Error Message after SSL installation - streamline.net

[eggrush]

HI
I am carrying this thread over from:
http://www.zen-cart.com/forum/showthread.php?t=70104

here is my url: http://canvas-style-art.co.uk/shop/

here is the error message (which you can see if you goto the above url):

Warning: session_save_path() [function.session-save-path]: open_basedir restriction in effect. File(/home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/cache) is not within the allowed path(s): (/tmp:/usr/share/pear:/home/fhlinux173/c/canvas-style-art.co.uk/user) in /home/fhlinux173/c/canvas-style-art.co.uk/user/htdocs/shop/includes/functions/sessions.php on line 151

any ideas people?



here is the code from a configure.php file in the includes folder on the SSL partition minus the password:

<?php
/**
*
* @package Configuration Settings
* @copyright Copyright 2003-2006 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
*/


/*************** NOTE: This file is similar, but DIFFERENT from the "admin" version of configure.php. ***********/
/*************** The 2 files should be kept separate and not used to overwrite each other. ***********/

// Define the webserver and path parameters
// HTTP_SERVER is your Main webserver: eg, http://www.yourdomain.com
// HTTPS_SERVER is your Secure webserver: eg, https://www.yourdomain.com
define('HTTP_SERVER', 'http://canvas-style-art.co.uk');
define('HTTPS_SERVER', 'https://canvas-style-art.ssl-01.com');

// Use secure webserver for checkout procedure?
define('ENABLE_SSL', 'true');

// NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
// * DIR_WS_* = Webserver directories (virtual/URL)
// these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
define('DIR_WS_CATALOG', '/shop/');
define('DIR_WS_HTTPS_CATALOG', '/shop/');

define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
define('DIR_WS_DOWNLOAD_PUBLIC', DIR_WS_CATALOG . 'pub/');
define('DIR_WS_TEMPLATES', DIR_WS_INCLUDES . 'templates/');

define('DIR_WS_PHPBB', '/');

// * DIR_FS_* = Filesystem directories (local/physical)
//the following path is a COMPLETE path to your Zen Cart files. eg: /var/www/vhost/accountname/public_html/store/
define('DIR_FS_CATALOG', '/home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');
define('DIR_WS_UPLOADS', DIR_WS_IMAGES . 'uploads/');
define('DIR_FS_UPLOADS', DIR_FS_CATALOG . DIR_WS_UPLOADS);
define('DIR_FS_EMAIL_TEMPLATES', DIR_FS_CATALOG . 'email/');

// define our database connection
define('DB_TYPE', 'mysql');
define('DB_PREFIX', 'canvas');
define('DB_SERVER', 'mysql11.streamline.net');
define('DB_SERVER_USERNAME', 'canvassty');
define('DB_SERVER_PASSWORD', 'xxxxxxxxxxxxxxxxx');
define('DB_DATABASE', 'canvassty');
define('USE_PCONNECT', 'false'); // use persistent connections?
define('STORE_SESSIONS', 'db'); // use 'db' for best support, or '' for file-based storage

// The next 2 "defines" are for SQL cache support.
// For SQL_CACHE_METHOD, you can select from: none, database, or file
// If you choose "file", then you need to set the DIR_FS_SQL_CACHE to a directory where your apache
// or webserver user has write privileges (chmod 666 or 777). We recommend using the "cache" folder inside the Zen Cart folder
// ie: /path/to/your/webspace/public_html/zen/cache -- leave no trailing slash
define('SQL_CACHE_METHOD', 'database');
define('DIR_FS_SQL_CACHE', '/home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/cache');

?>


does that all seem fine?

[kobra]

Try getting the fix_cache_key mod in the downloads area and run it

[eggrush]

ran that got this:

Cache Settings Synchronization Tool

Recommendations

Possible appropriate cache directory for your site is: /home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/cache

Actual Information

Read DIR_FS_SQL_CACHE from configure.php: /home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/cache
Found SESSION_WRITE_DIRECTORY in database: /home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/cache

No changes required.
Exiting.
Security

PLEASE DELETE THIS FILE FROM YOUR SERVER NOW!!
Removing this file (fix_cache_key.php) from your server protects you from would-be hackers/predators who might seek to compromise your serve





any more ideas guys?

[kobra]

Well that verifies that the DB and the configure.php entry match but from your error message these do not seem to be fully compare correctly
Insure that your Hosting path is correct:

Code:

/usr/share/pear:/home/fhlinux173/c/canvas-style-art.co.uk/user)

/home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/cache

[eggrush]

ok so its says /home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/includes/functions/sessions.php on line 151

is where the problem is?, here is the code from that file:

<?php
/**
* functions/sessions.php
* Session functions
*
* @package functions
* @copyright Copyright 2003-2005 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: sessions.php 6525 2007-06-25 21:49:57Z drbyte $
*/
if (!defined('IS_ADMIN_FLAG')) {
die('Illegal Access');
}
if (STORE_SESSIONS == 'db') {
if (defined('DIR_WS_ADMIN')) {
if (!$SESS_LIFE = (SESSION_TIMEOUT_ADMIN + 900)) {
$SESS_LIFE = (SESSION_TIMEOUT_ADMIN + 900);
}
} else {
if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) {
$SESS_LIFE = 1440;
}
}

function _sess_open($save_path, $session_name) {
return true;
}

function _sess_close() {
return true;
}

function _sess_read($key) {
global $db;
$qid = "select value
from " . TABLE_SESSIONS . "
where sesskey = '" . zen_db_input($key) . "'
and expiry > '" . time() . "'";

$value = $db->Execute($qid);

if (isset($value->fields['value']) && $value->fields['value']) {
return $value->fields['value'];
}

return ("");
}

function _sess_write($key, $val) {
global $db;
if (!is_object($db)) {
//PHP 5.2.0 bug workaround ...
$db = new queryFactory();
$db->connect(DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD, DB_DATABASE, USE_PCONNECT, false);
}

global $SESS_LIFE;

$expiry = time() + $SESS_LIFE;
$value = $val;

$qid = "select count(*) as total
from " . TABLE_SESSIONS . "
where sesskey = '" . zen_db_input($key) . "'";

$total = $db->Execute($qid);

if ($total->fields['total'] > 0) {
$sql = "update " . TABLE_SESSIONS . "
set expiry = '" . zen_db_input($expiry) . "', value = '" . zen_db_input($value) . "'
where sesskey = '" . zen_db_input($key) . "'";

return $db->Execute($sql);

} else {
$sql = "insert into " . TABLE_SESSIONS . "
values ('" . zen_db_input($key) . "', '" . zen_db_input($expiry) . "', '" .
zen_db_input($value) . "')";

return $db->Execute($sql);

}
}

function _sess_destroy($key) {
global $db;
$sql = "delete from " . TABLE_SESSIONS . " where sesskey = '" . zen_db_input($key) . "'";
return $db->Execute($sql);
}

function _sess_gc($maxlifetime) {
global $db;
$sql = "delete from " . TABLE_SESSIONS . " where expiry < " . time();
$db->Execute($sql);
return true;
}

session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');
}

function zen_session_start() {
@ini_set('session.gc_probability', 1);
@ini_set('session.gc_divisor', 2);
if (defined('DIR_WS_ADMIN')) {
@ini_set('session.gc_maxlifetime', (SESSION_TIMEOUT_ADMIN < 900 ? (SESSION_TIMEOUT_ADMIN + 900) : SESSION_TIMEOUT_ADMIN));
}
return session_start();
}

function zen_session_register($variable) {
die('This function has been deprecated. Please use Register Globals Off compatible code');
}

function zen_session_is_registered($variable) {
die('This function has been deprecated. Please use Register Globals Off compatible code');
}

function zen_session_unregister($variable) {
die('This function has been deprecated. Please use Register Globals Off compatible code');
}

function zen_session_id($sessid = '') {
if (!empty($sessid)) {
return session_id($sessid);
} else {
return session_id();
}
}

function zen_session_name($name = '') {
if (!empty($name)) {
return session_name($name);
} else {
return session_name();
}
}

function zen_session_close() {
if (function_exists('session_close')) {
return session_close();
}
}

function zen_session_destroy() {
return session_destroy();
}

function zen_session_save_path($path = '') {
if (!empty($path)) {
return session_save_path($path);
} else {
return session_save_path();
}
}

function zen_session_recreate() {
global $http_domain, $https_domain, $current_domain;
if ($http_domain == $https_domain) {
$saveSession = $_SESSION;
$oldSessID = session_id();
session_regenerate_id();
$newSessID = session_id();
session_id($oldSessID);
session_id($newSessID);
if (STORE_SESSIONS == 'db') {
session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');
}
session_start();
$_SESSION = $saveSession;
if (IS_ADMIN_FLAG !== true) {
whos_online_session_recreate($oldSessID, $newSessID);
}
} else {
/*
$saveSession = $_SESSION;
$oldSessID = session_id();
session_regenerate_id();
$newSessID = session_id();
session_id($oldSessID);
session_destroy();
session_id($newSessID);
session_set_cookie_params(0, '/', (zen_not_null($http_domain) ? $http_domain : ''));
session_id($newSessID);
if (STORE_SESSIONS == 'db') {
session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');
}
session_start();
session_set_cookie_params(0, '/', (zen_not_null($current_domain) ? $current_domain : ''));
session_start();
$_SESSION = $saveSession;
*/
}
}
?>




here is the code from the includes/configure.php file on the SSL side:

<?php
/**
*
* @package Configuration Settings
* @copyright Copyright 2003-2006 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
*/


/*************** NOTE: This file is similar, but DIFFERENT from the "admin" version of configure.php. ***********/
/*************** The 2 files should be kept separate and not used to overwrite each other. ***********/

// Define the webserver and path parameters
// HTTP_SERVER is your Main webserver: eg, http://www.yourdomain.com
// HTTPS_SERVER is your Secure webserver: eg, https://www.yourdomain.com
define('HTTP_SERVER', 'http://canvas-style-art.co.uk');
define('HTTPS_SERVER', 'https://canvas-style-art.ssl-01.com');

// Use secure webserver for checkout procedure?
define('ENABLE_SSL', 'true');

// NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
// * DIR_WS_* = Webserver directories (virtual/URL)
// these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
define('DIR_WS_CATALOG', '/shop/');
define('DIR_WS_HTTPS_CATALOG', '/shop/');

define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
define('DIR_WS_DOWNLOAD_PUBLIC', DIR_WS_CATALOG . 'pub/');
define('DIR_WS_TEMPLATES', DIR_WS_INCLUDES . 'templates/');

define('DIR_WS_PHPBB', '/');

// * DIR_FS_* = Filesystem directories (local/physical)
//the following path is a COMPLETE path to your Zen Cart files. eg: /var/www/vhost/accountname/public_html/store/
define('DIR_FS_CATALOG', '/home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');
define('DIR_WS_UPLOADS', DIR_WS_IMAGES . 'uploads/');
define('DIR_FS_UPLOADS', DIR_FS_CATALOG . DIR_WS_UPLOADS);
define('DIR_FS_EMAIL_TEMPLATES', DIR_FS_CATALOG . 'email/');

// define our database connection
define('DB_TYPE', 'mysql');
define('DB_PREFIX', 'canvas');
define('DB_SERVER', 'mysql11.streamline.net');
define('DB_SERVER_USERNAME', 'canvassty');
define('DB_SERVER_PASSWORD', 'xxxxxxxxxxxxxx');
define('DB_DATABASE', 'canvassty');
define('USE_PCONNECT', 'false'); // use persistent connections?
define('STORE_SESSIONS', 'db'); // use 'db' for best support, or '' for file-based storage

// The next 2 "defines" are for SQL cache support.
// For SQL_CACHE_METHOD, you can select from: none, database, or file
// If you choose "file", then you need to set the DIR_FS_SQL_CACHE to a directory where your apache
// or webserver user has write privileges (chmod 666 or 777). We recommend using the "cache" folder inside the Zen Cart folder
// ie: /path/to/your/webspace/public_html/zen/cache -- leave no trailing slash
define('SQL_CACHE_METHOD', 'database');
define('DIR_FS_SQL_CACHE', '/home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/cache');

?>


and here is the code from the same file on the non SSL server side:


<?php
/**
*
* @package Configuration Settings
* @copyright Copyright 2003-2006 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
*/


/*************** NOTE: This file is similar, but DIFFERENT from the "admin" version of configure.php. ***********/
/*************** The 2 files should be kept separate and not used to overwrite each other. ***********/

// Define the webserver and path parameters
// HTTP_SERVER is your Main webserver: eg, http://www.yourdomain.com
// HTTPS_SERVER is your Secure webserver: eg, https://www.yourdomain.com
define('HTTP_SERVER', 'http://www.canvas-style-art.co.uk');
define('HTTPS_SERVER', 'https://canvas-style-art.ssl-01.com');

// Use secure webserver for checkout procedure?
define('ENABLE_SSL', 'true');

// NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
// * DIR_WS_* = Webserver directories (virtual/URL)
// these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
define('DIR_WS_CATALOG', '/shop/');
define('DIR_WS_HTTPS_CATALOG', '/shop/');

define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
define('DIR_WS_DOWNLOAD_PUBLIC', DIR_WS_CATALOG . 'pub/');
define('DIR_WS_TEMPLATES', DIR_WS_INCLUDES . 'templates/');

define('DIR_WS_PHPBB', '/');

// * DIR_FS_* = Filesystem directories (local/physical)
//the following path is a COMPLETE path to your Zen Cart files. eg: /var/www/vhost/accountname/public_html/store/
define('DIR_FS_CATALOG', '/home/fhlinux173/c/canvas-style-art.co.uk/user/htdocs/shop/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');
define('DIR_WS_UPLOADS', DIR_WS_IMAGES . 'uploads/');
define('DIR_FS_UPLOADS', DIR_FS_CATALOG . DIR_WS_UPLOADS);
define('DIR_FS_EMAIL_TEMPLATES', DIR_FS_CATALOG . 'email/');

// define our database connection
define('DB_TYPE', 'mysql');
define('DB_PREFIX', 'canvas');
define('DB_SERVER', 'mysql11.streamline.net');
define('DB_SERVER_USERNAME', 'canvassty');
define('DB_SERVER_PASSWORD', 'xxxxxxxxxxx');
define('DB_DATABASE', 'canvassty');
define('USE_PCONNECT', 'false'); // use persistent connections?
define('STORE_SESSIONS', 'db'); // use 'db' for best support, or '' for file-based storage

// The next 2 "defines" are for SQL cache support.
// For SQL_CACHE_METHOD, you can select from: none, database, or file
// If you choose "file", then you need to set the DIR_FS_SQL_CACHE to a directory where your apache
// or webserver user has write privileges (chmod 666 or 777). We recommend using the "cache" folder inside the Zen Cart folder
// ie: /path/to/your/webspace/public_html/zen/cache -- leave no trailing slash
define('SQL_CACHE_METHOD', 'database');
define('DIR_FS_SQL_CACHE', '/home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/cache');

?>


see anything?

[kobra]

Code:

File(/home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/cache) is not within the allowed path(s):

This spawns the sessions.hp error and I doubt that it is the file your referenced or anything in it.

[eggrush]

Hi
Does that mean you have spotted something? shall i add that code to a file? sorry i need to get my head around this as a newbie.

Egg

[eggrush]

reinstalled zen in both parts of the server (ssl & normal side) but still getting:

Warning: session_save_path() [function.session-save-path]: open_basedir restriction in effect. File(/home/fhlinux173/c/canvas-style-art.co.uk/user/htdocs/shop/cache) is not within the allowed path(s): (/tmp:/home/default/canvas-style-art.ssl-01.com) in /home/default/canvas-style-art.ssl-01.com/user/htdocs/shop/includes/functions/sessions.php on line 151


can someone walk me through how to sort this out please ( if you look above its all there)

Cheers

Egg

[eggrush]

ok i did all that above but i also ran fix_cache_key.php on the SSL side all fine there (it sorted out a error problem) but i also ran it on the normal server side and now it comes up with this error:


Not Found

The requested URL /shop/zc_install/index.php was not found on this server.



I don't want to re-install zen its already there but now i cant even get the shop up on the browser, check it out;

http://www.canvas-style-art.co.uk/shop


Anyone know why its done this!!!????


Egg

[DrByte]

Not Found

The requested URL /shop/zc_install/index.php was not found on this server.

This means that the configure.php file is either missing or contains default settings or the database info in it is invalid and thus it thinks it must be a new install, so it's attempting to start the installer.

It's a lot easier to do SSL on a host server that lets you run both your SSL and non-SSL content from *one* folder, not separate folders. Most good hosts can set that up for you.