Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Check if open_basedir is set in loadConfigFile #2

Closed
taylorotwell opened this Issue · 8 comments

2 participants

@taylorotwell

We recently had a production issue where the loadConfigFile method in IronCore checks file_exists on the given config file. At the top of this method you should probably check:

if ( ! ini_get('open_basedir')) return;

So that you don't have any open_basedir errors on installations that do not have that directive set.

@thousandsofthem
Collaborator

Is this what you looking for? If all ok, i will regenerate all .phar files

@taylorotwell

If you do it like that I think you need to remove the "!" so that you only call those methods if the ini_get returns true.

@thousandsofthem
Collaborator

well, as far as i know, ini_get('open_basedir') never return true. Empty string (eqal to false) - if there are no restrictions, and list of allowed directories otherwise

@taylorotwell

Hmm, maybe just cast it bool then?

@thousandsofthem
Collaborator

it is, already. empty string == false, string with text == true
e.g. http://stackoverflow.com/questions/2749759/php-open-basedir-to-return-value

It means if ini_get('open_basedir') == true then open_basedir restrictions in active state

@taylorotwell
@thousandsofthem
Collaborator

E.g. on my home pc ini_get('open_basedir') always return empty string. Which means no restrictions were applied and script able to get file located in home directory

@taylorotwell
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.