Geek Question - Wrist Twisters
 
Thread Tools Display Modes
post #1 of 37 Old 08-20-2007, 09:18 AM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

Geek Question

I need to turn on global_registers in a php.ini file but permissions wont allow me any transfers, nor will chmod allow any changes on either the subfolder or the root. using smartftp which normally works just fine wont allow me changes on any of these folders.

any ideas which completely remedial step I'm missing?

jetblast10 is offline  
Sponsored Links
Advertisement
 
post #2 of 37 Old 08-20-2007, 09:27 AM
Shiraz
 
Simpson's Avatar
 
Join Date: Oct 2006
Location: Virginia Beach
Posts: 2,684
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Outstanding Restoration Outstanding Restoration Donation 
Total Awards: 7

if it's a unix box, and it's the main php.ini file for the system, only the system root user can change it, which means it can only be changed in a console (say, ssh)

if it's a unix/linux box you (or someone) will need to ssh into it and use an editor to modify it

putty is great for that in the XP world

if it's a windows box, I have no idea (none of the windows filesystem is sacred unless it's made so by the admin)

Simpson is offline  
post #3 of 37 Old 08-20-2007, 09:30 AM
Wookie
 
ragdoll's Avatar
 
Join Date: Jan 2006
Location: Seattle, WA
Posts: 7,274
Rep Power: 1
 

Awards Showcase
Donation 
Total Awards: 1

If it's Windows then you simply need Admin access to it. If you are Admin and still can't do it, let me know... I could just say you're in trouble if you can't get it.

If it's Unix(Man, Simpson is a smart guy), then I don't know.

'02 RC-51
'10 Unicycle

ragdoll is offline  
 
post #4 of 37 Old 08-20-2007, 09:31 AM
BANNED!
 
midwest's Avatar
 
Join Date: Jan 2006
Location: Milwaukee
Posts: 5,539
Rep Power: 1
 

Awards Showcase
Donation Donation Wrist Twisters Event Attendance 
Total Awards: 3

Like......... wha?

I LOVE Tig Bitties!
midwest is offline  
post #5 of 37 Old 08-20-2007, 09:41 AM
Fool in the Rain
 
HondaJim's Avatar
 
Join Date: Feb 2006
Location: Louisville, Kentucky
Posts: 10,284
Rep Power: 1
 
Garage

Awards Showcase
Donation Wrist Twisters Event Attendance Extraordinary Ride Wrist Twisters Event Attendance 
Total Awards: 4

I'm a root user abuser.

"Towards the end of the vid, it looks like she may have had a bafflectomy." - MarylandMike
HondaJim is offline  
post #6 of 37 Old 08-20-2007, 09:50 AM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

it's unix - that's what I figured. for some reason I can ssh in to the old server with putty but not into the new one. nothing but troubles everywhere I turn.

clarification. I can access the new server via putty but none of the commands work. It lets me in but doesn't let me move around.

jetblast10 is offline  
post #7 of 37 Old 08-20-2007, 10:02 AM
Shiraz
 
Simpson's Avatar
 
Join Date: Oct 2006
Location: Virginia Beach
Posts: 2,684
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Outstanding Restoration Outstanding Restoration Donation 
Total Awards: 7

you will need to edit it and save it as the root user (superuser, admin)

Simpson is offline  
post #8 of 37 Old 08-20-2007, 10:13 AM
Shiraz
 
Simpson's Avatar
 
Join Date: Oct 2006
Location: Virginia Beach
Posts: 2,684
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Outstanding Restoration Outstanding Restoration Donation 
Total Awards: 7

http://www.itc.virginia.edu/desktop/...terglobal.html
note the entry about the .htaccess file

a google search for register_globals turns up a lot of info, including the PHP dev's take on my setting it "on" is a Bad Idea (tm)

it allows persistent memory "storage" of global data for the PHP and apache stack it allows data to persist between different websurfer streams. which means it can be snooped by 3rd parties (trivially) and used to gain access and/or flood the machine into an overflow mode and compromise it


it's truly a bad idea
http://us2.php.net/releases/4_1_0.php

Simpson is offline  
post #9 of 37 Old 08-20-2007, 10:15 AM
Chuck Norris has lost in battle with this Member
 
RC51_CBRXX's Avatar
 
Join Date: Jan 2006
Location: Massachusetts
Posts: 10,498
Rep Power: 1
 

Awards Showcase
Extraordinary Ride Donation Community Leadership Wrist Twisters Event Attendance 
Total Awards: 6

Jet, if you can't get it. Let me know ... I'll hook you up with my brother. He's the UNIX - Java expert on Wall St.

RC51_CBRXX is offline  
post #10 of 37 Old 08-20-2007, 10:16 AM
Power 2 the pedal
 
Ridge's Avatar
 
Join Date: Mar 2006
Location: North Cackalacky
Posts: 10,093
Rep Power: 1
 

Awards Showcase
Extraordinary Ride Donation Wrist Twisters Event Attendance Wrist Twisters Event Attendance 
Total Awards: 6

I feel so dumb.

Ridge is offline  
post #11 of 37 Old 08-20-2007, 10:19 AM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

getting closer - used putty to chmod the filename successfully. says everything ftp'd & overwrote correctly but still not getting anywhere.

https://www.wristtwisters.com/catalog/

you can see what's happening. i'm working in /usr/local/lib - maybe I should be working in /scripts
no worries I've chmod 'ed back to 644

jetblast10 is offline  
post #12 of 37 Old 08-20-2007, 10:19 AM
(Quintus) Pilus Prior
 
Lemonhead's Avatar
 
Join Date: Aug 2006
Location: Wisconsin
Posts: 2,613
Rep Power: 1
 
Go for a ride and clear the head. It might just fix itself.

Lemonhead is offline  
post #13 of 37 Old 08-20-2007, 10:21 AM
Chuck Norris has lost in battle with this Member
 
RC51_CBRXX's Avatar
 
Join Date: Jan 2006
Location: Massachusetts
Posts: 10,498
Rep Power: 1
 

Awards Showcase
Extraordinary Ride Donation Community Leadership Wrist Twisters Event Attendance 
Total Awards: 6

Quote:
Originally Posted by RidgeRunner View Post
I feel so dumb.
This is why you hire experts. My time is better spent making my pornos and selling them.

RC51_CBRXX is offline  
post #14 of 37 Old 08-20-2007, 10:35 AM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

spank a fuggin duck!
I got shyt.
turned on global_registers in both php.ini in /scripts and in /usr/local/lib and i got nothing.
that's the only 2 places putty found a php.ini file on the old server. argh!
have chmod everything back to 644 and need a drink.

jetblast10 is offline  
post #15 of 37 Old 08-20-2007, 10:41 AM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

also keep getting this:

# locate php.ini
warning: locate: could not open database: /var/lib/slocate/slocate.db: No such file or directory
warning: You need to run the 'updatedb' command (as root) to create the database.
Please have a look at /etc/updatedb.conf to enable the daily cron job.


any ideas? not sure I want to go running scripts that affect the entire server without knowing the ramifications and quick undo buttons.

jetblast10 is offline  
post #16 of 37 Old 08-20-2007, 11:30 AM
 
Join Date: Sep 2006
Posts: 729
Rep Power: 0
 

Awards Showcase
Wrist Twisters Event Attendance 
Total Awards: 1

Quote:
Originally Posted by midwest View Post
Like......... wha?
+1

All I understood was, "blah, blah, blah". It sounded like Charlie Brown's teacher talking

phast 9er is offline  
post #17 of 37 Old 08-20-2007, 12:18 PM
nOOb
 
stanlanman's Avatar
 
Join Date: Jul 2007
Location: Charlotte, NC
Posts: 68
Rep Power: 1
 
Just a Quick question for clarity - why are you turning it on? Is an installation script requiring it? It should be disabled after you are done with the installation because of the implicit security vulnerabilities.

You need to make sure ALL folders touched by the script have an .htaccess file that permits whatever it is you are trying to do. Maybe copy the .htaccess from a folder that is working OK to the other folders listed in the script.

options for Apache .htaccess => http://httpd.apache.org/docs/2.0/howto/htaccess.html

"Lighten up, Francis." - Sgt. M.F. Hulka
stanlanman is offline  
post #18 of 37 Old 08-20-2007, 12:20 PM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

for lack of a better answer Stan, I'm turning it on because
www.wristtwisters.com/catalog
tells me to.

Now, I've reverted all register_globals = Off so it's back like it was. I just want the catalog to work.

jetblast10 is offline  
post #19 of 37 Old 08-20-2007, 12:22 PM
Heavy Metal
 
ratdog's Avatar
 
Join Date: Jan 2006
Location: swamp in the wood
Posts: 4,304
Rep Power: 1
 

Awards Showcase
Donation Extraordinary Ride Donation Wrist Twisters Event Attendance 
Total Awards: 5

most of the time chasing globals is bogus...

set the ownership of the files/subdir of the app you are trying to fix to the use/group running the websvr s/w

chown -R apache.apache /subdir/subdir/appimtryingtorun

works everytime for stuff like vbulletin/joomla/mambo/nuke etc. etc. and save u having to chmod the permissions to risky stuff

ratdog is offline  
post #20 of 37 Old 08-20-2007, 12:23 PM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

i like what you're saying. could you say it in a slightly different way?

jetblast10 is offline  
post #21 of 37 Old 08-20-2007, 12:41 PM
nOOb
 
stanlanman's Avatar
 
Join Date: Jul 2007
Location: Charlotte, NC
Posts: 68
Rep Power: 1
 
I think you already tried chown 777 on the directories. What is the application? Here is a generic fix for file application_top.php:

if ( ($session_started == true) && (PHP_VERSION >= 4.3) && function_exists('ini_get') && (ini_get('register_globals') == false) ) {
extract($_SESSION, EXTR_OVERWRITE+EXTR_REFS);
}

"Lighten up, Francis." - Sgt. M.F. Hulka
stanlanman is offline  
post #22 of 37 Old 08-20-2007, 12:45 PM
Heavy Metal
 
ratdog's Avatar
 
Join Date: Jan 2006
Location: swamp in the wood
Posts: 4,304
Rep Power: 1
 

Awards Showcase
Donation Extraordinary Ride Donation Wrist Twisters Event Attendance 
Total Awards: 5

tarball/zip file of appc installed by root = files owned by root

apache process running as user apache

apache process attempts to access app installed by root

new app appears to work but has hang ups in various areas
(file rwx permissions have allowed process owned by user apache to access some but not all of what is needed)

chdir to subdir where app installed

change ownership of app files/subdirs to user apache, group apache

now when apache web server (process running as userid apache) attempts to call app (using userid apache), files accessible because ownership syncs up

global register defaults are mostly ok w/ php as is...

ratdog is offline  
post #23 of 37 Old 08-20-2007, 12:46 PM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

Quote:
Originally Posted by stanlanman View Post
What is the application?

it's oscommerce

jetblast10 is offline  
post #24 of 37 Old 08-20-2007, 12:47 PM
Heavy Metal
 
ratdog's Avatar
 
Join Date: Jan 2006
Location: swamp in the wood
Posts: 4,304
Rep Power: 1
 

Awards Showcase
Donation Extraordinary Ride Donation Wrist Twisters Event Attendance 
Total Awards: 5

that would have to be chmod 777 and that doesn't do it cause it has to do w/ process forking and sticky bits and what not...mostly what not

chown -R apache.apache /subdir/subdir/newappdir trumps chmod 777 which is just whacky and a desperate attempt atshortcutting a solution ...usually performed by S.A.'s underfire

Quote:
Originally Posted by stanlanman View Post
I think you already tried chown 777 on the directories. What is the application? Here is a generic fix for file application_top.php:

if ( ($session_started == true) && (PHP_VERSION >= 4.3) && function_exists('ini_get') && (ini_get('register_globals') == false) ) {
extract($_SESSION, EXTR_OVERWRITE+EXTR_REFS);
}

ratdog is offline  
post #25 of 37 Old 08-20-2007, 01:15 PM
 
Join Date: Dec 2006
Posts: 29
Rep Power: 0
 
Well this explains why I can't log on and buy stuff. Hehehehe.

resuscit8u is offline  
post #26 of 37 Old 08-20-2007, 01:18 PM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

what's up Jim?!? We're trying man. Hope all is well.

jetblast10 is offline  
post #27 of 37 Old 08-20-2007, 01:31 PM
nOOb
 
stanlanman's Avatar
 
Join Date: Jul 2007
Location: Charlotte, NC
Posts: 68
Rep Power: 1
 

"Lighten up, Francis." - Sgt. M.F. Hulka
stanlanman is offline  
post #28 of 37 Old 08-20-2007, 01:52 PM
Heavy Metal
 
ratdog's Avatar
 
Join Date: Jan 2006
Location: swamp in the wood
Posts: 4,304
Rep Power: 1
 

Awards Showcase
Donation Extraordinary Ride Donation Wrist Twisters Event Attendance 
Total Awards: 5

Quo Ed Demonstratum

ratdog is offline  
post #29 of 37 Old 08-20-2007, 02:15 PM
Heavy Metal
 
ratdog's Avatar
 
Join Date: Jan 2006
Location: swamp in the wood
Posts: 4,304
Rep Power: 1
 

Awards Showcase
Donation Extraordinary Ride Donation Wrist Twisters Event Attendance 
Total Awards: 5

Quote:
Originally Posted by resuscit8u View Post
Well this explains why I can't log on and buy stuff. Hehehehe.
try it now and let's see if you put your money where your mouth is...

ratdog is offline  
post #30 of 37 Old 08-20-2007, 03:16 PM
Heavy Metal
 
ratdog's Avatar
 
Join Date: Jan 2006
Location: swamp in the wood
Posts: 4,304
Rep Power: 1
 

Awards Showcase
Donation Extraordinary Ride Donation Wrist Twisters Event Attendance 
Total Awards: 5

Quote:
Originally Posted by jetblast10 View Post
also keep getting this:

# locate php.ini
warning: locate: could not open database: /var/lib/slocate/slocate.db: No such file or directory
warning: You need to run the 'updatedb' command (as root) to create the database.
Please have a look at /etc/updatedb.conf to enable the daily cron job.


any ideas? not sure I want to go running scripts that affect the entire server without knowing the ramifications and quick undo buttons.
better to chill and ask if u don't know

fixed it temporarily...ran updatedb, no worries, it just updates the slocate database...crushes system performance for a few mins if you don't nice it first

i'll check on why the cron isn't running it weekly/monthly
and the mail thing..

ratdog is offline  
post #31 of 37 Old 08-20-2007, 04:49 PM
 
Join Date: Dec 2006
Posts: 29
Rep Power: 0
 
Quote:
Originally Posted by jetblast10 View Post
what's up Jim?!? We're trying man. Hope all is well.
It is very good!

I need some digits made. Casey Stoner style. I will PM you.

resuscit8u is offline  
post #32 of 37 Old 08-21-2007, 01:52 PM
Heavy Metal
 
ratdog's Avatar
 
Join Date: Jan 2006
Location: swamp in the wood
Posts: 4,304
Rep Power: 1
 

Awards Showcase
Donation Extraordinary Ride Donation Wrist Twisters Event Attendance 
Total Awards: 5

stupid dumb post to test subscription function error...ignore this

ratdog is offline  
post #33 of 37 Old 08-21-2007, 03:29 PM
Fool in the Rain
 
HondaJim's Avatar
 
Join Date: Feb 2006
Location: Louisville, Kentucky
Posts: 10,284
Rep Power: 1
 
Garage

Awards Showcase
Donation Wrist Twisters Event Attendance Extraordinary Ride Wrist Twisters Event Attendance 
Total Awards: 4

Quote:
Originally Posted by ratdog View Post
stupid dumb post to test subscription function error...ignore this
Stupid dumb ignore adhered to.

"Towards the end of the vid, it looks like she may have had a bafflectomy." - MarylandMike
HondaJim is offline  
post #34 of 37 Old 08-27-2007, 01:51 PM
Heavy Metal
 
ratdog's Avatar
 
Join Date: Jan 2006
Location: swamp in the wood
Posts: 4,304
Rep Power: 1
 

Awards Showcase
Donation Extraordinary Ride Donation Wrist Twisters Event Attendance 
Total Awards: 5

testing 123
check
check

sylllllllabence
check
check

testing jb-ima-wizz-bang-sa-type-linux-butt-kicker's fix of subsc mail prob

ignore ignore ignore...

ratdog is offline  
post #35 of 37 Old 08-27-2007, 02:03 PM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

these go to eleven.

jetblast10 is offline  
post #36 of 37 Old 08-27-2007, 02:06 PM
Pilus Posterior
 
wisco919's Avatar
 
Join Date: Dec 2006
Location: Milwaukee, Wisconsin
Posts: 2,119
Rep Power: 1
 

Awards Showcase
Donation Veteran 
Total Awards: 2

Quote:
Originally Posted by jetblast10 View Post
these go to eleven.
Is that a Spinal Tap referrence? It made me laugh.

wisco919 is offline  
post #37 of 37 Old 08-27-2007, 02:08 PM Thread Starter
Site Founder
 
jetblast10's Avatar
 
Join Date: Jan 2006
Location: Tampa, FL
Posts: 9,698
Rep Power: 1
 

Awards Showcase
Wrist Twisters Event Attendance Extraordinary Ride Trackday Recognition Extraordinary Ride 
Total Awards: 6

working on a sex farm
plowing through your fields
getting out my pitchfork
poking your hay

LOL!

jetblast10 is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Wrist Twisters forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

 
For the best viewing experience please update your browser to Google Chrome