allow_url_fopen problem with Joomla Core Updater
949 views
Skip to first unread message
tomfuller
Sep 29, 2011, 1:34:26 PM9/29/11
to joomla-dev...@googlegroups.com
Many hosts have allow_url_fopen disabled because Joomla Security suggests it: Don't Use allow_url_fopen
But the 1.7.x Extension Manager - Update depends on this function.
Akeeba Admin has a workaround for updating the Joomla Core but not for third party extensions.
Has this problem been considered by the team?
Thanks!
Tom
But the 1.7.x Extension Manager - Update depends on this function.
Akeeba Admin has a workaround for updating the Joomla Core but not for third party extensions.
Has this problem been considered by the team?
Thanks!
Tom
Nicholas K. Dionysopoulos
Sep 29, 2011, 1:47:35 PM9/29/11
to joomla-dev...@googlegroups.com
Hi Tom,
In Admin Tools I am actually reusing an idea by Sam Moffat, having a download library which supports both URL fopen() wrappers and cURL. On the other hand, JUpdate uses JHtml (I think I got that class name wrong but I can't check the code right now) which is limited to URL fopen() wrappers. The proper solution would be to abstract that class, using the Adapter pattern, and have one adapter for each of URL fopen() wrappers and cURL. Then, it would be a simple case of automatic selection (heuristics) for the main class to choose the best adapter available, while at the same time allowing the choice to be overridden in the config (so that third party software can choose). It's not overly hard, but someone has to write the actual code. Since I have already written code which I can reuse, I can volunteer for that. I have a lot of traveling to do on October, but I plan on trying my teeth on implementing that around November and doing a pull request to the platform. Hopefully, if this works as I think and gets accepted, it could be included in 2.5.
Cheers,
--
Nicholas K. Dionysopoulos
Lead Developer, AkeebaBackup.com
--
You received this message because you are subscribed to the Google Groups "Joomla! Framework Development" group.
To view this discussion on the web, visit https://groups.google.com/d/msg/joomla-dev-framework/-/ZuVRB8JL_SAJ.
To post to this group, send an email to joomla-dev...@googlegroups.com.
To unsubscribe from this group, send email to joomla-dev-frame...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/joomla-dev-framework?hl=en-GB.
tomfuller
Sep 29, 2011, 1:52:49 PM9/29/11
to joomla-dev...@googlegroups.com
That's awesome, Nick.
I am continually blown away by your extensions. I use Backup, Admin, and ARS for several of my sites. The web host that holds my church site www.CalvaryChapelNewberg.org was the one who suggested Admin could update the core of Joomla.
As a third party developer (www.JoomlaBibleStudy.org), though, my extensions will not update on a site with the currently configured CMS version.
Keep up the great work!
Tom
I am continually blown away by your extensions. I use Backup, Admin, and ARS for several of my sites. The web host that holds my church site www.CalvaryChapelNewberg.org was the one who suggested Admin could update the core of Joomla.
As a third party developer (www.JoomlaBibleStudy.org), though, my extensions will not update on a site with the currently configured CMS version.
Keep up the great work!
Tom
Nicholas K. Dionysopoulos
Sep 29, 2011, 1:56:12 PM9/29/11
to joomla-dev...@googlegroups.com
Thank you, Tom :) I have the same issue with the Joomla! integrated updater. My goal is to have Joomla!'s extension and core update work very smoothly, so that I can get rid of my Live Update code, included in all of my software. Ideally, all software could update through Joomla!'s extension installer/updater, giving a unified experience to the end users - and helping them get their sites up-to-date and not vulnerable very easy ;)
--
Nicholas K. Dionysopoulos
Lead Developer, AkeebaBackup.com
--
You received this message because you are subscribed to the Google Groups "Joomla! Framework Development" group.
To view this discussion on the web, visit https://groups.google.com/d/msg/joomla-dev-framework/-/QseTtpQuLFwJ.
Ofer Cohen
Jan 27, 2012, 12:24:04 PM1/27/12
to joomla-dev...@googlegroups.com
Hey All
Sorry to pop up this thread but recently we have a bug that asked for changing from url fopen (which depend on allow_url_fopen turn on) to another method: http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=27852
I've started to work on it, and first I've changed the code to use the new jhttptransport class. Here is patch: http://uploads.oc666.net/27852.part1.patch
I've replaced the fopen to use JHttpTransportStream and add isAvailable method to JHttpTransport interface and its inheritances. This method check if the http method available.
After testing this one, I'll provide another patch which will choose the available http transport adapter to use. How should I make priority between them? (assuming all of them available).
Best Regards,
Ofer Cohen Joomlics Anonymous Group
--
You received this message because you are subscribed to the Google Groups "Joomla! Framework Development" group.
To view this discussion on the web, visit https://groups.google.com/d/msg/joomla-dev-framework/-/ZuVRB8JL_SAJ.
Reply all
Reply to author
Forward
0 new messages