Hi,
Today I have done a
git pull
After that I wanted to check my set-up.
I got only
Checking PHP version
and the following message in the logfile.
[06-Jan-2013 17:35:48 Europe/Vienna] PHP Fatal error: Call to a member function pass() on a non-object in rc08rc_git/installer/check.php on line 80
I have tried to add a new ticket into trac but I don't want to allow google to add a cookie to my browser.
Best Regards Aleks
On 01/06/2013 06:24 PM, Aleksandar Lazic wrote:
After that I wanted to check my set-up.
[06-Jan-2013 17:35:48 Europe/Vienna] PHP Fatal error: Call to a member function pass() on a non-object in rc08rc_git/installer/check.php on line 80
Do you call check.php file directly? It won't work this way.
Am 06.01.2013 18:40, schrieb A.L.E.C:
On 01/06/2013 06:24 PM, Aleksandar Lazic wrote:
After that I wanted to check my set-up.
[06-Jan-2013 17:35:48 Europe/Vienna] PHP Fatal error: Call to a member function pass() on a non-object in rc08rc_git/installer/check.php on line 80
Do you call check.php file directly? It won't work this way
then it is a bug
includes have to make sure that they are NEVER called diretly
especially if they are throwing errors which may lead to a DOS attack by filling the filesystem with logs and if someone as good reportings the mailserver too
the other reason is plain security: you have no idea how vulnerable a include is which calls code with whatever inputs and initialization with sanity checks my be bypassed
On 01/06/2013 06:55 PM, Reindl Harald wrote:
then it is a bug
includes have to make sure that they are NEVER called diretly
especially if they are throwing errors which may lead to a DOS attack by filling the filesystem with logs and if someone as good reportings the mailserver too
We're talking about a script in the /installation/ directory which should be removed after installing Roundcube, which makes the probability of a successful DoS attack significantly smaller...
Geert
Am 06.01.2013 23:51, schrieb Geert Wirken:
On 01/06/2013 06:55 PM, Reindl Harald wrote:
then it is a bug
includes have to make sure that they are NEVER called diretly
especially if they are throwing errors which may lead to a DOS attack by filling the filesystem with logs and if someone as good reportings the mailserver too
We're talking about a script in the /installation/ directory which should be removed after installing Roundcube, which makes the probability of a successful DoS attack significantly smaller...
a bug is a bug
you can hope everbody removes /installation/ or make it secure by design - what do you think is the better choice?
most users of any software still have no knowledge at all this was always so and will not change in the near future
full ack.
Am 07-01-2013 00:56, schrieb Reindl Harald:
Am 06.01.2013 23:51, schrieb Geert Wirken:
On 01/06/2013 06:55 PM, Reindl Harald wrote:
then it is a bug
includes have to make sure that they are NEVER called diretly
especially if they are throwing errors which may lead to a DOS attack by filling the filesystem with logs and if someone as good reportings the mailserver too
We're talking about a script in the /installation/ directory which should be removed after installing Roundcube, which makes the probability of a successful DoS attack significantly smaller...
a bug is a bug
you can hope everbody removes /installation/ or make it secure by design - what do you think is the better choice?
most users of any software still have no knowledge at all this was always so and will not change in the near future
Roundcube Development discussion mailing list dev@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/dev
Yes. I called it just to see if after the update everything is ok.
Maybe it was to naive.
What is the best way to check if the setup is ok for RC?
Cheers aleks
Am 06-01-2013 18:40, schrieb A.L.E.C:
On 01/06/2013 06:24 PM, Aleksandar Lazic wrote:
After that I wanted to check my set-up.
[06-Jan-2013 17:35:48 Europe/Vienna] PHP Fatal error: Call to a member function pass() on a non-object in rc08rc_git/installer/check.php on line 80
Do you call check.php file directly? It won't work this way.
On 01/07/2013 12:48 PM, Aleksandar Lazic wrote:
Yes. I called it just to see if after the update everything is ok.
Maybe it was to naive.
What is the best way to check if the setup is ok for RC?
Use url http://<host-and-path>/installer or http://<host-and-path>/installer/index.php.
Am 07-01-2013 18:11, schrieb A.L.E.C:
On 01/07/2013 12:48 PM, Aleksandar Lazic wrote:
Yes. I called it just to see if after the update everything is ok.
Maybe it was to naive.
What is the best way to check if the setup is ok for RC?
Use url http://<host-and-path>/installer or http://<host-and-path>/installer/index.php.
ok thanks.
-
A.L.E.C -
Aleksandar Lazic -
Geert Wirken -
Reindl Harald