1. Janos SUTO Avatar Janos SUTO
  2. Piler
  3. piler
  4. Issues

search-helper.php Error 500 - strlen(): ($str) must be of type string, array given in /model/search/search.php on line 861

Issue #1291 resolved
IT created an issue

piler 1.4.3 build 1001

PHP 8.1.2-1ubuntu2.10

auditor user shows no results

search-helper.php gives: 500 Internal Server Error

/var/log/nginx/error.log

2023/05/23 15:06:52 [error] 49#49: *874 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught TypeError: strlen(): Argument #1 ($str) must be of type string, array given in /var/piler/www/model/search/search.php:861
Stack trace:
#0 /var/piler/www/model/search/search.php(66): ModelSearchSearch->fix_email_address_for_sphinx()
#1 /var/piler/www/model/search/search.php(111): ModelSearchSearch->assemble_email_address_filter()
#2 /var/piler/www/model/search/search.php(44): ModelSearchSearch->get_results()
#3 /var/piler/www/controller/search/helper.php(62): ModelSearchSearch->search_messages()
#4 /var/piler/www/system/front.php(36): ControllerSearchHelper->index()
#5 /var/piler/www/system/front.php(14): Front->execute()
#6 /var/piler/www/index.php(114): Front->dispatch()
#7 {main}
thrown in /var/piler/www/model/search/search.php on line 861" while reading response header from upstream

Comments (14)

  2. Janos SUTO repo owner

    I’d like you to edit /var/piler/www/model/search/search.php, and locate the fix_email_address_for_sphinx() function in line 861, and log the value of variable email, eg. syslog(LOG_INFO, $email); or perhaps syslog(LOG_INFO, implode(“;”, $email));

    Then let’s see what input this function receives.

  5. Janos SUTO repo owner

    I think it comes from the Domains field in the user menu. There might be an empty line. Anyway, an auditor doesn’t need this, so be sure to set it to to an empty value.

  7. IT reporter

    debug backtrace:

    array(7) {
  [0]=>
  array(7) {
    ["file"]=>
    string(38) "/var/piler/www/model/search/search.php"
    ["line"]=>
    int(66)
    ["function"]=>
    string(28) "fix_email_address_for_sphinx"
    ["class"]=>
    string(17) "ModelSearchSearch"
    ["object"]=>
    object(ModelSearchSearch)#17 (0) {
    }
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(1) {
      [0]=>
      array(1) {
        [0]=>
        string(0) ""
      }
    }
  }
  [1]=>
  array(7) {
    ["file"]=>
    string(38) "/var/piler/www/model/search/search.php"
    ["line"]=>
    int(111)
    ["function"]=>
    string(29) "assemble_email_address_filter"
    ["class"]=>
    string(17) "ModelSearchSearch"
    ["object"]=>
    object(ModelSearchSearch)#17 (0) {
    }
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(0) {
    }
  }
  [2]=>
  array(7) {
    ["file"]=>
    string(38) "/var/piler/www/model/search/search.php"
    ["line"]=>
    int(44)
    ["function"]=>
    string(11) "get_results"
    ["class"]=>
    string(17) "ModelSearchSearch"
    ["object"]=>
    object(ModelSearchSearch)#17 (0) {
    }
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(5) {
      [0]=>
      array(15) {
        ["date1"]=>
        string(0) ""
        ["date2"]=>
        string(0) ""
        ["direction"]=>
        string(0) ""
        ["size"]=>
        string(0) ""
        ["attachment_type"]=>
        string(0) ""
        ["tag"]=>
        string(0) ""
        ["note"]=>
        string(0) ""
        ["ref"]=>
        string(0) ""
        ["folders"]=>
        string(0) ""
        ["extra_folders"]=>
        string(0) ""
        ["id"]=>
        string(0) ""
        ["raw"]=>
        string(0) ""
        ["match"]=>
        array(1) {
          [0]=>
          string(0) ""
        }
        ["sort"]=>
        string(1) "1"
        ["order"]=>
        string(4) "date"
      }
      [1]=>
      string(4) "sent"
      [2]=>
      string(4) "DESC"
      [3]=>
      string(20) "ORDER BY `sent` DESC"
      [4]=>
      string(1) "0"
    }
  }
  [3]=>
  array(7) {
    ["file"]=>
    string(43) "/var/piler/www/controller/search/helper.php"
    ["line"]=>
    int(62)
    ["function"]=>
    string(15) "search_messages"
    ["class"]=>
    string(17) "ModelSearchSearch"
    ["object"]=>
    object(ModelSearchSearch)#17 (0) {
    }
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(2) {
      [0]=>
      array(15) {
        ["date1"]=>
        string(0) ""
        ["date2"]=>
        string(0) ""
        ["direction"]=>
        string(0) ""
        ["size"]=>
        string(0) ""
        ["attachment_type"]=>
        string(0) ""
        ["tag"]=>
        string(0) ""
        ["note"]=>
        string(0) ""
        ["ref"]=>
        string(0) ""
        ["folders"]=>
        string(0) ""
        ["extra_folders"]=>
        string(0) ""
        ["id"]=>
        string(0) ""
        ["raw"]=>
        string(0) ""
        ["match"]=>
        array(1) {
          [0]=>
          string(0) ""
        }
        ["sort"]=>
        string(1) "1"
        ["order"]=>
        string(4) "date"
      }
      [1]=>
      string(1) "0"
    }
  }
  [4]=>  ...
}

    In model/search/search.php the function assemble_email_address_filter() $session->get('auditdomains') returns a array.
    $session_domains = $this->fix_email_address_for_sphinx($session->get('auditdomains'));

    After i removed the domains there is only one empty entry, but i removed all, i can’t find a line break.

    var_dump($emails); → array(1) { [0]=> string(0) "" }

    So session auditdomains return a array…

  8. IT reporter

    same file (model/search/search.php) function check_your_permission_by_id(), here session/auditdomains is a array.

             $auditdomains = $session->get("auditdomains");

         foreach($auditdomains as $k => $v) {
            if(validdomain($v) == 1 && !in_array($v, $a)) {
               $q .= ",?";
               array_push($a, $v);
            }
         }

    if auditdomains return a array, then function assemble_email_address_filter must be fixed.

    my current workaround :

    public function fix_email_address_for_sphinx($email = '') {       

      if(is_array($email)) $email = $email[0];

    but better if you fix assemble_email_address_filter.

  9. IT reporter

    i only found this bug because i activated ENABLE_SAAS = 1 for more options and don’t used auditor@local 

    // make sure auditors are restricted in a saas environment

if($config['ENABLE_SAAS'] == 1) { $config['RESTRICTED_AUDITOR'] = 1; }

if($session->get("username") == 'auditor@local' || isset($_SERVER['argv'][2]) ) { $config['RESTRICTED_AUDITOR'] = 0; }

    So activate enable_saas and create a own auditor for testing this bug.

  10. Janos SUTO repo owner

    You are right. I’ll fix it soon. However, please note that the open source edition offers only partial multi-tenant capabilities. If you plan to offer archiving as a service for other companies, you may consider the enterprise edition offering much better multitenancy.

  11. Janos SUTO repo owner

    Can you try the below patch?

    --- a/webui/model/search/search.php
+++ b/webui/model/search/search.php
@@ -65,7 +65,13 @@ class ModelSearchSearch extends Model {
          if(RESTRICTED_AUDITOR == 1) {
             $session_domains = $session->get('auditdomains');

-            $sd = $this->fix_email_address_for_sphinx($session->get('domain'));
+            $sd = "";
+
+            $domains = $session->get('domain');
+            foreach ($domains as $d) {
+               if($sd) { $sd .= '|'; }
+               $sd .= $this->fix_email_address_for_sphinx($d);
+            }

             foreach ($session_domains as $d) {
                if($d) { $sd .= '|' . $this->fix_email_address_for_sphinx($d); }

  15. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!