Problem: I'm trying to setup a script that pulls headlines from slashdot.org and am getting this error message:
Warning: open_basedir restriction in effect. File is in wrong directory in http://www.shortfamilyonline.com/source/slashhead.inc on line 34
Warning: fopen("/home/virtual/shortfamilyonline.com/var/www/html/source/slash/slashdot.xml", "a") - Operation not permitted in http://www.shortfamilyonline.com/source/slashhead.inc on line 34
Please advise how I can fix it. The script developer advises me it's the due to the open_basedir restriction. The script is as follows:
<?
/*
SlashHead for PHP
Copyright 2003, Joshua Colson (jcolson@ndgonline.com)
This code is licensed under the Public Scripting
License. It is distributed with NO WARRANTY WHATSOEVER.
A copy of the license is found at:
<http://nuleo.org/psl-revised.html>
This script requires at least PHP 4.0.6.
*/
function slashdot_headlines() {
// Change this next line to where your headlines cache file is located
$localfile = "/home/virtual/shortfamilyonline.com/var/www/html/source/slash/slashdot.xml";
// If your PHP has zlib compiled in, enable the following line for
// gzipping to save bandwidth (supported in IE, Opera, Lynx and Mozilla, plus others)
// Enabling it will still preserve support for older browsers as well
// ob_start ("ob_gzhandler");
$diff_times = (time() - filemtime($localfile));
// If you want a different update schedule, change this to the number of
// seconds between updates. Note that Slashdot specifically requests
// that you update no more than once in any 30-minute time period
if ($diff_times > 1801) {
echo "<!-- using remote XML file... -->";
$fp2 = fopen("http://slashdot.org/slashdot.xml","r");
if (!$fp2) { echo "Cannot open link to Slashdot. Aborting..."; exit;}
unlink($localfile);
$fp = fopen($localfile,"a");
if (!$fp) { echo "Cannot open slashdot.xml for reading. Aborting..."; exit;}
//$flock_return = flock($fp,LOCK_EX);
//if ($flock_return == FALSE) {
// file currently being written to
//die("File locking prohibits writing to cache file. Please try again.");
//}
while (!feof($fp2)) {
$buff = fgets($fp2,4096);
fputs($fp,$buff);
}
//flock($fp,LOCK_UN);
fclose($fp); fclose($fp2);
}
else {
echo "<!-- using local copy of XML file... -->n";
}
$fp = fopen($localfile,"r");
$final_output="";
while (!feof($fp)) {
$buff = fgets($fp,4096);
if (trim($buff) == "<story>") {
$title = trim(de_html_entities(strip_tags(fgets($fp,4096))));
$link = trim(strip_tags(fgets($fp,4096)));
$time = parse_time(trim(strip_tags(fgets($fp,4096))));
$author = trim(strip_tags(fgets($fp,4096)));
// Feel free to edit the HTML tags to fit into your formatting
$final_output = $final_output . "<b><a href="" . $link . "">" . $title . "</a></b><div class="navtext">(by " . $author . " on " . $time . ")</div>n";
}
}
fclose($fp);
return $final_output;
}
function parse_time($timestamp) {
$tmp = strtotime($timestamp);
$tmp = date("M d, Y @ h:i a", $tmp);
$tmp = $tmp . " UTC";
return $tmp;
}
function de_html_entities($string) {
$trans_tbl = get_html_translation_table(HTML_ENTITIES);
$trans_tbl = array_flip($trans_tbl);
return strtr($string, $trans_tbl);
}
// The following "dummy function" is designed to be used when experiencing server errors which
// disable SlashHead's headline update feature. Enable it only when experiencing errors with
// your web or DNS server.
/*
function slashdot_headlines() {
return "Our web server is currently experiencing errors. This prevents SlashHead
from working correctly, so it has been temporarily disabled. Sorry for any
inconvenience.";
}
*/
?>
oaf357
5d ago NOTE:
I would actually like the script to reside in the /home/ directory when it's all said and done (for security reasons).
sullise
5d ago You can't, thus the reason for the errors. You'll need to store them below your webroots (/html/)
Sean
oaf357
5d ago Currently (this is why I submitted the trouble ticket), the script is under /html/. What is the problem?
nysupport
4d ago >>$localfile = "/home/virtual/shortfamilyonline.com/var/www/html/source/slash/slashdot.xml";
try changing that to /var/www/html/source/slash/slashdot.xml - and then check all your directories - what you're experiencing is an error that a script is not in an intended directory.
We cant further support 3rd party scripts... for more assistance, you'd need to contact the author of the script, or various support forums.
Joe
nysupport
4d ago Joe changed status to Closed
oaf357
4d ago I will try changing the path. But, the script works fine as long as the slashdot.xml file exsists in the directory specified in the script already. It's when the script attempts to update that XML file using the open_basedir directive that it dies. Which after an hour of working with the script developer, he said that I should contact my web host and ask what directories allow use of the open_basedir directive.
Considering this I'm changing the status to Hold until I can throughly test your recommendations.
oaf357
4d ago Christopher changed status to Hold
oaf357
4d ago Your recommendation did not work. The script requires the full path ("/home/virtual/shortfamilyonline.com/var/www/html/source/slash/slashdot.xml"
to work correctly.
These are the string of error and warning message that should not be attributed to the script and is the cause of the problem:
Warning: open_basedir restriction in effect. File is in wrong directory in http://www.shortfamilyonline.com/source/slashhead.inc on line 33
Warning: open_basedir restriction in effect. File is in wrong directory in http://www.shortfamilyonline.com/source/slashhead.inc on line 34
Warning: fopen("/var/www/html/source/slash/slashdot.xml", "a") - Operation not permitted in http://www.shortfamilyonline.com/source/slashhead.inc on line 34
The script works beautifully if I manually go and update the slashdot.xml file. However, the script is designed to use the open_basedir directive which apparently isn't working on the server itself.
nysupport
4d ago It most certainely does work - it's installed server wide, without other issues.
We can not diagnose scripting errors, period. As I suggested, I would consider checking the scripts to make sure they're calling valid paths on the server. The error message is File is in wrong directory - that should be a clue.
Warning: open_basedir restriction in effect. File is in wrong directory in http://www.shortfamilyonline.com/source/slashhead.inc on line 33
It even tells you WHERE the error is occurring.
Joe
nysupport
4d ago Joe changed status to Closed
oaf357
4d ago Hmm... so you're saying the path is the problem? Then what would be the path, your first guess was wrong. The paths used in my .htaccess files work and they are the same until it gets into /var/.
Then why does it work until it tries to update the XML file? I'm not asking you to solve the problem. I'm trying to determine as to whether or not your server would let this script fly. You say, yes. But it doesn't work.
Bare in mind I did spend time with the developer on this before I came to you.
oaf357
4d ago Christopher changed status to Open
oaf357
4d ago I sent the contents of the ticket in its current state to the developer. The developer asked me to include a statement on his behalf explaining what the problem is.
[begin statement]
The problem that this customer is experiencing with my script is solely
based on the open_basedir restriction in place in Dixiesys's PHP
installation. The first warning, regarding "file is in wrong directory" and
referencing open_basedir refers to the PHP setting of the same name. This
setting restricts PHP from using the fopen() function to open files only if
they are in certain directories. I have extensively worked with this
customer to work with this restriction, but we have not found a way. The
problem can apparently only be solved by altering open_basedir to include
the entire list of directories attached to this customer's account.
The other errors are incident to this specific error. The output "File is
in wrong directory" refers to the fact that the script is trying to open a
file that is specifically disallowed through the use of open_basedir in
PHP. This is not a specific problem with the script; it works as expected,
but Dixiesys's specific PHP configuration is preventing the script from
opening a vital file. That is beyond my control as the script author. The
only way the error can be fixed is by changing the open_basedir directive
to something that will allow the script to work.
If you need additional information to diagnose this issue, I would
appreciate it if you could email me at jcolson@ndgonline.com with questions
and concerns. Thank you.
-Joshua Colson
[end statement]
Thanks for your help.
oaf357
3d 18h ago Any update?
oaf357
3d 14h ago Christopher escalated ticket to Emergency
sullise
3d 13h ago Sean changed urgency to Normal
sullise
3d 13h ago We are sorry, but in order to do what the script requires would be against our security policies and would effect security for the entire server. We cannot alter the open_base dir settings at this time.
Sean
sullise
3d 13h ago Sean changed status to Closed
oaf357
3d 1h ago So does any package DixieSys offers allow use of the open_basedir directive?
As much as I like your company I have to admit that if open_basedir isn't allowed I might have to look elsewhere for web hosting services.
oaf357
3d 1h ago Christopher changed status to Open
nysupport
2d 20h ago open_basedir is already active for your account. The issue is not with the server, it's with the script.
nysupport
2d 20h ago Joe changed status to Closed
oaf357
2d 20h ago Well now wait a minute. I'm getting conflicting info here. Is it or is it not enabled? If it truly is then where can a script run from to utilize open_basedir?
oaf357
2d 20h ago Christopher changed status to Open
oaf357
2d 14h ago Christopher escalated ticket to Urgent
sullise
2d 12h ago Open_base dir is set on the server. BUT, we cannot alter it's configuration to allow your script to create files ABOVE your webroot (mainsite_html/), which seems to be what it needs.
sullise
2d 12h ago Sean changed urgency to Normal
sullise
2d 12h ago Sean changed status to Hold
oaf357
2d 1h ago I'm not asking you to modify the configuration. The current location of the script is under the webroot and it's not working due to an open_basedir restriction. So once again I'll ask where is open_basedir not restricted?
This ticket is over 3 days old and I'm still getting somewhat of a run around.
sullise
1d 11h ago We don't normally debug code, but just to show you that it's not a problem with our open_base dir, but with the script...
The reason you are getting the error is because you don't have a copy of slashdot.xml in your /source/slash/ folder.
Step 2 of the install instructions tells you to download a copy and place it in the directory indicated in the localpath varible.
Also, seems that slashdot is not providing a proper xml file, but rather a straight HTML file thus you won't get anything but a blank page anyway.
Sean
sullise
1d 11h ago Sean changed status to Closed
oaf357
1d 1h ago Yet again, you are off.
Debugging the code is great and I do appreciate it, but...
When a slashdot.xml file is placed in the appropriate directory the script works perfectly, as I've mentioned before.
It's when after 30 minutes that the script removes the exsisting copy of the XML file and tries to use the open_basedir directive to pull down a new copy of http://slashdot.org/slashdot.xml that the script dies. Thus resulting in the open_basedir restriction still being the problem (you've yet to advise me as to a directory where that restriction is not in effect).
I can copy the file into the directory and the page presents itself as it should until it tries to use the open_basedir directive.
Slashdot is providing a proper XML file (http://slashdot.org/slashdot.xml). I've seen the script work on your server when that XML file is updated manually. The script is not working as it should due to an open_basedir restriction (which you've said you have and don't have, but have yet to tell me where a script can run from to utilize open_basedir).
The developer has even been involved in this process and you don't believe either me (the customer) or him (the developer). The ticket is going to be reopened and elevated to emergency due to the fact it needs sufficient attention.
oaf357
1d 1h ago Christopher changed status to Open
oaf357
1d 1h ago Christopher changed urgency to Emergency
nysupport
21h ago Joe changed urgency to Normal
Mike
21h ago open_basedir is simply a root path where we are instructing php that you are allowed to open files, and all directories underneath. Your open_basedir is set to your entire site (plus /tmp, in case you want to use PHP's upload feature). When we turn safe_mode off, we have to exchange it for a lesser, but acceptible, security measure, which is open_basedir. safe_mode won't allow you to open any files that you don't own, so open_basedir is a relaxation saying ok, you can open anything below this point whether you own it or not.
A "open_basedir restriction in effect. File is in wrong directory in <whatever>" error is simply that. The file does not exist - period. That's the extent of our support on this issue.
Mike
21h ago Mike changed status to Closed
Warning: open_basedir restriction in effect. File is in wrong directory in http://www.shortfamilyonline.com/source/slashhead.inc on line 34
Warning: fopen("/home/virtual/shortfamilyonline.com/var/www/html/source/slash/slashdot.xml", "a") - Operation not permitted in http://www.shortfamilyonline.com/source/slashhead.inc on line 34
Please advise how I can fix it. The script developer advises me it's the due to the open_basedir restriction. The script is as follows:
<?
/*
SlashHead for PHP
Copyright 2003, Joshua Colson (jcolson@ndgonline.com)
This code is licensed under the Public Scripting
License. It is distributed with NO WARRANTY WHATSOEVER.
A copy of the license is found at:
<http://nuleo.org/psl-revised.html>
This script requires at least PHP 4.0.6.
*/
function slashdot_headlines() {
// Change this next line to where your headlines cache file is located
$localfile = "/home/virtual/shortfamilyonline.com/var/www/html/source/slash/slashdot.xml";
// If your PHP has zlib compiled in, enable the following line for
// gzipping to save bandwidth (supported in IE, Opera, Lynx and Mozilla, plus others)
// Enabling it will still preserve support for older browsers as well
// ob_start ("ob_gzhandler");
$diff_times = (time() - filemtime($localfile));
// If you want a different update schedule, change this to the number of
// seconds between updates. Note that Slashdot specifically requests
// that you update no more than once in any 30-minute time period
if ($diff_times > 1801) {
echo "<!-- using remote XML file... -->";
$fp2 = fopen("http://slashdot.org/slashdot.xml","r");
if (!$fp2) { echo "Cannot open link to Slashdot. Aborting..."; exit;}
unlink($localfile);
$fp = fopen($localfile,"a");
if (!$fp) { echo "Cannot open slashdot.xml for reading. Aborting..."; exit;}
//$flock_return = flock($fp,LOCK_EX);
//if ($flock_return == FALSE) {
// file currently being written to
//die("File locking prohibits writing to cache file. Please try again.");
//}
while (!feof($fp2)) {
$buff = fgets($fp2,4096);
fputs($fp,$buff);
}
//flock($fp,LOCK_UN);
fclose($fp); fclose($fp2);
}
else {
echo "<!-- using local copy of XML file... -->n";
}
$fp = fopen($localfile,"r");
$final_output="";
while (!feof($fp)) {
$buff = fgets($fp,4096);
if (trim($buff) == "<story>") {
$title = trim(de_html_entities(strip_tags(fgets($fp,4096))));
$link = trim(strip_tags(fgets($fp,4096)));
$time = parse_time(trim(strip_tags(fgets($fp,4096))));
$author = trim(strip_tags(fgets($fp,4096)));
// Feel free to edit the HTML tags to fit into your formatting
$final_output = $final_output . "<b><a href="" . $link . "">" . $title . "</a></b><div class="navtext">(by " . $author . " on " . $time . ")</div>n";
}
}
fclose($fp);
return $final_output;
}
function parse_time($timestamp) {
$tmp = strtotime($timestamp);
$tmp = date("M d, Y @ h:i a", $tmp);
$tmp = $tmp . " UTC";
return $tmp;
}
function de_html_entities($string) {
$trans_tbl = get_html_translation_table(HTML_ENTITIES);
$trans_tbl = array_flip($trans_tbl);
return strtr($string, $trans_tbl);
}
// The following "dummy function" is designed to be used when experiencing server errors which
// disable SlashHead's headline update feature. Enable it only when experiencing errors with
// your web or DNS server.
/*
function slashdot_headlines() {
return "Our web server is currently experiencing errors. This prevents SlashHead
from working correctly, so it has been temporarily disabled. Sorry for any
inconvenience.";
}
*/
?>
oaf357
5d ago NOTE:
I would actually like the script to reside in the /home/ directory when it's all said and done (for security reasons).
sullise
5d ago You can't, thus the reason for the errors. You'll need to store them below your webroots (/html/)
Sean
oaf357
5d ago Currently (this is why I submitted the trouble ticket), the script is under /html/. What is the problem?
nysupport
4d ago >>$localfile = "/home/virtual/shortfamilyonline.com/var/www/html/source/slash/slashdot.xml";
try changing that to /var/www/html/source/slash/slashdot.xml - and then check all your directories - what you're experiencing is an error that a script is not in an intended directory.
We cant further support 3rd party scripts... for more assistance, you'd need to contact the author of the script, or various support forums.
Joe
nysupport
4d ago Joe changed status to Closed
oaf357
4d ago I will try changing the path. But, the script works fine as long as the slashdot.xml file exsists in the directory specified in the script already. It's when the script attempts to update that XML file using the open_basedir directive that it dies. Which after an hour of working with the script developer, he said that I should contact my web host and ask what directories allow use of the open_basedir directive.
Considering this I'm changing the status to Hold until I can throughly test your recommendations.
oaf357
4d ago Christopher changed status to Hold
oaf357
4d ago Your recommendation did not work. The script requires the full path ("/home/virtual/shortfamilyonline.com/var/www/html/source/slash/slashdot.xml"
to work correctly.These are the string of error and warning message that should not be attributed to the script and is the cause of the problem:
Warning: open_basedir restriction in effect. File is in wrong directory in http://www.shortfamilyonline.com/source/slashhead.inc on line 33
Warning: open_basedir restriction in effect. File is in wrong directory in http://www.shortfamilyonline.com/source/slashhead.inc on line 34
Warning: fopen("/var/www/html/source/slash/slashdot.xml", "a") - Operation not permitted in http://www.shortfamilyonline.com/source/slashhead.inc on line 34
The script works beautifully if I manually go and update the slashdot.xml file. However, the script is designed to use the open_basedir directive which apparently isn't working on the server itself.
nysupport
4d ago It most certainely does work - it's installed server wide, without other issues.
We can not diagnose scripting errors, period. As I suggested, I would consider checking the scripts to make sure they're calling valid paths on the server. The error message is File is in wrong directory - that should be a clue.
Warning: open_basedir restriction in effect. File is in wrong directory in http://www.shortfamilyonline.com/source/slashhead.inc on line 33
It even tells you WHERE the error is occurring.
Joe
nysupport
4d ago Joe changed status to Closed
oaf357
4d ago Hmm... so you're saying the path is the problem? Then what would be the path, your first guess was wrong. The paths used in my .htaccess files work and they are the same until it gets into /var/.
Then why does it work until it tries to update the XML file? I'm not asking you to solve the problem. I'm trying to determine as to whether or not your server would let this script fly. You say, yes. But it doesn't work.
Bare in mind I did spend time with the developer on this before I came to you.
oaf357
4d ago Christopher changed status to Open
oaf357
4d ago I sent the contents of the ticket in its current state to the developer. The developer asked me to include a statement on his behalf explaining what the problem is.
[begin statement]
The problem that this customer is experiencing with my script is solely
based on the open_basedir restriction in place in Dixiesys's PHP
installation. The first warning, regarding "file is in wrong directory" and
referencing open_basedir refers to the PHP setting of the same name. This
setting restricts PHP from using the fopen() function to open files only if
they are in certain directories. I have extensively worked with this
customer to work with this restriction, but we have not found a way. The
problem can apparently only be solved by altering open_basedir to include
the entire list of directories attached to this customer's account.
The other errors are incident to this specific error. The output "File is
in wrong directory" refers to the fact that the script is trying to open a
file that is specifically disallowed through the use of open_basedir in
PHP. This is not a specific problem with the script; it works as expected,
but Dixiesys's specific PHP configuration is preventing the script from
opening a vital file. That is beyond my control as the script author. The
only way the error can be fixed is by changing the open_basedir directive
to something that will allow the script to work.
If you need additional information to diagnose this issue, I would
appreciate it if you could email me at jcolson@ndgonline.com with questions
and concerns. Thank you.
-Joshua Colson
[end statement]
Thanks for your help.
oaf357
3d 18h ago Any update?
oaf357
3d 14h ago Christopher escalated ticket to Emergency
sullise
3d 13h ago Sean changed urgency to Normal
sullise
3d 13h ago We are sorry, but in order to do what the script requires would be against our security policies and would effect security for the entire server. We cannot alter the open_base dir settings at this time.
Sean
sullise
3d 13h ago Sean changed status to Closed
oaf357
3d 1h ago So does any package DixieSys offers allow use of the open_basedir directive?
As much as I like your company I have to admit that if open_basedir isn't allowed I might have to look elsewhere for web hosting services.
oaf357
3d 1h ago Christopher changed status to Open
nysupport
2d 20h ago open_basedir is already active for your account. The issue is not with the server, it's with the script.
nysupport
2d 20h ago Joe changed status to Closed
oaf357
2d 20h ago Well now wait a minute. I'm getting conflicting info here. Is it or is it not enabled? If it truly is then where can a script run from to utilize open_basedir?
oaf357
2d 20h ago Christopher changed status to Open
oaf357
2d 14h ago Christopher escalated ticket to Urgent
sullise
2d 12h ago Open_base dir is set on the server. BUT, we cannot alter it's configuration to allow your script to create files ABOVE your webroot (mainsite_html/), which seems to be what it needs.
sullise
2d 12h ago Sean changed urgency to Normal
sullise
2d 12h ago Sean changed status to Hold
oaf357
2d 1h ago I'm not asking you to modify the configuration. The current location of the script is under the webroot and it's not working due to an open_basedir restriction. So once again I'll ask where is open_basedir not restricted?
This ticket is over 3 days old and I'm still getting somewhat of a run around.
sullise
1d 11h ago We don't normally debug code, but just to show you that it's not a problem with our open_base dir, but with the script...
The reason you are getting the error is because you don't have a copy of slashdot.xml in your /source/slash/ folder.
Step 2 of the install instructions tells you to download a copy and place it in the directory indicated in the localpath varible.
Also, seems that slashdot is not providing a proper xml file, but rather a straight HTML file thus you won't get anything but a blank page anyway.
Sean
sullise
1d 11h ago Sean changed status to Closed
oaf357
1d 1h ago Yet again, you are off.
Debugging the code is great and I do appreciate it, but...
When a slashdot.xml file is placed in the appropriate directory the script works perfectly, as I've mentioned before.
It's when after 30 minutes that the script removes the exsisting copy of the XML file and tries to use the open_basedir directive to pull down a new copy of http://slashdot.org/slashdot.xml that the script dies. Thus resulting in the open_basedir restriction still being the problem (you've yet to advise me as to a directory where that restriction is not in effect).
I can copy the file into the directory and the page presents itself as it should until it tries to use the open_basedir directive.
Slashdot is providing a proper XML file (http://slashdot.org/slashdot.xml). I've seen the script work on your server when that XML file is updated manually. The script is not working as it should due to an open_basedir restriction (which you've said you have and don't have, but have yet to tell me where a script can run from to utilize open_basedir).
The developer has even been involved in this process and you don't believe either me (the customer) or him (the developer). The ticket is going to be reopened and elevated to emergency due to the fact it needs sufficient attention.
oaf357
1d 1h ago Christopher changed status to Open
oaf357
1d 1h ago Christopher changed urgency to Emergency
nysupport
21h ago Joe changed urgency to Normal
Mike
21h ago open_basedir is simply a root path where we are instructing php that you are allowed to open files, and all directories underneath. Your open_basedir is set to your entire site (plus /tmp, in case you want to use PHP's upload feature). When we turn safe_mode off, we have to exchange it for a lesser, but acceptible, security measure, which is open_basedir. safe_mode won't allow you to open any files that you don't own, so open_basedir is a relaxation saying ok, you can open anything below this point whether you own it or not.
A "open_basedir restriction in effect. File is in wrong directory in <whatever>" error is simply that. The file does not exist - period. That's the extent of our support on this issue.
Mike
21h ago Mike changed status to Closed
Facebook
Twitter