ID: 31054 Updated by: [EMAIL PROTECTED] Reported By: kameshj at fastmail dot fm -Status: Open +Status: Feedback Bug Type: Safe Mode/open_basedir Operating System: Any Operating System PHP Version: 5.0.2 New Comment:
Please try using this CVS snapshot: http://snaps.php.net/php5-latest.tar.gz For Windows: http://snaps.php.net/win32/php5-win32-latest.zip Previous Comments: ------------------------------------------------------------------------ [2004-12-10 16:14:03] kameshj at fastmail dot fm Description: ------------ include_path is not traversed fully when open_basedir have a nonmatching entries with respect to include_path entries matching from the beginning. For example: include_path=/kameshj:/usr/local/lib/php/includes open_base_dir=/mageshj:/usr/local/lib/php/includes Even though I have "include.php" under /usr/local/lib/php/includes and /usr/local/lib/php/includes is also under open_basedir include fails because of open_basedir check. Analysed the cause and found the cause to be _php_stream_fopen_with_path in php-src/main/streams/plain_wrapper.c In this function php_check_open_basedir is called for each include_path_entry/filename if for any of the include_path it fails further include_path is not tried at all. Attaching the patch at http://puggy.symonds.net/~kameshj/incpath.patch Reproduce code: --------------- main.php <?php echo __FILE__; echo "\n"; include(include.php); echo "\n"; ?> include.php <?php echo __FILE__; ?> Keep this include.php in a second entry the include path for example keep this include.php in /my/inc and have include_path as "/non/existent:/my/inc" Make sure this "/non/existent" is not present in open_basedir and run main.php. Expected result: ---------------- main.php should include 'include.php' successfully. Actual result: -------------- You will get a include failure message and whole host of open_basedir failure messages. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=31054&edit=1
