Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

warning message


Guest

Recommended Posts

Hi,

This is the warning I get

 

Warning: I am able to write to the configuration file: I:\\Liveweb\\php_dev\\catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

 

How can I fix this??? How to set the right user permissions?

 

Thanks,

Jane

Link to comment
Share on other sites

using your ftp client chmod 644 the config file

thanks for replying so quickly! I am still in the midst of learning php and mysql, so please tell me how to chmod 644 the config file.

Link to comment
Share on other sites

Right-click on the file. Most FTP clients will pop up a menu that includes CHMOD.

Chris Dunning

osCommerce, Contributions Moderator Team

 

Please do not send me PM! I do not read or answer these often. Use the email button instead!

 

I do NOT support contributions other than my own. Emails asking for support on other people's contributions will be ignored. Ask in the forum or contact the contribution author directly.

Link to comment
Share on other sites

hi, sorry.. maybe I should clarify here... I am running this on a window-based platform and I have right-clicked on the file and changed the user permissions to "Full Control" Is this the same as what you are referring to chmod 644?? if so, i'm still getting that warning. if not, I am not using any 3rd party ftp client... so there is no chmod option

 

Hope that doesn't confuse anyone any more... :(

Link to comment
Share on other sites

:( Warning: I am able to write to the configuration file: /htdocs/buycds/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

 

I'm getting the same problem I have change it so many times but it keeps on refreshing to 644. Why is it doing this? Is there something to do with my server?

 

What I do is I change the rights to 444 .

 

 

New connection OK. Reissuing command.

site chmod 444 /htdocs/buycds/catalog/includes/configure.php

200 Permissions changed on /htdocs/buycds/catalog/includes/configure.php

PWD

257 "/htdocs/buycds/catalog/includes" is your current location

TYPE A

200 TYPE is now ASCII

PASV

227 Entering Passive Mode (66,152,97,19,25,16)

connecting data channel to 66.152.97.19:25,16(6416)

data channel connected to 66.152.97.19:25,16(6416)

LIST

150 Accepted data connection

transferred 1581 bytes in 0.063 seconds, 197.625 Kbps ( 24.703 Kbps), transfer succeeded.

226-Options: -a -l

226 23 matches total

 

then I refresh the directory and it goes back to 644.

 

Please help!!!

 

Thank you,

 

Bobby

Link to comment
Share on other sites

regarding about my question before I think I got the answer. The rights are 644 and I just disable the check of " I'm able to write in config.php"

 

 

"Several checks are performed to ensure a healthy setup of your online

store - these checks can be disabled by editing the appropriate parameters

at the bottom of the includes/application_top.php file."

 

 

Try to it since it on chmod 644 already it should be fine. It

took me 5 hours to figure this out.

Link to comment
Share on other sites

it is most likely your host system php setup has problems, if someone can write to a file with permissions of 644 there is definitely a problem.

Link to comment
Share on other sites

Create a file called protect.php with the following contents:

 

<?php
chmod('includes/configure.php', 0444);
?>

 

Upload it to your catalog folder and then in a browser open protect.php on your site. It will set the protection. The only alternative seems to be to ask your host support to set it for you.

 

I suggest also uploading this to your admin folder and opening that too. Once you have done this, you can delete the protect.php files.

 

that should do it for you.

Link to comment
Share on other sites

<?php
chmod('includes/configure.php', 0444);
chmod('admin/includes/configure.php', 0444);
?>

 

will do both at one time. just upload the protect.php file to the catalog directory and open in a web browser and it sets the CHMOD to 444

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...