curl_setopt() problem in 3rd party library

**shankhs84** · 05-16-2011 10:02 PM

Hi,
I have recently started a new website project.
To create a login page I am using 'Sign in with twitter' created using 3rd party library twitter-async which uses cURL a lot. Unfortunately I am getting the following error when running:

Code:

Warning:  curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/shankhs/public_html/twitter-async/EpiOAuth.php on line 148

Warning:  curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/shankhs/public_html/twitter-async/EpiOAuth.php on line 148

Warning:  curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/shankhs/public_html/twitter-async/EpiOAuth.php on line 148

Can you please tell me a solution for this?

Thank you
shankhs

**descalzo** · 05-16-2011 10:09 PM

Try:
cPanel -> File Manager to public_html/twitter-async
Select the file EpiOAuth.php
Open in Code Editor or regular editor
Find line 148 (Code Editor has numbered lines, in the regular editor, search for 'CURLOPT_FOLLOWLOCATION'
Comment the line out (put // in front of it)
See if the script works.

**cybrax** · 05-17-2011 01:33 AM

Think you're going to be out of luck, if I recall correctly getting the cURL option FOLLOWLOCATION to work requires altering the shared server's php.ini file.

**descalzo** · 05-17-2011 09:16 AM

Originally Posted by cybrax

Think you're going to be out of luck, if I recall correctly getting the cURL option FOLLOWLOCATION to work requires altering the shared server's php.ini file.

That's why I told him to comment out the line.

That option is just telling cURL to follow redirects. If the service doesn't use redirects, removing the option should not break the script. If it does use redirects, one would have to add code to detect and follow any redirects

**cybrax** · 05-17-2011 02:46 PM

True, but would not adding code to detect where the redirect went be circumventing the security restriction that the followlocation option was initially disabled for? Anyhow its been a while since I did any messing about with Oauth so will be interesting to see learn how shankhs gets on.

**misson** · 05-18-2011 12:13 AM

@cybrax: The security restriction was implemented due to a security whole opened by "file:" URLs, which are a problem because the cURL library is unaware of PHP's safe_mode and open_basedir features. A PHP implementation of redirect following won't introduce a vulnerability because it is subject to these features.

Thread: curl_setopt() problem in 3rd party library

LinkBack

Thread Tools

Display

curl_setopt() problem in 3rd party library

Re: curl_setopt() problem in 3rd party library

Re: curl_setopt() problem in 3rd party library

Re: curl_setopt() problem in 3rd party library

Re: curl_setopt() problem in 3rd party library

Re: curl_setopt() problem in 3rd party library

Posting Permissions