View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0010972 | mantisbt | signup | public | 2009-09-22 09:00 | 2014-12-08 00:34 |
Reporter | rafi | Assigned To | grangeway | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 1.2.0rc1 | ||||
Target Version | 1.3.0-beta.1 | Fixed in Version | 1.3.0-beta.1 | ||
Summary | 0010972: openbase_dir breaks captcha generation | ||||
Description | When accessing the signup page (on my local mantis), the captcha is not displayed and no error message is displayed\logged. | ||||
Additional Information | I saved the generated captcha JPEG (http://mantis/make_captcha_img.php?public_key=1) to a file. The file begins with the following error message so the JPG is broken and cannot be displayed: <p style="color:red">SYSTEM WARNING: file_exists() [<a href='function.file-exists'>function.file-exists</a>]: open_basedir restriction in effect. File(/usr/share/fonts/corefonts/) is not within the allowed path(s): (/usr/share/php5:/usr/share/php:/var/www:/tmp)</p><p style= | ||||
Tags | No tags attached. | ||||
Severity major because it blocks any new signup. |
|
Hi, this is exactly what I have here now. Are there any news about this? I got 1.2.0 final on a shared hosting platform. |
|
open_basedir is a PHP configuration option that limits all file system related functions of PHP to only work within a specific base directory. On a shared host, open_basedir might be /var/www/{customerid}/ and thus you'll be unable to access any files on the server outside of /var/www/{customerid}. This means you'd need to copy fonts, system binaries and so forth somewhere into /var/www/{customerid} in order to use them. I think we may need to introduce a new $g_font_path configuration option to MantisBT to solve not only this problem... but problems with the MantisGraph core plugin as well. |
|
Or surely use a system like PHPBB's because that works from the start!or use another captcha system thats free http://www.google.com/recaptcha/captcha |
|
I have experienced the same issue in an unusual way. Posting here so that others can find this solution. I inserted /usr/share/fonts in the open_basedir but still had the jpeg starting with: The reason was that I didn't have the /usr/share/fonts dir at all. |
|
Possible workaround: To fix the problem I added a fonts folder within my Mantis installation root, added the ARIAL.TTF font file inside that folder and then added a $g_system_font_folder variable to the mantis configuration file config_inc.php to point to the fonts folder. Post explaining it in detail here: http://blog.suncrescent.net/2012/05/mantis-captcha-open_basedir-error/ |
|
Thanks sgraf! Your workaround fixed my problem. |
|
Marked as resolved following grangeway's implementation of securimage captcha library, as per his commit comment. Feel free to reopen if you find that the original issue persists. |
|
sdfgdf |
|
MantisBT: master 8dd28f84 2013-10-15 12:02 Paul Richards Details Diff |
New Feature: replace captcha library with open source library. Adds audio support to captcha for accessibility [requires flash on client] Ported from master-2.x branch Resolves (Part or all) of bugs: 0010972: openbase_dir breaks captcha generation 0008796: The letters in the catchpa on account creation page are too small 0010976: Remove instances of pass-by-reference (deprecated in PHP 5.3.0) 0010028: Registrations by bots via captcha exploit 0008462: Captcha will benefit supporting other than jpeg format 0008129: Alternative to captchas |
Affected Issues 0008129, 0008462, 0008796, 0010028, 0010972, 0010976, 0016565 |
|
mod - core/print_api.php | Diff File | ||
mod - library/README.libs | Diff File | ||
add - library/securimage/AHGBold.ttf | Diff File | ||
add - library/securimage/LICENSE.txt | Diff File | ||
add - library/securimage/README.FONT.txt | Diff File | ||
add - library/securimage/README.txt | Diff File | ||
add - library/securimage/WavFile.php | Diff File | ||
add - library/securimage/audio/en/0.wav | Diff File | ||
add - library/securimage/audio/en/1.wav | Diff File | ||
add - library/securimage/audio/en/10.wav | Diff File | ||
add - library/securimage/audio/en/11.wav | Diff File | ||
add - library/securimage/audio/en/12.wav | Diff File | ||
add - library/securimage/audio/en/13.wav | Diff File | ||
add - library/securimage/audio/en/14.wav | Diff File | ||
add - library/securimage/audio/en/15.wav | Diff File | ||
add - library/securimage/audio/en/16.wav | Diff File | ||
add - library/securimage/audio/en/17.wav | Diff File | ||
add - library/securimage/audio/en/18.wav | Diff File | ||
add - library/securimage/audio/en/19.wav | Diff File | ||
add - library/securimage/audio/en/2.wav | Diff File | ||
add - library/securimage/audio/en/20.wav | Diff File | ||
add - library/securimage/audio/en/3.wav | Diff File | ||
add - library/securimage/audio/en/4.wav | Diff File | ||
add - library/securimage/audio/en/5.wav | Diff File | ||
add - library/securimage/audio/en/6.wav | Diff File | ||
add - library/securimage/audio/en/7.wav | Diff File | ||
add - library/securimage/audio/en/8.wav | Diff File | ||
add - library/securimage/audio/en/9.wav | Diff File | ||
add - library/securimage/audio/en/A.wav | Diff File | ||
add - library/securimage/audio/en/B.wav | Diff File | ||
add - library/securimage/audio/en/C.wav | Diff File | ||
add - library/securimage/audio/en/D.wav | Diff File | ||
add - library/securimage/audio/en/E.wav | Diff File | ||
add - library/securimage/audio/en/F.wav | Diff File | ||
add - library/securimage/audio/en/G.wav | Diff File | ||
add - library/securimage/audio/en/H.wav | Diff File | ||
add - library/securimage/audio/en/I.wav | Diff File | ||
add - library/securimage/audio/en/J.wav | Diff File | ||
add - library/securimage/audio/en/K.wav | Diff File | ||
add - library/securimage/audio/en/L.wav | Diff File | ||
add - library/securimage/audio/en/M.wav | Diff File | ||
add - library/securimage/audio/en/MINUS.wav | Diff File | ||
add - library/securimage/audio/en/N.wav | Diff File | ||
add - library/securimage/audio/en/O.wav | Diff File | ||
add - library/securimage/audio/en/P.wav | Diff File | ||
add - library/securimage/audio/en/PLUS.wav | Diff File | ||
add - library/securimage/audio/en/Q.wav | Diff File | ||
add - library/securimage/audio/en/R.wav | Diff File | ||
add - library/securimage/audio/en/S.wav | Diff File | ||
add - library/securimage/audio/en/T.wav | Diff File | ||
add - library/securimage/audio/en/TIMES.wav | Diff File | ||
add - library/securimage/audio/en/U.wav | Diff File | ||
add - library/securimage/audio/en/V.wav | Diff File | ||
add - library/securimage/audio/en/W.wav | Diff File | ||
add - library/securimage/audio/en/X.wav | Diff File | ||
add - library/securimage/audio/en/Y.wav | Diff File | ||
add - library/securimage/audio/en/Z.wav | Diff File | ||
add - library/securimage/audio/en/error.wav | Diff File | ||
add - library/securimage/audio/noise/check-point-1.wav | Diff File | ||
add - library/securimage/audio/noise/crowd-talking-1.wav | Diff File | ||
add - library/securimage/audio/noise/crowd-talking-6.wav | Diff File | ||
add - library/securimage/audio/noise/crowd-talking-7.wav | Diff File | ||
add - library/securimage/audio/noise/kids-playing-1.wav | Diff File | ||
add - library/securimage/backgrounds/bg3.jpg | Diff File | ||
add - library/securimage/backgrounds/bg4.jpg | Diff File | ||
add - library/securimage/backgrounds/bg5.jpg | Diff File | ||
add - library/securimage/backgrounds/bg6.png | Diff File | ||
add - library/securimage/captcha.html | Diff File | ||
add - library/securimage/database/.htaccess | Diff File | ||
add - library/securimage/database/index.html | Diff File | ||
add - library/securimage/database/securimage.sq3 | Diff File | ||
add - library/securimage/example_form.ajax.php | Diff File | ||
add - library/securimage/example_form.php | Diff File | ||
add - library/securimage/images/audio_icon.png | Diff File | ||
add - library/securimage/images/refresh.png | Diff File | ||
add - library/securimage/securimage.php | Diff File | ||
add - library/securimage/securimage_play.php | Diff File | ||
add - library/securimage/securimage_play.swf | Diff File | ||
add - library/securimage/securimage_show.php | Diff File | ||
add - library/securimage/words/words.txt | Diff File | ||
rm - make_captcha_img.php | Diff | ||
mod - signup.php | Diff File | ||
mod - signup_page.php | Diff File |