The Joomla! Forum ™

Download

Demo


Board index » Joomla! Older Version Support » Joomla! 1.5 » General Questions/New to Joomla! 1.5

Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting.
Forum Post Assistant - If you are serious about wanting help, you should use this tool to help you post.



Post new topic Reply to topic  Page 2 of 2
  [ 48 posts ]  Go to page Previous  1, 2
  Print view Previous topic | Next topic 
Author Message
HarryHekker
PostPosted: Tue Mar 04, 2008 3:40 pm 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
I talked with my ISP and mailed them your scripts. They will also look into this and I'll post their suggestions here.

thx so far

ps. I have the feeling (but correct me if I'm wrong) that this is an issue to do with the combination 1.5.1 and Apache and php 5.2.5

_________________
Harry the wouldbe hekker
Top
 Profile  
 
igrimpe
PostPosted: Tue Mar 04, 2008 3:53 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Wed Feb 20, 2008 8:59 am
Posts: 234
Quote:
I have the feeling (but correct me if I'm wrong) that this is an issue to do with the combination 1.5.1 and Apache and php 5.2.5

No (I'm running the same btw)
With 98% propability it's mod_security + flash upload. Because that's what the error message tells you.
Top
 Profile  
 
HarryHekker
PostPosted: Tue Mar 04, 2008 4:07 pm 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
The idea of my site is that visitors are able to upload pictures and maybe movies etc. when I send them login info.

Is there an alternative to this flash upload?

_________________
Harry the wouldbe hekker
Top
 Profile  
 
igrimpe
PostPosted: Tue Mar 04, 2008 4:19 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Wed Feb 20, 2008 8:59 am
Posts: 234
Except if you trust all your users totally, you need an alternative anyway ...

Have you checked DocMan? Dunno if it also uses flash-upload though.
Top
 Profile  
 
HarryHekker
PostPosted: Tue Mar 04, 2008 4:29 pm 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
I don't trust them at all but figure that if they don't behave I can limit their access or throw them out.
The possibilty that users can do all sorts of things was the reason to choose J 1.5.1 in the first place...

_________________
Harry the wouldbe hekker
Top
 Profile  
 
HarryHekker
PostPosted: Wed Mar 05, 2008 6:40 am 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
Quote:
I, for one, hope the developers continue to get the functions working first, and do the documentation and
manuals later. We need a working media manager and a good working WYSIWYG Editor before
we have a manual. By the way, Joomla 1.5 Stable was just released January 2008.


I copied this out of the thread 'is there a future for 1.5'.
This was posted by a senior member and suggests that media manager does not work and certain people are aware of this.
It would have saved me a lot of time if there was a known issues section somewhere.

This is a shame, I would have loved to use 1.5

_________________
Harry the wouldbe hekker
Top
 Profile  
 
igrimpe
PostPosted: Wed Mar 05, 2008 7:44 am 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Wed Feb 20, 2008 8:59 am
Posts: 234
The problem is quite simple:
Media Manager not working is NOT a general problem, but depends on setup (in this case server- AND clientside). Believe me as programmer/developer that writing apps that are performant, easy to use AND never fail is impossible. This is a triangle and your app is a single point in that triangle. The closer you get to one or two points, the more you move away from the other(s). I have one app for example that has a MUST NOT FAIL requirement. 80% of the code is error checking, logging and correcting. This app is NOT performant (and since it's highly configurable it's also not easy to use).
At the current stage I would only "accuse" the developers of not having implemented a "fallback" in MM. I.e. having a config option "old style uploads" (using simple html <input type="file" ).

A "known issues" section would be nice (because searching the forum is not so helpfull in all cases), but then we have the problem again, that there are so many possible problems that such section would be hard to read for non-experts, otherwise there wouldn't be so much "file permission" questions in the forum.
Top
 Profile  
 
HarryHekker
PostPosted: Wed Mar 05, 2008 8:46 am 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
Thx for your reply.

I've done some searching&surfin' about this flash upload. From what I've read it looks like it's a perfectly safe way of letting people upload and setting rescrictions like file format and size. So if I would manage to get past my ISP security settings I would be fine...?

_________________
Harry the wouldbe hekker
Top
 Profile  
 
igrimpe
PostPosted: Wed Mar 05, 2008 9:00 am 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Wed Feb 20, 2008 8:59 am
Posts: 234
Quote:
So if I would manage to get past my ISP security settings I would be fine...?

... NO ;)

You can make flash-upload work reliable with YOUR server config. Also with YOUR client config. You simply can not make it reliable working with ANY client config. What if the user has JS disabled? Outdated flashplayer/browser? shi**y personal firewall? and and and?

You can get somewhere in the 90-95% area (maybe 98% is possible too), but you will hardly get any closer to 100%. There are simply to much variables in game, if you client-side stuff is involved. Though IMHO 90-95% usually is perfectly ok.
Top
 Profile  
 
HarryHekker
PostPosted: Wed Mar 05, 2008 7:09 pm 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
Earlier I promissed to inform you of my ISP reaction:

They looked in to this thoroughly.
They agree it has to do with mod_security + flash upload.
According to them the way it's configured in 1.5.1 is unsafe.

(period)

_________________
Harry the wouldbe hekker
Top
 Profile  
 
igrimpe
PostPosted: Fri Mar 07, 2008 7:43 am 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Wed Feb 20, 2008 8:59 am
Posts: 234
Quote:
According to them the way it's configured in 1.5.1 is unsafe

"the way it's configured" ... sounds a bit like a lame excuse. Maybe flash uploading is potentially unsafe - I'm not so deep in security to judge this. OTOH there are a lot of things that are potentially unsafe. A Webserver is potentially unsafe - maybe they disable Apache?

They don't want you to use flash upload. Period.
AFAIK there's no fallback in Media Manager, so obviously you can't use it. Check for an extension that uploads without flash, upload with external app, change hosting, change CMS. These are the options you have, I guess.
Top
 Profile  
 
HarryHekker
PostPosted: Fri Mar 07, 2008 8:28 am 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
Hi, thxs for your reply.

Quote:
They don't want you to use flash upload. Period.

They said it was configured dangerously and even tried to expain what was wrong.
Since I'm only a 'wouldbe hacker' I understand only certain parts of what I'm being told...
It was something to do with session id's I think.

I opened a new tread in secrurity for that purpose...'Configure flash upload?'

Quote:
AFAIK there's no fallback in Media Manager, so obviously you can't use it. Check for an extension that uploads without flash, upload with external app, change hosting, change CMS. These are the options you have, I guess.

Sure I'm not completely out of options. And I don't give up after the first setback.
But there are some things in 1.5 I really like and I still hope to get it going.

(What gives me some hope too is the senior joomler guy stating that 'we need a good working media manager'.
He wouldn't say that if things were perfectly allright.)

_________________
Harry the wouldbe hekker
Top
 Profile  
 
igrimpe
PostPosted: Fri Mar 07, 2008 10:13 am 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Wed Feb 20, 2008 8:59 am
Posts: 234
In htaccess you can try this, or maybe ask your hosting company if this would be ok. This one does not disable security settings, but simply tries to overcome the "bug" in the flashplayer.
( http://uber-uploader.sourceforge.net/?section=flength )

<IfModule mod_security.c>
SetEnvIfNoCase Content-Type \
"^multipart/form-data;" "MODSEC_NOPOSTBUFFERING=Do not buffer file uploads"
</IfModule>

<IfModule mod_gzip.c>
mod_gzip_on No
</IfModule>
Top
 Profile  
 
HarryHekker
PostPosted: Fri Mar 07, 2008 10:35 am 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
Just tried the script:
results in:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator to inform of the time the error occurred and of anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

I just installed this forum post assistant.
Maybe you can get some usefull info out of this.

Harry

Problem Description:
Unable to upload files in Media manager



Diagnostic Information
Joomla! Version: Joomla! 1.5.1 Production/Stable [ Seenu ] 8-February-2008 22:00 GMT
configuration.php: Writable (Mode: 770 ) | RG_EMULATION: N/A
Architecture/Platform: FreeBSD 6.2-RELEASE-p8 ( i386) | Web Server: Apache/2.0.61 (FreeBSD) mod_ssl/2.0.61 OpenSSL/0.9.8g mod_python/3.3.1 Python/2.5.1 mod_perl/2.0.3 Perl/v5.8.8 | PHP Version: 5.2.5
PHP Requirements: register_globals: Disabled | magic_quotes_gpc: Disabled | safe_mode: Disabled | MySQL Support: Yes | XML Support: Yes | zlib Support: Yes
mbstring Support (1.5): Yes | iconv Support (1.5): Yes | save.session_path: Writable | Max.Execution Time: 30 seconds | File Uploads: Enabled
MySQL Version: 5.0.51 ( Localhost via UNIX socket )

_________________
Harry the wouldbe hekker
Top
 Profile  
 
HarryHekker
PostPosted: Fri Mar 07, 2008 12:44 pm 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
And here the xtended info:

Problem Description:
Can not upload files through Media manager



Diagnostic Information
Joomla! Version: Joomla! 1.5.1 Production/Stable [ Seenu ] 8-February-2008 22:00 GMT
configuration.php: Writable (Mode: 770 ) | RG_EMULATION: N/A
Architecture/Platform: FreeBSD 6.2-RELEASE-p8 ( i386) | Web Server: Apache/2.0.61 (FreeBSD) mod_ssl/2.0.61 OpenSSL/0.9.8g mod_python/3.3.1 Python/2.5.1 mod_perl/2.0.3 Perl/v5.8.8 | PHP Version: 5.2.5
PHP Requirements: register_globals: Disabled | magic_quotes_gpc: Disabled | safe_mode: Disabled | MySQL Support: Yes | XML Support: Yes | zlib Support: Yes
mbstring Support (1.5): Yes | iconv Support (1.5): Yes | save.session_path: Writable | Max.Execution Time: 30 seconds | File Uploads: Enabled
MySQL Version: 5.0.51 ( Localhost via UNIX socket )

Extended Information:
SEF: Disabled (without ReWrite) | FTP Layer: Enabled | htaccess: Implemented
PHP/suExec: User and Web Server accounts are not the same. (PHP/suExec probably not installed)
PHP Environment: API: apache2handler | MySQLi: No | Max. Memory: 128M | Max. Upload Size: 4M | Max. Post Size: 8M | Max. Input Time: 60 | Zend Version: 2.2.0
Disabled Functions: system, exec, passthru
MySQL Client: 5.0.51 ( latin1 )

_________________
Harry the wouldbe hekker
Top
 Profile  
 
HarryHekker
PostPosted: Mon Mar 10, 2008 7:07 pm 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
Today I reinstalled everything. For because of trying just about everything my installation had become corrupted and I couldn't load extentions and got real exotic error messages.

And I loaded the DOCman component as suggested by igrimpe earlier. Now, running in legacy-mode I can, YES, I CAN FINALLY, upload files from within J!

8)

Harry

ps. Thx igrimpe

ps. Media manager is still no use but will hopefully be configured otherwise in later versions...

_________________
Harry the wouldbe hekker
Top
 Profile  
 
dreamhealer
PostPosted: Mon Mar 24, 2008 7:42 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Mar 20, 2008 4:06 pm
Posts: 8
I am new to this: What is wrong with leaving the access setting to 777 rather than 755 ?
Top
 Profile  
 
HarryHekker
PostPosted: Tue Mar 25, 2008 11:12 am 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Feb 21, 2008 3:45 pm
Posts: 39
Yes! My troubles are over. The ability to switch off flash upload (1.5.2 in Global Configuration Media Settings Enable Flash Uploader) was just what I was looking for. And so soon! Thx a lot! :)

Harry

_________________
Harry the wouldbe hekker
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 2 of 2
  [ 48 posts ]  Go to page Previous  1, 2


Board index » Joomla! Older Version Support » Joomla! 1.5 » General Questions/New to Joomla! 1.5

Who is online

Users browsing this forum: No registered users and 36 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group