Ticket #1442 (closed Bugs: fixed)

Opened 6 years ago

Last modified 6 years ago

PHP Info and Asterisk Logs broken

Reported by: warlock52 Assigned to: gregmac
Priority: minor Milestone: 2.3
Component: Other Module Version: 2.3-branch
Keywords: PHPInfo, Logfiles Cc:
Confirmation: Distro:
Backend Engine: All Distro Ver:
Backend Ver: SVN Revision (if applicable):

Description

When accessing both "Asterisk Logs" and "PHP Info" from the Tools menus, both come back with a "Forbidden" message:

Forbidden

You don't have permission to access /admin/modules/logfiles/asterisk-full-log.php on this server.

Forbidden

You don't have permission to access /admin/modules/phpinfo/phpinfo.inc.php on this server.

Change History

11/26/06 19:18:38 changed by p_lindheimer

  • status changed from new to closed.
  • resolution set to worksforme.

check you permissions or if you can specify more details of how it got that way and the feel free to reopen and provide that. I tested it on a trixbox system I loaded up and upgraded to 2.2 and it worked fine there.

11/26/06 19:24:38 changed by RobThomas

Actually, I think that's valid. As we're using .htaccess to restrict .php file execution, we now need to use quietmode and an include() call, rather than just linking to the php file. I haven't looked at it yet, though, so I could be wrong. Submitter: remove the file /var/www/html/admin/modules/.htaccess and see if that fixes it. (If it does, re-open this bug, as we need to fix the way the modules are written)

--Rob

12/01/06 01:30:13 changed by warlock52

  • status changed from closed to reopened.
  • resolution deleted.

That absolutely does solve it! I renamed .htaccess and I can now access

12/01/06 10:51:51 changed by warlock52

The effect is the same in a second installation that I have now with RC1. Access to the PHP is not allowed. ¿What permissions need to be changed to work with .htaccess? --war

12/01/06 13:51:04 changed by gregmac

  • owner set to gregmac.
  • status changed from reopened to new.

The .htaccess is there specifically to prevent direct access to these files.

I think the real solution is #1482 (moved to a separate ticket so we can deal with this quickly for 2.2..)

The short answer is probably to just modify the .htaccess for 2.2 so it allows access to the files in question .. it's a hack, but I think the solution above is too much to add this late in the release cycle for 2.2.0.

12/18/06 22:48:06 changed by RobThomas

  • version changed from 2.2beta3 to SVN-HEAD.
  • milestone set to 2.3.

Quick hack done and checked in as r3353. Moving to 2.3 as a required bugfix.

01/08/07 14:46:49 changed by

  • milestone deleted.

Milestone 2.3 deleted

01/08/07 14:53:29 changed by vgster

  • milestone set to 2.3.

06/25/07 08:06:13 changed by p_lindheimer

  • version changed from SVN-HEAD to 2.3-branch.
  • engine_version changed.
  • svn_rev changed.

07/26/07 14:35:57 changed by p_lindheimer

  • status changed from new to closed.
  • resolution set to fixed.

r4549, r4550, r4551