Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-81604

Broken file serving under PHP 8.1+, Apache and PHP-FPM via mod_proxy_fcgi, when the filename is not only plain ASCII or w/ blank spaces

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • 4.1.11, 4.3.5, 4.4.6, 4.5.3
    • Files API
    • a) CentOS 7 / Apache 2.4.6 / PHP 8.1.28
      b) Rocky Linux 9 / Apache 2.4.57 / PHP 8.1.28
    • MOODLE_401_STABLE, MOODLE_403_STABLE, MOODLE_404_STABLE, MOODLE_405_STABLE
    • MDL-81604-404
    • MDL-81604-405
    • MDL-81604-main
    • Hide
      1. Download ISO
      2. Create VM
        • Install VMware Player. If you have trouble installing it, check this tutorial.
        • Create a New Virtual Machine
        • Installer Disc image file (iso)
        • Guest operating system: Linux
        • Version: Rocky Linux 64-bit
        • Virtual machine name: MDL-81604
        • Maximum disk size: 20 GB
        • Customize Hardware...
          • Memory: 4GB
      3. Install OS
        • Start VM
        • Install Rocky Linux 9.4
        • Select language
          • Continue
        • Installation destination
          • Done
        • Root Password
          • Password: moodle
          • Confirm: moodle
          • Done
          • Done
        • Begin Installation
        • Reboot System
      4. Finish OS Setup
        • Start Setup
        • Privacy
          • Location Services: off
        • Online Accounts
          • Skip
        • About You
          • Full Name: moodle
          • Username: moodle
        • Password
          • Password: moodle
          • Confirm: moodle
        • Start using Rocky Linux
        • Skip tour
      5. Optional: Prevent screen turning off
        • Open Settings
        • Power
          • Screen blank: Never
      6. Setup Apache, PHP-FPM, MySQL and Moodle
        • Open Terminal

        • # Remove password prompt for sudo
          		 
          sudo chmod u+w /etc/sudoers
          		 
          sudo sed -i "s/^%wheel.*/%wheel\tALL=(ALL)\tNOPASSWD: ALL/" /etc/sudoers
          		 
          sudo chmod u-w /etc/sudoers
          		 
           
          		 
          # Disable SELinux
          		 
          sudo setenforce 0
          		 
          sudo sed -i "s/^SELINUX=enforcing/SELINUX=disabled/" /etc/sysconfig/selinux
          		 
          sudo grubby --update-kernel ALL --args selinux=0
          		 
           
          		 
          # Apache
          		 
          sudo dnf update
          		 
          sudo dnf install -y httpd
          		 
          sudo mkdir /var/www/html/moodle
          		 
          sudo sh -c "cat >/etc/httpd/conf.d/moodle.conf" <<-EOF
          		 
          <VirtualHost *:80>
          		 
              ServerName localhost
          		 
              DocumentRoot "/var/www/html/moodle"
          		 
           
          		 
              <Directory "/var/www/html/moodle">
          		 
                  AllowOverride All
          		 
                  Options -Indexes +FollowSymLinks
          		 
                  Require all granted
          		 
              </Directory>
          		 
              ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/html/moodle/\$1"
          		 
           
          		 
          </VirtualHost>
          		 
          EOF
          		 
          sudo systemctl enable --now httpd
          		 
           
          		 
          # PHP-FPM
          		 
          sudo dnf module disable -y php
          		 
          sudo dnf module enable -y php:remi-8.3
          		 
          sudo dnf remove -y php php-fpm php-gd php-intl php-mbstring php-mysqlnd php-sodium php-xml php-zip
          		 
          sudo dnf install -y php php-fpm php-gd php-intl php-mbstring php-mysqlnd php-sodium php-xml php-zip
          		 
          sudo sed -i "s/^;max_input_vars = .*/max_input_vars = 5000/" /etc/php.ini
          		 
          sudo sed -i "s/^listen = .*/listen = 127.0.0.1:9000/" /etc/php-fpm.d/www.conf
          		 
          sudo systemctl enable --now php-fpm
          		 
           
          		 
          # MySQL
          		 
          sudo dnf install mysql-server -y
          		 
          sudo systemctl enable --now mysqld
          		 
          mysql -u root <<'EOF'
          		 
          CREATE DATABASE moodle DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
          		 
          CREATE USER moodleuser@localhost IDENTIFIED BY 'moodlepass';
          		 
          GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodle.* TO moodleuser@localhost;
          		 
          EOF
          		 
           
          		 
          # MOODLE
          		 
          sudo dnf install -y git
          		 
          sudo git clone --branch main https://github.com/moodle/moodle.git /var/www/html/moodle
          		 
          sudo mkdir /var/www/moodledata
          		 
          sudo chmod 777 /var/www/moodledata
          		 
          sudo php /var/www/html/moodle/admin/cli/install.php --wwwroot="http://localhost" --dataroot="/var/www/moodledata" --dbtype="mysqli" --dbhost="localhost" --dbname="moodle" --dbuser="moodleuser" --dbpass="moodlepass" --fullname="MDL-81604_main" --shortname="MDL-81604_main" --adminpass="moodle" --adminemail="admin@example.invalid" --supportemail="support@example.invalid" --non-interactive --agree-license --allow-unstable
          		 
          sudo chmod o+r /var/www/html/moodle/config.php
          		 
          sudo systemctl reload httpd
          		 
           
          		 
          # Apply the patch
          		 
          cd /var/www/html/moodle
          		 
          sudo chown -R moodle:moodle .
          		 
          git config --global user.name "Your Name"
          		 
          git config --global user.email you@example.com
          		 
          git remote add t-schroeder https://github.com/t-schroeder/moodle.git
          		 
          git fetch t-schroeder MDL-81604-main
          		 
          git log t-schroeder/MDL-81604-main
          		 
          git cherry-pick <the first commit hash in the log>
          		 
           
          		 
          # Create test file
          		 
          cd ~;
          		 
          echo "content" > "file name containing spaces.txt"

      7. Test with PHP 8.3
        • Open Firefox
        • http://localhost/
        • Login
          • Username: admin
          • Password: moodle
        • User menu
        • Private files
        • Upload ~/file name containing spaces.txt
        • Save changes
        • Click "file name containing spaces.txt"
        • Download
        • Confirm the file got downloaded
      Show
      Download ISO https://rockylinux.org/download Default Images v9.4 Boot ISO Create VM Install VMware Player. If you have trouble installing it, check this tutorial . Create a New Virtual Machine Installer Disc image file (iso) Guest operating system: Linux Version: Rocky Linux 64-bit Virtual machine name: MDL-81604 Maximum disk size: 20 GB Customize Hardware... Memory: 4GB Install OS Start VM Install Rocky Linux 9.4 Select language Continue Installation destination Done Root Password Password: moodle Confirm: moodle Done Done Begin Installation Reboot System Finish OS Setup Start Setup Privacy Location Services: off Online Accounts Skip About You Full Name: moodle Username: moodle Password Password: moodle Confirm: moodle Start using Rocky Linux Skip tour Optional: Prevent screen turning off Open Settings Power Screen blank: Never Setup Apache, PHP-FPM, MySQL and Moodle Open Terminal # Remove password prompt for sudo sudo chmod u+w /etc/sudoers sudo sed -i "s/^%wheel.*/%wheel\tALL=(ALL)\tNOPASSWD: ALL/" /etc/sudoers sudo chmod u-w /etc/sudoers   # Disable SELinux sudo setenforce 0 sudo sed -i "s/^SELINUX=enforcing/SELINUX=disabled/" /etc/sysconfig/selinux sudo grubby --update-kernel ALL --args selinux=0   # Apache sudo dnf update sudo dnf install -y httpd sudo mkdir /var/www/html/moodle sudo sh -c "cat >/etc/httpd/conf.d/moodle.conf" <<-EOF <VirtualHost *:80> ServerName localhost DocumentRoot "/var/www/html/moodle"   <Directory "/var/www/html/moodle" > AllowOverride All Options -Indexes +FollowSymLinks Require all granted < /Directory > ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/html/moodle/\$1"   < /VirtualHost > EOF sudo systemctl enable --now httpd   # PHP-FPM sudo dnf module disable -y php sudo dnf module enable -y php:remi-8.3 sudo dnf remove -y php php-fpm php-gd php-intl php-mbstring php-mysqlnd php-sodium php-xml php-zip sudo dnf install -y php php-fpm php-gd php-intl php-mbstring php-mysqlnd php-sodium php-xml php-zip sudo sed -i "s/^;max_input_vars = .*/max_input_vars = 5000/" /etc/php .ini sudo sed -i "s/^listen = .*/listen = 127.0.0.1:9000/" /etc/php-fpm .d /www .conf sudo systemctl enable --now php-fpm   # MySQL sudo dnf install mysql-server -y sudo systemctl enable --now mysqld mysql -u root << 'EOF' CREATE DATABASE moodle DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; CREATE USER moodleuser@localhost IDENTIFIED BY 'moodlepass' ; GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON moodle.* TO moodleuser@localhost; EOF   # MOODLE sudo dnf install -y git sudo git clone --branch main https: //github .com /moodle/moodle .git /var/www/html/moodle sudo mkdir /var/www/moodledata sudo chmod 777 /var/www/moodledata sudo php /var/www/html/moodle/admin/cli/install .php --wwwroot= "http://localhost" --dataroot= "/var/www/moodledata" --dbtype= "mysqli" --dbhost= "localhost" --dbname= "moodle" --dbuser= "moodleuser" --dbpass= "moodlepass" --fullname= "MDL-81604_main" --shortname= "MDL-81604_main" --adminpass= "moodle" --adminemail= "admin@example.invalid" --supportemail= "support@example.invalid" --non-interactive --agree-license --allow-unstable sudo chmod o+r /var/www/html/moodle/config .php sudo systemctl reload httpd   # Apply the patch cd /var/www/html/moodle sudo chown -R moodle:moodle . git config --global user.name "Your Name" git config --global user.email you@example.com git remote add t-schroeder https: //github .com /t-schroeder/moodle .git git fetch t-schroeder MDL-81604-main git log t-schroeder /MDL-81604-main git cherry-pick <the first commit hash in the log>   # Create test file cd ~; echo "content" > "file name containing spaces.txt" Test with PHP 8.3 Open Firefox http://localhost/ Login Username: admin Password: moodle User menu Private files Upload ~/file name containing spaces.txt Save changes Click "file name containing spaces.txt" Download Confirm the file got downloaded
    • Hide

      Code verified against automated checks.

      Checked MDL-81604 using repository: https://github.com/meirzamoodle/moodle.git

      More information about this report

      Built on: Fri Mar 7 06:03:46 UTC 2025

      Show
      Code verified against automated checks. Checked MDL-81604 using repository: https://github.com/meirzamoodle/moodle.git MOODLE_404_STABLE (0 errors / 0 warnings) [branch: MDL-81604-404 | CI Job ] MOODLE_405_STABLE (0 errors / 0 warnings) [branch: MDL-81604-405 | CI Job ] main (0 errors / 0 warnings) [branch: MDL-81604-main | CI Job ] More information about this report Built on: Fri Mar 7 06:03:46 UTC 2025
    • Hide

      Launching automatic jobs for branch MDL-81604-404

      Launching automatic jobs for branch MDL-81604-405

      Launching automatic jobs for branch MDL-81604-main

      Built on: Fri Mar 7 06:25:41 UTC 2025

      Show
      Launching automatic jobs for branch MDL-81604 -404 https://ci.moodle.org/view/Testing/job/DEV.02%20-%20Developer-requested%20PHPUnit/18461/ PHPUnit (sqlsrv) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63223/ Behat (NonJS - boost and classic) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63224/ Behat (Firefox - boost) Launching automatic jobs for branch MDL-81604 -405 https://ci.moodle.org/view/Testing/job/DEV.02%20-%20Developer-requested%20PHPUnit/18462/ PHPUnit (sqlsrv) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63225/ Behat (NonJS - boost and classic) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63226/ Behat (Firefox - boost) Launching automatic jobs for branch MDL-81604 -main https://ci.moodle.org/view/Testing/job/DEV.02%20-%20Developer-requested%20PHPUnit/18463/ PHPUnit (sqlsrv) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63227/ Behat (NonJS - boost and classic) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63228/ Behat (Firefox - boost) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63229/ Behat (Firefox - classic) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63230/ App tests (stable app version) --> unrelated failure, please ignore. Built on: Fri Mar 7 06:25:41 UTC 2025

      The fix for MDL-51554 is now causing problems in PHP 8.1 (and higher) when using apache and php-fpm. When trying to view a file with e.g. spaces in its name you get an error saying the file was not found. The problem is that the rawurldecode() is being skipped because this line is never reached. The reason is that this condition is false. That's happening because this PHP issue got fixed in PHP 8.1.18, 8.2.5 and 8.3+. Therefore $_SERVER['SCRIPT_NAME'] now no longer contains $_SERVER['PATH_INFO'] as a substring. But $_SERVER['PATH_INFO'] is still urlencoded and needs to be urldecoded in setuplib.php. Since the urldecode is currently not being done, the wrong pathnamehash gets computed in e.g. the function resource_pluginfile() and the file is not found and you get to here and then here.

            tschroeder Tim Schroeder
            tschroeder Tim Schroeder
            Meirza Meirza
            Votes:
            11 Vote for this issue
            Watchers:
            19 Start watching this issue

              Created:
              Updated:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 day, 4 hours, 22 minutes
                1d 4h 22m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.