Error: require_once(): Failed opening required '__DIR__/security_review.inc'

Hello. I'm not able to reproduce this on a fresh Drupal 7.24 installation. Could you provide some more information on your site, such as what modules you are using.

If you would please try a drupal cache clear and also running the security review not within the overlay page (visit admin/reports/security-review directly).

Also, are there any error messages for security review or batch in the logs?

I'm finding problems also. When using drush to push content sql-sync would fail with

The external command could not be executed due to an application error.                                                                                                                                              [error]
The command sql-sync could not be initialized.

Running updb gave me a clue

drush --yes @tj49.rem updb
require_once(__DIR__/security_review.inc): failed to open stream: No   [warning]
such file or directory security_review.drush.inc:9
Drush command terminated abnormally due to an unrecoverable error.       [error]
Error: require_once(): Failed opening required
'__DIR__/security_review.inc'
(include_path='.:/usr/lib64/php:/usr/share/pear') in
/home2/moldovas/public_html/tj49/sites/all/modules/security_review/security_review.drush.inc,
line 9

And removing (not just disabling the module cured the problem (I think).
Also, upon upgrading to 7.24 got all kinds of *wrong* error messages for security review - it seemed to be reading file permissions incorrectly.
Module list follows

bash-3.2$ drush pm-list --type=Module --status=enabled
 Package             Name                                     Version
 Administration      Rename Admin Paths (rename_admin_paths)  7.x-2.1
 Chaos tool suite    Chaos tools (ctools)                     7.x-1.3
 Core                Block (block)                            7.24
 Core                Blog (blog)                              7.24
 Core                Book (book)                              7.24
 Core                Color (color)                            7.24
 Core                Comment (comment)                        7.24
 Core                Contact (contact)                        7.24
 Core                Contextual links (contextual)            7.24
 Core                Dashboard (dashboard)                    7.24
 Core                Database logging (dblog)                 7.24
 Core                Field (field)                            7.24
 Core                Field SQL storage (field_sql_storage)    7.24
 Core                Field UI (field_ui)                      7.24
 Core                File (file)                              7.24
 Core                Filter (filter)                          7.24
 Core                Forum (forum)                            7.24
 Core                Help (help)                              7.24
 Core                Image (image)                            7.24
 Core                List (list)                              7.24
 Core                Menu (menu)                              7.24
 Core                Node (node)                              7.24
 Core                Number (number)                          7.24
 Core                Options (options)                        7.24
 Core                Overlay (overlay)                        7.24
 Core                Path (path)                              7.24
 Core                RDF (rdf)                                7.24
 Core                Search (search)                          7.24
 Core                Shortcut (shortcut)                      7.24
 Core                System (system)                          7.24
 Core                Taxonomy (taxonomy)                      7.24
 Core                Text (text)                              7.24
 Core                Toolbar (toolbar)                        7.24
 Core                Update manager (update)                  7.24
 Core                User (user)                              7.24
 Input filters       Pathologic (pathologic)                  7.x-2.11
 Logging and alerts  Email logging and alerts (emaillog)      7.x-2.2
 Mail                SMTP Authentication Support (smtp)       7.x-1.0
 Media               File entity (file_entity)                7.x-1.3
 Media               Media (media)                            7.x-1.3
 Migration           Migrate (migrate)                        7.x-2.6-rc1
 Migration           Migrate Example (migrate_example)        7.x-2.6-rc1
 Migration           Migrate UI (migrate_ui)                  7.x-2.6-rc1
 Other               Backup and Migrate (backup_migrate)      7.x-2.8
 Other               Custom tokens (token_custom)             7.x-1.1
 Other               Libraries (libraries)                    7.x-2.1
 Other               Mollom (mollom)                          7.x-2.8
 Other               Token (token)                            7.x-1.5
 People              No Request New Pass (noreqnewpass)       7.x-1.2
 Services            Services (services)                      7.x-3.5
 Services - servers  REST Server (rest_server)                7.x-3.5
 Services - servers  XMLRPC Server (xmlrpc_server)            7.x-3.5
 User interface      CKEditor Link (ckeditor_link)            7.x-2.3
 User interface      Collapsiblock (collapsiblock)            7.x-1.0
 User interface      Read More Control (readmorecontrol)      7.x-1.1-rc2
 User interface      Superfish (superfish)                    7.x-1.9
 User interface      Wysiwyg (wysiwyg)                        7.x-2.2
 Webform             Webform (webform)                        7.x-3.19

similar problems here. every time I try to use Drush to update my Drupal site, it fails -- for instance, "drush up" yields:

require_once(__DIR__/security_review.inc): failed to open stream: No [warning]
such file or directory security_review.drush.inc:9

Fatal error: require_once(): Failed opening required '__DIR__/security_review.inc' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home1/raphaelt/public_html/sites/all/modules/security_review/security_review.drush.inc on line 9
Drush command terminated abnormally due to an unrecoverable error.   [error]
Error: require_once(): Failed opening required
'__DIR__/security_review.inc'
(include_path='.:/usr/lib/php:/usr/local/lib/php') in
/home1/raphaelt/public_html/sites/all/modules/security_review/security_review.drush.inc

if I go into Site Administration and disable the Security Review module, Drush works just fine.

The lack of response is alarming. I hate to sound like a ranter, but
alarming is an appropriate word, IMHO it needs to be said ...

The require_once is bad since it'll halt PHP so attached patch changes it to a include_once and will drush_set_error() out of the command if the file isn't loaded.

I've not been able to reproduce this problem so perhaps its some specific thing with PHP. Try this patch out and let me know how it goes.

My thanks to coltrane for the patch. I have applied it to my local workstation copy of my site. I am no longer seeing the errors as noted above and that is good news! I have run the security review report and am trying to grok some things before pushing it to the server. I will add another comment detailing any (if any) issues once it is deployed.

-- regards
tim --

Committed and pushed http://drupalcode.org/project/security_review.git/commit/a9307dc.

Drupal 7.x requires up to PHP 5.2.x and __DIR__ is not defined in PHP 5.2.x. The patch needs to be improved so that security_review.inc is still included when using PHP 5.2.x.

Try this patch instead and hopefully this gets included in the latest dev.

sorry folks, I do not have the tools to make a proper patch. however the patch in #5 would be improved with these lines instead....

 // Include security_review.inc file for when invoked from outside the site.
-require_once __DIR__ . '/security_review.inc';
+if (@__DIR__ != '__DIR__') { include_once __DIR__ . '/security_review.inc'; }
+else { include_once 'security_review.inc'; } // assume current directory

I like dirname(__FILE__) better than a conditional. Try this patch out.

Committed http://drupalcode.org/project/security_review.git/commit/7e0592a