Am 26.05.2014 09:48, schrieb Thomas Bruederli: > On Sun, May 25, 2014 at 10:47 AM, Reindl Harald <[email protected]> > wrote: >> >> [25-May-2014 05:45:01 Europe/Vienna] PHP Warning: file_exists(): >> open_basedir restriction in effect. >> File(vendor/autoload.php) is not within the allowed path(s): >> (/usr/share/roundcubemail:/var/log/roundcubemail:/etc/roundcubemail:/usr/share/pear:/var/www/uploadtemp) >> in >> /usr/share/roundcubemail/program/include/iniset.php on line 64 >> >> GENERAL: please use @file_exists() everywhere to prevent such messages on >> production servers >> running witeh E_ALL fro good reasons and sending twice an hour anything from >> the php errorlog >> via email to the admin which normally is empty > > I clearly object against that. Suppressing errors with @ (or with any > other means) should not become a GENERAL habit. Yes, we use @ within > the Roundcube codebase but very selectively and we should even try to > reduce its use. And if open_basedir moans about a prevented file > access attempt, that's clearly something that should catch your > attention in the logs.
no in that case @file_exists() is the way to go or just use
is_file() which don't throw open_basedir warnings for the
same path, that's a bad behavior of PHP where both functions
behave different in case of such checks for at least 11 years
if you have libraries which try to find conditional includes
file_exists('../whatever.inc.php'); called from the docroot
will throw such a warnining and calld from /popups/file.php
don't
@file_exists() *is* very selectively because it is a conditional
check if something exists and if not skip some action and that
is not something which should trigger warnings
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Roundcube Development discussion mailing list [email protected] http://lists.roundcube.net/mailman/listinfo/dev
