?

Success

Related to # 4770

User tests: Successful: Unsuccessful:

avatar dgt41
dgt41
21 Sep 2014

Scope

Reaveal a trimmed path on an error message produced in /libraries/loader.php instead of the actual real path

B/C

None

Tests

In Protostar's index.php after defined('_JEXEC') or die; add this code (one at a time):

JLoader::registerPrefix('XY', JPATH_PLATFORM . '/notfound');

and

JLoader::registerNamespace('XYZ', JPATH_LIBRARIES . '/notagain');

The error should be:
500 Library path /libraries/notfound cannot be found.
and
500 Library path /libraries/notagain cannot be found.

avatar dgt41 dgt41 - open - 21 Sep 2014
avatar jissues-bot jissues-bot - change - 21 Sep 2014
Labels Added: ?
avatar brianteeman brianteeman - change - 21 Sep 2014
Category Code style Libraries
avatar b2z
b2z - comment - 24 Sep 2014

Can you give an example of library to rename?

This comment was created with the J!Tracker Application at http://issues.joomla.org/.

avatar dgt41
dgt41 - comment - 24 Sep 2014

@b2z If you are in a standard Joomla installation it would be easier if you use something like this in the model of an active component:

JLoader::registerPrefix(‘X', JPATH_PLATFORM . ‘/notfound’);
JLoader::registerNamespace(’XYZ', JPATH_LIBRARIES . '/notagain');

screen shot 2014-09-25 at 12 00 22

avatar b2z
b2z - comment - 25 Sep 2014

Do not know about the practical aspect, but @test is ok.

In Protostar's index.php after defined('_JEXEC') or die; I've added this code:

JLoader::registerPrefix('XY', JPATH_PLATFORM . '/notfound');

and

JLoader::registerNamespace('XYZ', JPATH_LIBRARIES . '/notagain');

And the error was as described:
500 Library path /libraries/notfound cannot be found.
and
500 Library path /libraries/notagain cannot be found.


This comment was created with the J!Tracker Application at http://issues.joomla.org/.

avatar b2z b2z - test_item - 25 Sep 2014 - Tested successfully
avatar b2z
b2z - comment - 25 Sep 2014

One more thing to notice. I would add a blank line before throw:

// Verify the library path exists.
if (!file_exists($path))
{
    $path = str_replace(JPATH_ROOT, '', $path);

    throw new RuntimeException('Library path ' . $path . ' cannot be found.', 500);
}
```<br /><br />*This comment was created with the <a href="https://github.com/joomla/jissues">J!Tracker Application</a> at <a href="http://issues.joomla.org/">http://issues.joomla.org/</a>.*
avatar dgt41
dgt41 - comment - 25 Sep 2014

@b2z I guess in a shared environment you don’t want to expose the actual path to your site for security reasons...

avatar infograf768
infograf768 - comment - 25 Sep 2014

Nice. Agree that adding a blank line before the throw would be better

avatar dgt41
dgt41 - comment - 25 Sep 2014

@b2z @infograf768 Thanks for the tests. Empty line added!

avatar b2z
b2z - comment - 25 Sep 2014

Hmm... But if I am trying to regsiter the library outside JPATH_ROOT? Then str_replace(JPATH_ROOT, '', $path); will do nothing. Anyway it is better then nothing ;)

This comment was created with the J!Tracker Application at http://issues.joomla.org/.

avatar dgt41
dgt41 - comment - 25 Sep 2014

@b2z Is that even possible? I mean JPATH_ROOT is the public folder of the site, you mean if you have a library installed in a lower directory? I don’t know if that will work altogether with joomla and certainly is way of the standard procedures of the cms to handle stuff, I think...

This comment was created with the J!Tracker Application at http://issues.joomla.org/.

avatar mbabker
mbabker - comment - 25 Sep 2014

When you add something to our autoloader, it's done through an absolute path. So yes, it'd be possible to autoload files outside the root install of the CMS.

avatar dgt41
dgt41 - comment - 25 Sep 2014

Thanks @mbabker for clarifying that. I guess another approach will be to just throw only the last directory of the path? Something like:

$path = basename($path);
avatar roland-d
roland-d - comment - 3 Oct 2014

I like that we show the path to the library folder except the full path of course. How about showing the path from the document root when the library is under the document root and only the last folder when it is above the document root? We get something like this:

$cleanpath = str_replace(JPATH_ROOT, '', $path);

            if ($cleanpath == $path)
            {
                $cleanpath = basename($path);
            }

            throw new RuntimeException('Library path ' . $cleanpath . ' cannot be found.', 500);

Just a suggestion :)

avatar dgt41
dgt41 - comment - 3 Oct 2014

@roland-d Sounds good to me ;)

avatar roland-d
roland-d - comment - 4 Oct 2014

@dgt41 If you are OK with it, can you make the changes to the PR?

This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4317.

avatar dgt41
dgt41 - comment - 4 Oct 2014

@roland-d I just updated the code with your suggestion. Thanks!

This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4317.

avatar pe7er
pe7er - comment - 5 Oct 2014

Could someone please give an example like b2z asked?

I am at Joomladay UK at Bug Squad patch testing session and we are trying to reproduce the error.
E.g. rename some /library/cms/ folders like menu/search, but where not able to reproduce the error

This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4317.

avatar dgt41
dgt41 - comment - 5 Oct 2014

@pe7er Try the same procedure as @b2z describes few comments above:

In Protostar's index.php after defined('_JEXEC') or die; I've added this code:

JLoader::registerPrefix('XY', JPATH_PLATFORM . '/notfound’);

and

JLoader::registerNamespace('XYZ', JPATH_LIBRARIES . '/notagain’);

or this #4317 (comment)
PS you have to test one line at the time

avatar roland-d roland-d - test_item - 10 Oct 2014 - Tested successfully
avatar roland-d
roland-d - comment - 10 Oct 2014

@test: Works as expected, the full path is no longer shown.

We need one more test since the PR was changed since the previous tests.

This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4317.

avatar b2z
b2z - comment - 11 Oct 2014

@test one more time with the new code! Success. Good job.

This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4317.

avatar brianteeman
brianteeman - comment - 16 Oct 2014

Two good tests thanks - setting to RTC

This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4317.

avatar brianteeman brianteeman - change - 16 Oct 2014
Status Pending Ready to Commit
avatar nicksavov
nicksavov - comment - 17 Oct 2014

Looks like this might be submitted from the wrong branch. There's a ton of other people's commits.

avatar Bakual
Bakual - comment - 17 Oct 2014

Closing this PR as the patch looks messed up.

@dgt41 Please check the branch and either correct it and request to reopen this PR or just create a new one. Thanks!

avatar Bakual Bakual - close - 17 Oct 2014
avatar Bakual Bakual - close - 17 Oct 2014
avatar Bakual Bakual - change - 17 Oct 2014
Status Ready to Commit Closed
Closed_Date 0000-00-00 00:00:00 2014-10-17 11:51:23
avatar dgt41
dgt41 - comment - 17 Oct 2014

Ok

avatar dgt41
dgt41 - comment - 17 Oct 2014

@Bakual check #4770

avatar brianteeman brianteeman - change - 17 Oct 2014
Rel_Number 4770
Relation Type Related to
avatar Bakual
Bakual - comment - 17 Oct 2014

Yeah that looks much better :+1:

avatar dgt41 dgt41 - head_ref_deleted - 8 Nov 2014

Add a Comment

Login with GitHub to post a comment