Saturday, January 26, 2019

php - Facebook api: "open_basedir restriction in effect"



I've uploaded my script for facebook login, based on facebook php api 4.0,on a web hosting which supports php 5.4, but I'm getting





Warning: is_readable(): open_basedir restriction in effect.
File(/dev/urandom) is not within the allowed path(s):
(/home/myuserid:/usr/lib/php:/tmp) in
/home/myuserid/public_html/Facebook/FacebookRedirectLoginHelper.php on
line 244




Here are line 244 of the file and some of the following




if (is_readable('/dev/urandom')) {
$fp = fopen('/dev/urandom', 'rb');
if ($fp !== FALSE) {
$buf = fread($fp, $bytes);
fclose($fp);
if($buf !== FALSE) {
return bin2hex($buf);
}
}
}



If it could be helpful, here is the basic login script:



session_start();
require_once('Facebook/Entities/AccessToken.php');
require_once( 'Facebook/FacebookSession.php' );
require_once( 'Facebook/FacebookRedirectLoginHelper.php' );
require_once('Facebook/HttpClients/FacebookHttpable.php');

require_once('Facebook/HttpClients/FacebookCurl.php');
require_once('Facebook/HttpClients/FacebookCurlHttpClient.php');
require_once( 'Facebook/FacebookRequest.php' );
require_once( 'Facebook/FacebookResponse.php' );
require_once( 'Facebook/FacebookSDKException.php' );
require_once( 'Facebook/FacebookRequestException.php' );
require_once( 'Facebook/FacebookAuthorizationException.php' );
require_once( 'Facebook/GraphObject.php' );

use Facebook\FacebookSession;

use Facebook\FacebookRedirectLoginHelper;
use Facebook\FacebookRequest;
use Facebook\FacebookResponse;
use Facebook\FacebookSDKException;
use Facebook\FacebookRequestException;
use Facebook\FacebookAuthorizationException;
use Facebook\GraphObject;

// init app with app id (APPID) and secret (SECRET)
FacebookSession::setDefaultApplication('','');


// login helper with redirect_uri
$helper = new FacebookRedirectLoginHelper( 'http://mysite/fb.php' );

try {
$session = $helper->getSessionFromRedirect();
} catch( FacebookRequestException $ex ) {
// When Facebook returns an error
} catch( Exception $ex ) {
// When validation fails or other local issues

}

// see if we have a session
if ( isset( $session ) ) {
// graph api request for user data
$request = new FacebookRequest( $session, 'GET', '/me' );
$response = $request->execute();
// get response
$graphObject = $response->getGraphObject();


//[...] uses data to login
} else {
// show login url
echo 'Login';
}
?>


Note: locally with easyPHP, the script works perfectly


Answer




Most shared hosting providers actively restrict users to prevent them from accessing other users' content and system resources.



In this case they used the open_basedir option from php.ini which only allows PHP to open files in specified paths, and denies every other access.



To solve the problem you can either ask them to grant you access to /dev/urandom, which they probably won't do, or replace your code with the following:



if (function_exists('openssl_random_pseudo_bytes')) {
return bin2hex(openssl_random_pseudo_bytes($bytes));
}



The openssl_random_pseudo_bytes function does almost exactly the same and is available on PHP 5.3.0 or higher.


No comments:

Post a Comment

plot explanation - Why did Peaches' mom hang on the tree? - Movies & TV

In the middle of the movie Ice Age: Continental Drift Peaches' mom asked Peaches to go to sleep. Then, she hung on the tree. This parti...