Stupid open_basedir handling in PHP
I have an application which has to run on different webservers (or to be more specific on servers with a different directory layout). On one server the php files are in /usr/home, the next one is using /www, the third one /var/www and last but not least my laptop has the files in my home directory which is below /home.
No problem - or?
Since we want a bit security, we have open_basedir activated. Now the script has to check if a specific directory exists. I added this directory name to the open_basedir settings on all webservers. But surprise PHP tries to be intelligent. On servers where the specific directory does not exist, PHP removes the directory name from the open_basedir directory list (note: this cost another stat() call on startup).
You imagine what comes next? Now the is_dir() call on this server fails, because of an "open_basedir restriction in effect" error.
*grrr*
Comments
Display comments as Linear | Threaded
Stephan Jaensch on :
Andreas Scherbaum on :
Stephan Jaensch on :
Andreas Scherbaum on :
Stephan Jaensch on :