Joomla out of memory error with exception.php

I’ve just suffered a strange out of memory exception with one of my Joomla sites. All the posts I read indicated that I needed to allocate more memory in my php configuration – crazy I thought – I already had 64MB allocated. There must be something more fundamentally wrong for this nasty gremlin to be happening. The actual error is–

Fatal error: Allowed memory size of 67108864 bytes exhausted (tried to allocate 40 bytes) in /home/site/public_html/libraries/joomla/error/exception.php on line 117

What I did (thanks to a couple of fragmented suggestions is change the line on 117 to the following

$this->backtrace = debug_print_backtrace();

Then re-render the site and you should see your browser fill with tons of crap. Hit the stop button after a second or two (before your browser crashes) and you should be able to see the root cause of your issue. For me it was a corruption of my jos_session table which I was able to fix with a truncate jos_session; command from the mysql command line.

I hope this note may save someone else a couple of hours of messing around with their memory settings.

Using magic_quotes_gpc or addslashes()

I’ve worked on a bundle of web based applications over the years and time and time again I’ve seen the recurring problem of the slash. Yes, we’ve probably all seen it in one or more forums where the apostrophe some user entered, probably with the name O’Brein ends up as O\Brein.

Why does this happen in sites running on PHP? The answer is a duplication of escapes. Yep, a Houdini Supreme.

Firstly a systems administrator has installed PHP and set the value for magic_quotes_gpc = on in the system’s php.ini (usually located in /etc/). This will automatically add slashes to all GET/POST/COOKIE data. This makes it safe before writing it to a database. Mr O’Brein becomes Mr O\’Brein when magic_quotes_gpc is set to on.

Secondly, a programmer has come along and thinking they’re doing the right thing takes all user input and uses the addslashes() funtion to escape all quotes. This results in a doubling of the escapes so, Mr O’\Brien now becomes MR O\\’Brein.

When this data is rendered, we see the automatic removal of only one set of escapes but the other set is left behind…yuck!!

When programmers see this they think “I’ll just use the stripslashes() method, I mean, that’s what it’s there for”. As the light from the idea bulb fades, they realise they’re fixing a problem that should never have occurred in the first place. You need to go to the source of your data and clean it up, make sure you’re either using magic_quotes_gpc=on OR addslashes. My preference is to use addslashes all the time and turn magic_quotes_gpc off, this way the logic of your code explicitly sets user input to be what you want.