Plugins won't install in cPanel, but can be installed in Linux [SOLVED]

ojspkpuser · June 24, 2019, 12:12pm

Hello,

I made a fresh install of an OJS 3.1.1.4. on a Linux Ubuntu server. I installed several plugins and everything went well.

Then I moved the install to a cPanel hosting company. When I want to install, or upgrade any plugin, I click the button and noting happens, but if I refresh the page I get the following error: “The uploaded plugin archive does not contain a folder that corresponds to the plugin name.”

I searched in several plugin sub-folders in the installation and I couldn’t find the name of the plugin I was trying to install (in my case - the backup) plugin.

I searched the forum and I found two possible situations. One - tar is not in the correct path, and the permissions. I checked with the hosting company and tar is in the correct path specified in config file. The permissions are as in the readme file. public, cache, … and files folders have file/folders with write permissions.

I even tried with write permissions on plugin folder, but to no avail.

The hosting company tried to disable mod security, but it didn’t help.

I showed the errors, and stack-trace (in config.inc.php), and I looked in the logs. I found the following:

websitePHP Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /lib/pkp/lib/adodb/adodb.inc.php on line 1003
websitePHP Warning: Declaration of PKPUsageEventPlugin::getEnabled() should be compatible with LazyLoadPlugin::getEnabled($contextId = NULL) in /lib/pkp/plugins/generic/usageEvent/PKPUsageEventPlugin.inc.php on line 0
websitePHP Warning: Declaration of AllowedUploadsPlugin::register($category, $path) should be compatible with LazyLoadPlugin::register($category, $path, $mainContextId = NULL) in /plugins/generic/allowedUploads/AllowedUploadsPlugin.inc.php on line 0
websitePHP Warning: Declaration of CustomHeaderPlugin::register($category, $path) should be compatible with LazyLoadPlugin::register($category, $path, $mainContextId = NULL) in /plugins/generic/customHeader/CustomHeaderPlugin.inc.php on line 0
websitePHP Warning: Declaration of CustomBlockPlugin::getBlockContext() should be compatible with BlockPlugin::getBlockContext($contextId = NULL) in /plugins/generic/customBlockManager/CustomBlockPlugin.inc.php on line 0
websitePHP Warning: Declaration of CustomBlockPlugin::getEnabled() should be compatible with BlockPlugin::getEnabled($contextId = NULL) in /plugins/generic/customBlockManager/CustomBlockPlugin.inc.php on line 0
websitePHP Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /lib/pkp/lib/adodb/adodb.inc.php on line 1003

I have no clue why on plugin install in cPanel is not working, while on Linux I have no problem.

ctgraham · June 24, 2019, 2:28pm

There is almost certainly a relevant PHP error message which is getting lost in the noise.

Try silencing the NOTICE, DEPRECATED, and STRICT warnings, and then retry the operation.

You should get a clearer picture into the error.

pheckler · June 24, 2019, 2:35pm

Hi,
OJS has sometimes had issues with ModSecurity in the past (see here). Try disabling it in Cpanel to see if the problem still occurs?

ojspkpuser · June 24, 2019, 3:51pm

@ctgraham Thank you I reduced a little bin the noise, I think this is the error:

PHP Fatal error: Uncaught Error: Call to a member function getProductType() on string in /lib/pkp/classes/plugins/PluginHelper.inc.php:107
Stack trace:
#0 /lib/pkp/controllers/grid/plugins/PluginGalleryGridHandler.inc.php(266): PluginHelper->installPlugin(NULL, ‘The uploaded pl…’)
#1 /lib/pkp/classes/core/PKPRouter.inc.php(390): PluginGalleryGridHandler->installPlugin(Array, Object(Request))
#2 /lib/pkp/classes/core/PKPComponentRouter.inc.php(257): PKPRouter->_authorizeInitializeAndCallRequest(Array, Object(Request), Array)
#3 /lib/pkp/classes/core/Dispatcher.inc.php(134): PKPComponentRouter->route(Object(Request))
#4 /lib/pkp/classes/core/PKPApplication.inc.php(247): Dispatcher->dispatch(Object(Request))
#5 /index.php(68): PKPApplication->execute()
#6 {main}
thrown in /lib/pkp/classes/plugins/PluginHelper.inc.php on line 107

But it doesn’t tell me much…

@pheckler Thank you!, they said they stopped mod security, but it didn’t help.

ctgraham · June 24, 2019, 7:58pm

Something about this logic is failing:

github.com

pkp/pkp-lib/blob/6a9afd6dccc137b3f730a9289ab99a4c04f2db4a/classes/site/VersionCheck.inc.php#L156-L173


		// Validate plugin name and type to avoid abuse
		if (is_null($errorMsg)) {
			$productType = explode(".", $versionInfo['type']);
			if(count($productType) != 2 || $productType[0] != 'plugins') {
				$errorMsg = 'manager.plugins.versionFileInvalid';
			}
		}

		if (is_null($errorMsg)) {
			$pluginVersion = $versionInfo['version'];
			$namesToValidate = array($pluginVersion->getProduct(), $productType[1]);
			foreach($namesToValidate as $nameToValidate) {
				if (!PKPString::regexp_match('/[a-z][a-zA-Z0-9]+/', $nameToValidate)) {
					$errorMsg = 'manager.plugins.versionFileInvalid';
					break;
				}
			}
		}

Are you comfortable modifying PHP code? If so, we could add some error_log() statements to try to see what is going on.

ojspkpuser · June 24, 2019, 8:01pm

@ctgraham Yes, I can modify it, but where to add the error_log() statements?, can you give me an example?

ctgraham · June 24, 2019, 8:29pm

Here is what I would be curious to see:

		// Validate plugin name and type to avoid abuse
		if (is_null($errorMsg)) {
error_log('Checking '.$versionInfo['type']);
			$productType = explode(".", $versionInfo['type']);
			if(count($productType) != 2 || $productType[0] != 'plugins') {
				$errorMsg = 'manager.plugins.versionFileInvalid';
			}
		}

		if (is_null($errorMsg)) {
			$pluginVersion = $versionInfo['version'];
error_log('Validating '.$pluginVersion->getProduct().' and '.$productType[1]);
			$namesToValidate = array($pluginVersion->getProduct(), $productType[1]);
			foreach($namesToValidate as $nameToValidate) {
				if (!PKPString::regexp_match('/[a-z][a-zA-Z0-9]+/', $nameToValidate)) {
					$errorMsg = 'manager.plugins.versionFileInvalid';
					break;
				}
			}
		}

ojspkpuser · June 24, 2019, 8:47pm

@ctgraham I modified it, and it seems the information is not shown in the error_log file (with or without setting display error, stacktrace on)

PHP Warning: exec() has been disabled for security reasons in /lib/pkp/classes/plugins/PluginHelper.inc.php on line 64
PHP Deprecated: Non-static method VersionCheck::getValidPluginVersionInfo() should not be called statically in /lib/pkp/classes/plugins/PluginHelper.inc.php on line 103
PHP Fatal error: Uncaught Error: Call to a member function getProductType() on string in /lib/pkp/classes/plugins/PluginHelper.inc.php:107
Stack trace:
#0 /lib/pkp/controllers/grid/plugins/PluginGalleryGridHandler.inc.php(266): PluginHelper->installPlugin(NULL, ‘The uploaded pl…’)
#1 /lib/pkp/classes/core/PKPRouter.inc.php(390): PluginGalleryGridHandler->installPlugin(Array, Object(Request))
#2 /lib/pkp/classes/core/PKPComponentRouter.inc.php(257): PKPRouter->_authorizeInitializeAndCallRequest(Array, Object(Request), Array)
#3 /lib/pkp/classes/core/Dispatcher.inc.php(134): PKPComponentRouter->route(Object(Request))
#4 /lib/pkp/classes/core/PKPApplication.inc.php(247): Dispatcher->dispatch(Object(Request))
#5 /index.php(68): PKPApplication->execute()
#6 {main}
thrown in /lib/pkp/classes/plugins/PluginHelper.inc.php on line 107

Shouldn t I put the error logs in another file?

ctgraham · June 25, 2019, 12:12pm

This suggests that your PHP configuration prevents PHP from executing the tar command. Without that capability, OJS cannot unpack the plugin archive. Check with your hosting provider to see how to enable the exec() function for PHP.

ojspkpuser · June 26, 2019, 10:44am

@ctgraham Indeed this was the problem. After activating it, all was resolved!

Thank you very much!

SOLVED. In case one gets in the same situation of moving from a Linux test machine to a cPanel hosted site these should be the steps to follow.
1. Select the correct PHP version. For some themes (oldGregg) you might need 7.1. You can do this in Select PHP version. There you can select also the extensions that might not have been activated (xmlwriter, xmlreader, …)

2. Set the PHP options in Select PHP Version - in the same place [Switch To PHP Options]
Usefull ones:
Diminish error reporting
error_reporting [E_ALL & ~E_NOTICE] or more if the system allows you.
To allow file uploads:
file_uploads = On
To log the errors:
log_errors = On,
The maximum file size (useful if users send big manuscripts, big images, sounds or even videos, change accordingly)
post_max_size = 8M
upload_max_filesize = 8M

3. Check the file permissions. You can change en file by file or folder by folder in the interface, but this could be tedious. Instead ask the technical department using the ticketing system to allow you the command line interface access through SSH.

The cache, public folders should be writable, as well as the folder with the submission files outside the web folder

find /home/cPanel_user_name/public_html/cache -type f -exec chmod 755 {} ;
find /home/cPanel_user_name/public_html/cache -type d -exec chmod 755 {} ;
find /home/cPanel_user_name/public_html/public -type f -exec chmod 755 {} ;
find /home/cPanel_user_name/public_html/public -type d -exec chmod 755 {} ;
find /home/cPanel_user_name/files_folder -type f -exec chmod 755 {} ;
find /home/cPanel_user_name/files_folder -type d -exec chmod 755 {} ;

To get the SSH access ask the technical department. They might ask you to create a RSA public key. If you already have generated it, it is in ~/.ssh/id_rsa.pub. They might ask you to send it to them.
If you don’t have one, you can generate it (https://confluence.atlassian.com/bitbucketserver/creating-ssh-keys-776639788.html)

ssh-keygen -t rsa -C "your_email@example.com"

To connect to the server through SSH, you need the address and the port. Use a command like this:
ssh cPanel_user_name@website_name -p port_number
Then type the password used to create the key.
Please make sure you issue this command from the account you created it, otherwise it won’t work.

4. Check the logs. You can activate error reporting in config.inc.php and also show stack trace When activating them some pages might not work, so get to the page where you have a problem, activate the reporting, then try it. The logs have to be set up to be shown. (see above). The logs might be found in the current OJS installation folder, as a file named error_log. If there are too mani notices and warnings you can try to deactivate them - see above in PHP options.

5. if you want to show specific information inside the php code in the logs, you can use commands like error_log('Checking '.$versionInfo[‘type’]);

6. install a free SSL certificate from letsencrypt cPanel can provide this free. In SSL/TSL

7. add the crontab job to make sure OJS sends automatically reminders to users, calculates statistics and other things. Go in Cron Jobs
Add New Cron Job
0 0,12 * * * php public_htm/tools/runScheduledTasks.php
This one will run twice dayly at 12 and at 24.

8. Check if tar is available You need tar for the Backup plugin. Ask the technical assistance to see where is located, or if you have the command line interface access through SSH issue:
whereis tar
Then modify the path to it in config.inc.php

9. Check if exec() PHP function is activated for installing and updating plugins from the interface Ask the technical assistance to activate this function.

10 Check if passthru() PHP function is activated for the Backup plugin to work. Ask the technical assistance to activate this function.

11 Disable mod security Sometimes this might help, I didn’t use it, but I observed on the forum. Ask the technical assistance to deactivate this function.