Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-81182

Correct require_once path in tool_mfa factors

XMLWordPrintable

    • MOODLE_403_STABLE, MOODLE_404_STABLE
    • MOODLE_403_STABLE
    • MDL-81182_403
    • Hide
      • For a test system under /var/www/moodle, rename the config.php file, then symlink to it using the following commands:  

        mv config.php config.real.php
        		 
        ln -s config.real.php config.php

      • Restart php-fpm, or apache, to ensure the realpath cache is cleared.
      • Navigate to: {yoursiteurl}/admin/tool/mfa/factor/email/email.php?instance=1
      • Confirm that an "unauthorised email" message is in the page.
      Show
      For a test system under /var/www/moodle , rename the config.php file, then symlink to it using the following commands:  mv config.php config.real.php ln -s config.real.php config.php Restart php-fpm, or apache, to ensure the realpath cache is cleared. Navigate to: {yoursiteurl}/admin/tool/mfa/factor/email/email.php?instance=1 Confirm that an "unauthorised email" message is in the page.
    • 1
    • Team Hedgehog 2024 Sprint 1.3, Team Hedgehog 2024 Sprint 1.4

      The require_once in `admin/tool/mfa/factor/email/email.php` is invalid. In some edge-cases, it can cause PHP to require the config.php file twice, since as written, it's including:

       

      Two issues - it has one set of dots too many for the depth.

      And {}DIR _does not end in a slash, so if }}{{DIR_ was /app then it results in requires that look like:
      /app../../../config.php - which is obviously wrong.{{}}

       

      Steps to reproduce:

      For a test system under /var/www/moodle, rename the config.php file, then symlink to it, something like:

       

      mv config.php config.real.php
      ln -s config.real.php config.php

       

      Restart php-fpm, or apache, to ensure the realpath cache is cleared.

      Browse to: admin/tool/mfa/factor/email/email.php?instance=1

      You should see an "unauthorised email" message. Without the fix, you may instead see a bunch of errors that indicate config isn't loaded properly.

        1. MDL-81182.png
          38 kB
          Ron Carl Alfon Yu

            aolley Adam Olley
            aolley Adam Olley
            Stevani Andolo Stevani Andolo
            Safat Shahin Safat Shahin
            Ron Carl Alfon Yu Ron Carl Alfon Yu
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour, 17 minutes
                1h 17m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.