Hi everyone,
I’m stuck installing v1.6.1 beta 3 (I already tried with v1.6.0, but it’s the same anyway).
I run php 8.1 and in console (chrome, firefox, edge) no errors are shown.
In the InvoicePlane Logs it shows me:
# <?php exit('No direct script access allowed'); ?>
# InvoicePlane Configuration File
### START HERE
IP_URL=https://.../invoice16
# Having problems? Enable debug by changing the value to 'true' to enable advanced logging
ENABLE_DEBUG=true
# Set this setting to 'true' if you want to disable the setup for security purposes
DISABLE_SETUP=false
# To remove index.php from the URL, set this setting to 'true'.
# Please notice the additional instructions in the htaccess file!
REMOVE_INDEXPHP=false
# These database settings are set during the initial setup
DB_HOSTNAME=
DB_USERNAME=
DB_PASSWORD=
DB_DATABASE=
DB_PORT=
# If you want to be logged out after closing your browser window, set this setting to 0 (ZERO).
# The number represents the amount of minutes after that IP will automatically log out users,
# the default is 10 days.
SESS_EXPIRATION=864000
SESS_MATCH_IP=true
# Enable the deletion of invoices
ENABLE_INVOICE_DELETION=false
# Disable the read-only mode for invoices
DISABLE_READ_ONLY=false
##
## DO NOT CHANGE ANY CONFIGURATION VALUES BELOW THIS LINE!
## ======================================================================== =======
##
# This key is automatically set after the first setup. Do not change it manually!
ENCRYPTION_KEY=
ENCRYPTION_CIPHER=AES-256
# Set to true after the initial setup
SETUP_COMPLETED=false
My .htaccess file is
### InvoicePlane htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /invoice16
### uncomment to force HTTPS
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
### uncomment and adjust if installed in subdirectory
RewriteRule . /invoice16/index.php [L]
# RewriteRule . /index.php [L]
</IfModule>
The hosting service is from ARUBA.
I’ve been trying to get it to work for 2 weeks, but nothing.
Hi, thanks for the help but it didn’t work.
I reach setup/prerequisites and it redirects to setup/language.
I modified the setup.php file as per your instructions and it doesn’t change anything.
The only log is always the same:
DEBUG - 2023-11-02 15:58:48 → Layout MX_Controller Initialized
DEBUG - 2023-11-02 15:58:48 → File loaded: /web/htdocs/www.itaca.net/home/invoice16/application/modules/setup/views/language.php
DEBUG - 2023-11-02 15:58:48 → File loaded: /web/htdocs/www.itaca.net/home/invoice16/application/modules/layout/views/setup.php
Good morning, forgive me for the late reply but I’m busy with multiple things. Now I go to the prerequisites page but in any case there is no progress from here either. I did everything you asked, but nothing.
Every check that starts with: if ($this->session->userdata, it has to be removed from your setup.php file
After that, try 1 more time or go directly to setup/database (i think).
The goal is to setup your database, do “database upgrades” and then fill the user that you want in your InvoicePlane.
In the future you will have troubles with sessions (being logged in), but let’s cross that bridge once the install is successful
Hi, forgive me but I haven’t disappeared but I give up anyway. Every page doesn’t go, for example even getting to the configuration for the DB, then it doesn’t go forward. Unfortunately I had to make some mandatory updates for PHP and the only one that doesn’t work is InvoicePlane (also your Italian demo doesn’t work and it’s not nice to see it like that).
Thank you all the same. When there is a stable and problem-free version, I will reuse InvoicePlane again. HI.
Same problem here. I have managed to install InvoicePlane by manually adding the database credentials to ipconfig.php. Afterwards I can login and everything appears to work. But after a few clicks the system redirects me back to the login page.
I have the same problem in the demo: admin@invoiceplane.com (I think trasanda means this demo, somebody set the language to Italian)
Tried different browsers, installed 1.6.1B3 and set SESS_MATCH_IP=false but no luck.
Environment:
Shared Linux Hosting with Apache
PHP 8.1
Disabled index.php (but with index.php doesn’t work either)
Good, that you saw it on our demo-site, so we might look into that.
I think the site is set back to the English language (just checked)
Go to /application/config/config.php line 429.
It says something like $config['sess_save_path'] = env('SESS_SAVE_PATH', sys_get_temp_dir());
Copy the SESS_SAVE_PATH and paste it in your ipconfig.php file.
Change this entry in your ipconfig file to somewhere where you can write for sure.
For example: SESS_SAVE_PATH=/var/www/invoiceplane/storage/sessions (create those directories) and make sure in your apache config that the outside world cannot access that directory.
This sys_get_temp_dir() is a (very) temporary directory on your server and in your case you can better set it to a different setting.
Probably, yes. The result of sys_get_temp_dir() is the most basic ‘temp’ directory and i would clean that up a lot as well, if it were my server.
Glad it works.
Please make sure no-one can see that directory.
You’re literally giving away sessions to the outside world.
I would do 2 things:
Let’s say InvoicePlane is installed in: /var/users/aiko/sites/invoiceplane
Then i would place those sessions in: /var/users/aiko/storage/sessions . See what i did there? It’s called ‘outside the document root’.
And / or: SESS_SAVE_PATH=/var/users/aiko/storage/**somerandomdirectorynooneknows**/sessions
Thank you, I really appreciate it!
I installed InvoicePlane to /www/name.of.subdomain/public and configured the session path to /www/name.of.subdomain/sessions.
Great job! So SESS_SAVE_PATH, i don’t know when it was added, but we needed it for sure.
Always check out the github repository. When i give advice, i’m basing it on that code, over there.
application/config is where SESS_SAVE_PATH is used (sortof)
I installed InvoicePlane to /www/name.of.subdomain/public
That is perfect!
So … in future, that public directory is what the outside world sees. We can hide almost everything ‘outside the document root’, just like you did eith the sessions.
In future we will do that, for now, let’s keep, what you have at the moment.
