#21565 [Com]: include/require fail under safe-mode.

jot at agonize dot org Wed, 02 Apr 2003 06:07:43 -0800

 ID:               21565
 Comment by:       jot at agonize dot org
 Reported By:      komanek at natur dot cuni dot cz
 Status:           Open
 Bug Type:         Scripting Engine problem
 Operating System: Tru64Unix 5.1A
 PHP Version:      4.3.0
 New Comment:


Same issue under Apache 1.3.27 and PHP 4.3.1. Includes dont seem to
work at all unless the absolute path is used.. even with safe_mode set
to off.


Previous Comments:
------------------------------------------------------------------------

[2003-02-11 08:28:27] s dot birkhoff at liwest dot at

I have the same Problem under Windows 2000/XP/IIS and
PHP Version 4.3.0

In Version 4.2.3 it all works fine.

------------------------------------------------------------------------

[2003-01-30 06:49:10] Emil at Wayers dot com

My Solaris 8 and Solaris 7 both have this problem with Apache 1.3.27
and MySQL-max-3.23.54a-sun-solaris2.8 +
MySQL-max-3.23.54a-sun-solaris2.7 under PHP 4.3.0

------------------------------------------------------------------------

[2003-01-30 06:45:19] Emil at Wayers dot com

I found the excact same problem.

Fatal error: main() [function.main]: Failed opening required
'./libraries/grab_globals.lib.php'
(include_path='.:/usr/local/lib/php') in
/opt/www/conf/phpMyAdmin/index.php on line 9

Safe_mode is on here; I traced the problem to a require/include
function problem (duh)

You will have to specify the exact path to the file in safemode, even
if you have the path in your include_path.

If the file has no path given in the require or the include PHP 4.3.0
gives these kind of errors. But older version accept it.

Note; even ../../ and ./ do not work. The latest phpMyAdmin will not
work on PHP 4.3.0 with safemode on.

------------------------------------------------------------------------

[2003-01-14 00:12:45] komanek at natur dot cuni dot cz

I turned all errors and warnings reporting to have maximum info. Here
is a real example from my web, with real paths in filesystem. Both
"include" and "require" are used to demonstrate the difference,
previously, I used only "require". Strange is that in php 4.2.2 it
worked fine for me. The only difference is the upgraded php dynamic
module for Apache. It is not the problem of non-existing files or paths
because with safe_mode = Off the included and required files are found
and opened with no errors.

<?php
include "header.php";?>
<center>
<p>
<b>
<a href="free_catalogue.php">The Catalogue</a>
</b>
</p>
</center>
<?php
require "footer.php";?>
</body>
</html>


The output of this is:

Warning: main() [function.main]: Unable to access ./header.php in
/usr/users/dbminer/public_html/index.php on line 2

Warning: main(header.php) [function.main]: failed to create stream: No
such file or directory in /usr/users/dbminer/public_html/index.php on
line 2

Warning: main() [function.main]: Failed opening 'header.php' for
inclusion
(include_path='.:./:/usr/users/komanek/public_html/TEST/phpclasses:/usr/local/lib/php:/usr/local/www/apache/htdocs/MINER:/usr/users/dbminer/public_html:/usr/users/popin/html2/statistics/i')
in /usr/users/dbminer/public_html/index.php on line 2

The Catalogue

Warning: main() [function.main]: Unable to access ./footer.php in
/usr/users/dbminer/public_html/index.php on line 11

Warning: main(footer.php) [function.main]: failed to create stream: No
such file or directory in /usr/users/dbminer/public_html/index.php on
line 11

Fatal error: main() [function.main]: Failed opening required
'footer.php'
(include_path='.:./:/usr/users/komanek/public_html/TEST/phpclasses:/usr/local/lib/php:/usr/local/www/apache/htdocs/MINER:/usr/users/dbminer/public_html:/usr/users/popin/html2/statistics/i')
in /usr/users/dbminer/public_html/index.php on line 11



>From filesystem:

lib[0]:/usr/users/dbminer/public_html(07:04)# ls -al index.php
header.php footer.php
-rw-r--r--   1 dbminer  users        174 Oct 30  2000 footer.php
-rw-r--r--   1 dbminer  users       1047 Nov  7  2001 header.php
-rw-r--r--   1 dbminer  users        161 Jan 13 12:08 index.php

Configure switches:

--with-apache=/scratch/sources/apache_1.3.26 --with-openssl
--with-zlib=/usr/local --with-zlib-dir=/usr/local --with-bz2=/usr/local
--with-db --enable-dbase --with-gd --with-dom --enable-ftp
--enable-gd-native-ttf --with-freetype-dir=/usr/local/freetype2
--with-iconv --with-mysql --enable-trans-sid
--with-jpeg-dir=/usr/local/lib --with-png-dir=/usr/local/lib
--enable-sockets --enable-discard-path --enable-safe-mode
--enable-bcmatch --enable-calendar --enable-ctype --enable-mailparse
--enable-force-cgi-redirect --enable-memory-limit
--with-expat-dir=/usr/local --with-xml --with-gettext --with-mcrypt
--with-imap=/scratch/sources/imap/imap-2002.RC2
--with-imap-ssl=/scratch/sources/imap/imap-2002.RC2 --disable-cgi

------------------------------------------------------------------------

[2003-01-13 17:45:48] [EMAIL PROTECTED]

Do you get any other warning/error messages, something about UID of the
script not matching that of the file?

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/21565

-- 
Edit this bug report at http://bugs.php.net/?id=21565&edit=1

#21565 [Com]: include/require fail under safe-mode.

Reply via email to