WordPress.org

Ready to get started?Download WordPress

Forums

Constant Contact for WordPress
[resolved] Coding Mod request (4 posts)

  1. AITpro
    Member
    Posted 2 years ago #

    Hello,
    I have a very minor coding modification request. The BPS Pro plugin logs php errors and 2 php errors are being generated when someone is sent to the 403 Forbidden template. This is due to a Session start and redirect issue with the 403 template. Would you mind suppressing php errors for these 2 functions at code lines 59-62 in config.php? Thanks.

    // To store the object in a session.
    if(!session_id()) {
    session_start();
    }

    requested modification

    // To store the object in a session.
    if(@!session_id()) {
    @session_start();
    }

    The php errors that are generated are:

    [15-Dec-2011 15:57:21] PHP Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /usr/www/users/xxxxx/xxxxx/wp-content/plugins/bulletproof-security/403.php:34) in /usr/www/users/xxxxx/xxxxx/wp-content/plugins/constant-contact-api/config.php on line 61

    [15-Dec-2011 15:57:21] PHP Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /usr/www/users/xxxxx/xxxxx/wp-content/plugins/bulletproof-security/403.php:34) in /usr/www/users/xxxxx/xxxxx/wp-content/plugins/constant-contact-api/config.php on line 61

    http://wordpress.org/extend/plugins/constant-contact-api/

  2. AITpro
    Member
    Posted 2 years ago #

    Please disregard this request as I have come up with a better solution on my end. Thank you.

  3. Alaskan
    Member
    Posted 2 years ago #

    I'm getting these errors. Can you share your solution? I could hack my CC plugin, but I'd rather fix it from the source.

    Thanks.

  4. AITpro
    Member
    Posted 2 years ago #

    In the specific case of BPS what i chose to do was to add this to the very top of the 403.php BlackHole template. So when a hacker is sent to the 403 template via .htaccess ErrorDocument /path-to-file/403.php then the 403.php template will no longer generate PHP Warning errors. This does not interfere with other plugins. If the user is a legit user and accidentally performed a 403 Forbidden action that sent them to the 403 template then when they correctly access the website's pages, a form or plugin's pages (frontend pages ONLY - this does not affect the backend) again a new session will be initialized correctly.

    Note: session_cache_limiter must always come before session_start.

    <?php session_cache_limiter('nocache'); ?>
    <?php session_start(); ?>
    <?php error_reporting(0); ?>
    <?php session_destroy(); ?>

    I thought at first that this might be a fairly isolated issue, but discovered that this was a very common issue so it is better to handle this directly and permanently.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic