Jump to content


Photo

[Solved] Account suspended


  • This topic is locked This topic is locked
12 replies to this topic

#1 murilo

murilo

    Rank I Member

  • Members
  • Pip
  • 10 posts

Posted 27 April 2021 - 04:13 PM

Hello, my account was suspended today. I would like to know the reason for the suspension and if there's any way to remove it. Thanks. :)



#2 wolstech

wolstech

    Rank X Member

  • Root Admin
  • 13,946 posts
  • Gender:Male
  • Location:Pennsylvania

Posted 27 April 2021 - 04:54 PM

It’s suspended for filling /tmp, which causes the server to stop working properly.

This is usually due to software that is either poorly written, broken, or is otherwise failing to clean up after itself. PHP’s Imagick also causes this quite a bit.

You’ll need to go through your code and figure out what’s causing this.

Unsuspended.

Please do not PM me for support. Posting on our forums lets all of us learn.
Do you play Minecraft? | Server Monitors | And the Dumbass of the Decade award goes to...


#3 murilo

murilo

    Rank I Member

  • Members
  • Pip
  • 10 posts

Posted 27 April 2021 - 06:14 PM

Oh, I didn't know that! I don't have time to review the code right now, can I clean the /tmp folder manually? Thanks for the help and for removing the suspension from my account. :D



#4 wolstech

wolstech

    Rank X Member

  • Root Admin
  • 13,946 posts
  • Gender:Male
  • Location:Pennsylvania

Posted 27 April 2021 - 08:32 PM

There's no way for users to directly access /tmp because its shared by everybody and would be a security risk. Your code can remove the files you own though if you know the names.

 

It's usually excessive use of Imagick (which is known for leaving huge temp files behind) or forms accepting uploads that aren't moved or deleted after upload. 

 

If your code is going to put files in /tmp, you either need to move them to somewhere inside your home folder if they are to be kept permanently, or delete them with unlink() if no longer needed. You should do this as soon as possible in your code after creating/using the file, as PHP will not clean up after itself, especially in cases where the script handling the upload times out or otherwise fails.

 

Krydos can give more information on this subject, so I'll escalate this to him to see if he has any input.


Please do not PM me for support. Posting on our forums lets all of us learn.
Do you play Minecraft? | Server Monitors | And the Dumbass of the Decade award goes to...


#5 murilo

murilo

    Rank I Member

  • Members
  • Pip
  • 10 posts

Posted 27 April 2021 - 10:17 PM

Yea, I found Imagick in my code, it's being used to upload an image to Cloudinary. How can I implement that "unlink()" thing you said? Sorry, I'm new to coding, currently hosting an open source repository and apparently it doesn't clean up after itself.



#6 murilo

murilo

    Rank I Member

  • Members
  • Pip
  • 10 posts

Posted 27 April 2021 - 10:37 PM

function uploadImage($file, $width = null, $height = null) {
    if($width !== null && $height !== null && extension_loaded('imagick')) {
        $imagick = new Imagick();
        $imagick->readImageBlob($file);
        if($imagick->getImageFormat() === 'GIF') {
            $imagick = $imagick->coalesceImages();
            $imagick->cropThumbnailImage($width, $height);
            while($imagick->nextImage()) {
                $imagick->cropThumbnailImage($width, $height);
            }
            $imagick = $imagick->deconstructImages();
        } else {
            $imagick->cropThumbnailImage($width, $height);
        }
        $file = $imagick->getImagesBlob();
    }
    if(empty(CLOUDINARY_CLOUDNAME) || empty(CLOUDINARY_UPLOADPRESET)) {
        return null;
    }
    $mime = finfo_buffer(finfo_open(), $file, FILEINFO_MIME_TYPE);
    $ch = curl_init('https://api.cloudinary.com/v1_1/' . urlencode(CLOUDINARY_CLOUDNAME) . '/image/upload');
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(['upload_preset' => CLOUDINARY_UPLOADPRESET, 'file' => 'data:' . $mime . ';base64,' . base64_encode($file)]));
    $response = curl_exec($ch);
    $responseJSON = json_decode($response);
    $responseCode = curl_getinfo($ch, CURLINFO_RESPONSE_CODE);
    if($responseCode > 299 || $responseCode < 200) {
        return null;
    }
    curl_close($ch);
    return $responseJSON->secure_url;
    unlink ($file);

This is the code. I just added "unlink ($file);" in the end of it. Didn't give me an Internal Server Error, so I guess it's working.



#7 Krydos

Krydos

    Rank X Member

  • Root Admin
  • 22,423 posts
  • Gender:Male

Posted 28 April 2021 - 04:17 AM

The best way to avoid getting suspended for this again is to use /home/murilo/tmp instead of /tmp. That way if your script goes nuts and fills something up only your own account will be affected not the whole server.
$i = new Imagick();
$i->setRegistry('temporary-path', '/home/murilo/tmp');
Deleting the temporary files after they're used is useful too, but if your temporary files are bigger than /tmp or if your script crashes before it gets to the deletion it will still get you suspended.

#8 murilo

murilo

    Rank I Member

  • Members
  • Pip
  • 10 posts

Posted 28 April 2021 - 10:34 AM

I implemented that line in my script and apparently it worked. It looks like this now:

function uploadImage($file, $width = null, $height = null) {
    if($width !== null && $height !== null && extension_loaded('imagick')) {
        $imagick = new Imagick();
        $imagick->setRegistry('temporary-path', '/home/murilo/tmp');
        $imagick->readImageBlob($file);
        if($imagick->getImageFormat() === 'GIF') {
            $imagick = $imagick->coalesceImages();
            $imagick->cropThumbnailImage($width, $height);
            while($imagick->nextImage()) {
                $imagick->cropThumbnailImage($width, $height);
            }
            $imagick = $imagick->deconstructImages();
        } else {
            $imagick->cropThumbnailImage($width, $height);
        }
        $file = $imagick->getImagesBlob();
    }
    if(empty(CLOUDINARY_CLOUDNAME) || empty(CLOUDINARY_UPLOADPRESET)) {
        return null;
    }
    $mime = finfo_buffer(finfo_open(), $file, FILEINFO_MIME_TYPE);
    $ch = curl_init('https://api.cloudinary.com/v1_1/' . urlencode(CLOUDINARY_CLOUDNAME) . '/image/upload');
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(['upload_preset' => CLOUDINARY_UPLOADPRESET, 'file' => 'data:' . $mime . ';base64,' . base64_encode($file)]));
    $response = curl_exec($ch);
    $responseJSON = json_decode($response);
    $responseCode = curl_getinfo($ch, CURLINFO_RESPONSE_CODE);
    if($responseCode > 299 || $responseCode < 200) {
        return null;
    }
    curl_close($ch);
    return $responseJSON->secure_url;
    unlink ($file, file, $imagick, 'temporary-path');
}


#9 wolstech

wolstech

    Rank X Member

  • Root Admin
  • 13,946 posts
  • Gender:Male
  • Location:Pennsylvania

Posted 28 April 2021 - 11:52 AM

It's not working, it's just placed where it will never execute so there's no chance for it to run and produce an error. A return statement ends the function and sends the program back to whatever called it. Putting unlink after return means the function ends and returns before it ever gets to the unlink statement.


Please do not PM me for support. Posting on our forums lets all of us learn.
Do you play Minecraft? | Server Monitors | And the Dumbass of the Decade award goes to...


#10 murilo

murilo

    Rank I Member

  • Members
  • Pip
  • 10 posts

Posted 28 April 2021 - 12:09 PM

Oh, thanks for letting me know about that. I moved the unlink to a line before return and the script still works. Maybe it's cleaning itself now? 



#11 wolstech

wolstech

    Rank X Member

  • Root Admin
  • 13,946 posts
  • Gender:Male
  • Location:Pennsylvania

Posted 28 April 2021 - 12:17 PM

It might be, hard to say since I don't know how that code is used in the context of your software. It appears that $file is a path to an image file, probably submitted via a form, based on the context though, IMagick processes it, the cURL stuff uploads the IMagick result to a third party image host, then it unlinks the source file.

 

IMagick should be putting stuff in your home folder's tmp now too, so that shouldn't be an issue.


Please do not PM me for support. Posting on our forums lets all of us learn.
Do you play Minecraft? | Server Monitors | And the Dumbass of the Decade award goes to...


#12 murilo

murilo

    Rank I Member

  • Members
  • Pip
  • 10 posts

Posted 28 April 2021 - 12:25 PM

My software is a social network. That code uploads an user image to Cloudinary for being attached to their post. I tried running the script without the unlink line and it didn't create any files in my /tmp folder. Something is wrong. The code doesn't make any references to any other places that it could save temporary files. I'm confused now.



#13 murilo

murilo

    Rank I Member

  • Members
  • Pip
  • 10 posts

Posted 28 April 2021 - 12:55 PM

Well, I'm going to keep the unlink thing in the code since it doesn't return any errors or problems. I don't know if it's necessary to have references to the shared /tmp folder for Imagick to save files on it. Hope it's now cleaning itself.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users