I tried to upload some images for a story through the fckeditor. It kept churning and churning away so I guessed something was wrong with permissions. I did the following where <domainname> is the actual site name:

chmod 777 /home/sites/<domainname>/web/images/library/File
chmod 777 /home/sites/<domainname>/web/images/library/Flash
chmod 777 /home/sites/<domainname>/web/images/library/Image
chmod 777 /home/sites/<domainname>/web/images/library/Media

This didn't work. In fact, this time I got an ugly pop-up that somewhere in it complained that it couldn't find library/image. Well, I realized that it was saying image not Image.

So I then did the following:

mv File file
mv Flash flash
mv Image image
mv Media media

After this, I was able to upload just fine. This was an install from the 1.0.2 tarball.

So far I have had to do permission changes for mediagallery, the image library, and of course a few other things that were checked initially. I think a script that can be run at the command line for those who have shell access, might be a great addition. I might be able to provide something to you in awhile since I am working on that for my own purposes.

Obviously, doing that through http would mean your server is misconfigured.

I thought you ought to know about the naming of the directories since a case sensitive OS will take issue with it.

This was an install from the 1.0.2 tarball.

Unless you have a time machine and went into the future, I assume you meant this is from the glFusion v1.0.1 tarball. Correct? :wink:

If need be, make sure to submit a Tracker issue about the directory permissions, that way we'll be sure they get looked at again.

Thx!

Eric

Eric ...


not sure if this is related. If I try to upload an image from local machine (not MG entered codes) I get the loader bar just sitting there - I have to cancel out to escape. This has actually happened since GL 1.4.1 with FCKeditor but as I use MG to illustrate my posts I have never bother to report before. I will say the problem does seem worse since GLF 1.0.1


Wayne

Yes, I meant 1.0.1.

I am submitting a tracker now.

Filipino, try the fixes I did and see if it works for you.

Wayne,

I've tested the FCKeditor image upload for both regular images and MG autotags both here and on my test site. Everything works fine on both installs.

The site here is hosted by BlueHost on a Linux environment, and I am using XAMPP on Windows on my home environment. I haven't run into directory permissions issues on either one.

I did log on to your site, and can replicate the issue. Using the FCKeditor image upload button, I can get through choosing an image to upload, but when I hit the Send it to Server button, it hangs on the "processing" animation. So I'm sure it is something with your server setup, or the case-sensitive description above.

Either way, if Muntada's fixes above don't work, I'm sure Mark will be able to shed some light on it!

Muntada: Thx for taking the time to share your experiences and submitting a tracker issue!

Thx!

Eric

I will keep looking and post findings here.

Wayne

btw Line 25 referred in the errror

reads

Wayne

Wayne, This is another error caused by your Subhosin PHP Security patch. It is not caused by glFusion or the FCKeditor. One of the options of the Subhosin PHP security patch is to dis-allow requests that include a certain number of ../../ in the path. The idea being that too many is probably an attacker trying to read your passwd file or some other system file.

You really need to spend some time understanding all the options available in the Subhosin patch and make sure you have it configured properly or can at least recognize when it is causing the problems.

Thanks!
Mark

Eric

I changed line 25 above message to /www/domain/public_htm and it cured the suspended animation you saw and the file uploaded just fine.

Eric I have strange permissions set on my server I use domain:www and set to 3775 for site and config so I know my permissions are set ok for the whole site.

Wayne

Hi Mark

Hope you had a good week away with the family.

cough, cough I actually have that bit turned off in Suhosin but cured it by putting the path in. SuSE has been very helpful and told me what to turn off (rem out) in php.ini to make things less severe.

Wayne

Quote by: Mark

Wayne, This is another error caused by your Subhosin PHP Security patch. It is not caused by glFusion or the FCKeditor. One of the options of the Subhosin PHP security patch is to dis-allow requests that include a certain number of ../../ in the path. The idea being that too many is probably an attacker trying to read your passwd file or some other system file.

You really need to spend some time understanding all the options available in the Subhosin patch and make sure you have it configured properly or can at least recognize when it is causing the problems.

Thanks!
Mark

Mark

Earlier in the week SuSE Support suggested I ask you which one/s of this list should be removed so that GLFusion will still work without complaining. A week or two ago we deduced that phpinfo should be removed, although it is still in this list.

There is also a

Should anything be placed here.

I am sure I am not the only server running Suhosin so hopefully your reply will act as a 'aide d' memoire' for those people also.

-Wayne

glFusion should only need ini_set out of that list.

Many thanks will set all the others to rem and set ini_set to blacklist.

Appreciate your reply.

Wayne

Unfortunately setting set_ini in the blacklist creates the 'This page cannot be rendered error' with the following error in the Apache error log:

Line 168 is the middle one of this sub:

I remmed the suhosin line again and all works again.

Wayne

Wayne, I believe Joe was stating that glFusion needs to call ini_set(), so it should not be in the blacklist.

The Suhosin PHP Hardening Patch has over a hundred configuration options. I'm no expert on the patch, so I can't really give you configuration settings that will meet your specific needs.

One thing that has been consistent when it (the Patch) causes your site to fail is that each log entry starts with ALERT. When you see those, it is not a bug in the CMS, it is the Suhosin Patch causing the problem.

You probably need to do a little trial and error to make all this work. Go through each configuration setting, decide if that feature is important to you, then determine the proper setting to provide additional security for your site, but still let PHP applications do what they need to do. The problem with these types of security patches is they will make perfectly legal PHP code no longer work by disabling features of PHP. Whenever you do that, it is bound to cause some headaches.

I wish I had a simple answer, but unfortunately, there really isn't one. You will need tweak your environment as you run into the problems to make things work properly.

Thanks!
Mark