Set_time_limit() has been disabled for security reasons

Docs Security and Login
#1

I am getting the following error after following the password reset functionality: part 1

set_time_limit() has been disabled for security reasons

Is there a work around?

Regards,
Dave

#2

can you give more information, what point is this happening, maybe a screenshot, short video clip of the issue as it happens

#3

Hello psweb,

Sorry for the delay.
So when you try and reset a password it gives an error message of set_time_limit() has been disabled for security reasons. line 162 of Rfc822.php. The set_time_limit is set to (30), which I think is a default (but I am guessing at that). If I edit Rfc822.php and change the limit to (0) or hash out set_time_limit it returnes an empty array. I believe this is something to do with the php.ini file on the shared hosting platform and that I can’t be alone in this?

Regards,
Dave

#4

Yes this sounds like a limitation set by your hosting provider sadly.

So question is, are you able to edit your php.ini file on your server?
If not maybe try add a .user.ini to your web server home directory in other words the /public_html/ directory, so you should have /public_html/.user.ini

Adding a file that starts with a . does make the file a hidden file so you will need to make sure you turn on show hidden files either inside Wappler itself or inside your file manager on cPanel depending on how you go about adding the file to your server.

inside this file add the following entries

memory_limit = "500M"
upload_max_filesize = "128M"
post_max_size = "256M"
max_execution_time = 600
max_input_time = 600

Make sure it is saved on the server and try your password reset form again, if you still get the error you could try asking your host to lift the restriction on your server, or you could call <?php phpinfo(); ?> to check your server settings.

I have also found that some hosting providers allow for a .php.ini to be placed inside subdirectories which then allow the server to respect different .php.ini rules based upon the directory they are inside, so once you call phpinfo(); and know what version of php you are running you could get a copy of that iteration of php anywhere online as its sort of base default setup before your hosting provider adjusted it and add it into your home directory to see if it over rules what they have set.

I hope one of these methods has some impact in getting what you need done.

1 Like
#5

Hello psweb,

Thanks for your time and advise.
I will give your ideas a go. The hosting provider is saying that I will have to upgrade to a NX or dedicated server which are quite a lot more expensive, so I can turn off safe mode I guess.

Kind Regards,
Dave

#6

Sounds like they are just being difficult to me, but i sort of understand I suppose.

Give those things a try first and if none work then we will have to give it a little rethink.

#7

Many thanks