NYCPHP Meetup

NYPHP.org

[nycphp-talk] open_basedir() error in PHP script

David Mintz dmintz at panix.com
Sat Aug 9 01:45:38 EDT 2003 

On Fri, 8 Aug 2003, Phil Powell wrote:

> MessageWhat kind of solution would I have if the machine this is
> occurring is a remote one and not my own? What do you recommend I do
> since I do not have any ownership over the box itself?


It looks like we can't override safe_mode with ini_set(). Maybe you can
run php in CGI mode and use your own config file?

Maybe someone else can give you a better idea -- just thought I'd give it
a shot.


---
David Mintz
http://davidmintz.org/
Email: See http://dmintzweb.com/whitelist.php first!

>
> Phil
>   ----- Original Message -----
>   From: pswebcode, nyc
>   To: 'NYPHP Talk'
>   Sent: Friday, August 08, 2003 8:32 PM
>   Subject: RE: [nycphp-talk] open_basedir() error in PHP script
>
>
>   Here is a descrip of what the php.ini setting for open_basedir does:
>
>   Limit the files that can be opened by PHP to the specified directory-tree, including the file itself. This directive is NOT affected by whether Safe Mode is turned On or Off.
>   When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to open it. All symbolic links are resolved, so it's not possible to avoid this restriction with a symlink.
>   The special value . indicates that the directory in which the script is stored will be used as base-directory.
>   Under Windows, separate the directories with a semicolon. On all other systems, separate the directories with a colon. As an Apache module, open_basedir paths from parent directories are now automatically inherited.
>   The restriction specified with open_basedir is actually a prefix, not a directory name. This means that "open_basedir = /dir/incl" also allows access to "/dir/include" and "/dir/incls" if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: "open_basedir = /dir/incl/"
>   Note: Support for multiple directories was added in 3.0.7.
>   The default is to allow all files to be opened.
>
>   Run info.php in your site to check for your php.ini settings. You are dealing with a "safe mode" file restriction. Works with all these types of settings as below:
>
>   safe_mode "0" PHP_INI_SYSTEM
>   safe_mode_gid "0" PHP_INI_SYSTEM
>   safe_mode_include_dir NULL PHP_INI_SYSTEM
>   safe_mode_exec_dir "" PHP_INI_SYSTEM
>   safe_mode_allowed_env_vars PHP_ PHP_INI_SYSTEM
>   safe_mode_protected_env_vars LD_LIBRARY_PATH PHP_INI_SYSTEM
>   open_basedir NULL PHP_INI_SYSTEM
>   disable_functions "" PHP_INI_SYSTEM
>   disable_classes "" PHP_INI_SYSTEM
>
>   PSaw
>     -----Original Message-----
>     From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On Behalf Of Phil Powell
>     Sent: Friday, August 08, 2003 7:58 PM
>     To: NYPHP Talk
>     Subject: [nycphp-talk] open_basedir() error in PHP script
>
>
>     Warning: open_basedir restriction in effect. File is in wrong directory in Unknown on line 0
>
>     Warning: Failed opening '/users/ppowell/web/cma/index.php' for inclusion (include_path='.:/usr/local/lib/php') in Unknown on line 0
>
>
>     I get this error upon opening a PHP script I wrote; however, upon refreshing my browser, the error goes away and usually does not appear again.  The page is not supposed to cache and I have caching turned off on my script:
>
>     <?
>
>       // PREVENT CACHING FIRST BEFORE ANYTHING ELSE!
>       header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
>       header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified
>       // HTTP/1.1
>       header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
>       header("Pragma: no-cache");                          // HTTP/1.0
>     ....
>
>     ?>
>
>     I have no idea why this happens but I can tell you that this script /cma/index.php will go to a TCL CGI script which will go back to /cma/index.php eventually upon form completion or linkage or some user action.
>
>     Phil
>
>
> ------------------------------------------------------------------------------
>
>
>   _______________________________________________
>   talk mailing list
>   talk at lists.nyphp.org
>   http://lists.nyphp.org/mailman/listinfo/talk
>


---
David Mintz
http://davidmintz.org/
Email: See http://dmintzweb.com/whitelist.php first!

Decibels of sound pressure employed by a new "thermoacoustic" refrigerator: 190
Decibels of sound pressure sufficient to ignite a person's hair: 165

	-- Harper's Index, February 2003

More information about the talk mailing list