The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP 5.2.10 - fopen() fails

Discussion in 'General Discussion' started by handsonhosting, Jul 13, 2009.

Thread Status:
Not open for further replies.
  1. handsonhosting

    handsonhosting Well-Known Member

    Joined:
    Feb 17, 2002
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Omaha, NE
    cPanel Access Level:
    Root Administrator
    Anyone else experiencing issues with fopen() on the 5.2.10 version?

    Two servers running the exact same configuration other than PHP 5.2.9 on one machine and 5.2.10 on the other machine.

    On 5.2.9, fopen works as it should
    On 5.2.10 I get an error - failed to open stream: No such file or directory

    Again, nothing different on the two machines other than the PHP version. Anyone else able to duplicate the event?

    Here's the code:
    Code:
    <?php
    $ret = fopen("http://www.google.com", "r") || die("Couln't open file");
    fclose($ret);
    ?>
    
    Should return a BLANK page if it works, and an error about the stream if it doesn't. Can someone else test on their configurations?
     
    #1 handsonhosting, Jul 13, 2009
    Last edited: Jul 13, 2009
  2. Reptilian97

    Reptilian97 Registered

    Joined:
    Aug 9, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hey Conor,

    Here's a better example to test the issue, even though it really doesn't matter in this situation since both will still give the same error:

    Code:
    <?php
    $ret = fopen(http://www.google.com", "r") || die("Couln't open file");
    fclose($ret);
    ?>
    
    The example you provided would always produce a blank page because $ret[0] doesn't contain any page data, since $ret is just a file pointer and not the contents of the site.
     
  3. SigmaWeb

    SigmaWeb Active Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    28
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Athens - Greece
    cPanel Access Level:
    Root Administrator
    Doesn't seem to have any kind of problem in my 5.2.10, works OK
     
  4. handsonhosting

    handsonhosting Well-Known Member

    Joined:
    Feb 17, 2002
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Omaha, NE
    cPanel Access Level:
    Root Administrator
    hmm.. well that sucks.

    Ok, I'll go through my apache config file and start disabling items and see what happens ;)

    Thanks for checking. If anyone else can check, I'd be appreciative of it also.
     
  5. smithxxl

    smithxxl Registered

    Joined:
    May 25, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I have the same issue. I checked the php config via cPanel too and it's set to allow_url_fopen on. I'm not sure what's causing this, but has broken a couple of my client's scripts. I have a feeling though it's because they added ignore_errors in 5.2.10 and broke something else. http://www.php.net/releases/5_2_10.php
     
    #5 smithxxl, Jul 13, 2009
    Last edited: Jul 13, 2009
  6. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Exactly how is that supposed to help you? :rolleyes:

    Random messing with config files you apparently don't understand in the first place is not going to do anything to help you especially when your Apache configuration has absolutely NOTHING to do with the issue you are asking about!

    The place you want to check is your PHP.INI file which is usually located in /usr/local/lib

    The two things that you want to look at is disable_functions and allow_url_fopen lines in your PHP configuration.

    You should check that fopen does not appear in the list of disabled functions on your server although it does not sound like this is your problem here:
    Code:
    disable_functions = !!!LIST OF FUNCTIONS -- SHOULD NOT HAVE fopen!!!
    
    What does sound more to be your issue is if you have network connections turned off for fopen and similar functions.
    Code:
    allow_url_fopen = On
    
    ** If this says "Off" in your configuration then that is your problem! **

    Another lesser known config setting that I don't believe has bearing on your specific script but could effect others particularily those that try to load code remotely from other servers:
    Code:
    allow_url_include = Off    #I would leave this Off for security unless you really have need
    
    The above is those settings most likely to affect PHP fopen() remote connections but there are other smaller settings that can have an impact as well. You may want to compare your old server PHP configuration and the new configuration
    or even backup the new configuration and copy the PHP.INI in from your old server although be careful with doing that as you may have differences in 3rd party loaded modules and library paths.

    If you need to make any changes to your PHP configurations, you will likely need to go ahead and restart your Apache server
    Code:
    # service httpd restart
    # service httpd status
    
    Aside from your PHP configuration, if you are running any firewall application such as APF or CSF, it is possible that you have disallowed your server to make any outbound TCP network connections to be able to connect to remote web servers. Make sure you have enough ports open on your server to allow for outbound connections and that you are able to make connections outbound to a remote address on port 80, otherwise you won't be able to run any scripts that make external network connections.

    The quickest way to find out if your firewall is effecting your scripts is to simply turn it off for a few minutes and flush your IPTABLES and then see if your scripts start working. If so, it's your security settings that are blocking your scripts and you'll need to update your firewall settings.

    Incidentally, that is a very stupid statement to make! Unless you directly cloned the old machine's hard drive and both machines were using the exact same hardware (and even then would be doubtful), you could not really say there is "nothing different" between the two machines.

    As an expert, you put two supposed identical machines in front of me with the same hardware and the same base image and I can usually find hundred if not thousands of subtle differences in the configurations between both machines that each could have a substantial impact on one script running on one machine but not on the other even though both machines on the casual surface appear to be identical and that is even when using cloned images!

    When you are talking about setting up a new machine from scratch and then duplicating the basic Cpanel settings, you are dealing with an entirely new machine, new hardware, new configuration, new OS components, possibly different libraries, different versions of various prerequisite programs, possibly even different operating systems or kernel versions, and tens of thousands of other differences and one of which could effect any given script from running the same way from the other machine.

    The point is that your machines are NOT identical and to quickly make assumptions just to blindly point your finger at PHP 5.2.10 is a very unwise thing to do almost about as much as randomly playing with your Apache settings hoping that will will fix your issue!

    Speaking of Apache, the newer Apache 2.0 and 2.2 series has built in compression modes that can also effect the output of pages, and depending on the configuration of Apache when built can have different results for different browsers because of HTTP 1.0 and 1.1 compatibility settings, etc.
     
    #6 Spiral, Jul 13, 2009
    Last edited: Jul 13, 2009
  7. smithxxl

    smithxxl Registered

    Joined:
    May 25, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    This is not the situation in my case. All settings in the php.ini are correct. My hypothesis is because in 5.2.10 they added ignore_errors to the http wrapper for fopen, there was always an error in <= 5.2.9, but ignored and now have no way to read the error because it's being suppressed in fopen(). Because they are starting to use more strict standards, my guess is the script is missing something like a proper user_agent or some other headers that needs to be set before calling fopen.
     
  8. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    You'll get no arguments from me about maintaining proper coding methods
    and structure and avoiding laziness that could lead to compatibility issues
    or unexplained errors especially if you write your code to depend on
    non-documented or non-supported expectations.

    That given though the example at the start of this thread is still pretty basic
    and will work properly as expected here irregardless whether it is is deployed
    on a server running PHP 5.2.9, 5.2.10, or even the new 5.3.0 (yes, tested it!)

    If it's not working for you as the original poster described, there is some other
    issue going on other than the PHP version because I have indeed tested the
    example on all three environments in both SuPHP (CGI based PHP) and DSO
    environments and can confirm having a working call out to Google on each.
     
    #8 Spiral, Jul 13, 2009
    Last edited: Jul 13, 2009
  9. handsonhosting

    handsonhosting Well-Known Member

    Joined:
    Feb 17, 2002
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Omaha, NE
    cPanel Access Level:
    Root Administrator
    Thanks Spiral for your answer and contribution on this thread. I errored when I said APACHE and should have said PHP. My mistake. I had ment to say EasyApache.

    There are a total of 4 machines that I'm cross testing on, and they are of the same configuration, same OS build, same hardware and same cpanel builds. While EXACTLY may be the inappropriate word, the configurations, OS builds, Kernel Builds and cPanel builds are the same.

    fopen being set to ON does exist. allow_url_fopen also exists and is set to ON. CSF is enabled on all machines, however during the testing I did disable on the machine to test this too.

    The same EasyApache information is being loaded on the various machines through the use of a yaml file. The only thing different when compiling is the PHP version. When I revert my test machine from PHP 5.2.10 to 5.2.9, it works with no issue.

    The following is the output from the machine:
    [root@sm5567 ~]# php -i | egrep '(disable_functions|allow_url_fopen|allow_url_include)'
    allow_url_fopen => On => On
    allow_url_include => Off => Off
    disable_functions => no value => no value

    I also checked the settings on a PHP 5.2.9 server that WAS executing the above call, and the same existed on that machine. Even with the "allow_url_include = OFF" it was still loading up the outside URL through fopen.

    I also verified that a cusom php.ini was not loaded on the account when I was testing.

    I'll be exporting a full copy of my php.ini and comparing to the php.ini on the 5.2.10 to see if there are any differences.

    Thank you again for the contribution. If you can think of any other ideas, please throw them at me. I appreciate your help on this.
     
  10. handsonhosting

    handsonhosting Well-Known Member

    Joined:
    Feb 17, 2002
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Omaha, NE
    cPanel Access Level:
    Root Administrator
    Ok, so after running comparisons, and testing things here's what I have found;

    On a PHP 5.2.10 system the following are the only things different from when I use PHP 5.2.9:

    EXIF Version = 1.73.2.5.2.28
    php_reflection.c = 1.164.2.33.2.57
    php_zip.c = 1.1.2.50

    If I recompile using easyapache and change the PHP version from 5.2.10 to 5.2.9 the following versions now display:

    EXIF = 1.173.2.5.2.27
    php_reflection.c = 1.164.2.33.2.55
    php_zip.c = 1.1.2.49


    I attempted to recompile without EXIF, but this did not resolve the problem on the 5.2.10 version.

    cPanel also released a NEW branch today - cPanel 11.24.5-C37127, and I've tested with this on the 5.2.10 version and still no joy. :(

    So upgrading from 5.2.9 to 5.2.10 breaks the script, but downgrading again back to 5.2.9 allows it to work. I've also checked the compile command/variables, and they are the same when executing.
     
  11. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Works fine here! Need help?
     
  12. DReade83

    DReade83 Well-Known Member

    Joined:
    Oct 20, 2006
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cheshire, UK
    I'm running Mod Security, so I get an error as expected:

    HTTP 501 - [msg "PHP Injection Attack"] [data "fopen"] [severity "CRITICAL"] [tag "WEB_ATTACK/PHP_INJECTION"] [tag "WEB_ATTACK/HTTP_RESPONSSE_SPLITTING"]

    However fopen'ing internally works absolutely fine, as expected. Must be something wrong with your config.
     
  13. djerik

    djerik Registered

    Joined:
    Jul 14, 2009
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Did anyone find a solution? I have the same problem after my host has upgraded to 5.2.10.
     
  14. smithxxl

    smithxxl Registered

    Joined:
    May 25, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    No. I'm leaning more towards a quirk/bug in php. I've tried several different variations of calling fopen, but still fails. It is not in php's bug tracker. I have gone back to 5.2.9 for now and hope that the 5.3 (the one I've been waiting for anyways) will not have the same issue.
     
  15. handsonhosting

    handsonhosting Well-Known Member

    Joined:
    Feb 17, 2002
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Omaha, NE
    cPanel Access Level:
    Root Administrator
    Hey Spiral,

    Yeah, I think I need help as it's just no jiving how it's supposed to. I'll drop you a PM and see if you can shed any light on it with me. Appreciate everyone's input so far.
     
  16. DReade83

    DReade83 Well-Known Member

    Joined:
    Oct 20, 2006
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cheshire, UK
    Personally I would suggest you raise this as a PHP bug. I have checked and this hasn't been mentioned, but that's not to say it isn't a bug as in your case it appears to be only happening with 5.2.10 and not 5.2.9. Though it's working fine for me, so I don't know - but it wouldn't hurt to raise it with PHP to see what they think...
     
  17. jdlightsey

    jdlightsey Perl Developer III
    Staff Member

    Joined:
    Mar 6, 2007
    Messages:
    126
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Houston Texas
    cPanel Access Level:
    Root Administrator
    If you can't get any traction with isolating and resolving this issue please open a ticket so we can verify none of the cPanel specific patches are at fault before the problem is forwarded upstream to the PHP dev team.

    Please mark the ticket ATTN: JD
     
  18. handsonhosting

    handsonhosting Well-Known Member

    Joined:
    Feb 17, 2002
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Omaha, NE
    cPanel Access Level:
    Root Administrator
    Thank you Spiral for taking a look at it for me and drilling down some causes for the compile.

    I definitely do want to talk to you about some security options here in the near future, so I'll take that to email and go from there.

    Many thanks for taking a look. I'll be checking the force cgi redirect and the others that you mentioned and retest a compile on one of the other test machines and see how things go.

    Again, can't say thank you enough for even taking a look at this for me, it's very much appreciated!
     
  19. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Yes. In the case of the original poster, he just had an issue with compile options and after his PHP was recompiled,
    all is happy now and his fopen() is working as it should again and he is now fully upgraded to 5.2.10!

    If you are having a problem with fopen() where you are at, it is possible that you have the same issue or
    you could have an entirely different issue but in either case, the problem is not PHP 5.2.10 as we have
    solidly confirmed that fopen() does indeed work perfectly on the new PHP version.

    Areas where fopen() might be affected include:

    - Conflicts with Mod_Security rules
    - Issues with firewall application or other security settings
    - Curlwrapper bug from Cpanel and EasyApache
    - Improper compile options when upgrading PHP
    - Wrong directives or options in PHP.INI
    - Missing files, applications, or some system libraries

    I'd be glad to help you try to sort your issue out. It could be as simple as the original post or more complex.

    No problem! Glad to help! I sent you an email this morning with details how you can upgrade your other servers.

    If you have any question about the details, feel uncomfortable with any part of doing the upgrade yourself, or
    just need any general help, you know how to reach me. If I'm not available when you need me, you can also
    contact my support team anytime and they would be glad to help you as well.

    EDIT: I don't remember if I posted this here or not yet - http://support.myserverexpert.com
    (post a support ticket and we'll try to help you out with this issue -- IE: fopen() not working)


    Don't make me spit my coffee all over the screen laughing so hard! :D

    For starters, nothing said anywhere has been directed at you specifically so chill out and relax. Actually, the comments my assistant told you were directed specifically towards and regarding some of the side comments made between handsonhosting and smithxxl and have absolutely nothing to do with you whatsoever although it would seem you've taken it all totally out of context as some sort of personal attack on you! LOL

    Secondly, I didn't send any private messages to anyone. I have not even read any private messages either! After fixing the issue for handsonhosting, I asked my assistant last night to contact everyone else involved with this thread directly and out of courtesy and let all of you know two things:

    1. That the issue had been identified and resolved for the main poster.

    2. That the issue has NOTHING to do with PHP being version 5.2.10 and if anyone needs help,
    that we'd be able to give anyone else a hand that is dealing with this same issue.

    The main problem in the original poster's case specifically is that SuPHP really needs "--force-cgi-redirect" and if you forget that when you upgrade then that can cause you problems with among a number of other things fopen(). Incidentally, we couldn't replicate the fopen() issue on any server running PHP 5.2.10 or any other version for that matter other than what has been previously discussed but then after seeing handsonhosting's server and fixing that for him, we ran some more tests removing the "--force-cgi-redirect" from existing servers on 5.2.8, 5.2.9, and 5.2.10 and then were finally able to duplicate this user's fopen() issue on all the versions which also further says this isn't a 5.2.10 issue but rather an issue of wrong settings simply employed when upgrading and could happen on any version of PHP.

    Anyone else having problems with fopen() may be this same issue or a totally different issue entirely. However, what we do know is that fopen() works perfectly fine with PHP 5.2.10 so if you are having an issue, you have something going on other than the PHP version and we'd be glad to help you investigate your issue if you are having problems with fopen().
     
    #19 Spiral, Jul 15, 2009
    Last edited: Jul 15, 2009
  20. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Ok, I'll give you that one and suggest they get their own account!

    (However, they are not on here much and was just helping me out last night)

    Anyway back to the real issue at hand though, the fopen() issue has been
    solved and if anyone needs any help fixing it on other servers, we are
    available to help with that issue at our technical support and are not
    billing any tickets from anyone asking for help with this specific item.
     
    #20 Spiral, Jul 15, 2009
    Last edited: Jul 15, 2009
Loading...
Thread Status:
Not open for further replies.

Share This Page