View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0009114 | mantisbt | other | public | 2008-04-27 08:32 | 2009-01-15 11:27 |
Reporter | GregorK | Assigned To | grangeway | ||
Priority | normal | Severity | crash | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 1.1.1 | ||||
Fixed in Version | 1.2.0a3 | ||||
Summary | 0009114: SYSTEM WARNING: escapeshellcmd() has been disabled for security reasons | ||||
Description | Appears when submitting notes or updates to a bug report. | ||||
Steps To Reproduce | Add escapeshellcmd to disable_functions in php.ini, which is quite common to be set on hosted servers for security reasons and recommended from various security sites. Add some bug notes.. | ||||
Additional Information | |||||
Tags | No tags attached. | ||||
From a quick grep in the sources:
so it seems the culprit is in the phpmailer code. Hopefully, we can get rid of that class in the near future... |
|
Still not fixed in 1.1.6 !!! |
|
And I doubt we will fix this in 1.1.x, because replacing phpmailer is a too risky change on the stable branch if you are having this issue, you can workaround it by using one of the alternative mail methods. |
|
Have added a check for this case to check.php If phpmailer method is sendmail and escapeshell* is disabled, throw up an error. Paul |
|