ID: 45362
User updated by: david71rj at gmail dot com
-Summary: High! Direct access to Apache folder
Reported By: david71rj at gmail dot com
-Status: Closed
+Status: Bogus
Bug Type: Directory function related
Operating System: Windows Vista SP1
PHP Version: 5.2.6
New Comment:
My fault. Bad configuration.
Previous Comments:
------------------------------------------------------------------------
[2008-06-26 04:00:47] david71rj at gmail dot com
-Don't disponible to public-
------------------------------------------------------------------------
[2008-06-26 03:54:19] david71rj at gmail dot com
The bug occur only if you don't unset variable-class ($test).
If use unset($test) work perfectly.
But, I still feel a bug.
It can be very serious.
------------------------------------------------------------------------
[2008-06-26 03:48:31] david71rj at gmaill dot com
Too works with:
class Name
{
function __destruct()
{
echo realpath("./");
}
}
Don't is needly call a function.
------------------------------------------------------------------------
[2008-06-26 03:43:56] david71rj at gmail dot com
Description:
------------
- See "Reproduce code" -
Reproduce code:
---------------
class Name
{
function __descruct()
{
$this->Save();
}
function Save()
{
echo realpath("./");
}
}
echo realpath("./")."\n";
$test = new Name();
Expected result:
----------------
C:/project/test
C:/wampserver/bin/apache/apache2.2.8 <-- (o.O)
Actual result:
--------------
C:/project/test
C:/project/test
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=45362&edit=1
