[imp] Weird problem with certain attachments
imp-archive@cloud9.net
imp-archive at cloud9.net
Wed Apr 19 06:55:38 PDT 2006
Ok, thanks for the advice on that particular issue, but it has nothing to
do with the core question I posed. Does anyone have any advice on the
original question?
Thanks!
Chris H. [fbsd at 1command.com] wrote:
>Greetings,
>...
>
>Quoting imp-archive at cloud9.net:
>
>> I'm using Horde 3.0.10 and IMP 4.0.4 with Apache 2.2.0, PHP 5.1.2,
>> and ZendPlatform 2.1.2 and I have started to observe the following
>> issue:
>>
>> I send an e-mail with one 1MB Windows bitmap from Outlook 2003 and
>> I'm able to view it fine using IMP.
>>
>> An e-mail with two or more bitmaps and I get a blank page. I get the
>> following error at when I turn on all PHP messages to the browser:
>>
>> Fatal error: Call to a member function loadString() on a non-object
>> in /webmail/horde/imp/lib/MIME/Viewer/images.php on line 228
>>
>> My php.ini:
>>
>> session.use_cookies = 1
>> file_uploads = on
>> upload_max_filesize = 15360000
>
>WARNING Will Robinson. DANGER! DANGER!
>It is a well known fact that using any code that requires registering
>globals is a HUGE security risk. PHP became aware of this some years
>ago and has it turned OFF by default. The documentation that comes
>with your copy of PHP mentions this. As do most copies of the PHP.ini
>file that is installed. You need to change this to:
>register_globals = off
>unless you are looking/ hoping to have your web server and other services
>exploited. I can tell you first hand that not a day goes by that several
>creatons aren't looking for open holes or vulnerable services to exploit.
>I am running 12 servers and attempts are made on the hour.
>You have been warned.
>
>> register_globals = on
>
>> error_reporting = E_ALL & ~E_NOTICE
>> upload_tmp_dir = /tmp
>> safe_mode = off
>> include_path = /lib/php
>> memory_limit = 16M
>> max_execution_time = 180
>> post_max_size = 15360000
>>
>> [Zend]
>> zend_extension=/Zend/lib/ZendExtensionManager.so
>> zend_extension_manager.platform=/Zend/lib/Platform-2.1.2
>> zend_extension_manager.optimizer=/Zend/lib/Optimizer-2.6.2
>> zend_extension_manager.download_server=/Zend/lib/DownloadServer-1.0.6
>> zend_extension_manager.mysql=/Zend/lib/MySQL
>> zend_extension_manager.gd=/Zend/lib/GD
>> zend_extension_manager.debug_server=/Zend/lib/Debugger-5.1.0
>> ;zend_extension_manager.mod_cluster=/Zend/lib/SC-1.0.2
>> zend_ini_file=/Zend/etc/zend.ini
>> zend_platform.version=2.1.2
>>
>> Are there any other places I should look for the origin of this
>> issue? I am also building a 3.1.x/4.1.x setup for testing but it is
>> not ready to go into production yet.
>>
>> --
>> Mark P. Hennessy
>>
>>
>> --
>> IMP mailing list - Join the hunt: http://horde.org/bounties/#imp
>> Frequently Asked Questions: http://horde.org/faq/
>> To unsubscribe, mail: imp-unsubscribe at lists.horde.org
>>
>
>
>
>--
>Linux:
>An OS for those who think their using UNIX.
>
>
>-----------------------------------------------------------------
>FreeBSD 5.4-RELEASE-p12 (SMP - 900x2) Tue Mar 7 19:37:23 PST 2006
>/////////////////////////////////////////////////////////////////
More information about the imp
mailing list