Details
-
Type: Bug
-
Status: Open
-
Priority: Major
-
Resolution: Unresolved
-
Affects Version/s: 4.7.22
-
Fix Version/s: None
-
Component/s: Core CiviCRM
-
Labels:None
-
Versioning Impact:Patch (backwards-compatible bug fixes)
-
Documentation Required?:None
-
Funding Source:Needs Funding
-
Verified?:No
Description
As far as I can tell Config.IDS.ini doesn't need to exist as a file. CRM_Core_IDS::check() can initialize IDS with no file: IDS::init(NULL) and then pass it an array of the config instead of creating a file with the string as it is now. In both cases, the IDS settings are set in CRM/Core/IDS.php anyway and Config.IDS.ini can be rebuilt at any moment from that code. It can still just as easily read the XML file for IDS filters from an array.
The reason I need to get rid of Config.IDS.ini is because it is a pain in the but for Pantheon's dynamic server paths. It's much more robust to have retrieve the path dynamically in an array:
'filter_path' => $civicrm_root . '/packages/IDS/default_filter.xml'
rather than have it hardcoded in the file.
For Pantheon we already have to dynamically assign all the server paths anyway and Config.IDS.ini seems to be the one holdover.
CiviCRM under Pantheon didn't have a problem finding Config.IDS.ini since it was being called dynamically:
$configFile = $config->configAndLogDir . 'Config.IDS.ini'
where configAndLogDir is set with environment variables in civicrm.settings.php.
But it then would try to find the xml file from the IDS settings and fail.
When I patch CiviCRM so that it gets the array fresh each time it seems to be just as happy with it. Patch snippet:
// init the PHPIDS and pass the REQUEST array require_once 'IDS/Init.php'; try { - $init = IDS_Init::init($configFile); + $init = IDS_Init::init(NULL); + $init->config = $this->getConfig(); $ids = new IDS_Monitor($_REQUEST, $init); } catch (Exception $e) {
I've still got to test it under load - Pantheon's dynamic servers don't kick in unless the site is under heavy load - but I'm confident it can't be as bad as before.