71 replies to this topic

[LegoZ]

config's set to 644 can allow you to view the sites db password by directly loading the config file:
www.sitepath.com/store/includes/configure.php
file --> save as --> .txt gives you the full config file.  
I'd HIGHLY recommend using 400...

i am still trying to piece my site back together after a massive hack and will more than likely have to start from scratch.

Please safeguard your config files!!!!

[mopes]

Same problem here, looks like the code has likely changed in 2.3.1 ?  Don't know php well enough to know how to tweak it, played around a bit but nothing shows up in the admin section...

Any thoughts?

biggeorge, on 20 January 2011 - 03:45 PM, said:

I'm having the same problem! I do not have the line BOX_TOOLS_NEWSLETTER_MANAGER . '</a><br>' in my tools.php file. Running 2.3.1

[CutieCute2]

Hi all and thanks Geoffrey for a great contribution.

My question:-
How can I change the default permissions which appear just before I click on update?

Details:-
When I add a new product, the images are uploaded with a 777 permission.
There might be an easier way to change these permissions but about once a week, I just use this addon and update
image permissions to 644. To my annoyance, I have to change ALL the default permissions to my desired permission
EVERYTIME.

Also, It's been mentioned in the previous page or two that some of the suggested permissions are strange.
This problem can be eliminated if the contribution user can change the default permissions themselves
to their desired settings.

Thanks.

[CutieCute2]

geoffreywalton, on 04 July 2010 - 10:38 AM, said:

You can set the permissions you want to test against on the first screen, the advice on permission levels may have changed since I last amended this or alternatively I might just be prompting with the wrong value.

Just change it to the one you want.

G

Hi Geoffrey,
I have a crontab set up to execute admin/sitemonitor.php but after I update my php files to 644, I get a message (execute) "permission denied". When I change this file to 700, it works. My problem here is that after I update my permissions in the administration panel, I need to go to my hosting control panel everytime to change my admin/sitemonitor.php permission setting.
I guess the only solution to this is to individualize the admin/sitemonitor.php permission like you have done to configure.php and IPtrap.php???

Edited by CutieCute2, 05 March 2011 - 12:54 PM.

[geoffreywalton]

To change the default permissions that appear in the boxes can be done very easily by editing /admin/check_permissions.php.

Because different hosts have different requirements I can't please all of the people all of the time.

Just nip in there and change it to your requirments.

Adding in a new file that needs a special/different level can be done by duplicating the code for one of the other files that need specified permissions.

HTH

G

[geoffreywalton]

mopes, on 04 February 2011 - 07:09 PM, said:

Same problem here, looks like the code has likely changed in 2.3.1 ?  Don't know php well enough to know how to tweak it, played around a bit but nothing shows up in the admin section...

Any thoughts?

This was written for 2.2 and not 2.3.1.

For those of you running IP Trap, AVS (Anti-Virus System) and Site Monitor check this does not break them.

If things ever quieten down I'll look at adding code to cater specifically for them.

Cheers

G

Edited by geoffreywalton, 05 March 2011 - 01:14 PM.

[CutieCute2]

(EDITED) As I posted the solution to my own question from yesterday and asked my next question, you posted both solutions. Thanks Geoffrey Walton!!!

Edited by CutieCute2, 05 March 2011 - 01:25 PM.

[CutieCute2]

geoffreywalton, on 05 March 2011 - 01:05 PM, said:

Just nip in there and change it to your requirments.

Adding in a new file that needs a special/different level can be done by duplicating the code for one of the other files that need specified permissions.

HTH

G

I've made some progress creating a special entry for sitemonitor.
I've tried twice, once duplicating the IP_trap (15) and once duplicating the sitemap (16) info to sitemonitor (17), and both times the sitemonitor appears on the first page but after I click on "check" or "update", nothing happens. The default permission is 700, but the check shows 644 OK.
Thanks.

[CutieCute2]

So, in order to have the site_monitor.php file set to 777, I need to duplicate another entry such as the one for IP_trap.php

I have duplicated info at lines:
175
483
591-595

[CutieCute2]

Hi Geoffrey and other "permissions checker" fans. You must all be busy?

My problem isn't a big one so I'm still hoping to solve it.

To reiterate my problem and question.......
When I upload new products, the uploaded images have a 777 permission instead of 644.
The option of updating all permissions with Geoffrey's Permission Checker seems better than changing the permissions of each new image, however,
I require a 700 permission for my sitemonitor.php file so I have to change that manually.

I have tried to create an individual checker thingy for sitemonitor.php by changing sitemap to sitemonitor.
It all appears and looks good but doesn't change the permissions.
Could someone please tell me the lines I need to change?

[geoffreywalton]

Back monitoring this as the "follow" disppeared with the forum upgrade.

[MarkMan1]

1.  Will this work in 2.3.1?  the tools.php file looks different

array(
    'code' => FILENAME_NEWSLETTERS,
    'title' => BOX_TOOLS_NEWSLETTER_MANAGER,
    'link' => tep_href_link(FILENAME_NEWSLETTERS)
  ),

2. Will this work for Windows/IIS?