CI 2.2 gives Mycrypt error on Linux ISP servers

[eluser]vincej[/eluser]
HI - I upgraded to 2.2. on my VPS host at InMotionHosting. The user Linux for their servers.

When I turn on CRSF in the config I get an error displayed on the page:

Code:

An Error Was Encountered The action you have requested is not allowed.

So I had a look into my error logs and there is a php error appearing at the same time as I click the page with the error page:

[16-Jun-2014 15:03:44 UTC] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20090626/php_mcrypt.dll' - /usr/local/lib/php/extensions/no-debug-non-zts-20090626/php_mcrypt.dll: cannot open shared object file: No such file or directory in Unknown on line 0

The ISP reported to me the obvious answer:

The reason for that is that DLL files are Windows based files only, and our servers only run Linux. However, the Mcrypt files should be located in /opt/libmcrypt You will need to adjust your code as necessary.

So, at the moment I have turned off CSRF .

Question: How do I get Mcrypt to work on a Linux server ?

Question: How can I use CRSF without getting the "The action you have requested is not allowed" error

Many Thanks !

[eluser]CroNiX[/eluser]
Depends on what flavor of linux you are using. Google "ubuntu php install mcrypt" or whatever your linux os is. It could be as simple as using

Code:

apt-get install php5-mcrypt

from the CLI and then restarting apache.

Or, it might already be installed on the server but not enabled in your php.ini.

[eluser]vincej[/eluser]
I don't think I explained myself properly, allow me another try.

I want to run CI 2.2 on my ISP. They use Centos.

CI 2.2 appears to be making a call to the php_mcrypt.dll which of course will not run and generates an error in the logs.

My ISP is telling me where I can access mcrypt.

Should I be changing CI's core files so that I can access mycrypt ?? Given that 99% of ISP's run Linux I do not understand why CI is making a windows DLL call.

Essentially I am completely and totally confused as why this does not work out of the box and why it appears to be impacting the CSRF functionality.

Can someone please offer some advice ?

Many thanks !

[eluser]CroNiX[/eluser]
No, I understood what you were asking.

mcrypt is a PHP extension. CI isn't calling anything "windows" related. It's trying to call an php mcrypt function. The upgrade instructions for 2.2 state that mcrypt is required. CSRF data, among others like session data, is encrypted by the Encryption class which now uses the function provided in the mcrypt extension. Did you not check to see if it was installed on your host before trying to upgrade? All you would have needed to do is run the phpinfo() function to see if that mcrypt extension was installed.
http://ellislab.com/codeigniter/user-gui...e_220.html

There is an issue with your host if it's a linux box with dll files present. Do you have total control of your box? Check the php.ini file and look at what extensions are being loaded. There's a misconfiguration in there somewhere causing it to look for the DLL file instead of the SO file.

Most likely your php.ini has a line like:

Code:

extension=php_mcrypt.dll

where it should (probably) be:

Code:

extension=php_mcrypt.so

This has nothing to do specifically with CI, but a PHP configuration issue on your host. Last I heard, CentOS (version 6 and previous) does NOT enable the mcrypt php extension by default.

[eluser]CroNiX[/eluser]
Look in your /opt/libmcrypt dir. Is there a php_mcrypt.so file (or similar) in there? After some googling, it appears that CentOS does NOT include the mcrypt extension at all (not just not enabled, but not included), which is highly strange to me. I know CentOS uses ancient versions of PHP. Your host might have installed it using a 3rd party repo in that dir they mentioned. If so, you might need to change the

Code:

extension=php_mcrypt.dll

in php.ini to something like

Code:

extension=/opt/libmcrypt/php_mcrypt.so

(or whatever the name of the file is in that dir)

I'd ask your host for help installing AND activating it in php.ini if this isn't making sense to you. Don't forget to reboot your webserver after the change is made so it will load the extension with all of the others.

[eluser]CroNiX[/eluser]
Also that first error in your first post isn't from you trying to run CI. If you look closely, it says

Code:

PHP Startup: Unable to load dynamic library ‘/usr/local/lib/php/extensions/no-debug-non-zts-20090626/php_mcrypt.dll

Notice the "PHP Startup". That happened when the webserver was rebooted and it couldn't load the mcrypt extension, not when CI tried to use an mcrypt function.

[eluser]vincej[/eluser]
firstly, yes, I checked phpinfo and it was installed. yet for some reason it is not being made available to CI

the php file supplied in my ISP public folder has this entry, albeit commented out. So, why it shows up in phpinfo is also a mystery to me.

Code:

extension=php_mcrypt.dll

I changed it to your suggestion and I still get an error, now related to the .so version.

So it must be a php configuration error, and I will once again communicate to the ISP.

I presume that my problem with CSRF is related to the MCrypt problem ?

When I turn on CSRF I get the error message, on the page,

An Error Was Encountered The action you have requested is not allowed.

I can see the token in the page source.

Clearly somehow, the token is not being recognised or not being returned as part of the form_open post ? or perhaps it has something to do with session cookies ?

Many Thanks !!