Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

osCommerce wrongly complains about permissions

torinwalker

By torinwalker
in General Support

Recommended Posts

torinwalker

torinwalker

Posted
Posted

At the top of my screen, I get a pink warning bar:

 

Warning: I am able to write to the configuration file: /webpages/public/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

 

But, I have the permissions set to 444. What else could it be complaining about?

Link to comment
Share on other sites
torinwalker

torinwalker

Posted
  • Author
Posted

Just as joekilo (joepound2.2) mentioned, regardless of whether the files are set together or individually, to 644, or 444, the error remains the same. There is either something fundamentally wrong with the routine that checks the writeability of the file, or something wrong with the variable derived.

 

I have since commented out the test, since I know the file is set correctly. Someone might want to look into this and provide a better explanation.

 

 

Torin...

Link to comment
Share on other sites
Guest

Guest

Posted
Posted
Just as joekilo (joepound2.2) mentioned, regardless of whether the files are set together or individually, to 644, or 444, the error remains the same. There is either something fundamentally wrong with the routine that checks the writeability of the file, or something wrong with the variable derived.

 

I'm having exactly the same experience as joekilo and Torin. I've tried several different file permission settings (including 644) on both of the configure.php files. Still getting the pink warning bar on every page.

 

I have since commented out the test, since I know the file is set correctly. Someone might want to look into this and provide a better explanation.

 

Which .php file contains the test code? Since I know the file permissions are correct, I'll comment out the test as you did. Seems like the only fix that will work.

 

Question: Why isn't *everyone* having this problem? Why only a few of us? My webserver is Linux based, hosted by PowWeb.com, if that is helpful. I have had no other problems with the server.

 

-bsanders

Link to comment
Share on other sites
Guest

Guest

Posted
Posted
im not sure what you mean by coment out the test but if it works do post it here thanks....

 

In the file [your_server_URL]/catalog/application_top.php, near the end of the file, you'll find this:

 

// set which precautions should be checked

 define('WARN_INSTALL_EXISTENCE', 'true');

 define('WARN_CONFIG_WRITEABLE', 'true');

 

And you should change it to this:

 

// set which precautions should be checked

 define('WARN_INSTALL_EXISTENCE', 'true');

//  define('WARN_CONFIG_WRITEABLE', 'true');

 

The "//" at the beginning of the last line makes PHP ignore the security check that is giving you the pink warning bar. Worked for me!

 

Cheers,

 

-Barry

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

I am a total retard when it comes to PHP. :oops:

 

I had similar problems when trying to chmod from my servers cpanel. :evil:

 

using FTP software is a better choice when changing permissions. Always remember to use ASCII format when uploading/downloading .php files (as with other formats such as .cgi). Use a text editor such as Notepad +. It will handle larger files coded in .cgi and .php. If you can use the oscommerce file manager I would suggest that. It does eliminate the need for ftp software in most cases.

 

To comment something out you need to use // before the line of code. such as you would in catalog/includes/column_left.php or column_right.php to remove languages and currencies (i.e.

if (substr(basename($PHP_SELF), 0, != 'checkout') {

// include(DIR_WS_BOXES . 'languages.php');

// include(DIR_WS_BOXES . 'currencies.php');

 

I used // in front of both lines of code in my column_right.php file in catalog/includes/column_right.php to keep the languages box and currencies box on my index.php or default.php page from loading.

 

Now if I could only get my problems solved. :shock:

Link to comment
Share on other sites
joekilo

joekilo

Posted
Posted

thanks....i downloaded the file with my ftp , edited as you advised (//) uploaded it back again and guess what.....it didt work still still got pink bar..so back to permissions again!.so for instance the images directory should be changed to 777 should i go into this directory and change everything in it to 777 as well???or just the folder/directory

jk

Link to comment
Share on other sites
joekilo

joekilo

Posted
Posted

hello anyone....frustrated here ive tried a lot of things im sure my permissions are right?? i have followed someones kind instructions and commented out the problem dont know if worked....(but i still get the warning)what do i do? i can still add products etc...will the store be functionable..i would appreciate any advice................failing that is there anyone who knows why the error is haunting me!

jk

Link to comment
Share on other sites
torinwalker

torinwalker

Posted
  • Author
Posted

The problem could be endemic to my system or configuration when combined with a particular release. Others may have obtained earlier versions without this 'feature'.

 

I just commented out the code, rather than undefining the variable. I like your solution better.

 

 

Torin...

Link to comment
Share on other sites
  • 2 weeks later...
ViolentForce

ViolentForce

Posted
Posted

I have had the same problem also, but it did disappear when I set permission to 444.

I did not leave it at that though since permission is supposed to be set at 644.

 

I guess I will have to edit/hack out the security check line also.

Would be nice if someone knew what was causing this problem though.

 

I was thinking it had something to do with my hosting server and perhaps it still does. But would be good to find out.

Link to comment
Share on other sites
Harald Ponce de Leon

Harald Ponce de Leon

Posted
Posted
Now if I can only figure out why OSC doesn't calculate and add on the sales tax in checkout. And I though this would be easier.

 

Sneaky sneaky! Try starting another thread for that issue :D [you should ocfourse search the forums beforehand :D]

:heart:, osCommerce

Link to comment
Share on other sites
ViolentForce

ViolentForce

Posted
Posted
Sneaky sneaky! Try starting another thread for that issue :D [you should ocfourse search the forums beforehand :D]

 

:oops: Yes of course I will begin a new thread for that issue if needed. I just want to resolve one thing at a time though.

I was just mentioning it out of frustration. :?

Link to comment
Share on other sites
Guest

Guest

Posted
Posted
I have had the same problem also, but it did disappear when I set permission to 444. I did not leave it at that though since permission is supposed to be set at 644.
At a guess, this means that your web server is running as the same userid as owns the file. Perhaps you can get them to set up a separate userid who can own the file. For example, the web server could be running as user apache of group apache. The file could be owned by apache.apache. If they do a chown to make, say, vforce the owner of the file, then you will have eliminated that security risk.

 

Good luck,

Matt

Link to comment
Share on other sites
jasonh1234

jasonh1234

Posted
Posted

Ok I'm about to literally rip my hair out. :evil: I CANNOT get this &^#%$ing thing working. I set it to 444 and all of a sudden SmartFTP is telling me that I can't even browse the folder anymore (Permission denied.) I try

777 (full access) and when I browse to the location in my browser I get

"Forbidden

You don't have permission to access /catalog/admin/configuration.php on this server."

 

WTF?!?! I don't understand why I can't get this to work! I also can't understand why no-one here can tell me why that seemingly despite no matter what I change tyhe permissions to I can't get permission to access the fricken file.

 

Practically nothing here but people having the same problems, and the people that DO have it working can't explain why the same solution won't work for us people having trouble.

 

Someone help please!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...