From 00e936e057ca849c6d153021ac2aa17b64c6e0ec Mon Sep 17 00:00:00 2001 From: Khoa Bui Date: Thu, 3 Mar 2016 12:56:22 -0800 Subject: [PATCH 1/3] OpenBaseDir Check --- src/phpFastCache/phpFastCache.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/phpFastCache/phpFastCache.php b/src/phpFastCache/phpFastCache.php index 88e73ec25..eab471fc8 100644 --- a/src/phpFastCache/phpFastCache.php +++ b/src/phpFastCache/phpFastCache.php @@ -13,8 +13,9 @@ */ use phpFastCache\CacheManager; +use phpFastCache\Util\OpenBaseDir; define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1)); - +require_once __DIR__."/Util/OpenBaseDir.php"; /** * Register Autoload */ @@ -28,9 +29,15 @@ */ return; } + if(!OpenBaseDir::checkBaseDir(__DIR__)) { + /* + * in case system have open base_dir, it will check ONE time only for the __DIR__ + * If open_base_dir is NULL, it skip checking + */ + return; + } $entity = str_replace('\\', '/', $module[1]); - $path = __DIR__ . '/' . $entity . '.' . PHP_EXT; if (is_readable($path)) { require_once $path; From 84b0c8c2f87a284aa5f6f02a39abbfd86156ee5b Mon Sep 17 00:00:00 2001 From: Khoa Bui Date: Thu, 3 Mar 2016 12:57:00 -0800 Subject: [PATCH 2/3] OpenBaseDir --- src/phpFastCache/Util/OpenBaseDir.php | 33 +++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 src/phpFastCache/Util/OpenBaseDir.php diff --git a/src/phpFastCache/Util/OpenBaseDir.php b/src/phpFastCache/Util/OpenBaseDir.php new file mode 100644 index 000000000..9ca5dfb14 --- /dev/null +++ b/src/phpFastCache/Util/OpenBaseDir.php @@ -0,0 +1,33 @@ +".$tmp[0]." = ".$path." BY {$allowed_path}"; + self::$stores[$index] = true; + return true; + } + + } + } else { + return self::$stores[$index]; + } + return false; + } + return true; + } +} \ No newline at end of file From e077d5b9097c0160ecae867a0dfa61e9e3fbf2fa Mon Sep 17 00:00:00 2001 From: Khoa Bui Date: Thu, 3 Mar 2016 12:58:14 -0800 Subject: [PATCH 3/3] openbasedir --- src/phpFastCache/phpFastCache.php | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/src/phpFastCache/phpFastCache.php b/src/phpFastCache/phpFastCache.php index eab471fc8..fd557bb07 100644 --- a/src/phpFastCache/phpFastCache.php +++ b/src/phpFastCache/phpFastCache.php @@ -22,20 +22,14 @@ spl_autoload_register(function ($entity) { // Explode is faster than substr & strstr also more control $module = explode('\\',$entity,2); - if ($module[0] !== 'phpFastCache') { + if ($module[0] !== 'phpFastCache' + || !OpenBaseDir::checkBaseDir(__DIR__)) { /** * Not a part of phpFastCache file * then we return here. */ return; } - if(!OpenBaseDir::checkBaseDir(__DIR__)) { - /* - * in case system have open base_dir, it will check ONE time only for the __DIR__ - * If open_base_dir is NULL, it skip checking - */ - return; - } $entity = str_replace('\\', '/', $module[1]); $path = __DIR__ . '/' . $entity . '.' . PHP_EXT;