Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1

    Default sessions.php error in SSL directory

    Hi,

    This is the first time i have had to make a post cos all the info on here is usually spot on! But i am having a problem now...

    I switched servers (but stayed with the same provider so not much changed) and the site worked fine. But now i am trying to set up a secure checkout with standard cc module and every time it switches to https:// i get this error:


    Warning: session_save_path() [function.session-save-path]: open_basedir restriction in effect. File(/usr/local/psa/home/vhosts/justaddweed.co.uk/httpdocs/cache) is not within the allowed path(s): (/usr/local/psa/home/vhosts/justaddweed.co.uk/httpsdocs:/tmp) in /usr/local/psa/home/vhosts/justaddweed.co.uk/httpsdocs/includes/functions/sessions.php on line 161


    https://www.justaddweed.co.uk/index.php?main_page=login

    I have read everything i can find on this forum but i'm just not finding an answer!
    I have tried running fix_cache_key.php from my http root and https root and it did do something once but didn't fix the prob.
    I have also checked all my /cache locations in all configure.php files and i just keep going around in circles.

    I am running 1.2.7 and cannot upgrade easily because i have not been using the override directories properly (i know this is stupid!) and i think myysql 5.x is running too but i have fixed all the other probs associated with that (i hope).

    Any help anyone can give me would be great!

  2. #2
    Join Date
    Oct 2006
    Location
    Alberta, Canada
    Posts
    4,571
    Plugin Contributions
    1

    Default Re: sessions.php error in SSL directory

    This is problem:
    /usr/local/psa/home/vhosts/justaddweed.co.uk/httpdocs/cache

    That path is described in both your config files, at the bottom. Since you've changed Servers, the path needs to be changed to reflect the new path on the new Server.

    If not sure how to do that, your Hoster should be able to help you and/or fix it within minutes.

  3. #3

    Default Re: sessions.php error in SSL directory

    Thanks for your quick reply!

    I have just checked with my host and they say that the path is:

    /usr/local/psa/home/vhosts/DOMAIN.EXT/httpdocs

    which means

    /usr/local/psa/home/vhosts/justaddweed.co.uk/httpdocs/cache

    is correct.

    Should this be .../httpsdocs/cache?

    Should
    httpdocs/admin/includes/configure.php,
    httpdocs/includes/configure.php,
    httpsdocs/admin/includes/configure.php and
    httpsdocs/includes/configure.php
    all point to the same place path?

    cheers!

  4. #4
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: sessions.php error in SSL directory

    Try moving your cache folder up a level, above httpdocs
    Then point DIR_FS_SQL_CACHE in all your configure.php files to the new location.
    Also update your Admin->Configuration->Sessions->Session Directory to the new location.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  5. #5

    Default Re: sessions.php error in SSL directory

    DrBryte, cheers - i tried making a cache dir at ..../anon_ftp/cache and changed all that you said, but it still came up with the same error saying that:

    ...is not within the allowed path(s): (/usr/local/psa/home/vhosts/justaddweed.co.uk/httpsdocs:/tmp)

    can i just disable this cache function as it is set to none anyway?

  6. #6
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: sessions.php error in SSL directory

    You probably need to put it here so it's available to both the httpdocs and httpsdocs modes:
    /usr/local/psa/home/vhosts/justaddweed.co.uk/cache


    Zen Cart uses this folder for both db-caching as well as session-data-storage. If you don't give it a spot to store session data (accessible equally from http and https modes) then your customers will always have "zenid" parameters on their URL's, making your site less secure and at risk of session hijacking.
    If your store isn't dropping the zenid after the 2nd click on your site, then either you have this session problem or the browser doesn't have session-cookie support enabled (ie: they have it blocked).
    Last edited by DrByte; 11 May 2007 at 12:18 PM. Reason: reworded
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  7. #7

    Default Re: sessions.php error in SSL directory

    cool, i wasn't able to creat e a new dir, but will get onto my host and try it that way,

    will let ya kno!

  8. #8

    Default Re: sessions.php error in SSL directory

    This was a reply from an earlier email from our host...

    It looks like this script is calling files from httpsdocs when they're actually located in httpdocs - you just need to alter the path that they're referencing. If you are using a mirrored httpdocs/httpsdocs (so the content of one is available in the other) this can cause problems when referencing absolute paths. By the sound of it, this isn't what you'reusing though, so feel free to ignore.

    Warning: session_save_path() [function.session-save-path]: open_basedir restriction in effect.File(/usr/local/psa/home/vhosts/justaddweed.co.uk/httpdocs/cache) is not within the allowed path(s)/usr/local/psa/home/vhosts/justaddweed.co.uk/httpsdocs:/tmp) in/usr/local/psa/home/vhosts/justaddweed.co.uk/httpsdocs/includes/functions/sessions.php on line


    What do you reckon?

  9. #9

    Default Re: sessions.php error in SSL directory

    DrB - does the new cache dir need to be 777 or is 755 ok? (i can't change it at the mo!!)

  10. #10
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: sessions.php error in SSL directory

    1. It would be MUCH better if your account could be configured to serve SSL content directly from the httpdocs folder.
    Zen Cart dynamically builds everything from one fileset. It does not need the old-school protection offered by using separate folders for the SSL content.

    2. The cache folder needs to be 777 (the last digit, which means 'world permissions' needs to be a 6 or higher in order to allow apache to write content to the files. Some host configurations require the 7 instead of 6 in order for it to work. More details on what the 3 digits mean can be found by googling about file permissions, or by checking the FAQ system at: https://tutorials.zen-cart.com )
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

 

 
Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 3
    Last Post: 15 Feb 2012, 11:28 AM
  2. Sessions.php Error - weird
    By benbirdx in forum Basic Configuration
    Replies: 3
    Last Post: 2 Sep 2009, 04:16 PM
  3. Fatal Error in Sessions.php line 61
    By kevnj in forum Basic Configuration
    Replies: 7
    Last Post: 6 May 2007, 06:41 AM
  4. Fatal Error in sessions.php line 72
    By laurakim in forum General Questions
    Replies: 5
    Last Post: 22 Apr 2007, 06:27 AM
  5. Fatal error with sessions.php
    By Elemi in forum General Questions
    Replies: 4
    Last Post: 7 Jan 2007, 06:48 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR