WordPress Error 500 for uploaded files

A long time ago, I’ve uploaded a picture of my Purple Leaf Plum during the summer.

Now, after numerous updates and server changes, I tried to access the image only to get thrown a generic PHP error 500.
Further investigation shows that it also happened with quite a few older files as well, including some images from some of my old pages.

Et tu, high-school portfolio?

While I could care less about that breadboard schematic back in 11th grade, that purple leaf plum picture was pretty nice.

Therefore, let’s embark on a journey to recover access to my purple leaf plum from a Windows Server machine running WordPress on IIS.

(or for the impatient, a TL;DR: PHP file uploads weren’t inheriting correct permissions)

Symptoms

  • Browsing directly to files uploaded in the past would result in an err. 500.
  • Missing images/thumbnails/files.
  • Unable to edit (e.g. crop images) through WordPress Media Library.

Troubleshooting Journey

500 Internal Server Error server error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.

Mozilla Development Network (MDN)

Knowing what a 500 means is one thing; pin-pointing the cause is a whole new ballpark altogether, considering 500’s can be pretty vague.

In the past, I’ve modified the permissions for alvinr.ca in such a way that I wouldn’t be able to update through wpadmin – only manually. While this gave some odd behavior through wpadmin (asking for FTP credentials when hitting ‘Update Now’), it was expected.
Could this error 500 issue be related?

Well, let’s take a look at the permissions for one of our uploads.

Advanced Security Settings for Purple Leaf Plum image at time of error 500

Huh.
Well, we’re missing some entries; namely Users, IUSR and IIS_IUSRS.
Unsure how that happened, but let’s add the permissions and try browsing to it again.

For IUSR & IIS_IUSRS:
- Modify
- Read & execute
- Read
- Write

For Users (domain\Users):
- Read & execute
- Read

Aha! It works! The Purple Leaf plum is now visible in all its glory.

Now that we’ve resolved that, let’s continue on with our lives. Making another post, uploading another image… and guess what.

It happens again.

Same error 500, and the uploaded file is missing those permissions!

What’s going on here?
Who/what keeps nuking necessary permissions to my WordPress uploads?

To better understand this, let’s talk about what exactly happens when you upload a file to WordPress.

Problem

The process of uploading a file to WordPress is handled by PHP. During this process, PHP retrieves the file from the client, placing it in a temporary location, before moving it to wp-content/uploads as dictated by WordPress.

WordPress File Upload Process

When a file is written to this temporary location by PHP, it inherits permissions associated with that location.

When the file is moved to a WordPress specified location, it’s just that – moved. It STILL retains the permissions from the PHP temporary location.

And since PHP is not ran by a user that owns the file, its permissions cannot be changed after the move.

This explains why new uploads are affected.
It also explains possible origins to this problem;

  • Updates to PHP
  • Modifications to PHP or your IIS site’s handler mappings
  • Modifications to the temporary file upload location written to by PHP

Solution

  • Define a new temporary file upload location for PHP
  • Add specified users above to temporary file upload location used by PHP (not recommended)

Since the default location for PHP file uploads is C:\Windows\temp , which is used by other applications including the system itself, I’d like to keep its permissions pristine before it causes conflicts, or even worse, opens security holes.

Thus; let’s specify a NEW default temporary file upload location by modifying php.ini (PHP configuration file).

  1. Create a new location to be used for temporary file uploads by PHP
    Example; C:\inetpub\php-temp
  2. Launch IIS Manager, identify PHP used for site by inspecting Handler Mappings
  3. Navigate to location of php.ini for PHP installation identified previously
  4. Open php.ini, find the upload_tmp_dir configuration item, un-comment by removing the leading ‘;‘, and specify the new location
Example upload_tmp_dir entry

How to find your PHP configuration (click thumbnails to enlarge image):

1. Select site in IIS Manager > Handler Mappings

2. View Ordered List to determine PHP used by site

3. Sort by path, identify highest priority name for *.php path

4. View Unordered List, and double-click item identified previously

Lessons learned; error 500’s are sometimes more predictable when your web application is WordPress. Also; clean up your handler mappings.
May your posts be fresh, and your images always available.

Campus Navigator by Atlabs, voted best SDNE Capstone @ Sheridan College

We’re taking the conventional ‘map’ out of navigation with our highly interactive, virtual environment in a pocket – the Campus Navigator.

ATLABS, 2019

During my final year at Sheridan College, I lead team Atlabs on a wild journey in ideating, developing, and presenting the Campus Navigator at the Sheridan College 2019 Capstone Showcase.

The event was outstanding – KUDOS to everyone who partook and shared their projects across both the Software Development & Network Engineering (SDNE) and Mobile Dev. program streams.

As part of the event, a variety of awards were given out as voted on by both participants and judges comprising of alumni, faculty, and industry partners.

Our solution was voted the Best SDNE Capstone, 2019.
Well; I certainly didn’t expect this.
Let’s reflect.

PROJECT

Ideate several hundred times, choose once.

Knowing the implications of a boring project chosen with very little interest, our first (and perhaps longest) team exercise was in ideation.
The first month was spent on brainstorming – learning more about each other and our interests – so that we may find a project that either aligns with the collective interest, or possesses at least one element that interests each member.

Our earliest brainstorming sessions were perhaps the least technical. They were more or less friend-meets; talking about interests, directions we wanted to take the project, and the severe lack of healthy fast food locally.

Eventually, we managed to narrow down some common archetypes. From here, we directed our discussions more towards the overall project. What kind of problems exist in the world today relating to X? Could we see ourselves doing Y for a year? Will we get arrested for Z?

From here, we worked out three, solid project ideas.

All that was left was to investigate the technology we would need, the expertise of our team, the support available, and project breakdown should we choose that idea to run with.

For Atlabs, we were all interested in doing something we’d see ourselves (either in the past, present, or future) using. Hence, we went down the mobile indoor mapping route, finding enough features in here that would satisfy everyone. Then, we discussed the scope – quickly realizing that The Path wouldn’t be feasible (the first rule of Toronto is: you don’t commute to Toronto).
So, we chose our campus; the Sheridan College, Davis Campus.

Finally, we talked technology;

  • Mobile as per current app trends – specifically Android based on team expertise
  • BitBucket for code repo, and Git for SC
  • Android Studio as IDE
  • Slack as primary communication hub
  • Trello for sprint task management

When it comes to indoor mapping; we chose WRLD3D.

In it’s earliest stages, Google Indoor Maps was terribly limited – being literally black and white floor plans.
WRLD3D directly supported route finding, a detailed POI handling system, not to mention having full 3D interactivity support that looks downright awesome.

This was how the Campus Navigator was born.

TEAM

People over ideas.
Ideas come and go, a majority never bearing fruit, remaining as lost promises.
People are forever; they’re living, breathing, and exist right here, right now.
Give them a reason to, and they will stand with you through thick and thin long after your idea grows wings, or turns to dust.

Our success in capstone came from excellent teamwork, and I couldn’t have asked for better.

Thank you; Jennifer, Pavan, and Anish for not just your outstanding work and dedication, but also for the lessons you’ve taught me along the way.

By volunteering as guinea pigs for this wild ride, I’ve developed a better understanding and appreciation for proper resource assignment and time management.
At the same time, I hope that I managed to imprint some wisdom into you that’ll be carried on into your future endeavors.

The leadership, project management, and variety of development skills learned throughout this project will not be forgotten – and man, am I excited for the next opportunity to try them out.

DEVELOPMENT

Sometimes in a project, you find yourself wondering where the time’s gone.
Then you realize you’ve been tracing lines in QGIS for the past hour.

When it came to development, my time was spent on two main facets of this project; the Discussion feature, and Map Design.

For Discussion, we’ve envisioned from the start a thread-like board not too dissimilar from Reddit, where a user can nest replies, as well as influence the score of thread replies via voting. Each point of interest (POI) of our map is to have its own ‘Post’, where users can have discussions by making top-level comments, then nest replies within each.

Screenshot of app with discussion for the J203 POI

Users that are not logged in would see the same discussion, but would be unable to comment/rank replies until authenticated.

Realistically, authentication should be tied to students, and hence, would use an institutions’ SSO.

As a proof, we’ve utilized FireBase, which both manages discuss data storage, and user authentication via Google’s OAuth.

A solid half of the effort I’ve invested in this project went towards Map Design. Initially unfamiliar with the concept of geographical information systems (GIS).

Seriously. I’m a Software Developer. My city shaping skills were limited to Sid Meier’s Civilization V.
Until this project, of course.

sheridan (davis) floor 1 in QGIS
Sheridan College (Davis), Floor 1 in QGIS

Perhaps our greatest adversary, our team fought time to grasp the essentials behind geographical design so that we can design indoor maps in QGIS.

Design process for maps: Retrieve from Facilities > Design in QGIS by overlaying geospatial data > Prepare for WRLD3D platform > Publish & Correct

Of this time, roughly 40% was spent on tracing the provided floor plans. QGIS’ built in Georeferencer helped tremendously; but could only help so much, since some building outlines were misshapen (as provided from WRLD3D), or just plain didn’t exist (in terms of Sheridan College, Davis Campus’ A-Wing), resulting in a warped output from Georeferencer that could not be reliably depended upon.

The rest of the time was primarily spent drawing straight lines, identifying key features (doors, walls, rooms) and attributing them.

These design tasks were one of the largest takeaways for me; having needed to use several different coordinate reference systems (CRS), as well as handle complex designs (honestly, this makes those ‘floor plans’ seen on HGTV look like chicken scratch).
Perhaps most importantly, it helped me improve my spatial awareness and general geographical design mindset through several nights of lost sleep over “is this also considered hallway?”, and “would I realistically take this path from X to Y?”

After publishing, any time left was used to correct any misshapen areas and resolve compilation errors with WRLD3D.

PRESENTATION

Practice makes perfect.
Unless you’re presenting.
In that case, practice makes confidence, which makes perfect.

When it came down to presentations, Sheridan’s CST courses ensured we did. Lots.

Every group discussion session in CST2 was met with a “throw me an elevator pitch”. It only got more intense with formal presentations; first to our capstone session, then to a panel of venture capitalists, eventually leading towards the grand finale at the Sheridan College Capstone Showcase held at Trafalgar.

Capstone helped me realize something important in life; that presenting doesn’t have to be a chore. No, it’s not a ‘necessary evil’, and no, it doesn’t have to be a period of extreme anxiety and dread.
Like talking with friends, a phone call, or even reading this post – it’s just another way we communicate.

Every day, we’re inherently presenting ourselves to the world. What changes, then, when you slap the label ‘presentation’, onto something?
Usually, it’s something being put at stake; from a good grade to a career opportunity.
However, we’re always putting something at stake when presenting – and that doesn’t necessary have to be something to fear.

We’re inherently social creatures slowly losing our ability to communicate confidently face-to-face by black text on a white screen.
If there’s anything to fear, it’s this.

Thus; thank you Capstone for mock interviews, group discussions, elevator pitches, release candidates, VC pitches, and showcases.
Like a good workout, the pain was there, but I’m leaving Sheridan stronger, and more presentable for it.

SHERIDAN

The journey was perilous.
I supported my team to the best of my ability.
It hurt to watch others fall without support of their own.
Great ideas, and even greater students. Gone by December.

Now, I didn’t really see fit to include this category in this little reflection of mine, but it’s necessary. Especially if you’re reading this in preparation for your own capstone.

Capstone teams need more support from Sheridan College.

And by ‘Sheridan College’, I’m referring to everyone/everything outside of the capstone faculty – which were downright awesome, and perhaps some of the most inspirational professors I had the pleasure of working with (you know who you are, Simon, Geoff, John).

While Atlabs was successful, it was only through the hard work, planning, leadership, and dedication from each of its members.
We’ve all given up something along the journey, some more than others. In some cases, literal blood, sweat, and tears went into it.

On the other hand…
Some teams disbanded, their members dropping out of capstone all-together.
Others had to completely drop their idea for another with a MONTH remaining in 2019.
There were even those with industry partners who abandoned them mid-capstone.

While there may be extenuating circumstances for these, I personally blame Sheridan College for being at the core of them.
However, that’s all in the past now. And while it’s left some lasting impressions on students, let’s talk about the future, and what can be done to make better impressions on future generations of students entering a Computer Technology related capstone.

The two pillars of support I’d like to see moving forward would be:

  • Monetary – Support us financially.
    The majority of our financial spending went towards our meets and presentations in the form of printouts, handouts, brochures, hardware rentals, etc.
    I’ve had the pleasure of talking with some very creative individuals with some outstanding ideas who were unable to carry through with them due to the lack of funding, either because they ran out of Azure credits, or they required equipment/technology that isn’t available/affordable to the average student.
  • Community – Capstone shouldn’t be an ‘Applied Computing’ event. It’s a SHERIDAN event.
    I’m serious. Students put an entire year’s worth of efforts, alongside their full-time studies, co-op, part-time jobs, and LIFE to work on this. This is a momentous occasion, and I was seriously disappointed by the lack of impression from Sheridan.
    All of Sheridan College’s faculty and student body should be aware of capstone, what it is, and why we do it. Essentially, capstone should be prestigious.
    That way, when a team such as ours has to inquire for the floor plans necessary for our solution, it doesn’t take 4 MONTHS for facilities to deliver (there’s really no excuse, snippets are used in a variety of places on/off campus).
    OR, when we present at the capstone showcase, students actually have an idea as to what’s going on, engage with teams, and understand the full weight of what we’ve accomplished (no, it’s not a homework assignment).

deep breath.
Alright.

FUTURE OF CAPSTONE

Any practical industry project involves more than just ‘software’. There’s a variety of people involved from different professions, such as the engineers to work out the hardware, and business analysts that help predict how to insert into the market.

To make this a much more fulfilling, creative, and outstanding project; let’s see capstones bridged across programs, integrating students from various career paths.

Let’s take the following for instance, where there’s amazing potential in an IoT technology sector for mechanizing central air vents and controlling them with your thermostat. That way, you can effectively choose how warm/cold different parts of your home should be.
Heck; let’s take it a step forward and integrate simple proximity sensors.
Now we’ve got an automated system that can intelligently heat/chill rooms with occupants.

While engineering students may be able to mechanize air vents, they’ll be lost when it comes to the software necessary to interface and drive communication between these vents and some centralized air system. That’s where a SDNE student would kick in.

Not only would this be more realistic, but it would be a downright amazing learning experience for everyone involved.
As for the quality of capstones?
You’ll be shaping the next generation of innovators.

From left to right: John Wang, Jennifer To, Alvin Ramoutar, Geoff Hogan, Simon Hood, Pavan Kumar Kuntumalla

More information about Sheridan College 2019 Applied Computing

Sheridan College 2019 Capstone Showcase Photo Gallery

Infinifish @ Fishackathon – ID via Spectroscopy

Fishackathon Logo

Bringing the world together to protect life in our waters, make fisheries and aquaculture more sustainable and equitable, and preserve our planet’s future.

The only thing better than eating fish is hacking them.

In the proverbial sense of course.

On the second week of February, I lead team ‘Finna hit a Fin’ at Hackernest’s annual Fishackathon held at Toronto city hall. Through a rigorous 28 hour non-stop development cycle, we managed to create and present a functional prototype of our solution; Infinifish.

Infinifish is a hand-held device that simplifies fish identification, meant to capture data from the fin, compare it against a known datasource, and provide an accurate identification of its species. For our prototype, we harnessed spectroscopy (color-sensing), as well as translucency data to identify a fish fin, and therefore, the fish.

The following is the real prototype presented at Fishackathon Toronto. Contained within would be a TCS ran by an ESP NodeMCU board.

 

Similar to a human fingerprint, fish fins are perhaps the most unique aspect of a fish. Our team wanted to take this idea further and create a simple, cheap ‘fingerprint’ scanner for fish.

Presented amongst the app-heavy crowd at Fishackathon Toronto, we discussed the modern relevancy of spectroscopy in light of all the AI and photo recognition technology. Quite simply; image/pattern recognition has its difficulties. These difficulties are being migitated via AI application to tech such as facial recognition, but until then, color pattern mapping via spectroscopy remains the affordable and simple solution.

 

Infinifish was a hit among the crowd with a demonstration involving live fin data, finishing the day at 2nd place, and was eventually presented to the faculty of applied science and technology (FAST) at Sheridan College.

Our solution is targeted primarily towards research and marine biology in hopes of automating currently manual identification methodologies, as well as recreational.

Infinifish is currently in development with effort being placed into enhancing accuracy via pattern matching, and will (hopefully!) be presented at the next Fishackathon in 2019.

Northern Wind Club

Progress lies not in enhancing what [already] is, but in advancing toward what [could] be.
~ Khalil Gibran

The Northern Wind Club is a small social club that takes up projects in and around the Sheridan community, and through efforts between our club and clients, strive towards their successful completion.

We operate on a request and case basis; analogous to a service club.

These projects can be anything, and are decided upon by various factors including interest, resources, time, as well as the spirit of the request.

Do you dislike large, unorganized groups? Hate it when things never get done? Have a niche skill set that you’re dying to exercise? Or perhaps you’re a fanatic of progression and helping others.
In that case, the Northern Wind Club may be the place for you.

For more information, check us out at northernwind.me

Sudoku Engine

It’s been a few months since its completion, but I finally got around to making this post. Here’s to the release of Sudoku!


Sudoku Engine

Java Sudoku Engine is a project built using FXML for PROG24178 at Sheridan College. It’s a neat little desktop application that generates Sudoku puzzles and contains a few nifty features that I’m sure Sudoku fanatics will love.

Check it out at Github, where you can also download it.

 

WHAT IS SUDOKU

Sudoku is an old number-placement puzzle, originating with recordable evidence during the 1800’s from an experiment with magic squares. The objective of Sudoku is to fill a grid with digits between 1-9 – the catch being that no two are to be repeated in a row, column, and individual 3×3 square. The end result can be compared to that of a Latin Square, a collection of elements with a nearly indistinguishable pattern.

Why vSphere Web Client runs on port 9443

Admittedly, I’ve been on this issue far too long. And by issue, I should say issues, all of which may/not resemble the following:

  • Administrator@vsphere.local lacks basic permissions.
  • vCenter Server doesn’t appear in inventory, or is invisible.
  • ERROR: Failed to connect to host _______ in the bottom-right corner (notification)
  • Failed to verify the SSL certificate for one or more vCenter Server Systems: https://vCenterServerFQDN:443/sdk
  • [00404 error 'Default'] Failed to intialize VMware VirtualCenter. Shutting down... from vpxd logs.

 

BACKGROUND:

My goal was to migrate my vCenter Server 5.5U2 environment to Windows Server 2012.

Instead, I ended up setting up a new vCenter Server instance with all 4 services installed on the same host. The host is a fresh VM hosted upon ESXi 5.5, and connected to a respected domain & DNS server.

The issues begin rolling in when attempting to use the vSphere Web Interface to add my ESXi host to the data center.

However, I found myself unable to do anything but login into the web client (cannot change roles/permissions, create data centers, create VMs, add hosts, look at logs, and more).

 

APPARENT PROBLEM:

vSphere’s Web Client runs on port 9443, which is a bit of a pain to see and enter as a URL. As such, I decided to change it to port 443, commonly used by HTTPS and recognized by browsers, eliminating the need to enter a port after my web client’s address. This was done by editing vCenter’s Tomcat Server config (seen more below).

However, vSphere’s decision to use 9443 was not out of spite. Port 443 was used for:several other services, including:

  • WS-Management (also requires port 80 to be open)
  • vSphere Client access to vSphere Update Manager
  • Third-party network management Client connections to vCenter Server
  • Third-party network management Clients access to hosts
  • Monitor data transfer from SDK clients.

All of which are present and accounted in Required ports for VMware vCenter Server 5.5 (2051575).

 

SOLUTION:

Revert the port-change in the Tomcat Server’s config back to 9443.

  1. Launch services.msc [START>RUN>services.msc].
  2. Stop the service VMware VirtualCenter Server service.
  3. Navigate to C:\Program Files\VMware\Infrastructure\vSphereWebClient\server\configuration\
  4. Copy the file tomcat-server.xml to a readable/writable location (e.g. Documents or Desktop.
  5. Open the copied tomcat-server.xml with a text editor, such as Notepad, Notepad++, or Sublime.
  6. Within the <Service name="Canalina"> container, look for the following line (for me, it was the second line): <Connector port="####" protocol="HTTP/1.1" SSLEnabled="true" ...>
  7. Change the port listed (####) back to 9443.
  8. Rename C:\Program Files\VMware\Infrastructure\vSphereWebClient\server\configuration\tomcat-server.xml to tomcat-server_BACKUP.xml
  9. Copy the copied tomcat-server.xml file to C:\Program Files\VMware\Infrastructure\vSphereWebClient\server\configuration\
  10. Restart the vCenter Server.

I’m sure that there’s a way to safely change this port (maybe by NOT doing the ‘simple’ installation!), but for now, I’ll settle with entering 5 characters after my vCenter server address. I’ll continue to toy around with this, and see if I could figure it out.

I’m also quite sure that this process varies for the vCenter Server APPLIANCE. As such, please don’t follow this with intentions to fix a similar issue on said appliance.

And please, don’t be frustrated if this isn’t the solution you’re looking for, or if it breaks something (that’s what tomcat-server_BACKUP.xml is for). I’d suggest reading further at KB2050273 or KB1010837.

 

Anyways, good luck with setting up your vCenter Server environment!

Can YOU Follow Instructions?

Whether you’re making touchdowns, placing bricks, or behind the steering wheel, INSTRUCTIONS are critical in ensuring optimal performance and success. Without instructions written by experienced individuals, many tasks would seem unnecessarily more difficult, such as baking caramel shortbread, or near impossible with the case of IKEA furniture.

I would like to introduce a new app, an assessment that tests ones’ ability to follow instructions.

You can find it HERE.

The following is a javascript web application running completely client-side. Nothing is stored, or cached, or ever delivered elsewhere.

Can YOU follow instructions?
Good luck, and have a great day!

Alvin