Hi,
we want to start delivering data to the DNB via DNB plugin after upgrade to OJS 3.4.0.8 was successfull. We received hotfolder credentials and when starting the test delivery, several problems occured.
- When opting in for the experimental features and after closing and restarting the plugin, I receive a blank white page. I can go back in the browser to the tool list, but when clicking the DNB plugin again the page is blank again. Apache error log shows
Got error 'PHP message: PHP Warning: file_put_contents(): open_basedir restriction in effect. File(/var/www/html/files/dnb/response_1439-040X-issn.xml) is not within the allowed path(s): (/var/www/disabled/:/var/www/auto_prepend/:/usr/share/php/:/tmp/:/dev/urandom:/var/www/ojs.openagrar.de/:/bin/tar:/usr/bin/perl:/bin/egrep:/bin/gzip) in /var/www/ojs.openagrar.de/plugins/importexport/dnb/classes/DNBCatalogInfoProvider.php on line 263; PHP message: PHP Warning: file_put_contents(/var/www/html/files/dnb/response_1439-040X-issn.xml): Failed to open stream: Operation not permitted in .........
Am I right to assume that our server settings are too strict and have to be adjusted? What would I have to tell my server admin to adjust?
Unfortunately, I cannot de-select the experimental features at this point since the page is blank.
- In a second journal in this same multi-journal installation, I entered the DNB credentials and DID NOT select the experimental features. No blank page occures, the plugin settings and article deposit list are available. However, export isn’t working, nor is the test deposition of data. The same error message in OJS backend occurs for both actions:
There is no error in the apache error log.
I would be grateful for some ideas and tips on how to fix this. Maybe @ronste1 can help?
We use OJS 3.4.0.8 that was recently upgraded from OJS 3.3.0.8 (started out as 2.2.3.0 in 2009 and went through several upgrades since)
PHP version 8.3.16
Hi @heike_riegler,
I’ll let someone else comment on the DNB plugin – but it looks like you may have installed OJS unsafely! The files_dir (in config.inc.php) should not be placed somewhere web-accessible, as noted in the installation form, configuration file, and documentation. You should move this immediately outside of the web root and check your server for signs of attack.
Regards,
Alec Smecher
Public Knowledge Project Team
Dear @heike_riegler ,
the DNB already informed me about the issue. And, as you already guessed, the warning/error messages you provided both indeed point to a server configuration issue.
For the DNB-Plugin to work correctly write access to the OJS files dir is required to store temporary information. Actually this is true for many features of OJS. If write access to your files dir is prohibited by your php.ini open_basedir setting (as is suggested by the warning message you provided) I wonder how you at all could upload files to OJS. But maybe I am missing something about your configuration.
Once permissions to the OJS files dir are set corretly I would expect the DNB-Plugin to work. If this should not be the case please feel free to contact me again.
Best wishes,
Ronald
1 Like
Well, the plugin tries to write to /var/www/html/files which is not the home of the OJS installation. The DocumentRoot and “home” is /var/www/ojs.openagrar.de.
The value of the files_dir variable is also not files.
Where does /var/www/html come from? Feels somehow like a default/fallback?
Ok, I got the point and indeed this originates from the experimental feature. I fixed it in the repo. Can you try this new (I didn’t change the version number) package: https://github.com/ojsde/dnb/releases/tag/v1.6.0
This explains the first issue from above. Regarding the second issue: Can you verify the permissions of the files/dnb folder? Your web server should have write permissions.
Looking at your paths allowed by open_basedir:
the allowed path(s): (/var/www/disabled/:/var/www/auto_prepend/:/usr/share/php/:/tmp/:/dev/urandom:/var/www/ojs.openagrar.de/:/bin/tar:/usr/bin/perl:/bin/egrep:/bin/gzip)
I can’t identify a path that could be related to the files folder.
