CMS Made Simple Forums

Hi all, and best wishes to all of you.

I have 5 CMSMS sites up and running for quite a long time now, even a few of them running on IIS+PHP (with some limits o'course).

But today I'm struggling with the latest version 1.6.6, although on the same server (shared hosting) I have another site based on 1.6.4 running smoothly.
I copied the files, run the setup... had to request the hoster to disable safe_mode (done - although the 1.6.4 install didn't ask anything so far).
Then, I try to add modules and get some problems and error messages :

=>> Extensions » Modules says

The modules folder (and/or the uploads folder) is not writable, if you would like to install modules by uploading an XML file you need ensure that these folders have full read/write/execute permissions (chmod 777). Safe mode may also be in effect.

=>> Extensions » Module Manager >> Available Modules says
WARNING: Insufficient directory permissions to install modules. You may also be experiencing problems with PHP Safe mode. Please ensure that safe mode is disabled, and that file system permissions are sufficient.

And each module is marked as "Cannot download"

O'course, all these directories are both set to 777 (done through Plesk and checked with FileZilla), and I asked my hoster to remove safe_mode, and it's now done.

Here's my global config, FYI :

----------------------------------------------

Cms Version: 1.6.6

Installed Modules:

   * CMSMailer: 1.73.14
   * FileManager: 1.0.1
   * MenuManager: 1.6.2
   * ModuleManager: 1.3.1
   * News: 2.10.3
   * nuSOAP: 1.0.1
   * Printing: 1.0.4
   * Search: 1.6.1
   * ThemeManager: 1.1.1
   * TinyMCE: 2.5.5


Config Information:

   * php_memory_limit:
   * process_whole_template: false
   * max_upload_size: 5000000
   * default_upload_permission: 664
   * assume_mod_rewrite: false
   * page_extension:
   * internal_pretty_urls: false
   * use_hierarchy: true


Php Information:

   * phpversion: 5.2.0-8+etch16
   * md5_function: On (True)
   * gd_version: 2
   * tempnam_function: On (True)
   * magic_quotes_runtime: Off (False)
   * memory_limit: 32M
   * max_execution_time: 30
   * safe_mode: Off (False)
   * session_save_path: No check because open basedir active
   * session.use_cookies: On (True)


Server Information:

   * Server Api: cgi-fcgi
   * Server Db Type: MySQL (mysql)
   * Server Db Version: 5.0.32


----------------------------------------------


Should I go back to 1.6.4
What should I change and where to get "right" to upload/update modules
I checked many different topics in this forum, but all said the solution was to change permissions on modules and upload, and I already did it... what else ?

I wanted to update the 1.6.4 site to 1.6.6 but I must refrain  :D

Thanks in advance for your help.
Sincerely
DJM

Hello cybearDJM , welcome here 

It looks like a fileowner problem to me...
Your webhost will probably have an online filemanager, reset all file permissions there.

Then go in the Admin to Site Admin >> Global Setting >> Advanced Setup
And set umask to 000.

See what happens now.

Regards, Rolf

Thx Rolf,
What do you mean by "reset file permissions" Everything RWX or
I can change the fle permissions from the file manager (Plesk) or through FileZilla.
Sincerely
DJM

Just tried 000 for the Mask, and nothing has changed...
Sincerely
DJM

When you look in the FileManager of cmsms, do you see some locks at the folders and files. (Img #6)

And see the difference in the fileowners (NL:Bestandseigenaar) (Img #5)

See attached images.

The only locks are on config.php and a directory created by the system (for the stats).
Fileowner is N/A for all
Perms is "R" for all

Sincerely
DJM

The way you described it in the first post looks like a fileowner problem. The last post doesn't 
Can you pm me an url and some temporarily admin login info, so I can see for myself.
And then see what we can do...

®olf

Done

Hmm, never seen this before... It isn't a fileowner problem, but I still think it is a server problem.

Your host has a lot of php_functions disabled:

disable_functions in PHP (disable_functions):
highlight_file, define_syslog_variables, show_source, parse_ini_file, proc_open, proc_nice, proc_get_status, proc_terminate, proc_close, curl_exec, curl_multi_exec, apache_setenv, ftp_login, ftp_connect, ftp_exec, ftp_get, ftp_fget, ftp_nb_fget, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_restore, syslog, php_uname, posix_uname, posix_getpwuid, posix_setuid, posix_setgid, posix_setpgid, posix_setsid, posix_seteuid, posix_kill, openlog, xmlrpc_server_create, xmlrpc_set_type

You better ask the host to enable some of them, I can't say which one is 'the bad guy', I don't have experience with this.

This is probably the result of it:

fopen: When allow url fopen is disabled you will not be able to accessing URL object like file using the ftp or http protocol.

And the error message in System Information too:

Warning: php_uname() has been disabled for security reasons in /var/www/vhosts/neowebia.com/httpdocs/admin/systeminfo.php on line 223

Contacting your host is the best option at the moment.

Regards, Rolf

Rolf, I noticed that also, but then i only have this problem with 1.6.6...
As i explained above, on the same shared hosting, I have multiple websites. On one of them i use 1.6.4 with no problem, even safe_mode is still enabled and there's no error...

Here's the config for the other website on the same platform, and I can assure you I don't have any error, could upload modules and so on :
Cms Version: 1.6.4

Installed Modules:

    * CMSMailer: 1.73.14
    * FileManager: 1.0.1
    * MenuManager: 1.6.1
    * ModuleManager: 1.3.1
    * News: 2.10.2
    * nuSOAP: 1.0.1
    * Printing: 1.0.2
    * Search: 1.6.1
    * ThemeManager: 1.1.1
    * TinyMCE: 2.5.1
    * CGExtensions: 1.17.2
    * CGFeedMaker: 1.0.6
    * SiteMapMadeSimple: 1.1.4
    * FormBuilder: 0.5.12


Config Information:

    * php_memory_limit:
    * process_whole_template: false
    * max_upload_size: 2000000
    * default_upload_permission: 664
    * assume_mod_rewrite: false
    * page_extension:
    * internal_pretty_urls: false
    * use_hierarchy: true


Php Information:

    * phpversion: 5.2.0-8+etch16
    * md5_function: On (Vrai)
    * gd_version: 2
    * tempnam_function: On (Vrai)
    * magic_quotes_runtime: Off (Faux)
    * memory_limit: 32M
    * max_execution_time: 30
    * safe_mode: On (Vrai)
    * session_save_path: /var/lib/php5 (0)


Server Information:

    * Server Api: cgi-fcgi
    * Server Db Type: MySQL (mysql)
    * Server Db Version: 5.0.32


Directive PHP disable_functions (disable_functions):

highlight_file, define_syslog_variables, show_source, parse_ini_file, proc_open, proc_nice, proc_get_status, proc_terminate, proc_close, curl_exec, curl_multi_exec, apache_setenv, ftp_login, ftp_connect, ftp_exec, ftp_get, ftp_fget, ftp_nb_fget, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_restore, syslog, php_uname, posix_uname, posix_getpwuid, posix_setuid, posix_setgid, posix_setpgid, posix_setsid, posix_seteuid, posix_kill, openlog, xmlrpc_server_create, xmlrpc_set_type Attention ?


Then, there might be something specific with 1.6.6 that's "more secure" or "more limitative"...
Thanks for your help

Sincerely
DJM

OK, I'll try to install 1.6.4 from scratch on this site, and see what happens...
Sincerely
DJM

I tried to setup from scratch :
1.6.4 base
1.5.4 base
and still have the same error messages and problems :
* can't upload/update modules
* can't import theme I have.

The only "strange" thing I had @ setup for both is that the checksum doesn't validate at all...

What is really really strange is that I could install this on the same shared hosting I manage, for another site (www.cristalg.fr) and it runs smoothly with 1.6.4, modules I added (i.e. sitemapmadesimple)...
I really don't understand and have absolutely no clue...

Well... too bad...
DJM

The only "strange" thing I had @ setup for both is that the checksum doesn't validate at all...

Doing a checksum after uploading the unzipped files to the server, all language files fail checksum. This isn't a problem.

What is really really strange is that I could install this on the same shared hosting I manage, for another site (www.cristalg.fr) and it runs smoothly with 1.6.4, modules I added (i.e. sitemapmadesimple)...

There are probably some modification in 1.6.5 and 1.6.6 which need some of the disabled php functions.
Therefore 1.6.4 isn't a problem...

®

Thanks Rolf,
Well in fact, there are "less" problems in 1.6.4 as I tried to update modules on the running website based on this version, and it doesn't work so well, even if no error message appears...

As I said, when installing 1.6.4 on the actual platform, the same errors appear...
Does this mean that some built-in functions in the pages are "changed" depending on what happens during setup ?

I found a document I kept when I installed 1.6.4 last August, and indeed, no functions were deactivated at the time... It's the best clue so far...

Sincerely
DJM

Hi again,
My Host modified the setup of the server and activated all the functions.
I then reinstalled from scratch a brand 1.6.6 base.

Here's the system config

----------------------------------------------

Cms Version: 1.6.6

Installed Modules:

    * CMSMailer: 1.73.14
    * FileManager: 1.0.1
    * MenuManager: 1.6.2
    * ModuleManager: 1.3.1
    * News: 2.10.3
    * nuSOAP: 1.0.1
    * Printing: 1.0.4
    * Search: 1.6.1
    * ThemeManager: 1.1.1
    * TinyMCE: 2.5.5


Config Information:

    * php_memory_limit:
    * process_whole_template: false
    * max_upload_size: 2000000
    * default_upload_permission: 664
    * assume_mod_rewrite: false
    * page_extension:
    * internal_pretty_urls: false
    * use_hierarchy: true


Php Information:

    * phpversion: 5.2.0-8+etch16
    * md5_function: On (True)
    * gd_version: 2
    * tempnam_function: On (True)
    * magic_quotes_runtime: Off (False)
    * memory_limit: 32M
    * max_execution_time: 30
    * safe_mode: On (True)
    * session_save_path: /var/www/vhosts/neowebia.com/httpdocs/tmp (0777)
    * session.use_cookies: On (True)


Server Information:

    * Server Api: cgi-fcgi
    * Server Db Type: MySQL (mysql)
    * Server Db Version: 5.0.32


----------------------------------------------

The last parameter that's not off is safe_mode.
As PHP.INI states
;      NOTE: this is considered a "broken" security measure.
;      Applications relying on this feature will not recieve full
;      support by the security team.  For more information please
;      see /usr/share/doc/php5-common/README.Debian.security

=>I still have the same error messages and no access to modules and themes...

I recreated your admin account on the site, could you please check again and see if I forgot something

Thanks in advance.
sincerely
DJM