--- includes/bootstrap.old	2008-02-19 09:24:09.000000000 -0500
+++ includes/bootstrap.inc	2008-02-18 23:15:45.000000000 -0500
@@ -237,7 +237,8 @@ function conf_path($require_settings = T
   }
 
   $confdir = 'sites';
-  $uri = explode('/', $_SERVER['SCRIPT_NAME'] ? $_SERVER['SCRIPT_NAME'] : $_SERVER['SCRIPT_FILENAME']);
+  $script_name = substr($_SERVER['PHP_SELF'], 0, strpos($_SERVER['PHP_SELF'], 'index.php') + 9);
+  $uri = explode('/', $script_name ? $script_name : $_SERVER['SCRIPT_FILENAME']);
   $server = explode('.', implode('.', array_reverse(explode(':', rtrim($_SERVER['HTTP_HOST'], '.')))));
   for ($i = count($uri) - 1; $i > 0; $i--) {
     for ($j = count($server); $j > 0; $j--) {
@@ -299,9 +300,7 @@ function conf_init() {
     // characters allowed in hostnames.
     $base_url = $base_root .= '://'. preg_replace('/[^a-z0-9-:._]/i', '', $_SERVER['HTTP_HOST']);
 
-    // $_SERVER['SCRIPT_NAME'] can, in contrast to $_SERVER['PHP_SELF'], not
-    // be modified by a visitor.
-    if ($dir = trim(dirname($_SERVER['SCRIPT_NAME']), '\,/')) {
+    if ($dir = trim(dirname(substr($_SERVER['PHP_SELF'], 0, strpos($_SERVER['PHP_SELF'], 'index.php') + 9)), '\,/')) {
       $base_path = "/$dir";
       $base_url .= $base_path;
       $base_path .= '/';
@@ -728,14 +727,15 @@ function request_uri() {
     $uri = $_SERVER['REQUEST_URI'];
   }
   else {
+    $script_name = $script_name = substr($_SERVER['PHP_SELF'], 0, strpos($_SERVER['PHP_SELF'], 'index.php') + 9);
     if (isset($_SERVER['argv'])) {
-      $uri = $_SERVER['SCRIPT_NAME'] .'?'. $_SERVER['argv'][0];
+      $uri = $script_name .'?'. $_SERVER['argv'][0];
     }
     elseif (isset($_SERVER['QUERY_STRING'])) {
-      $uri = $_SERVER['SCRIPT_NAME'] .'?'. $_SERVER['QUERY_STRING'];
+      $uri = $script_name .'?'. $_SERVER['QUERY_STRING'];
     }
     else {
-      $uri = $_SERVER['SCRIPT_NAME'];
+      $uri = $script_name;
     }
   }