ID: 15547 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Feedback +Status: Bogus Bug Type: Filesystem function related Operating System: Linux(RedHat 7.1) PHP Version: 4.0.6 New Comment:
AFAIK, open_basedir restrictions only _work_ when having safe_mode ON. Previous Comments: ------------------------------------------------------------------------ [2002-02-18 01:44:15] [EMAIL PROTECTED] > Are you sure safe-mode is enabled? No it is not. open_basedir seems to be independent directive without connection to the safe-mode (Atleast, the directory restrictions work on other file-operations but not tempnam) The following is example what triggered this in my code. php.ini has open_basedir=/www/htdocs and safe_mode= off The working code... $tfile=tempnam("/www/htdocs/tmp","foobar"); // success if /www/htdocs/tmp/ exists and is writable // directory $fp=fopen($tfile,"w"); // opens the file. The initial version, which does not care about the open_basedir... $tfile=tempnam("/tmp","foobar"); // creates the temp-file. $fp=fopen($tfile,"w"); // tries to open the file but does not succeed because of // the open_basedir setting! // // Because (any other) file operations cannot be used on /tmp // this code clutters the /tmp directory with zerobyte // temp-files. ------------------------------------------------------------------------ [2002-02-15 13:08:10] [EMAIL PROTECTED] Are you sure safe-mode is enabled? ------------------------------------------------------------------------ [2002-02-14 02:18:04] [EMAIL PROTECTED] tempnam() function bypasses open_basedir directive set by php.ini This can be seen f.e. by following code: $tfile=tempnam("/tmp","foobar"); // this is a success regardless of a open_basedir setting $fp=fopen($tfile,"w") // file is already created but fopen() fails if // open_basedir is set, but not to include /tmp ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=15547&edit=1