Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Update 1.6.3 - Wordpress install error #2760

Closed
dfag86 opened this issue Jul 13, 2022 · 8 comments
Closed

[Bug] Update 1.6.3 - Wordpress install error #2760

dfag86 opened this issue Jul 13, 2022 · 8 comments
Labels
bug Something isn't working

Comments

@dfag86
Copy link

dfag86 commented Jul 13, 2022

Describe the bug

I updated HestiaCP to the latest version. I have Debian 11 and everything was working perfectly. After the automatic update, I can't install wordpress. I used PHP 8.0 which is standard.

Tell us how to replicate the bug

  1. Edit web domain
  2. install Wordpress

Which components are affected by this bug?

Control Panel Installation or Upgrade, Control Panel Web Interface

Hestia Control Panel Version

1.6.3

Operating system

Debian 11

Log capture

2022-07-13 12:27:12 v-update-sys-rrd-mysql  'daily' [Error 15]
2022-07-13 12:32:11 v-update-sys-rrd-mysql  'daily' [Error 15]
2022-07-13 12:37:12 v-update-sys-rrd-mysql  'daily' [Error 15]
2022-07-13 12:42:11 v-update-sys-rrd-mysql  'daily' [Error 15]
2022-07-13 12:47:12 v-update-sys-rrd-mysql  'daily' [Error 15]
2022-07-13 12:52:11 v-update-sys-rrd-mysql  'daily' [Error 15]
2022-07-13 12:53:32 v-list-web-domain  [Error 1]
2022-07-13 12:57:12 v-update-sys-rrd-mysql  'daily' [Error 15]
@dfag86 dfag86 added the bug Something isn't working label Jul 13, 2022
@dfag86
Copy link
Author

dfag86 commented Jul 13, 2022

The problem does not only concern Wordpress, because NextCloud does not install either, so it is rather a technical problem with listing domains, etc., making it impossible to move on.

@ScIT-Raphael
Copy link
Member

Its a function issue which affects the whole imstallation manager, we'll get that fixed.

For reference: https://discord.com/channels/737721354937303161/738055454285889597/996721868520308756

@jaapmarcus
Copy link
Member

hestiacp/web/src/app/System/HestiaApp.php

Lines 20 to 24 in cbb49fb

if(!str_starts_with((string)$cli_script, HESTIA_CMD."/" )){
$errstr = "$cmd is trying to traverse outside of " .HESTIA_CMD;
trigger_error($errstr);
throw new \Exception($errstr);
}

divinity76 added a commit to divinity76/hestiacp that referenced this issue Jul 13, 2022
@divinity76
fix buggy traversion detection code
a051b0e 
ref hestiacp#2760
@divinity76 divinity76 mentioned this issue Jul 13, 2022
Merged
jaapmarcus pushed a commit that referenced this issue Jul 13, 2022
@divinity76
fix buggy traversion detection code (#2762)
352d0b3 
* fix buggy traversion detection code

ref #2760

* same bug here, HESTIA_CMD is not a filepath/command

its 2, sudo AND something else
@jaapmarcus
Copy link
Member

Fixed

@divinity76
Copy link
Member

for a quickfix you can try running as sudo

wget 'https://raw.githubusercontent.com/divinity76/hestiacp/f4eb5fc1063739cf2b07aed91ba3c5f58cd371d4/web/api/index.php' -O /usr/local/hestia/web/api/index.php;
 
wget 'https://raw.githubusercontent.com/divinity76/hestiacp/f4eb5fc1063739cf2b07aed91ba3c5f58cd371d4/web/inc/main.php' -O /usr/local/hestia/web/inc/main.php; 

wget 'https://raw.githubusercontent.com/divinity76/hestiacp/f4eb5fc1063739cf2b07aed91ba3c5f58cd371d4/web/src/app/System/HestiaApp.php' -O /usr/local/hestia/web/src/app/System/HestiaApp.php;
  • no guarantees, and a proper fix will be included in the next release ^^

@jaapmarcus
Copy link
Member 

v-update-sys-hestia-git hestiacp main

Will work for sure
No major changes have been made anyway

@dfag86
Copy link
Author

dfag86 commented Jul 13, 2022

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING - Development builds should not be installed on
systems with live production data without understanding
the potential risks that are involved!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Do you wish to proceed with the installation? [y/n]

@dfag86
Copy link
Author

dfag86 commented Jul 13, 2022

Everything works fine :) Thank you!

@jaapmarcus jaapmarcus mentioned this issue Jul 14, 2022
Closed
@bobbythomas bobbythomas mentioned this issue Jul 14, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@divinity76 @jaapmarcus @ScIT-Raphael @dfag86