21
spiff
Re: Protector installation & Headlines module
  • 2005/1/12 20:18

  • spiff

  • Just popping in

  • Posts: 47

  • Since: 2003/4/16


Ate dinner, changed php.ini to enable allow_url_fopen, and xoopsheadline works again.

Until this conflict is resolved (not sure a blogroll can be implemented in php at all if allow_url_fopen is off), then I wager there should be a disclaimer in the Protector advisory page stating that any module accessing external urls will fail if allow_url_fopen is turned off (including the display of XOOPS News in the admin section).

22
Dave_L
Re: Protector installation & Headlines module
  • 2005/1/12 20:33

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


I think the Protector advisory page should have some explanation about the checks.

I wonder if it would be better to use fsockopen, instead of fopen, if you need to access a file via HTTP. This isn't simply a matter of replacing "fopen" with "fsockopen" in those cases, since the parameters are different.

Will fsockopen still work if allow_url_fopen is off?

23
spiff
Re: Protector installation & Headlines module
  • 2005/1/12 21:08

  • spiff

  • Just popping in

  • Posts: 47

  • Since: 2003/4/16


In essence, all that would be needed would be to start the PHP code in file /modules/xoopsheadline/class/headlinerenderer.php with the line:
ini_set("allow_url_fopen""1");

If the code is written well enough below that (i.e. makes sure there's no tampering possible with the list of feed urls fed into the file() method), that should be the only change necessary.

24
Dave_L
Re: Protector installation & Headlines module
  • 2005/1/12 22:22

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


For PHP >= 4.3.5, you can't modify allow_url_fopen with ini_set. More details: https://xoops.org/modules/smartfaq/faq.php?faqid=82

25
spiff
Re: Protector installation & Headlines module
  • 2005/1/13 0:13

  • spiff

  • Just popping in

  • Posts: 47

  • Since: 2003/4/16


Thanks, Dave.

Well, then do you think modifying httpd.conf to include the xoopsheadlines module might work as a quick solution?
<Directory "/home/user/htdocs/public_html/modules/xoopsheadline">
php_admin_flag allow_url_fopen on
Directory>

From looking at the docs, I doubt fsockopen() would behave differently than file() when the allow_url_fopen flag is off...

[Edit: mentioned httpd.conf for clarity]

26
Dave_L
Re: Protector installation & Headlines module
  • 2005/1/13 0:19

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


If that's in your httpd.conf file, it should enable that module to work.

The PHP manual pages for "open" and "include" specifically mention allow_url_fopen; the page for fsockopen doesn't, so it may be independent of that parameter.

Login

Who's Online

330 user(s) are online (223 user(s) are browsing Support Forums)


Members: 0


Guests: 330


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits