WordPress.org

Ready to get started?Download WordPress

Forums

Really Simple CAPTCHA
[resolved] wpfc7_captcha folder is flooded with .png (8 posts)

  1. Bloxxor
    Member
    Posted 2 years ago #

    Hi,

    I am using the plugin with Contact Form 7.

    Everything is working fine, but the folder on the webserver is flooded with .png`s and .txt files.

    I think the removing option does not work.

    Has anyone found a solution for this?

    http://wordpress.org/extend/plugins/really-simple-captcha/

  2. gilu
    Member
    Posted 2 years ago #

    How old are your files (time-span from oldest to newest)?
    If you have lots of traffic, you'll have lots of files.

  3. Bloxxor
    Member
    Posted 2 years ago #

    Thanks for your reply,

    I know everytime someone visits the page a new image and text is generated and stored.

    But how do I remove them automatically after the user has submitted the form?

    I can`t check every client once in a month to check if free disk space is available.

  4. gilu
    Member
    Posted 2 years ago #

    Do you have files older than 60 minutes?

    if so, change lines 70 and 73 to:`
    $this->file_mode = 0644;
    $this->answer_file_mode = 0640;`

    and delete all files manually and check again.
    There might be a permission problem.

  5. Bloxxor
    Member
    Posted 2 years ago #

    Thanks for your replies.

    I changed the permissions of the files/folders.

    Then I watched the files and after a couple of time they are deleted.

  6. gilu
    Member
    Posted 2 years ago #

    Perfect! :)

  7. Andy Schmidt
    Member
    Posted 1 year ago #

    The underlying problems are:

    • The class defaults "$this->file_mode = 0444" and "$this->answer_file_mode = 0440" result in a chmod that explicitly restricts access to these files for nothing but "reading".
    • The "remove()" and "cleanup()" methods attempt to unlink (delete) those files - even though had been restricted to "read" access by the class default. Depending on the implementation of the underlying operating system, deleting a file that is restricted to "read-only" will fail.
    • The "cleanup()" method uses @unlink - so it suppresses any PHP error logging that might have alerted to the problem, AND, it does not handle the "false" return code from the unlink - and thus ignores that condition that cleanup never succeeds.

    The result can be a "denial of service" problem when tens of thousands of files start accumulating within a few weeks - and the server starts consuming extensive amount of time every 60 seconds, attempting to iterate through (and always unsuccessfully) to delete those tens of thousands of individual files.

    Assuming that the default file_modes were chosen for a good reason, then (at minimum) a chmod to 0777 is needed prior to any unlink for it to succeed. Ideally, appropriate error-handling would also be addeded, rather that ignoring them.

    A functional patch has been contributed - hopefully it will be implemented soon as this has been a recurring report by several users.

  8. Bloxxor
    Member
    Posted 1 year ago #

    Thank you for your information Andy.

    Thats another reason why I love wordpress - the community.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic