PHP Fatal Error - include path

[Postgressor]

Thanks for your renewed support of this plugin.

On a Debian install running osTicket 10.4, apache2 and php5.6 I find the following error in the apache2 error log. After enabling the plugin I was no longer able to login succesfully (500 errors on user login pages & Invalid CSRF Token _ using scp/login.php) with the plugin present:-

PHP Fatal error: require_once(): Failed opening required '../main.inc.php' (include_path='./:/usr/share/osTicket/include/:/usr/share/osTicket/include/pear/:phar:///usr/share/osTicket/include/plugins/auth-ldap.phar/include') in /usr/share/osTicket/scp/sync_mldap.php on line 3

Renaming the multi-ldap directory allowed me to regain control and revert without making any other changes.

[philbertphotos]

This error is very perplexing... can you give me any other logs when this occurs?

[philbertphotos]

Let me ask does "/usr/share/osTicket/scp/sync_mldap.php" exist? IF not I need to find out why it does not copy..

[Postgressor]

Hi thanks for coming back.

Going by the timestamp on the file it looked like the copy worked fine.

From thee apache2 error log I saw for example:-

[Fri Nov 16 16:23:47.772847 2018] [:error] [pid 8629] [client 192.168.29.23:52538] PHP Warning: require_once(../main.inc.php): failed to open stream: No such file or direc$ [Fri Nov 16 16:23:47.772924 2018] [:error] [pid 8629] [client 192.168.29.23:52538] PHP Fatal error: require_once(): Failed opening required '../main.inc.php' (include_path$ [Fri Nov 16 16:29:20.915224 2018] [:error] [pid 8635] [client 192.168.29.23:52783] PHP Warning: require_once(../main.inc.php): failed to open stream: No such file or direc$ [Fri Nov 16 16:29:20.915303 2018] [:error] [pid 8635] [client 192.168.29.23:52783] PHP Fatal error: require_once(): Failed opening required '../main.inc.php' (include_path$ [Fri Nov 16 16:32:36.421283 2018] [:error] [pid 8350] [client 192.168.29.23:52852] PHP Warning: require_once(../main.inc.php): failed to open stream: No such file or direc$ [Fri Nov 16 16:32:36.421347 2018] [:error] [pid 8350] [client 192.168.29.23:52852] PHP Fatal error: require_once(): Failed opening required '../main.inc.php' (include_path$ [Fri Nov 16 16:42:31.824665 2018] [:error] [pid 8636] [client 192.168.29.23:53011] PHP Warning: require_once(../main.inc.php): failed to open stream: No such file or direc$ [Fri Nov 16 16:42:31.824728 2018] [:error] [pid 8636] [client 192.168.29.23:53011] PHP Fatal error: require_once(): Failed opening required '../main.inc.php' (include_path$ [Fri Nov 16 16:42:33.985464 2018] [:error] [pid 8349] [client 192.168.29.23:53014] PHP Warning: require_once(../main.inc.php): failed to open stream: No such file or direc$ [Fri Nov 16 16:42:33.985529 2018] [:error] [pid 8349] [client 192.168.29.23:53014] PHP Fatal error: require_once(): Failed opening required '../main.inc.php' (include_path$

as if some php path setting to ../main.inc.php was broken.

[philbertphotos]

Seems something is missing. is the osticket log empty? IN "auth.php" line 3 remove "INCLUDE_DIR" based on the error is the only thing I can think of. I use Ubuntu and never seen that type of error and cant tell what is doing it so this is a shot in the dark. require_once (INCLUDE_DIR . 'class.plugin.php'); //Plugin Local Libary

require_once ( 'class.plugin.php'); //Plugin Local Libary

[philbertphotos]

Also the error code you sent me ..it seems things are missing.

[Postgressor]

Hi

The osTicket log just gave these

Invalid CSRF Token CSRFToken

Invalid CSRF token [464662efe164627a3f7fcfb787899938dcdbfa2f] on http://tp-ci-01/osTicket/scp/login.php

This is running on Debian instead of Ubuntu.

I have also used an older version of your plugin without these errors on the same install which did not suffer these symptoms (although it had other problems of course).

cheers

[philbertphotos]

This one is a head scratcher ... I have literally solved all the other problems. Does the new version work in a older version? You know what to be honest I tested 1.01 and 1.11 not 1.04 but the core is the same and others had no issues.

Is the PHP log still showing this? "PHP Fatal error: require_once(): Failed opening required '../main.inc.php' (include_path='./:/usr/share/osTicket/include/:/usr/share/osTicket/include/pear/:phar:///usr/share/osTicket/include/plugins/auth-ldap.phar/include') in /usr/share/osTicket/scp/sync_mldap.php on line 3"

The only way I can solve this since I can reproduce it is to have access to host section .. if that is possible let me know. The error codes that PHP shows is not enough ...

My other suggestion is that you log all errors to a PHP file if you are not doing so already.

[philbertphotos]

Wait are you using to auth-ldap at the same time??? They are not compatible. Took me a minute but this is not the plugin fault.

[philbertphotos]

"plugins/auth-ldap.phar" its a conflict disable or uninstall one...

[Postgressor]

Hi No I'm aware they don't work together. I was careful to make sure the offical ldap plugin was disabled when your version was active. I also tried toggling HTTP Passthru Authentication off and on - seems to work better with this one on though (at least with the earlier version of your plug-in).

When I've got the next non-production window I will have another go and see if I can get some better logging going - did not expect to have an issue like this originally.

Thanks for looking a t this issue

[philbertphotos]

Ok let me know ,.... there should not be any auth-ladp running its the only thing that makes sense to me based on the error.

[philbertphotos]

close because no activity .

[Postgressor]

Hi

I just had a chance to revisit this and found two issues which I have now resolved.

1) The copy of sync_mldap.php to /usr/share/osTicket/scp was unclean with an older version of the file being retained instead of the one in the multi-ldap directory. Cleared by manually copying the file.

2) The ldap login was locking out some users (including myself) after an attempt to login as a user using AD credentials. On investigation I found duplicate entries being made with the same user_id and different id values in the ost_user_account table, after which access was no longer authenticated. This transpired to be due to some rows on the ost_user_account table with username values set to null instead of a the username (despite the username being expressed in the frontend for the relevant account). By matching to the ost_user_email entries by the user_id number I was able to derive the correct username to apply to replace the null username values in the ost_user_account table. This stopped the LDAP plugin attempting to create 'duplicate' accounts relating to the same email address and means I am able to leave the plugin enabled without blocking users access.