Welcome to Geeklog, Anonymous Tuesday, December 10 2024 @ 04:00 pm EST
Geeklog Forums
media gallery and plesk
Status: offline
gape
Forum User
Full Member
Registered: 05/30/02
Posts: 138
i have few problems with media gallery
as i wrote before
http://www.geeklog.net/forum/viewtopic.php?showtopic=91823&mode=&show=5&page=4
plesk on server vas upgraded to next version (9 i think)
and the gallery has a problem now
(plesk got upgraded few days after i installed geeklog, configured it and installed plugins - so after a week or so i reinstalled on fresh database)
php is configured (to run as) apache module
with
PHP 'safe_mode' on
UNCHECKED
(this is the only way i found i can upload new pictures thru browser)
but i cant access configuration - particularly
System Options
the error is:
line 245:
in configuration jhead is UNCHECKED
(deleted even the path that was there to /usr/bin)
in line 230 i read:
do i want to put this 0 to 1 ?
pls help
as i wrote before
http://www.geeklog.net/forum/viewtopic.php?showtopic=91823&mode=&show=5&page=4
plesk on server vas upgraded to next version (9 i think)
and the gallery has a problem now
(plesk got upgraded few days after i installed geeklog, configured it and installed plugins - so after a week or so i reinstalled on fresh database)
php is configured (to run as) apache module
with
PHP 'safe_mode' on
UNCHECKED
(this is the only way i found i can upload new pictures thru browser)
but i cant access configuration - particularly
System Options
the error is:
Text Formatted Code
2 - file_exists() [function.file-exists]: open_basedir restriction in effect. File(/usr/bin/jhead) is not within the allowed path(s): (/snip/httpdocs:/tmp:/snip/private/snip) @ /snip/httpdocs/admin/plugins/mediagallery/cfgedit.php line 245line 245:
Text Formatted Code
if ( file_exists( $_MG_CONF['jhead_path'] . $binary ) ) {in configuration jhead is UNCHECKED
(deleted even the path that was there to /usr/bin)
in line 230 i read:
Text Formatted Code
if ( ini_get('safe_mode') != 1 && $_MG_CONF['skip_file_find'] ==[b] 0[/b] ) { // don't check in safe mode, the file_exists() will faildo i want to put this 0 to 1 ?
pls help
8
8
Quote
Status: offline
suprsidr
Forum User
Full Member
Registered: 12/29/04
Posts: 555
Location:Champaign, Illinois
Plesk is a great control panel, but one annoying setting is open_basedir setting enabled by default.
Asking for help over at the parallels forums won't get you the answer either.
What you need to do is add a file vhost.conf to:
/usr/local/www/vhosts/yoursite.com/conf
or
/var/www/vhosts/yoursite.com/conf
whichever for your server setup
contents:
<Directory /usr/local/www/vhosts/yoursite.com/httpdocs>
DirectoryIndex at_domains_index.html index.php index.html index.htm
php_admin_value open_basedir none
</Directory>
making sure the <Directory path is correct for your site.
then restart apache
unfortunately you have to do this for each site you create. You can add the file to your skeleton, but you'll still need to edit.
-s
FlashYourWeb and Your Gallery with the E2 XML Media Player for Gallery2 - http://www.flashyourweb.com
Asking for help over at the parallels forums won't get you the answer either.
What you need to do is add a file vhost.conf to:
/usr/local/www/vhosts/yoursite.com/conf
or
/var/www/vhosts/yoursite.com/conf
whichever for your server setup
contents:
Text Formatted Code
<Directory /usr/local/www/vhosts/yoursite.com/httpdocs>
DirectoryIndex at_domains_index.html index.php index.html index.htm
php_admin_value open_basedir none
</Directory>
making sure the <Directory path is correct for your site.
then restart apache
unfortunately you have to do this for each site you create. You can add the file to your skeleton, but you'll still need to edit.
-s
FlashYourWeb and Your Gallery with the E2 XML Media Player for Gallery2 - http://www.flashyourweb.com
6
7
Quote
Status: offline
gape
Forum User
Full Member
Registered: 05/30/02
Posts: 138
ty 4 the sugestion
but is its such a security hole (risk) that the owner of the server found me an error and how to get rid of it
/snip/plugins/mediagallery/config.php:$_MG_CONF['skip_file_find'] = 0;
// If you have openbasdir restriction errors set this to 1
must remember to go and check config files (since most config files were transfered to database i tend to forget that i can override any setting there)
furthermore
noone is advised to follow the example that u gave
couse ALL server is accessible to php if u disable open_basedir
but is its such a security hole (risk) that the owner of the server found me an error and how to get rid of it
/snip/plugins/mediagallery/config.php:$_MG_CONF['skip_file_find'] = 0;
// If you have openbasdir restriction errors set this to 1
must remember to go and check config files (since most config files were transfered to database i tend to forget that i can override any setting there)
furthermore
noone is advised to follow the example that u gave
couse ALL server is accessible to php if u disable open_basedir
8
7
Quote
Status: offline
suprsidr
Forum User
Full Member
Registered: 12/29/04
Posts: 555
Location:Champaign, Illinois
noone is advised to follow the example that u gave
couse ALL server is accessible to php if u disable open_basedir
couse ALL server is accessible to php if u disable open_basedir
You are wrong sir.
open_basedir is the lazy man's security and is an extremely poor implementation of any security model.
IMHO is should never be the included in any layer of defense.
-s
FlashYourWeb and Your Gallery with the E2 XML Media Player for Gallery2 - http://www.flashyourweb.com
8
9
Quote
All times are EST. The time is now 04:00 pm.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content