- edited description
search-helper.php Error 500 - strlen(): ($str) must be of type string, array given in /model/search/search.php on line 861
piler 1.4.3 build 1001
PHP 8.1.2-1ubuntu2.10
auditor user shows no results
search-helper.php gives: 500 Internal Server Error
/var/log/nginx/error.log
2023/05/23 15:06:52 [error] 49
: *874 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught TypeError: strlen(): Argument#49($str) must be of type string, array given in /var/piler/www/model/search/search.php:861#1
Stack trace:
#0 /var/piler/www/model/search/search.php(66): ModelSearchSearch->fix_email_address_for_sphinx()
/var/piler/www/model/search/search.php(111): ModelSearchSearch->assemble_email_address_filter()#1
/var/piler/www/model/search/search.php(44): ModelSearchSearch->get_results()#2
/var/piler/www/controller/search/helper.php(62): ModelSearchSearch->search_messages()#3
/var/piler/www/system/front.php(36): ControllerSearchHelper->index()#4
/var/piler/www/system/front.php(14): Front->execute()#5
/var/piler/www/index.php(114): Front->dispatch()#6
{main}#7
thrown in /var/piler/www/model/search/search.php on line 861" while reading response header from upstream
Comments (14)
-
reporter -
repo owner I’d like you to edit /var/piler/www/model/search/search.php, and locate the fix_email_address_for_sphinx() function in line 861, and log the value of variable email, eg. syslog(LOG_INFO, $email); or perhaps syslog(LOG_INFO, implode(“;”, $email));
Then let’s see what input this function receives.
-
reporter syslog(LOG_INFO, implode(“;”, $email));
contains one empty domains array entry:
The user auditor@mydomain.com has only mydomain.com in “Domain(s)**:”, without linebreaks.
-
reporter where does the second domain come from? Where is it defined?
-
repo owner I think it comes from the Domains field in the user menu. There might be an empty line. Anyway, an auditor doesn’t need this, so be sure to set it to to an empty value.
-
repo owner - changed status to open
-
reporter debug backtrace:
array(7) { [0]=> array(7) { ["file"]=> string(38) "/var/piler/www/model/search/search.php" ["line"]=> int(66) ["function"]=> string(28) "fix_email_address_for_sphinx" ["class"]=> string(17) "ModelSearchSearch" ["object"]=> object(ModelSearchSearch)#17 (0) { } ["type"]=> string(2) "->" ["args"]=> array(1) { [0]=> array(1) { [0]=> string(0) "" } } } [1]=> array(7) { ["file"]=> string(38) "/var/piler/www/model/search/search.php" ["line"]=> int(111) ["function"]=> string(29) "assemble_email_address_filter" ["class"]=> string(17) "ModelSearchSearch" ["object"]=> object(ModelSearchSearch)#17 (0) { } ["type"]=> string(2) "->" ["args"]=> array(0) { } } [2]=> array(7) { ["file"]=> string(38) "/var/piler/www/model/search/search.php" ["line"]=> int(44) ["function"]=> string(11) "get_results" ["class"]=> string(17) "ModelSearchSearch" ["object"]=> object(ModelSearchSearch)#17 (0) { } ["type"]=> string(2) "->" ["args"]=> array(5) { [0]=> array(15) { ["date1"]=> string(0) "" ["date2"]=> string(0) "" ["direction"]=> string(0) "" ["size"]=> string(0) "" ["attachment_type"]=> string(0) "" ["tag"]=> string(0) "" ["note"]=> string(0) "" ["ref"]=> string(0) "" ["folders"]=> string(0) "" ["extra_folders"]=> string(0) "" ["id"]=> string(0) "" ["raw"]=> string(0) "" ["match"]=> array(1) { [0]=> string(0) "" } ["sort"]=> string(1) "1" ["order"]=> string(4) "date" } [1]=> string(4) "sent" [2]=> string(4) "DESC" [3]=> string(20) "ORDER BY `sent` DESC" [4]=> string(1) "0" } } [3]=> array(7) { ["file"]=> string(43) "/var/piler/www/controller/search/helper.php" ["line"]=> int(62) ["function"]=> string(15) "search_messages" ["class"]=> string(17) "ModelSearchSearch" ["object"]=> object(ModelSearchSearch)#17 (0) { } ["type"]=> string(2) "->" ["args"]=> array(2) { [0]=> array(15) { ["date1"]=> string(0) "" ["date2"]=> string(0) "" ["direction"]=> string(0) "" ["size"]=> string(0) "" ["attachment_type"]=> string(0) "" ["tag"]=> string(0) "" ["note"]=> string(0) "" ["ref"]=> string(0) "" ["folders"]=> string(0) "" ["extra_folders"]=> string(0) "" ["id"]=> string(0) "" ["raw"]=> string(0) "" ["match"]=> array(1) { [0]=> string(0) "" } ["sort"]=> string(1) "1" ["order"]=> string(4) "date" } [1]=> string(1) "0" } } [4]=> ... }
In model/search/search.php the function assemble_email_address_filter() $session->get('auditdomains') returns a array.
$session_domains = $this->fix_email_address_for_sphinx($session->get('auditdomains'));
After i removed the domains there is only one empty entry, but i removed all, i can’t find a line break.
var_dump($emails); → array(1) { [0]=> string(0) "" }
So session auditdomains return a array…
-
reporter same file (model/search/search.php) function check_your_permission_by_id(), here session/auditdomains is a array.
$auditdomains = $session->get("auditdomains"); foreach($auditdomains as $k => $v) { if(validdomain($v) == 1 && !in_array($v, $a)) { $q .= ",?"; array_push($a, $v); } }
if auditdomains return a array, then function assemble_email_address_filter must be fixed.
my current workaround :
public function fix_email_address_for_sphinx($email = '') { if(is_array($email)) $email = $email[0];
but better if you fix assemble_email_address_filter.
-
reporter i only found this bug because i activated ENABLE_SAAS = 1 for more options and don’t used auditor@local
// make sure auditors are restricted in a saas environment if($config['ENABLE_SAAS'] == 1) { $config['RESTRICTED_AUDITOR'] = 1; } if($session->get("username") == 'auditor@local' || isset($_SERVER['argv'][2]) ) { $config['RESTRICTED_AUDITOR'] = 0; }
So activate enable_saas and create a own auditor for testing this bug.
-
repo owner You are right. I’ll fix it soon. However, please note that the open source edition offers only partial multi-tenant capabilities. If you plan to offer archiving as a service for other companies, you may consider the enterprise edition offering much better multitenancy.
-
repo owner Can you try the below patch?
--- a/webui/model/search/search.php +++ b/webui/model/search/search.php @@ -65,7 +65,13 @@ class ModelSearchSearch extends Model { if(RESTRICTED_AUDITOR == 1) { $session_domains = $session->get('auditdomains'); - $sd = $this->fix_email_address_for_sphinx($session->get('domain')); + $sd = ""; + + $domains = $session->get('domain'); + foreach ($domains as $d) { + if($sd) { $sd .= '|'; } + $sd .= $this->fix_email_address_for_sphinx($d); + } foreach ($session_domains as $d) { if($d) { $sd .= '|' . $this->fix_email_address_for_sphinx($d); }
-
reporter that should work, but untestet.
-
repo owner That’s why I asked you to test it
-
repo owner - changed status to resolved
- Log in to comment