basedir restriction in effect"

2018-06-24 17:30:31

I've uploaded my script for facebook login, based on facebook php api 4.0,on a web hosting which supports php 5.4, but I'm getting

Warning: is_readable(): open_basedir restriction in effect. File(/dev/urandom) is not within the allowed path(s): (/home/myuserid:/usr/lib/php:/tmp) in /home/myuserid/public_html/Facebook/FacebookRedirectLoginHelper.php on line 244

Here are line 244 of the file and some of the following

if (is_readable('/dev/urandom')) {
  $fp = fopen('/dev/urandom', 'rb');
  if ($fp !== FALSE) {
    $buf = fread($fp, $bytes);
    fclose($fp);
    if($buf !== FALSE) {
      return bin2hex($buf);
    }
  }
}

If it could be helpful, here is the basic login script:

<?php
session_start();
require_once('Facebook/Entities/AccessToken.php');
require_once( 'Facebook/FacebookSession.php' );
require_once( 'Facebook/FacebookRedirectLoginHelper.php' );
require_once('Facebook/HttpClients/FacebookHttpable.php');
require_once('Facebook/HttpClients/FacebookCurl.php');
require_once('Facebook/HttpClients/FacebookCurlHttpClient.php');
require_once( 'Facebook/FacebookRequest.php' );
require_once( 'Facebook/FacebookResponse.php' );
require_once( 'Facebook/FacebookSDKException.php' );
require_once( 'Facebook/FacebookRequestException.php' );
require_once( 'Facebook/FacebookAuthorizationException.php' );
require_once( 'Facebook/GraphObject.php' );

use FacebookFacebookSession;
use FacebookFacebookRedirectLoginHelper;
use FacebookFacebookRequest;
use FacebookFacebookResponse;
use FacebookFacebookSDKException;
use FacebookFacebookRequestException;
use FacebookFacebookAuthorizationException;
use FacebookGraphObject;

// init app with app id (APPID) and secret (SECRET)
FacebookSession::setDefaultApplication('','');

// login helper with redirect_uri
$helper = new FacebookRedirectLoginHelper( 'http://mysite/fb.php' );

try {
  $session = $helper->getSessionFromRedirect();
} catch( FacebookRequestException $ex ) {
  // When Facebook returns an error
} catch( Exception $ex ) {
  // When validation fails or other local issues
}

// see if we have a session
if ( isset( $session ) ) {
  // graph api request for user data
  $request = new FacebookRequest( $session, 'GET', '/me' );
  $response = $request->execute();
  // get response
  $graphObject = $response->getGraphObject();

//[...] uses data to login
} else {
  // show login url
  echo '<a href="' . $helper->getLoginUrl() . '">Login</a>';
}
?>

Note: locally with easyPHP, the script works perfectly

Most shared hosting providers actively restrict users to prevent them from accessing other users' content and system resources.

In this case they used the open_basedir option from php.ini which only allows PHP to open files in specified paths, and denies every other access.

To solve the problem you can either ask them to grant you access to /dev/urandom , which they probably won't do, or replace your code with the following:

if (function_exists('openssl_random_pseudo_bytes')) {
    return bin2hex(openssl_random_pseudo_bytes($bytes));
}

The openssl_random_pseudo_bytes function does almost exactly the same and is available on PHP 5.3.0 or higher.

This warning message was caused by a bug in the SDK that was fixed in version 4.0.10 . If you aren't able to change your server environment as @Pierto suggested, you can download the latest stable version of the 4.0 SDK.

链接地址: http://www.djcxy.com/p/69264.html

上一篇: PHP

下一篇: basedir限制有效“