Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

output_buffering check broken in sys information report #19784

Closed
ggppdk opened this issue Feb 26, 2018 · 7 comments
Closed

output_buffering check broken in sys information report #19784

ggppdk opened this issue Feb 26, 2018 · 7 comments
Labels
No Code Attached Yet

Comments

@ggppdk
Copy link
Contributor

ggppdk commented Feb 26, 2018
edited by joomla-cms-bot
Loading

Wrongly detected when

  1. ini_get('output_buffering') === 'On' any non numeric and text value means off (a misconfiguration)
  2. ini_get('output_buffering') === '0' wrongly detected because we do

https://github.com/joomla/joomla-cms/blob/staging/administrator/components/com_admin/models/sysinfo.php#L251

'output_buffering' => ($outputBuffering === 'On') ? true : is_numeric($outputBuffering),

aka we use is_numeric($outputBuffering) but is_numeric on '0' returns true

Number 2 is most important, since 1 number is a misconfiguration although it may not be an uncommon misconfiguration

See comment
#19611 (comment)
@ggppdk ggppdk changed the title output_buffering check broken output_buffering check broken in sys information report Feb 26, 2018
@ggppdk
Copy link
Contributor Author

ggppdk commented Feb 26, 2018
edited
Loading

@zero-24 , @Quy

Issue due to PR #19611,
The PR tried to fix real issue #19033 ?
but the fix was not correct

@sandewt
Copy link
Contributor

sandewt commented Feb 26, 2018
edited
Loading

See also PR #19612.

@zero-24
Copy link
Contributor

zero-24 commented Feb 26, 2018

But Isn't than 'output_buffering === off also invalid / misconfiguration?

@ggppdk
Copy link
Contributor Author

ggppdk commented Feb 26, 2018
edited
Loading

But Isn't than 'output_buffering === off also invalid / misconfiguration?

Yes === 'off' is invalid (you are supposed to use php_flag output_buffering off to set a boolean 'off')
just i do not mention it above because it is correctly detected by current code as OFF

If you try to set it to a text value
php_value output_buffering On (and any text value)

  • on some servers it will give internal error,
  • on some it will be accepted just it results to output buffering being off

php_flag output_buffering on (.htaccess)
output_buffering=on (php.ini, restart apache if needed)

Both of the above will set output_buffering to '1' (output buffering enabled)
var_dump(ini_get('output_buffering'));

Display:
string(1) "1"

Please note also that this will enable output buffering ... despite being negative and having text at its end
(it will enable it if you do not get an internal server error)
php_value output_buffering -4096test

So correct detection is
$isEnabled = (int) ini_get('output_buffering') !== 0;

@ggppdk
Copy link
Contributor Author

ggppdk commented Feb 26, 2018

I do not mention it above but it is similar to On case

php_flag output_buffering off (.htaccess)
output_buffering=off (php.ini, restart apache if needed)

Both of the above will set output_buffering to '0' (output buffering disabled)
var_dump(ini_get('output_buffering'));

Display:
string(1) "0"

@zero-24 zero-24 mentioned this issue Feb 26, 2018
Merged
@zero-24
Copy link
Contributor

zero-24 commented Feb 26, 2018

PR: #19791 Thanks for the report!

@zero-24 zero-24 mentioned this issue Feb 26, 2018
Merged
@joomla-cms-bot
Copy link

Set to "closed" on behalf of @Quy by The JTracker Application at issues.joomla.org/joomla-cms/19784

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
No Code Attached Yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@zero-24 @ggppdk @sandewt @joomla-cms-bot