Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2018-09-15 03:19:36

colin99
Member
Registered: 2005-11-15
Posts: 48

txplib_misc.php Funny stuff

I used AKEEBA SOLO to successfully back up my Textpattern site – Akeeba is brilliant as I guess you all know.

Curiously when I did a restore onto a new domain name and DIR – it threw some errors —
and I was immediately reminded of the last time I updated from 4.70 to 4.71

The issue was – txplib_misc.php went from permissions 644 to 000

and I have no idea why. When txplib_misc.php goes from 644 to 000 you know you’ve got trouble. :-)

Interesting that I have not heard anything else about this odd permissions inheritance. Perhaps it is a
quirk of my ISP — and it is always that file — which is an important one obviously.

Anyway – watch for it.

Colin


On the World Wide Web since Day 1 – Editor/Creator – Coffeecrew.comCoffee.bc.ca
Twitter – Twitter.Com/CoffeeCrew -

Offline

#2 2018-09-15 08:04:31

uli
Moderator
From: Cologne
Registered: 2006-08-15
Posts: 4,194

Re: txplib_misc.php Funny stuff

Colin, do you still have messages at hand or can name the behaviour of your installation at the time the issue happened so users can search the forum for some keywords and this topic turns up? Thanks!


In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links

Offline

#3 2018-09-15 09:21:07

etc
Developer
Registered: 2010-11-11
Posts: 3,157
Website

Re: txplib_misc.php Funny stuff

There are two files calling the evil eval() function: txplib_misc.php and taghandlers.php. Now, why the former is blocked but not the latter is a mystery.


etc_[ query | search | pagination | date | tree | cache ]

Offline

#4 2018-09-15 09:46:20

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 8,629
Website

Re: txplib_misc.php Funny stuff

etc wrote #314045:

the evil eval() function

In 2018, I’m convinced there must be a better way to load plugins than by eval()ing them. I think we should invest some effort in this area.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#5 2018-09-15 09:51:29

etc
Developer
Registered: 2010-11-11
Posts: 3,157
Website

Re: txplib_misc.php Funny stuff

It’s planned, for the record.


etc_[ query | search | pagination | date | tree | cache ]

Offline

#6 2018-09-15 09:58:17

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 8,629
Website

Re: txplib_misc.php Funny stuff

etc wrote #314048:

It’s planned, for the record.

Funny how one forgets posts that one has made. Thanks for the nudge. And if you fancy tackling it… ;)


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#7 2018-09-15 22:15:44

colin99
Member
Registered: 2005-11-15
Posts: 48

Re: txplib_misc.php Funny stuff

uli wrote #314043:

Colin, do you still have messages at hand or can name the behaviour of your installation at the time the issue happened so users can search the forum for some keywords and this topic turns up? Thanks!

Yes.

I deliberately set txplib_misc.php to CHMOD 000 to re-create the fault.

Warning: include(/home/——/public_html/123/textpattern/lib/txplib_misc.php): failed to open stream: Permission denied in /home/——/public_html/123/index.php on line 92

Warning: include(): Failed opening ‘/home/——/public_html/123/textpattern/lib/txplib_misc.php’ for inclusion (include_path=’.:/opt/alt/php72/usr/share/pear’) in /home/——/public_html/123/index.php on line 92

Fatal error: Uncaught Error: Call to undefined function assert_int() in /home/——/public_html/123/textpattern/lib/class.trace.php:72 Stack trace: #0 /home/——-/public_html/123/index.php(93): Trace->stop() #1 {main} thrown in /home/——/public_html/123/textpattern/lib/class.trace.php on line 72


On the World Wide Web since Day 1 – Editor/Creator – Coffeecrew.comCoffee.bc.ca
Twitter – Twitter.Com/CoffeeCrew -

Offline

#8 2018-09-15 22:17:15

colin99
Member
Registered: 2005-11-15
Posts: 48

Re: txplib_misc.php Funny stuff

etc wrote #314045:

There are two files calling the evil eval() function: txplib_misc.php and taghandlers.php. Now, why the former is blocked but not the latter is a mystery.

So this is happening because of a security feature within my ISP’s hosting? Or it is a normal thing?


On the World Wide Web since Day 1 – Editor/Creator – Coffeecrew.comCoffee.bc.ca
Twitter – Twitter.Com/CoffeeCrew -

Offline

#9 2018-09-16 10:16:40

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 7,242
Website

Re: txplib_misc.php Funny stuff

colin99 wrote #314057:

So this is happening because of a security feature within my ISP’s hosting? Or it is a normal thing?

Hi Colin,

It’s your host… Maybe you should write to them and inform them of the problems.


Yiannis
——————————
neme.org | hblack.net | LABS | State Machines | Respbublika! | NeMe @ github

Offline

#10 2018-11-04 00:05:08

jayrope
Plugin Author
From: Berlin
Registered: 2006-07-06
Posts: 640
Website

Re: txplib_misc.php Funny stuff

I have the same permissions issues going on with the same file with my host (hostforweb). They told me, that they run automatic security checks on file upload, but can not say, what exactly causes txplib_misc.php to have permissions reset to 000.
However, a simple workaround is (weirdly) to have them reset the permissions back to normal (640), then download this file and copy it over the next one, that gets reset, when you do a new install on the hoster that is affected.
There is no obvious reason, why that new upload should not be checked again and have permissions reset to 000 again, but in fact it passes through unharmed this way.

Weird, yes.

Last edited by jayrope (2018-11-04 00:06:54)


a hole turned upside down is a dome, though only when there’s gravity.

Offline

Board footer

Powered by FluxBB