Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Warning: I am able to write to the configuration file "configure.php"


cuppycakez

Recommended Posts

Hi all,

 

I'm fairly new to oscommerce and php (very new in fact), but I pick things up easily and can usually work out how to do things using good old Google...but unfortunately this one is getting the better of me. I've read tons of forum posts about how to solve this problem, but none of them have worked.

 

Basically I've installed oscommerce on my server (Streamline.net) and I've getting the pink warning message:

"Warning: I am able to write to the configuration file: /user/htdocs/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file."

 

I know I need to change the user permissions to 444 or read-only, which I have done several times through various ways (via ftp, locally on my Mac and then by re-uploading, locally on a Windows PC and then by re-uploading, by logging into Streamlines FTP interface and using Chmod), but every time I refresh, the message is still there and when checking the file through Streamline's FTP interface, I can see that the file is for some reason not on read-only.

 

I've contacted Streamline asking them if it's a problem with their server and they have said the following:

"This would indicate that you are using some kind of 3rd-party software or implemented a site application using .htaccess files that are overriding the file permissions you have changed.

To stop this from happening please consult your software vendor if you are using a 3rd party application or review your scripting if this is an application you have developed yourself."

 

Is this true and what can I do to get rid of this highly irritating pink warning message?!

 

Thanks for your help in advance!

Link to comment
Share on other sites

you can disable this warning, edit the application_top.php file.

Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here!

8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself.

Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues.

Any issues with oscommerce, I am here to help you.

Link to comment
Share on other sites

You usually have to use cPanel.

 

Try permissions in this order until the warning goes away:

 

644

 

444

 

400

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

You usually have to use cPanel.

 

Try permissions in this order until the warning goes away:

 

644

 

444

 

400

Unfortunately I don't have cPanel and I've just tried changing the permissions in that order via my FTP software and that's not worked.

How can I get cPanel and does it run on a mac? I don't really understand what that software is :(

Link to comment
Share on other sites

When you got your account from your Webhost they gave you a URL and a login to get to a place where you can upload/edit/delete/etc. files on the server in your web space.

 

THAT program is your cPanel.

 

If you can't do that to change permissions, in /catalog/includes/application_top.php (almost to the bottom):

 

  define('WARN_CONFIG_WRITEABLE', 'true');

Change to:

 

  define('WARN_CONFIG_WRITEABLE', 'false');

And - Voila!

 

No more warning.

 

Backup the file before editing.

 

You break it - You bought it (standard store policy).

;)

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

But surely this will mean that the problem still exists and that the message has just been removed?

 

not at all with right security on server it's simply impossible to overwrite these settings over internet.

Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here!

8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself.

Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues.

Any issues with oscommerce, I am here to help you.

Link to comment
Share on other sites

When you got your account from your Webhost they gave you a URL and a login to get to a place where you can upload/edit/delete/etc. files on the server in your web space.

 

THAT program is your cPanel.

 

If you can't do that to change permissions, in /catalog/includes/application_top.php (almost to the bottom):

 

  define('WARN_CONFIG_WRITEABLE', 'true');

Change to:

 

  define('WARN_CONFIG_WRITEABLE', 'false');

And - Voila!

 

No more warning.

 

Backup the file before editing.

 

 

 

You break it - You bought it (standard store policy).

;)

 

Thanks Jim. This did it for me. No matter what permissions I set I was still getting the security error. I know through Dreamweaver and my cPanel the configure.php file on the server is set at 644.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...