( ! ) Warning: session_start(): open(/var/lib/php/session/sess_0bfrnrq80di8064bjief81gt72, O_RDWR) failed: No such file or directory (2) in /var/www/bitweaver/live/users/includes/bit_setup_inc.php on line 82
Call Stack
#TimeMemoryFunctionLocation
10.0000232848{main}( ).../page_history.php:0
20.0001234904require_once( '/var/www/bitweaver/live/kernel/includes/setup_inc.php' ).../page_history.php:16
30.01881909072BitSystem->scanPackages( ).../setup_inc.php:141
40.02062177352BitSystem->loadPackage( ).../BitSystem.php:1183
50.02062180384include_once( '/var/www/bitweaver/live/users/includes/bit_setup_inc.php' ).../BitSystem.php:1109
60.02112584640session_start ( ).../bit_setup_inc.php:82

( ! ) Warning: session_write_close(): open(/var/lib/php/session/sess_0bfrnrq80di8064bjief81gt72, O_RDWR) failed: No such file or directory (2) in /var/www/bitweaver/live/kernel/includes/classes/BitSystem.php on line 580
Call Stack
#TimeMemoryFunctionLocation
10.0000232848{main}( ).../page_history.php:0
20.04453733376BitSystem->display( ).../page_history.php:57
30.04463734672BitSystem->preDisplay( ).../BitSystem.php:505
40.04613749280session_write_close ( ).../BitSystem.php:580

( ! ) Warning: session_write_close(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in /var/www/bitweaver/live/kernel/includes/classes/BitSystem.php on line 580
Call Stack
#TimeMemoryFunctionLocation
10.0000232848{main}( ).../page_history.php:0
20.04453733376BitSystem->display( ).../page_history.php:57
30.04463734672BitSystem->preDisplay( ).../BitSystem.php:505
40.04613749280session_write_close ( ).../BitSystem.php:580
- bitweaver

History of Security

Differences from version 4 to 6



@@ -18,7 +18,7 @@

 
 
 !! SQL injection
-A malicious user might try to inject code into the SQL database (Postgres, MySQL etc). Each database engine requires a different version of an attack to present viable SQL. Invalid SQL will result in an error report to the administrator. A 'White Screen', claiming that you are running Bitweaver in test mode, is only returned when the parameter -+IS_LIVE+- set to -+TRUE+- in kernel/config_inc.php. Sites being in production are expected to have set this to -+FALSE+-, while error reports are directed to appropriate error log files.
+A malicious user might try to inject code into the SQL database (Postgres, MySQL etc). Each database engine requires a different version of an attack to present viable SQL. Invalid SQL will result in an error report to the administrator. A 'White Screen', claiming that you are running Bitweaver in test mode, is only returned when the parameter -+IS_LIVE+- set to -+FALSE+- in kernel/config_inc.php. Sites being in production are expected to have set this to -+TRUE+-, while error reports are directed to appropriate error log files.
 
 In the past, some of Bitweaver's search functions allowed the inclusion of additional SQL -+WHERE+- clauses. This was not database agnostic and has been replaced. Now, additional search options build the SQL internally, preventing any possible injection attack.
 
Page History
Date/CommentUserIPVersion
13 Feb 2010 (19:57 UTC)
added alias
laetzer85.178.0.1706
Current • Source
Benjamin Couhe80.4.75.275
View • Compare • Difference • Source
laetzer141.20.150.434
View • Compare • Difference • Source
laetzer141.20.150.433
View • Compare • Difference • Source
laetzer85.178.63.1672
View • Compare • Difference • Source
laetzer85.178.3.1651
View • Compare • Difference • Source