The site I maintain is being hosted by our University and due to hackers we recently implemented su-php. Since that time we have not been able to fix our intranet so that users can upload photos (and other documents). I have talked with some IT people about the problem and it turns out that with su-php, PHP is interpreted as CGI.
Not only can people not upload documents. Users cannot even get to our login page (which is implemented using freak_auth_light) when I set the “AddHandler su-php-script .php” in the .htaccess file.
Any help is much appreciated.