php_logo_guid
The php_sapi_name() function is extremely useful when you want to determine the type of interface. There is, however, one more gotcha you need to be aware of while designing your application or deploying it to an unknown server.
Whenever something depends on the type of interface, make sure your check is conclusive. Especially when you want to distinguish the command line interface (CLI) from the common gateway interface (CGI).
Note, that the php-cgi binary can be called from the command line, from a shell script or as a cron job as well! If so, the php_sapi_name() will always return the same value (i.e. "cgi-fcgi") instead of "cli" which you could expect.
Bad things happen to good people. Do not always expect /usr/bin/php to be a link to php-cli binary.
Luckily the contents of the $_SERVER and the $_ENV superglobal arrays depends on whether the php-cgi binary is called from the command line interface (by a shell script, by the cron, etc.) or by some HTTP server (i.e. lighttpd).
<?php
var_dump($_SERVER);
?>
Try to call php-cgi binary from the command line interface and then via HTTP request and compare the output of the script above. There will be plenty options to satisfy almost everyone.
For the sake of security remember, that contents of the $_SERVER and the $_ENV superglobal arrays (as well as $_GET, $_POST, $_COOKIE, $_FILES and $_REQUEST) should be considered tainted.
php_sapi_name
(PHP 4 >= 4.0.1, PHP 5)
php_sapi_name — Returns the type of interface between web server and PHP
Description
string php_sapi_name
( void
)
Returns a lowercase string that describes the type of interface (the Server API, SAPI) that PHP is using. For example, in CLI PHP this string will be "cli" whereas with Apache it may have several different values depending on the exact SAPI used. Possible values are listed below.
Return Values
Returns the interface type, as a lowercase string.
Although not exhaustive, the possible return values include aolserver, apache, apache2filter, apache2handler, caudium, cgi (until PHP 5.3), cgi-fcgi, cli, continuity, embed, isapi, litespeed, milter, nsapi, phttpd, pi3web, roxen, thttpd, tux, and webjames.
Examples
Example #1 php_sapi_name() example
This example checks for the substring cgi because it may also be cgi-fcgi.
<?php
$sapi_type = php_sapi_name();
if (substr($sapi_type, 0, 3) == 'cgi') {
echo "You are using CGI PHP\n";
} else {
echo "You are not using CGI PHP\n";
}
?>
Notes
Note: An alternative approach
The PHP constant
PHP_SAPIhas the same value as php_sapi_name().
Tip
A potential gotcha
The defined SAPI may not be obvious, because for example instead of apache it may be defined as apache2handler or apache2filter.
add a note
User Contributed Notes
php_sapi_name - [4 notes]
michal at roszka dot pl ¶
3 years ago
webmaster dot dobs at gmail dot com ¶
2 days ago
<?php
if (PHP_SAPI != 'cli')
exit('Use command line');
// do something
?>
Ysangkok ¶
4 years ago
This function can also return "cli" if PHP was launched from CLI. Useful if one wants to behave differently when running in console.
sageptr at gmail dot com ¶
7 months ago
Just another simple way to determine if script ran locally (php cli or wget), or by remote user:
<?php
if(isset($_SERVER["REMOTE_ADDR"]) && ($_SERVER["REMOTE_ADDR"] != $_SERVER["SERVER_ADDR"])){
exit('Permission denied');
};
// do something
?>