allow_url_fopen disabled by the host

[maxmin]

allow_url_fopen disabled by the host

OK, I reported this allow_url_fopen HPH error previously for the v.1.1. I'd like once again to point it out here. The allow_url_fopen PHP command is disabled by many web hosts such as my current host 3iX because of its potential security hole being used by hackers (you may search the Google for allow_url_fopen to see why it is claimed as a potential security hole and also solutions to it by using cURL function to perform the same task). See the attached image (http://www.prestashop.com/bug_tracker/download/238) of my back office front page for the error message because of allow_url_fopen is disabled. Also see the installer message posted http://www.prestashop.com/?ACT=29&fid=7&aid=1599_yHEOCNmJ810SoGo5KWKX&board_id=1 for the disabled PHP setting "Allowed to open external URLs".

As mentioned above, my host suggests that the allow_url_fopen is replaced by the cURL function in all files in the PrestaShop platform to perform the same task. The solutions are available on the net, and one of them is as below (Google search for "allow_url_fopen and cRUL"):

http://www.radwin.org/michael/blog/2003/07/php_libcurl_example.html

Hopefully the PrestaShop team will include this modification to the future releases so that all users on whatever web hosts can have PrestaShop behave in the same way.

Some additional words for this allow_url_fopen since someone might say why you don’t activate the allow_url_fopen command in your custom php.ini config.ini at your web root? Yes, I did try to activate it in the custom php.ini config.ini at my site root, but you know what? The enabled allow_url_fopen in the custom php.ini config.ini makes the access to my site almost impossible and shut it down.

[dtruni]

Same issue here: f_open() ist really outdated today. And I'm not willing to enable it on the shared hosting too. Will PrestaShop soon support a fixed version?