[bug report] PHP Fatal error: Call to a member function getId() on a non-object in /var/www/ojs-2.4.8-5/pages/comment/CommentHandler.inc.php on line 185

tessiof · July 9, 2019, 11:11pm

Hello,

First, about my installation:

OJS: 2.4.8-5
PHP: 5.5.9
OS: Ubuntu 14.04.6 LTS x86_64

I’m seeing this bug constantly on my logs (and also this one that may be related):

[Tue Jul 09 19:26:18.702548 2019] [:error] [pid 2180] [client 159.224.221.175:41882] PHP Fatal error: Call to a member function getId() on a non-object in /var/www/ojs-2.4.8-5/pages/comment/CommentHandler.inc.php on line 185, referer: http://www.periodicos.ufpb.br/index.php/index/

The code:
> /**

     * Validation
     * @param $request PKPRequest
     * @param $articleId int
     */
    function validate(&$request, $articleId) {
            parent::validate();

            $journal =& $request->getJournal();                
  $journalId = $journal->getId();
  // UP THERE! ^^^^^^^^^^^^^^^^^ 
            $journalSettingsDao =& DAORegistry::getDAO('JournalSettingsDAO');

            $publishedArticleDao =& DAORegistry::getDAO('PublishedArticleDAO');
            $article =& $publishedArticleDao->getPublishedArticleByArticleId($articleId);

            // Bring in comment constants
            $commentDao =& DAORegistry::getDAO('CommentDAO');

            $enableComments = $journal->getSetting('enableComments');

            if ((!Validation::isLoggedIn() && $journalSettingsDao->getSetting($journalId,'restrictArticleAccess')) || ($article && !$article->getEnableComments()) || ($enableComments != COMMENTS_ANONYMOUS && $enableComments != COMMENTS_AUTHENTICATED && $enableComments != COMMENTS_UNAUTHENTICATED)) {
                    Validation::redirectLogin();
            }

            // Subscription Access
            $issueDao =& DAORegistry::getDAO('IssueDAO');
            $issue =& $issueDao->getIssueByArticleId($articleId);

            if (isset($issue) && isset($article)) {
                    import('classes.issue.IssueAction');
                    $subscriptionRequired = IssueAction::subscriptionRequired($issue);
                    $subscribedUser = IssueAction::subscribedUser($journal, $issue->getId(), $articleId);

                    if (!(!$subscriptionRequired || $article->getAccessStatus() == ARTICLE_ACCESS_OPEN || $subscribedUser)) {
                            $request->redirect(null, 'index');
                    }
            } else {
                    $request->redirect(null, 'index');
            }

            $this->issue =& $issue;
            $this->article =& $article;
            return true;
    }

OJS/Apache2 is using a lot of resources and will eventually become very slow (VM with 4 CPUs and 4GB of RAM), sometimes even crashing the VM as it uses all available RAM. PHP memory_limit is set at 1536M.

Before updating to 2.4.8-5 from 2.4.8-2, I tried to upgrade to 3.1.2-1. But a number of inconsistencies in the database prevented the upgrade. I restored a VM snapshot and the upgrade to 2.4.8-5 ran without flaws. Or so I believed.

I think those database inconsistencies (like this one) are the cause of this problem.

asmecher · July 9, 2019, 11:30pm

Hi @tessiof,

Check to make sure your installation isn’t being used for spamming. Have a look at the comments table in your database to see whether it’s actually being used for valid public comments; if not, you’ll need to clean out any spam accumulation there. To prevent new accumulation, there are CAPTCHA tools that can be configured in config.inc.php, or you could simply disable public commenting and use something like Hypothes.is instead.

Regards,
Alec Smecher
Public Knowledge Project Team

tessiof · July 10, 2019, 7:18pm

Yeah… I found a bunch of fake users and spam messages.

I have to do anything besides restarting apache after editing config.inc.php?

[captcha]

; Whether or not to enable Captcha features
captcha = On

; Whether or not to use Captcha on user registration
captcha_on_register = On

; Whether or not to use Captcha on user comments
captcha_on_comments = On

; Whether or not to use Captcha on notification mailing list registration
captcha_on_mailinglist = On

; Font location for font to use in Captcha images
font_location = /usr/share/fonts/truetype/freefont/FreeSerif.ttf

; Whether to use reCaptcha instead of default Captcha
recaptcha = On

; Version of ReCaptcha to use: 0: Legacy (default), 2: ReCAPTCHA v2
recaptcha_version = 2

; Public key for reCaptcha (see reCAPTCHA)
recaptcha_public_key = “xXxXxXxXXxX”

; Private key for reCaptcha (see reCAPTCHA)
recaptcha_private_key = “xXxXxXxXXxX”

; Validate the hostname in the ReCaptcha v2 response
recaptcha_enforce_hostname = Off

Thanks a lot!

asmecher · July 10, 2019, 7:21pm

Hi @tessiof,

It’s not even necessary to restart Apache – changes to config.inc.php should take place immediately.

Regards,
Alec Smecher
Public Knowledge Project Team