Bad file mapping to URL causes open_basedir error

[ad_1]

Could you clarify, what the issue do you have? How some Query Monitor message breaks your site? The file is accessible from frontend (see https://terageek.org/wp-content/plugins/hcaptcha-for-forms-and-more/assets/images/hcaptcha-div-logo.svg), and it is needed on frontend only.

The code you provided is not relevant and does not belong to our plugin.

If you want to fix open_basedir message (but why?), you should reach your hosting provider and show them this.

I will be happy to help with any real problem on your site. Please show me the form where hCaptcha does not work.

Thank you.

Hi,

Thank you for your response. I appreciate the quick reply, but I believe there may be some misunderstanding here. I’d like to clarify that the issue isn’t related to an open_basedir configuration but rather an inconsistency in the plugin code itself.

Query Monitor, which I’m using, is a debugging and optimization tool for WordPress. It’s not causing the issue; it’s simply revealing it. If you try it yourself, you’ll see it can be an invaluable resource for identifying hidden issues.

I manually re-downloaded the plugin to verify, and I can confirm it contains this file path:

hcaptcha-for-forms-and-more/vendors/matthiasmullie/minify/src/Minify.php

So, the code snippet I shared – particularly line 439 – is indeed relevant here. While this code may be from a third-party library, it’s embedded within your plugin, which makes it part of the plugin’s functionality and potential issues.

From what I can see, it appears that the plugin may be incorrectly interpreting URLs as file paths. The incorrect path format (/https://...) doesn’t exist and will never resolve, causing the open_basedir error. This isn’t an issue with the server configuration but with the plugin attempting to access a non-existent path, which inherently triggers the open_basedir restriction.

I hope this clarifies the matter and assists in refining the plugin for future versions.

Best regards

Thank you for clarifications.

Of course, I know what is Query Monitor (QM) and use it from time to time for more that 10 years already.

I have reproduced the messages in the Query Monitor by setting open_basedir="some root for sites" in the php.ini file on my local machine. Here is the screenshot.

The image in question is this shown below, appearing for a very short time during page loading as a placeholder.

To make this screenshot, I have activated EventListener breakpoint on DOMContentLoaded in browser. As you can see, despite the warning reported by the QM, the image is still in place – things work well.

To reproduce this problem, it is needed to set open_basedir to something in the php.ini. This cannot be fixed anyhow on the PHP code side. This setting can be edited by hosting provider only.

What happens here? The matthiasmullie library used in the plugin to minify CSS code, has minor issues. The code you mentioned above is in its Minify.php file. It tries to interpret absolutely valid CSS code as having internal file hcaptcha-div-logo.svg inside.

.h-captcha::before {
content: '';
display: block;
position: absolute;
top: 0;
left: 0;
background: url( https://test.test/wp-content/plugins/hcaptcha-wordpress-plugin/assets/images/hcaptcha-div-logo.svg ) no-repeat;
border: 1px solid transparent;
border-radius: 4px;
}

Here, cannot be an internal file, otherwise CSS won’t work. Nevertheless, the matthiasmullie library does its work as requested – CSS is properly minified.

So, we have the “issue” which does not affect plugin functionality anyhow.

If you can fix it anyway, you may open issue in the library repository on GitHub. I hope the library author can help.

Thank you.

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer