[Vtigercrm-commits] [vtiger development] #5327: Design Flaw?

vtiger development vtiger-tickets at trac.vtiger.com
Mon Aug 4 03:44:30 EDT 2008 

#5327: Design Flaw?
---------------------------+------------------------------------------------
 Reporter:  Ed.Grysiewicz  |       Owner:  developer
     Type:  defect         |      Status:  new      
 Priority:  critical       |   Milestone:  5.1.0    
Component:  vtigercrm      |     Version:  5.0.4    
 Keywords:  fopen          |  
---------------------------+------------------------------------------------
 I have a client running vTiger on a subdomain at an ISP...

 The ISP cites security concerns and will not turn Safe Mode On...

 As such, many flat files will be zeroed out due to fopen commands...

 Reading flat files is no problem.. It's the fopen causing the problem...

 All CHMOD's are correctly set...

 Case in point... Invoice Number Incrementing...


 InventoryUtils.php
 around line 862
 writes the incremented invoice number back to the flat file...
 however, fopen initializes the file by setting it to a zero length
 and generates an error... can't open file...

         //we have the contents in buffer. Going to write the contents in
 file
         fclose($readhandle);
         $handle = fopen($filename, "w");
         fputs($handle, $new_buffer);
         fclose($handle);
 -----------------------
 here is the error...
 Warning:
 fopen(/www/medlegal/admin.medlegalfirst.com/pages/user_privileges/CustomInvoiceNo.php)
 [function.fopen]: failed to open stream: Operation not permitted in
 /www/medlegal/admin.medlegalfirst.com/pages/include/utils/InventoryUtils.php
 on line 863

 Warning: fputs(): supplied argument is not a valid stream resource in
 /www/medlegal/admin.medlegalfirst.com/pages/include/utils/InventoryUtils.php
 on line 864

 Warning: fclose(): supplied argument is not a valid stream resource in
 /www/medlegal/admin.medlegalfirst.com/pages/include/utils/InventoryUtils.php
 on line 865

 Warning: Cannot modify header information - headers already sent by
 (output started at
 /www/medlegal/admin.medlegalfirst.com/pages/include/utils/InventoryUtils.php:863)
 in /www/medlegal/admin.medlegalfirst.com/pages/modules/Invoice/Save.php on
 line 55
 -----------------------


 As a work around in InventoryUtils.php
 I did the following which works fine...

 rewind ($readhandle);
 if (fwrite($readhandle, $new_buffer) === FALSE) {
         echo "Cannot write to file ($filename)";
         exit;
     }

 fclose($readhandle);

 ----------------------------
 In short, EVERY instance of writing to flat files with
 an fopen sets the file to zero... followed by an error...
 This is especially damaging when it's the UserPrivledge files
 which I CHMOD'd to prevent the error...

 COMMENTS AND THOUGHTS WELCOMED

 HOPE THIS MAKES SENSE....

 PERHAPS YOU HAVE SOME OTHER IDEAS

-- 
Ticket URL: <http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/5327>
vtiger development <http://trac.vtiger.com/>
vtigerCRM

More information about the vtigercrm-commits mailing list