[BlueOnyx:04184] Re: php-based Authorize.net script

Herb Rubin herbr at pfinders.com
Tue Apr 6 16:18:53 -05 2010 

Using www.google.com is fine. It's a URL that will not be down.

But on your system, it seems like you can't open a file to any
directory you want to.

Change this line:

$fp = fopen("/tmp/google.txt", "w");

Also, as a side note. I prefer to keep my PHP sessions directory within
each virtual site. So, I'm not sure if this directory restriction is a good idea.

Safe Mode is deprecated in PHP 5.3.0 and is removed in PHP 6.0.0. Its not PHP's
job to solve shared-server security problem.

Look in /etc/php.ini for "safe_mode" and turn it off.

Herb


----- Original Message -----
From: "Adam Lepp" <a at netqb.com>
To: "BlueOnyx General Mailing List" <blueonyx at blueonyx.it>
Sent: Tuesday, April 6, 2010 10:11:16 AM GMT -08:00 US/Canada Pacific
Subject: [BlueOnyx:04183] Re: php-based Authorize.net script

I presume I should substitute the actual URL for www.google.com, and an
actual file from the site for google.txt.

I got this result from the command line:
----------------------------------------------
PHP Warning:  fopen(): open_basedir restriction in effect. File(XXXX) is not
within the allowed path(s): (/tmp/:/var/lib/php/session/) in
/home/.sites/YYY/siteZZZ/web/curltest.php on line 3
PHP Warning:  fopen(XXXX): failed to open stream: Operation not permitted in
/home/.sites/XXX/siteYYY/web/curltest.php on line 3
PHP Warning:  curl_setopt(): supplied argument is not a valid File-Handle
resource in /home/.sites/XXX/siteYYY/web/curltest.php on line 4
PHP Warning:  fclose(): supplied argument is not a valid stream resource in
/home/.sites/XXX/siteYYY/web/curltest.php on line 8
-----------------------------------------------
Note that I added "/usr/bin" to "Open basedir:" per Michael's suggestion.
I didn't restart httpd or the server.

Your help is greatly appreciated...Any more ideas?

----------------------------------------------------------------------------
---------------

-----Original Message-----
From: blueonyx-bounces at blueonyx.it [mailto:blueonyx-bounces at blueonyx.it] On
Behalf Of Herb Rubin
Sent: Tuesday, April 06, 2010 11:34 AM
To: BlueOnyx General Mailing List
Subject: [BlueOnyx:04182] Re: php-based Authorize.net script

Try writing a simple curl PHP script and see if it works. That could show
if curl is the issue or not.

<?php
$ch = curl_init("http://www.google.com/");
$fp = fopen("google.txt", "w");
curl_setopt($ch, CURLOPT_FILE, $fp);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
curl_close($ch);
fclose($fp);
?>

Herb

----- Original Message -----
From: "Adam Lepp" <a at netqb.com>
To: "BlueOnyx General Mailing List" <blueonyx at blueonyx.it>
Sent: Monday, April 5, 2010 6:39:26 PM GMT -08:00 US/Canada Pacific
Subject: [BlueOnyx:04178] Re: php-based Authorize.net script

Thanks Michael,
Unfortunately this didn't work.  Restarted httpd also.
Any other ideas?


-----Original Message-----
From: blueonyx-bounces at blueonyx.it [mailto:blueonyx-bounces at blueonyx.it] On
Behalf Of Michael Stauber
Sent: Monday, April 05, 2010 8:47 PM
To: BlueOnyx General Mailing List
Subject: [BlueOnyx:04177] Re: php-based Authorize.net script

Hi Adam,

> I have the php-based Authorize.net credit card processing script (the AIM
> version from authnetscripts.com) on a website.
> It worked great for several years on my (previous) BQ server.
> With my recent upgrade to BX, it now produces the error:
> 
> "We're Sorry your credit card was declined for the following reason: 
> Credit card number is required. 
> Please click here to submit your transaction again."
> 
> This is despite the fact that all fields are filled out with valid
> information.
> I've suspected a cURL or OpenSSL error, but those modules are installed.

This is probably related to the PHP Security settings of that site. 

You may have to turn off "Safe Mode" and/or may have to add ":/usr/bin/" to 
the "Open Basedir" path of that site in order for it to use the command line

version of Curl from within PHP.

-- 
With best regards

Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx at blueonyx.it
http://www.blueonyx.it/mailman/listinfo/blueonyx

_______________________________________________
Blueonyx mailing list
Blueonyx at blueonyx.it
http://www.blueonyx.it/mailman/listinfo/blueonyx

-- 
Herb Rubin
Pathfinders Software
http://www.pfinders.com
_______________________________________________
Blueonyx mailing list
Blueonyx at blueonyx.it
http://www.blueonyx.it/mailman/listinfo/blueonyx

_______________________________________________
Blueonyx mailing list
Blueonyx at blueonyx.it
http://www.blueonyx.it/mailman/listinfo/blueonyx

-- 
Herb Rubin
Pathfinders Software
http://www.pfinders.com

More information about the Blueonyx mailing list