrow when he is on the forums

Updated to 7.4 earlier today, but the error messages are still there. The CMS recommends using 7.4, so I’ll probably just have to start the witch hunt for any files that may have an extra space before “<?php”.

 

[Spirogg]

What is the name of the cms you are using ? If you don’t mind me asking

 

[msklut]

What is the name of the cms you are using ? If you don’t mind me asking

OpenCart

 

[Spirogg]

OpenCart

phptags tag tidier: phptags tag tidier

usage examples

• phptags --whitespace *.php cleans up spaces or UTF-8 BOM issues before opening and after close tags
• phptags --warn directory/ searches through a directory and just warns about whitespace issues

this might help you find whitespace in the Tags seems pretty cool tool for this

 

[cPRex]

I'm not familiar with any issues on the PHP side of things that would cause those errors.

 

[msklut]

phptags tag tidier: phptags tag tidier

usage examples

• phptags --whitespace *.php cleans up spaces or UTF-8 BOM issues before opening and after close tags
• phptags --warn directory/ searches through a directory and just warns about whitespace issues

this might help you find whitespace in the Tags seems pretty cool tool for this

Looks like a very helpful tool. Unfortunately, it fails to install the phptags.rpm package.

[~]# wget http://include-once.org/p/phptags/phptags-1.2.rpm
--2022-04-21 11:18:57--  http://include-once.org/p/phptags/phptags-1.2.rpm
Resolving include-once.org (include-once.org)... 172.67.134.40, 104.21.6.15, 2606:4700:3033::6815:60f, ...
Connecting to include-once.org (include-once.org)|172.67.134.40|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 16351 (16K) [application/x-redhat-package-manager]
Saving to: ‘phptags-1.2.rpm’
100%[=================================================>] 16,351      --.-K/s   in 0.1s    
2022-04-21 11:18:57 (136 KB/s) - ‘phptags-1.2.rpm’ saved [16351/16351]

[~]# yum install phptags-1.2.rpm
Loaded plugins: fastestmirror, langpacks, universal-hooks
Examining phptags-1.2.rpm: phptags-1.2-1.noarch
Error: Nothing to do