torinwalker Posted June 11, 2003 Posted June 11, 2003 At the top of my screen, I get a pink warning bar: Warning: I am able to write to the configuration file: /webpages/public/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file. But, I have the permissions set to 444. What else could it be complaining about?
joekilo Posted June 11, 2003 Posted June 11, 2003 i get the same... on all files....but i have just changed my permissions to 777 and it still gives the warning someone please advise??? jk
Guest Posted June 11, 2003 Posted June 11, 2003 dont forget to chmod both admin and catalog/includes/configure.php to 644 HTH The_Bear
joekilo Posted June 12, 2003 Posted June 12, 2003 thanks tried that and setting to 444...(problem wouldnt be in my hosting file manager would it....myos commerce install as a add on there is set to permissions 644? jk
torinwalker Posted June 12, 2003 Author Posted June 12, 2003 Just as joekilo (joepound2.2) mentioned, regardless of whether the files are set together or individually, to 644, or 444, the error remains the same. There is either something fundamentally wrong with the routine that checks the writeability of the file, or something wrong with the variable derived. I have since commented out the test, since I know the file is set correctly. Someone might want to look into this and provide a better explanation. Torin...
Guest Posted June 12, 2003 Posted June 12, 2003 Just as joekilo (joepound2.2) mentioned, regardless of whether the files are set together or individually, to 644, or 444, the error remains the same. There is either something fundamentally wrong with the routine that checks the writeability of the file, or something wrong with the variable derived. I'm having exactly the same experience as joekilo and Torin. I've tried several different file permission settings (including 644) on both of the configure.php files. Still getting the pink warning bar on every page. I have since commented out the test, since I know the file is set correctly. Someone might want to look into this and provide a better explanation. Which .php file contains the test code? Since I know the file permissions are correct, I'll comment out the test as you did. Seems like the only fix that will work. Question: Why isn't *everyone* having this problem? Why only a few of us? My webserver is Linux based, hosted by PowWeb.com, if that is helpful. I have had no other problems with the server. -bsanders
joekilo Posted June 12, 2003 Posted June 12, 2003 im not sure what you mean by coment out the test but if it works do post it here thanks.... jk
Guest Posted June 12, 2003 Posted June 12, 2003 im not sure what you mean by coment out the test but if it works do post it here thanks.... In the file [your_server_URL]/catalog/application_top.php, near the end of the file, you'll find this: // set which precautions should be checked define('WARN_INSTALL_EXISTENCE', 'true'); define('WARN_CONFIG_WRITEABLE', 'true'); And you should change it to this: // set which precautions should be checked define('WARN_INSTALL_EXISTENCE', 'true'); // define('WARN_CONFIG_WRITEABLE', 'true'); The "//" at the beginning of the last line makes PHP ignore the security check that is giving you the pink warning bar. Worked for me! Cheers, -Barry
joekilo Posted June 12, 2003 Posted June 12, 2003 ok sounds good, but how do i get into the file to change it???? not through file manager etc as im unable to change it there because of the warning??it wont let me jk
Guest Posted June 13, 2003 Posted June 13, 2003 I am a total retard when it comes to PHP. :oops: I had similar problems when trying to chmod from my servers cpanel. :evil: using FTP software is a better choice when changing permissions. Always remember to use ASCII format when uploading/downloading .php files (as with other formats such as .cgi). Use a text editor such as Notepad +. It will handle larger files coded in .cgi and .php. If you can use the oscommerce file manager I would suggest that. It does eliminate the need for ftp software in most cases. To comment something out you need to use // before the line of code. such as you would in catalog/includes/column_left.php or column_right.php to remove languages and currencies (i.e. if (substr(basename($PHP_SELF), 0, != 'checkout') { // include(DIR_WS_BOXES . 'languages.php'); // include(DIR_WS_BOXES . 'currencies.php'); I used // in front of both lines of code in my column_right.php file in catalog/includes/column_right.php to keep the languages box and currencies box on my index.php or default.php page from loading. Now if I could only get my problems solved. :shock:
joekilo Posted June 13, 2003 Posted June 13, 2003 thanks....i downloaded the file with my ftp , edited as you advised (//) uploaded it back again and guess what.....it didt work still still got pink bar..so back to permissions again!.so for instance the images directory should be changed to 777 should i go into this directory and change everything in it to 777 as well???or just the folder/directory jk
joekilo Posted June 13, 2003 Posted June 13, 2003 hello anyone....frustrated here ive tried a lot of things im sure my permissions are right?? i have followed someones kind instructions and commented out the problem dont know if worked....(but i still get the warning)what do i do? i can still add products etc...will the store be functionable..i would appreciate any advice................failing that is there anyone who knows why the error is haunting me! jk
torinwalker Posted June 13, 2003 Author Posted June 13, 2003 The problem could be endemic to my system or configuration when combined with a particular release. Others may have obtained earlier versions without this 'feature'. I just commented out the code, rather than undefining the variable. I like your solution better. Torin...
jasonh1234 Posted June 28, 2003 Posted June 28, 2003 Same problem here. Is this hack the only way around it?
ViolentForce Posted July 2, 2003 Posted July 2, 2003 I have had the same problem also, but it did disappear when I set permission to 444. I did not leave it at that though since permission is supposed to be set at 644. I guess I will have to edit/hack out the security check line also. Would be nice if someone knew what was causing this problem though. I was thinking it had something to do with my hosting server and perhaps it still does. But would be good to find out.
Harald Ponce de Leon Posted July 2, 2003 Posted July 2, 2003 It would be good to ask your hosting provider why PHP thinks it can still write to the file with the is_writeable() function. , osCommerce
ViolentForce Posted July 2, 2003 Posted July 2, 2003 Yes I will try asking my host about that. Perhaps they can enlighten me. Now if I can only figure out why OSC doesn't calculate and add on the sales tax in checkout. And I though this would be easier.
Harald Ponce de Leon Posted July 2, 2003 Posted July 2, 2003 Now if I can only figure out why OSC doesn't calculate and add on the sales tax in checkout. And I though this would be easier. Sneaky sneaky! Try starting another thread for that issue :D [you should ocfourse search the forums beforehand :D] , osCommerce
ViolentForce Posted July 2, 2003 Posted July 2, 2003 Sneaky sneaky! Try starting another thread for that issue :D [you should ocfourse search the forums beforehand :D] :oops: Yes of course I will begin a new thread for that issue if needed. I just want to resolve one thing at a time though. I was just mentioning it out of frustration. :?
Guest Posted July 2, 2003 Posted July 2, 2003 I have had the same problem also, but it did disappear when I set permission to 444. I did not leave it at that though since permission is supposed to be set at 644.At a guess, this means that your web server is running as the same userid as owns the file. Perhaps you can get them to set up a separate userid who can own the file. For example, the web server could be running as user apache of group apache. The file could be owned by apache.apache. If they do a chown to make, say, vforce the owner of the file, then you will have eliminated that security risk. Good luck, Matt
jasonh1234 Posted July 4, 2003 Posted July 4, 2003 Ok I'm about to literally rip my hair out. :evil: I CANNOT get this &^#%$ing thing working. I set it to 444 and all of a sudden SmartFTP is telling me that I can't even browse the folder anymore (Permission denied.) I try 777 (full access) and when I browse to the location in my browser I get "Forbidden You don't have permission to access /catalog/admin/configuration.php on this server." WTF?!?! I don't understand why I can't get this to work! I also can't understand why no-one here can tell me why that seemingly despite no matter what I change tyhe permissions to I can't get permission to access the fricken file. Practically nothing here but people having the same problems, and the people that DO have it working can't explain why the same solution won't work for us people having trouble. Someone help please!
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.