Results 1 to 4 of 4
  1. #1
    Join Date
    Mar 2004
    Location
    Fort Collins, CO :: Play Hockey eh?!
    Posts
    65
    Plugin Contributions
    0

    Default Warning: ini_set() has been disabled for security reasons

    Viewing a completed order in admin. Adding comments, changing status to Delivered, with Append Comments and Notify Customer checked, then clicking the Update button gives:
    Code:
    Warning: ini_set() has been disabled for security reasons in /home/awakened/public_html/secureshop/includes/classes/class.phpmailer.php on line 447
    
    Warning: ini_set() has been disabled for security reasons in /home/awakened/public_html/secureshop/includes/classes/class.phpmailer.php on line 456
    
    Warning: Cannot modify header information - headers already sent by (output started at /home/awakened/public_html/secureshop/includes/classes/class.phpmailer.php:447) in /home/awakened/public_html/secureshop/admin/includes/functions/general.php on line 21
    Zen Cart 1.3.8a
    Database Patch Level: 1.3.8

    Server OS: Linux 2.6.18-028stab059.6
    HTTP Server: Apache/1.3.41 (Unix) mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.7a
    PHP Version: 5.2.8 (Zend: 2.2.0) PHP Memory Limit: 64M
    PHP Core disable_functions:
    (local value) show_source, passthru, popen, proc_open,ini_set
    (master value) show_source, passthru, popen, proc_open,ini_set
    Flash

    Larry 'Flash' Alexander
    FLASH HQ

  2. #2
    Join Date
    Jan 2004
    Posts
    60,443
    Blog Entries
    4
    Plugin Contributions
    51

    Default Re: Warning: ini_set() has been disabled for security reasons

    Sounds like you're with a hosting company that's slapping on security restrictions willy-nilly in a panic instead of properly securing the server.

    You should NOT have to do this, but if your hosting company isn't willing to secure their server more efficiently you'll have to manually edit lines 447 and 456 of the class.phpmailer.php file and add an @ symbol in front of the ini_set() function call on both lines to cause PHP to ignore the error.
    That doesn't really solve anything other than suppressing the display of the error message. The problem will still exist, and you may actually have trouble getting the emails to go through due to the break in functionality caused by the PHP restrictions imposed by your host.

    I would expect that *all* emails from your store are equally affected, both admin and storefront.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donations always welcome: www.zen-cart.com/donate

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.



  3. #3
    Join Date
    Mar 2004
    Location
    Fort Collins, CO :: Play Hockey eh?!
    Posts
    65
    Plugin Contributions
    0

    Default Re: Warning: ini_set() has been disabled for security reasons

    Problem solved, thanks!

    I've contacted my host.
    Flash

    Larry 'Flash' Alexander
    FLASH HQ

  4. #4
    Join Date
    Mar 2010
    Posts
    1
    Plugin Contributions
    0

    Default Re: Warning: ini_set() has been disabled for security reasons

    We managed to solve this using PHP. (the client's hosting company was refusing to change server settings)

    in class.phpmailer.php on line 446 447
    change:
    $old_from = ini_get("sendmail_from"); global $sendmail_from; $sendmail_from = ini_get("sendmail_from");
    $sendmail_from = $this->Sender; //ini_set("sendmail_from", $this->Sender); $sendmail_from = $this->Sender;

    line 455 456
    change:
    if($old_from) //if (isset($old_from))
    $old_from = $sendmail_from;


    in header_php.php line 400
    change:
    global $sendmail_from; //$sendmail_from = @ini_get("sendmail_from");

 

 

Similar Threads

  1. Cybersource Security Warning in FF3
    By pmshope in forum Addon Payment Modules
    Replies: 4
    Last Post: 15 Sep 2008, 01:54 PM
  2. Security Warning Box
    By cherieperry in forum Basic Configuration
    Replies: 3
    Last Post: 12 Oct 2006, 06:14 AM
  3. Getting Rid Of Security Warning
    By madk in forum General Questions
    Replies: 3
    Last Post: 12 Oct 2006, 02:46 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •