magic quotes enabled?
freepbx 2.5 just got this message after an upgrade. how can i take care of this:
You have magic_quotes_gpc enabled in your php.ini, http or .htaccess file which will cause errors in some modules. FreePBX expects this to be off and runs under that assumption
__________________
News Announcements
New Forum Topics
- Reports Abbreviations
- Bulk DID Import Failing...
- NEW Project
- Amazon EC2 - Asterisk 1.8.12 - FreePBX 2.9 - Inbound YES - Outbound NO - PLS HELP
- TFTP Boot Files in asterisk
- Grandstream
- Inbound Call Screening with No memory
- Incoming calls dropped
- Blackberry recieves mixed pager formats
- Needing a few missing phones.
- FYI: Aastra phones, VLAN not working
- incoming-inbound-call-to-home-server-with-dynamic-ip-behind-NAT-with-SPA1001
turn it off in your php.ini
turn it off in your php.ini file, or in your .htaccess or httpd.conf file
Philippe Lindheimer - FreePBX Project Leader
FreePBX Training Opportunities - Click Here
Get Official Paid Support - Click Here
I don't see an option for
I don't see an option for that. How can I do that?
And howd it turn on by itself without me touching anything?
it's always been on, we just
it's always been on, we just started checking and reporting on the issue in 2.5. You need to edit /etc/php.ini and if it is not in there, then put it in there and set it off. Unfortunately, the php default is to actually be on which is not a good thing.
Philippe Lindheimer - FreePBX Project Leader
FreePBX Training Opportunities - Click Here
Get Official Paid Support - Click Here
Oh I see. What line do I
Oh I see.
What line do I need to look for and add if it's not in that file?
Thanks
php.ini
My php.ini has the following:
; Magic quotes
;
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off
; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off
; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off
Bill/W5WAF
IT Specialist
City of Vicksburg, MS
Well this is really messed
Well this is really messed up, because I have that same exact thing too:
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off
; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off
; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off
If all 3 of these are off, why is it telling me it's on?
service httpd restart
service httpd restart
Philippe Lindheimer - FreePBX Project Leader
FreePBX Training Opportunities - Click Here
Get Official Paid Support - Click Here
Did that already I even
Did that already
I even restarted the machine and still no luck
bump
bump
bump
bump
Have you checked all the files mentioned in the error message?
My server has multiple copies of php.ini, perhaps your server does, too. Make sure you change the file that is actually being used by apache2. Also, have you checked the http.conf and .htaccess files on your system? A local file could override the global settings in php.ini.
I searched the entire
I searched the entire system. The .htaccess files just say "Deny from All" and the http and httpd.conf files are just telling me that magic gpc is OFF and I still have the message on freepbx. Note that it says Added 0 minutes ago. Is this a bug or is the message supposed to go away?
Thanks
It goes away when the
It goes away when the problem is fixed. Check to be sure that you do not have a typo in the lines or extra space at the beginning or end....
I have checked this over and
I have checked this over and over and still have the message coming up. It also came up on one of my client's systems. I just took over his system remotely and as soon as I got on to Free PBX I got the magic quotes message. Is there anything else I can do here? This is getting me very concerned.
Is there any shortcut, such as to search for "magic quotes gpc= on" within the entire system?
Thanks
well it's a bit extreme,
well it's a bit extreme, but: "grep --recursive magic_quotes_gpc /"
Philippe Lindheimer - FreePBX Project Leader
FreePBX Training Opportunities - Click Here
Get Official Paid Support - Click Here
Not getting anything Which
Not getting anything
Which common applications or freepbx features will not work for me if I just ignore this magic quotes message, even though i have it turned off and this box had been running for 2 years without that message?
it's worth knowing why you
it's worth knowing why you can't turn it off, or in other words, what is setting it when you think you have unset it because it could lead to issues down the road. The simple answer is that FreePBX expects it to be off, and does all it's own 'escaping' of various fields when they are needed. If php turns around and tries to be 'smart' (which is what magic quotes does) then you can end up with strange data being inserted in database fields sometimes.
You can read the docs as to what it does, but the bottom line, it is a settable parameter in php and unfortunately happens to be the default value which means, not being able to find it doesn't mean it isn't there. You really do want to know which php config file is being used by your system...
Philippe Lindheimer - FreePBX Project Leader
FreePBX Training Opportunities - Click Here
Get Official Paid Support - Click Here
Ok it actually just happened
Ok it actually just happened to me right this second on another box!
I had the "memory limit changed" message, so I went into both php.ini files and changed the memory limit from 64M to 100M and the second I restarted httpd I got this magic quotes message even though quotes are turned off.
I changed the memory limit back to 64M and I still have the magic quotes message on.
Can you duplicate this issue? Or any solution to this?
Thanks
In FreePBX Tools tab, there
In FreePBX Tools tab, there is a menu, PHP Info (if installed). Click on that and search for magic in your browser to see if it is Off or not.
If you don't have that menu you can create an info.php file with the following:
<?php phpinfo(); ?>Place that file in /var/www/html and run it from your browser.
When I run it I have this entries for magic:
If your's are Off then we have to look elsewhere, but to be sure that your php is correct we need this info.
Mikael Carlsson
(I am off-line, tinkering with my Chevy and my radios, don't know when I will be back)
Under Configure command, one
Under Configure command, one of the stuff I have: -enable-magic-quotes
But under Configuration> PHP Core I have:
magic_quotes_gpc Off Off
magic_quotes_runtime Off Off
magic_quotes_sybase Off Off
Very strange issue here. What's the next step?
Thanks a lot
Where do you get this
Where do you get this message? Is it in FreePBX Notices?
Mikael Carlsson
(I am off-line, tinkering with my Chevy and my radios, don't know when I will be back)
OK, do this: Start mysql
OK, do this:
Start mysql with (if you run it with the standard user and password, if not, then change to your user/password):
Then do:
Output should be something like:
Now do this:
Refresh your FreePBX to see if the message is gone. If it is then do:
Check if the message is back. If it is, well, then we will check next thing.
Mikael Carlsson
(I am off-line, tinkering with my Chevy and my radios, don't know when I will be back)
The message didnt appear
The message didnt appear from system status. And the SQL output came right back up after an httpd restart:
Create a file in
Create a file in /var/www/html called testm.php with this in it:
<?php print("Magic Quotes = ". get_magic_quotes_gpc()); ?>Run it:
Report back the number that you get. Then do this:
And report back the output
Mikael Carlsson
(I am off-line, tinkering with my Chevy and my radios, don't know when I will be back)
Here it is for one of the
Here it is for one of the boxes with the message. The other ones might have a later version:
You do have Magic Quotes set
You do have Magic Quotes set to On as the output is '1'. And the code in FreePBX use the function get_magic_quotes_gpc(). So the error is in your setup, not in FreePBX.
And, you have an error on your php.ini file at line 233, please check that. What do you have on line 233?
Mikael Carlsson
(I am off-line, tinkering with my Chevy and my radios, don't know when I will be back)
In both my php.ini
In both my php.ini files:
Well, you maybe don't see
Well, you maybe don't see it, but I do:
max_input_time = 60 ; Maximum amount of time each script may spend parsing $
Note the tiny $ at the end after the word parsing?
Get rid of that and redo your test.
Mikael Carlsson
(I am off-line, tinkering with my Chevy and my radios, don't know when I will be back)
I cant get rid of the tiny
I cant get rid of the tiny $
How can I erase that? I erased the whole line and the $ is still there
(I didn't save the file so I lost nothing)
Thanks a lot
What editor do you
What editor do you use?
First do a backup of the file (cp php.ini php.ini.org), then open php.ini with your editor, go to line 233 and press the key "end" to see how long the row is.
Mikael Carlsson
(I am off-line, tinkering with my Chevy and my radios, don't know when I will be back)
I use nano. I saw how long
I use nano.
I saw how long the row was from beforehand. When I use WinSCP to open the file, I dont see the $ there at all.
If you want me to use vi, please give me exact instructions including how to get out of it because vi is way beyond my expertise
Thanks for all your time
On your Linux, try to run
On your Linux, try to run the command 'mc', it should start Midnight Commander. If it does not, install it with 'yum install mc' (if you are using Centos).
Find your php.ini and press F4, this opens up an editor that you can use to go to line 233 and look for strange characters. Edit your file, press F2 to save then F10 to exit. '/etc/init.d/httpd restart' then do the php --version and php testm.php to see it you have fixed the issue.
Mikael Carlsson
(I am off-line, tinkering with my Chevy and my radios, don't know when I will be back)
There's no $ sign when using
There's no $ sign when using mc
Then you must have an other
Then you must have an other error in your php.ini, look carefully for any missing';' or other errors.
Try to just save the file from within mc to see if that solves the issue. Not until the error in your php.ini goes away you will have a functional installation.
Test with the testm.php until you get your Magic Quotes = 0, when you get a 0 your magic quotes will work with FreePBX as the function get_magic_quotes_gpc() is what is used in FreePBX.
Mikael Carlsson
(I am off-line, tinkering with my Chevy and my radios, don't know when I will be back)
On the other php file,
On the other php file, /etc/php.ini, this is on line 233: (8MB)
I commented it out and the magic quotes message went away!
Will commenting out that line affect anything?
Here is what it says above this line:
I did not touch the php.ini file ever in my life for this to happen, because I can see that on a working php file, the (8MB) is on the same line as a commented out sentence. If this isn't supposed to happen, and commenting out that line wont affect anything, then this can be a FreePBX bug since this happened both on a trixbox and elastix system. I realized it happen on the 2nd trixbox system once I changed the memory_limit from 64M to 100M when I was prompted to.
Thanks a lot
Thanks a lot
It's not a FreePBX bug, the
It's not a FreePBX bug, the get_magic_quotes_gpc() function report whether magic quotes is enabled in php or not, and it reports on it. That's it.
Philippe Lindheimer - FreePBX Project Leader
FreePBX Training Opportunities - Click Here
Get Official Paid Support - Click Here
Philippe, if that is so, how
Philippe, if that is so, how did the "(8MB)" word get added to its own line just out of nowwhere? I am looking at other trixbox and Elastix installs of mine, and they are connected with the previous line. Note that these were all versions that were upgraded from 2.4 or younger to 2.5 and this is when the problem started to happen. Are you able to duplicate this?
Remember, the "8MB" line just decided to use up its own line and that's probably what caused magic quotes to enable itself. How did that happen without me touching php.ini unless it was to change the memory limit from 64 to 100M?
FreePBX NEVER touches the
FreePBX NEVER touches the php.ini!
The only explanation of this error is your skill in editing the php.ini. You said that you used WinSCP, you did not by any chance copied the file from your Linux to Windows, edited the file and copied it back with the use of WinSCP?
Mikael Carlsson
(I am off-line, tinkering with my Chevy and my radios, don't know when I will be back)
ja133, as already mentioned,
ja133,
as already mentioned, we don't touch that file, ever. The issue may have been there and probably was for a long time. We only started making this check in 2.5 which is why you were never notified prior to 2.5.
Philippe Lindheimer - FreePBX Project Leader
FreePBX Training Opportunities - Click Here
Get Official Paid Support - Click Here
I understand. By the way, I
I understand.
By the way, I always edit my stuff with nano. Just this one time to get rid of the $ I thought I can use winscp since I couldn't get rid of it in nano.
Anyways, thank you SO much for your help and effort in trying to get rid of this message. I now know what to do in the future.
Joe - WinSCP encodes is a
Joe - WinSCP encodes is a local editor on the windows box. Win based editors use different encoding. This is where the problem got introduced.
Bottom line don't use WinSCP to edit Linux files. There are specialized editors for windows such as multiedit that can handle this task.
Scott
This was my first time using
This was my first time using winscp to peek at a file and attempt to edit it. Originally I used nano, and with nano there was a $ sign in between two letters. I tried to remove it at first with nano with no success, so I opened up the file now with winscp to look at it, and there was no $ at all.
This was the only time I ever used winscp to edit a linux file.
The $ in nano usuallly means more characters are on that line
When you edit a file in nano it will display a $ character on the right margin for every line that is wider than your current terminal display. That means you can scroll to the right to see the rest of the characters when the cursor is on the that line. When you do scroll past the current screen width the $ character is displayed on the left margin, indicating that the beginning of the line is off the screen. If the $ character you see moves around like that, you will not be able to edit it because it is not part of the file.
Reading the help info may benefit you. The online help system in nano is available by pressing ^G. It is fairly self explanatory, documenting the various parts of the editor and available keystrokes. Navigation is via the ^Y (Page Up) and ^V (Page Down) keys. ^X exits the help system.
More in-depth help for nano is available here:
http://www.nano-editor.org/dist/v2.1/nano.html
tricky trixbox
I just turned up this thread with a google search because I was getting the same warning on trixbox. It turns out in my case the cause was the same--word wrap spilled a comment onto a new uncommented line.
The interesting thing in my case is that I only use nano to edit my trixbox text files, so I'm pretty sure there must be something automated in the system that caused the end of the comment to break onto the next line.
I only mention it here because I'm pretty sure I didn't do anything to directly to cause this error, so chances are that somebody else is going to do the same thing and come looking for an answer.
db
nano is the cause
Just like clarknova i found this thread with google. I didnt get a warning on my trixbox tho but i noticed my CID lookup source query wouldnt go in like it should.
Its a simple "select name from contacts where number like '%[NUMBER]%'.
The lookup didnt seem to wwork and after a while i noticed the damn quotes were escaped...
I ended up manually editing the database to make it work.
Later i added some custom stuff and again i had the same problem so i started googling and ended up here.
When you install trixbox, you might get an error when trying to start the packages module, i had the same problem.
The fix seemed to be to edit your php.ini file to increase the settings: memory_limit and max_execution_time.
If you use nano and the width of your editor is not wide enough, editing a line will cause the last word or words to wordwrap so you get:
max_execution_time = 300 ; Maximum execution time of each script, in
seconds
If you dont put the word "seconds" back on the other line, or leave it uncommented your php.ini file wont process properly.
magic_quotes_gpc = Off sits later in the php.ini file so it never gets turned off.
In my case i had to fix the lines at max_execution_time to fix the quotes from being escaped.
wimdev thanks - nano is culpret
In my case, it was the line in /etc/php.ini
memory_limit = 256M : Maximum amount... consume
(8MB)
- with (8MB) on the next line...
Nice catch wimdev - thanks