#289 jpegPhoto uploaded in wrong directory

0.9.3
closed
David Smith
None
5
2012-09-06
2004-04-21
Anonymous
No

Hello,

Adding a photo (schema inetOrgPerson Attributs
jpegPhoto) seems to works correctly when logged in
admin. The photo is uploaded and displayed on screen.

I created a copy of the root of the phpLdapAdmin in
order to display information for users. This means I
have a url :

/phpLdapAdmin/ for logging in admin mode
(https)

/ldap for users (http, no authentication)

The only difference between the two set of files is in
config.php :

$servers[$i]['login_dn'] =
'cn=anonymous,dc=my,dc=intranet';
$servers[$i]['login_pass'] = '';
$servers[$i]['read_only'] = true;

When trying to access data of the person with the jpeg
image, I get the following message :

Congratulations! You found a bug in phpLDAPadmin.

Error: open_basedir restriction in effect. File is in
wrong directory
Level: E_WARNING
File: functions.php
Line: 1194
Caller: edit.php
PLA Version: 0.9.3
PHP Version: 4.1.2
PHP SAPI: apache
Web server: Apache

Please report this bug by clicking below!

This is not urgent nor fatal (except thunderbird adress
book dies on this one) - i'll try to correct it but
first i would let you know.

Great work.

Simon

Discussion

  • Logged In: NO

    The photo is correctly displayed in a java browser

     
  • David Smith
    David Smith
    2004-04-21

    Logged In: YES
    user_id=602471

    Normally I would ask you to test with the most recent
    preview release from 0.9.4, but I don't think it is fixed.
    Are the two installs of phpLDAPadmin running on two
    different web servers, or are they powered by the same exact
    Apache instance? Do you have something in your Apache or PHP
    configuration that restricts or jails PHP pages in the /ldap
    directory? It sure seems this way. What is your config.php
    $jpeg_temp_dir set to? Could you try setting that to a
    sub-directory of /ldap and chown the directory to Apache's
    user/group?

    Try all that and let me know the results. If it all fails,
    try this preview release:

    http://phpldapadmin.sourceforge.net/devel/phpldapadmin-0.9.4-rc5.tar.gz

    Good luck!

    --Dave

     
  • Logged In: NO

    Hello,

    It is the same instance.

    I have installed phpLdapAdmin on a SME 6.0

    The $jpeg_temp_dir is set to /tmp

    This is obviously the problem, I should use the /ldap/files dir

    This "temp" it is for a temporary storage or does it
    designate the final directory on which the file will be kept ?.

    I could not finish the test now, i'll let you know

     
  • David Smith
    David Smith
    2004-04-23

    Logged In: YES
    user_id=602471

    The $jpeg_temp_dir is the actual directory where
    phpLDAPadmin will store the jpeg photos. They only stay
    there for a few minutes. Each time you display a jpegPhoto,
    old photos are removed from the temp dir.

    --Dave

     
  • David Smith
    David Smith
    2004-04-23

    Logged In: YES
    user_id=602471

    I believe that this patch has fixed your problem:

    http://cvs.sourceforge.net/viewcvs.py/phpldapadmin/phpldapadmin/functions.php?r1=1.168&r2=1.169

    Additionally, I applied an even more stringent check then
    before in the most recent CVS (this morning), which may not
    be available for another 5 hours to anonymous users.

    Can you download the latest CVS and try again.

    --Dave

     
  • David Smith
    David Smith
    2004-04-25

    Logged In: YES
    user_id=602471

    Closing per fix checked in 2004-03-23.

    --Dave