Edit report at http://bugs.php.net/bug.php?id=54128&edit=1
ID: 54128
Updated by: paj...@php.net
Reported by: vavra at 602 dot cz
Summary: ZIP_ER_OPEN when ZipArchive::open() on temp file
Status: Assigned
Type: Bug
Package: Zip Related
Operating System: Windows 2003
PHP Version: 5.3.5
Assigned To: pajoye
Block user comment: N
Private report: N
New Comment:
No, stat exists for that.
Previous Comments:
------------------------------------------------------------------------
[2011-03-02 19:31:39] carsten_sttgt at gmx dot de
> thus stat should normally work in this folder for own files.
Ups, must correct me. stat (crt) is really not working, even "traverse
folder/execute file" is allowed.
But I must agree with vavra. Checking the existence of a file is
normally done with (f)open or access. Someone should report this to the
libzip team.
------------------------------------------------------------------------
[2011-03-02 16:56:15] paj...@php.net
@carsten_sttgt at gmx dot de
Can you please for my own sanity keep separate issues separated?
Thanks.
The stat problem here is totally unrelated to realpath_r. There is a
reason why
we do it (see my other comment) and I already said that I have to see
what else
we can do to work around this problem without adding more platform
specific
changes in this implementation.
------------------------------------------------------------------------
[2011-03-02 15:53:37] carsten_sttgt at gmx dot de
> I assume it is similar on Windows.
Yes. In this case the needed X-Bit (X = directory traversal) is still
set. Thus you can "cd" to this directory. But on Windows we have an
additional right RD (list directory). This one is not allowed, and so
you can't do a "dir" in this directory.
-> thus stat should normally work in this folder for own files.
> Also sharing one temp for all vhost is not a wised idea :)
If all vhosts have a (scripts are executed with a) different SID, that's
not a problem. Only the creator SID (and admin/system) have full access
to it own files in this folder, but no rights to files created from
other SID's. (a little bit like 1777 on *nix. But an *nix you can still
list other files. On Win not.)
But back to the topic and let me extend the testscript:
| <?php
| $zipfile = tempnam(sys_get_temp_dir(), 'zip');
| $zip = new ZipArchive();
|
| $res = $zip->open($zipfile, ZIPARCHIVE::CREATE);
| if ($res !== true) {
| printf("Can't create file (%d)", $res);
| }
| var_dump($res);
| $zip->close();
|
| $res = $zip->open($zipfile);
| if ($res !== true) {
| printf("Can't open file (%d)", $res);
| }
|
|
| unlink($zipfile);
| ?>
The result:
| boolean true
| Can't open file (11)
I can create a new Zip-File in this folder, but can't open an existing
one.
BTW stat(). Here's an example with PHP stat() (and my favorite
realpath):
| <?php
| $temp = tmpfile();
| $filedata = stream_get_meta_data($temp);
| var_dump(stat($filedata['uri']));
| var_dump(realpath($filedata['uri']));
| ?>
The result:
| array (size=26)
| 0 => int 2
| ...
| boolean false
tmpfile, fopen, stat, whatever is working in this dir. But realpath
fails...
------------------------------------------------------------------------
[2011-03-02 11:08:58] paj...@php.net
What I mean by alternative solutions. Just not sure now if it is worth
it. Also
sharing one temp for all vhost is not a wised idea :)
------------------------------------------------------------------------
[2011-03-02 11:01:39] vavra at 602 dot cz
The right permission for temp folder are default right permission for
Windows Server systems. Microsoft probably has a security reason for not
allowing IUSR_XXXX user for listing a temp dir.
Yes I can fix it by changing permissions or not using Windows Temp dir.
I do not fordid you not testing file existence. I offer not do it by
stat function ;-)
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/bug.php?id=54128
--
Edit this bug report at http://bugs.php.net/bug.php?id=54128&edit=1
