idno / known

A social publishing platform.
https://withknown.com/opensource
Other
1.06k stars 196 forks source link

PHP Warning: Directory /.../external/htmlpurifier-lite/library/HTMLPurifier/DefinitionCache/Serializer not writable, please chmod to 777 #1436

Closed mapkyca closed 8 years ago

mapkyca commented 8 years ago

While trying to do this:

Not sure, looking in the logs, found this error generated in external/htmlpurifier-lite/library/HTMLPurifier/DefinitionCache/Serializer.php on line 278

I encountered this error:

Error about this directory not being writeable.

Some other notes:

Not entirely sure if this is a bug or something suspicious (need to investigate further). Logging for folks to comment on.

kylewm commented 8 years ago

My ears pricked up bc HTMLPurifier was that one stray lib still using "eval"

mapkyca commented 8 years ago

Hmm... I think this could stand some extra investigation...

IPs seem to originate from Baidu and google, and look like spiders.

I'm wondering whether it might be worth digging into htmlpurifier a bit more, eval usage is generally a Bad Sign.

mapkyca commented 8 years ago

... looking at the code it does look like it's meant to be writeable... but I'm wondering whether we shouldn't adopt this code and Knownify it so it writes safely.

benwerd commented 8 years ago

I'd noticed this a while back and set the cache folder to be within the upload folder. That's Idno/Core/Purifier.php lines 14 and 41:

$config->set('Cache.SerializerPath', Idno::site()->config()->getUploadPath());

Guessing it needs to be set somewhere else?

mapkyca commented 8 years ago

Maybe, but it's possible that it's getting the error because I'm on Mongo and GridFS.

I was hitting this because I was trying an export (which also doesn't work, for different reasons), because I want to work on a Mongo->Mysql conversion so we can finally kill mongo support.

Kill it with fire.

mapkyca commented 8 years ago

Yeah, I think it's likely because I don't have uploadpath set, again because I'm using mongo as the backend.

Not sure how best to handle this - we're wanting to kill mongo, but I imagine it'll also cause problems with the S3 backend, or any other file stores.

mapkyca commented 8 years ago

Still an issue even with a temp dir, looks like the setting isn't being set