Importing photos step 2 not working open_basedir restriction

[HonkXL]

I tried to import images from a zip file. Uploading and unpacking the zip works. Then I see the images and when I click one image and try to import I gut an php error.

Error message is below. For me it seems that it tries to create a directory in / - but I do not want to allow php to access everywhere. I granted access to the own webroot and to /etc/zoph.ini

Can something changed to make open_basedir working?

Warning: file_exists(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (/var/www/vhosts/weiland24.de/:/tmp/:/etc/zoph.ini:/usr/share/file/magic.mgc) in /var/www/vhosts/weiland24.de/httpdocs/fotomanager/util.inc.php on line 482
Verzeichnis konnte nicht erstellt werden: /

Fatal error: Uncaught exception 'FileDirCreationFailedException' with message 'Verzeichnis konnte nicht erstellt werden: /<br> ' in /var/www/vhosts/weiland24.de/httpdocs/fotomanager/util.inc.php:489 Stack trace: #0 /var/www/vhosts/weiland24.de/httpdocs/fotomanager/util.inc.php(502): create_dir('/') #1 /var/www/vhosts/weiland24.de/httpdocs/fotomanager/classes/photo.inc.php(425): create_dir_recursive('/var/www/vhosts...') #2 /var/www/vhosts/weiland24.de/httpdocs/fotomanager/import.inc.php(129): photo->import(Object(file)) #3 /var/www/vhosts/weiland24.de/httpdocs/fotomanager/webimport.inc.php(59): Import::photos(Array, Array) #4 /var/www/vhosts/weiland24.de/httpdocs/fotomanager/import.php(147): WebImport::photos(Array, Array) #5 {main} thrown in /var/www/vhosts/weiland24.de/httpdocs/fotomanager/util.inc.php on line 489

[jeroenrnl]

I think this is caused by Zoph making sure the entire directory path exists, starting from /, moving down into the path. I will have to look into this on my development system.

[HonkXL]

Great - thank you. I think the best is to change this, because in general it is no good idea to grant access for php outside the webroot. It's ok for a single file like the zoph.ini in /etc/ but not for the entire root path.

[jeroenrnl]

I agree. In fact Zoph does only need access to /etc/zoph.ini, the webroot and the location of the photos (which should be outside the webroot). However, when Zoph is creating directories during import, it will start at / to make sure every directory in the path exists. open_basedir prevents Zoph from "seeing" the directory - which leads to Zoph assuming it does not exist, hence trying to create it. I will need to see what can be done to prevent this.

[jeroenrnl]

I have reproduced the issue on my dev system. Now working on a fix.

[jeroenrnl]

Changed the order in which recursive creation of directories is
executed. The 'old' way was to start at the root and work the way up to
the dir to be created. This caused problems when open_basedir
restriction is activated. The 'new' behaviour is to start at the dir to
be created, then work up to the first dir that needs to be created and
then work back down. As long as the "basedir" exists, this will keep
Zoph from trying to pry on the filesystem outside of the basedir.