Uploaded image for project: 'In-Portal CMS'
  1. In-Portal CMS
  2. INP-1194

Remove "Compress Compiled PHP Templates" functionality

    XMLWordPrintable

    Details

    • External issue URL:
    • Additional information:
      Hide

      Discussion "Getting out of memory error, when "Compress Compiled PHP Templates" setting enabled:

      At some point of In-Portal life (can't really find when) we've added functionality that allows to compress PHP files in /system/cache folder.
      Doesn't really give any performance benefit and it's only used to prevent attackers on a shared hosting to easily edit these PHP files (since they are located in publicly writable folder) and make it's data to be shown instead actual website.

      Functionality described above is enabled by "Compress Compiled PHP Templates" configuration variable (in database "UseTemplateCompression"), which is disabled by default by the way.

      Fatal Error when using Tags with <? in Templates:

      Looks like we have quite an interesting bug when we get Fatal Error from Parse when trying to using put custom tags that start <?.

      Here is an example:

      <?xml-stylesheet type="text/css" media="screen" href="http://feeds.feedburner.com/~d/styles/itemcontent.css"?>

      Error, that I get is:

      Parse error: syntax error, unexpected T_STRING in [path to template.php] on line 12

      Show
      Discussion "Getting out of memory error, when "Compress Compiled PHP Templates" setting enabled: At some point of In-Portal life (can't really find when) we've added functionality that allows to compress PHP files in /system/cache folder. Doesn't really give any performance benefit and it's only used to prevent attackers on a shared hosting to easily edit these PHP files (since they are located in publicly writable folder) and make it's data to be shown instead actual website. Functionality described above is enabled by "Compress Compiled PHP Templates" configuration variable (in database "UseTemplateCompression"), which is disabled by default by the way. Fatal Error when using Tags with <? in Templates: Looks like we have quite an interesting bug when we get Fatal Error from Parse when trying to using put custom tags that start <?. Here is an example: <?xml-stylesheet type="text/css" media="screen" href="http://feeds.feedburner.com/~d/styles/itemcontent.css"?> Error, that I get is: Parse error: syntax error, unexpected T_STRING in [path to template.php] on line 12
    • Change Log Group:
      Removed
    • Change Log Message:
      Removed compiled template code obfuscation functionality.
    • Story Points:
      1
    • External issue ID:
      1442
    • Copy Issue Key:
    • Patch Instructions:

      Patches must be submitted through Phabricator.

    • BC Break Details:
      Hide

      Properties deleted:

      • "TemplatesCache::$_compressOutput"

      Methods deleted:

      • "TemplatesCache::_compress"
      Show
      Properties deleted: "TemplatesCache::$_compressOutput" Methods deleted: "TemplatesCache::_compress"

      Description

      In recent years we have added a new feature (enabled via Admin setting) that allows Admin user to "Compress Compiled PHP Templates" thinking to secure the compiled PHP code and greatly benefit from it.

      However as time went by we have notice that this feature actually created multiple issues that we have recently came across. Below is a list of discussion where we talked about this issues cased by this particular feature:

      Getting out of memory error, when "Compress Compiled PHP Templates" setting enabled - details in additional info field

      Fatal Error when using Tags with <? in Templates - details in additional info field

        Attachments

          Issue Links

          mentioned in

          Page Loading...

          Page Loading...

          Wiki Page Loading...

            Activity

              People

              • Assignee:
                alex Alex
                Reporter:
                dmitry Dmitry Andrejev [Intechnic]
                Developer:
                Alex
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: