Here's an error that occurs at webhost eApps. I've included the error text from both version 1.8 and 1.10.

Error in 1.8:
readfile() has been disabled for security reasons in /home/webadmin/example.com/html/modules/gsitemap/gsitemap.module on line 508.

Error in 1.10:
readfile() has been disabled for security reasons in /home/webadmin/example.com/html/modules/gsitemap/gsitemap.module on line 570.

Looks as if eApps proprietary php.ini configuration is defeating the module, which is an increasingly common thing for webhosts to do. Might want to look for a better way to do it?

Comments

dman’s picture

Any suggestions on what a better way to read a file when the security settings on the server have been set to explicitly prohibit you from reading that file ? :-\

To you think there's any reason to believe that an alternative old-fashioned file_open sorta approach would work instead?

Interesting that the module can successfully write the file, but is not allowed to read it... :-}

aserdaten’s picture

One odd thing is that I've got a different Drupal 4.7 installation on eApps running a version of the module from last year, and it works fine. Maybe we're getting that error msg for the wrong reason.

darren oh’s picture

At that time the site map was generated each time it was requested. The module now generates a site map file when the site changes.

mwander’s picture

Is there a way to resolve this or some type of work-around?

dman’s picture

Did you try

include($dest);

or

print file_get_contents($dest);

instead? I've found them to be binary-safe so far.

mwander’s picture

dman,

I switched it to the first of your two choices. Works like a charm!

Thank you.

darren oh’s picture

Status: Active » Fixed

I cannot imagine why a host would think readfile() is insecure. It's way more insecure to use include(), because PHP will try to execute the file. I committed the second suggestion in CVS commit 83411.

Anonymous’s picture

Status: Fixed » Closed (fixed)