#17445 [Com]: open_basedir warning when including file in same dir
ID: 17445 Comment by: stv at seznam dot cz Reported By: mitch at webcob dot com Status: No Feedback Bug Type: Scripting Engine problem Operating System: FreeB SD 4.4 PHP Version: 4.2.1 New Comment: Same problem. Why it haven't been solved yet in core? Just only first check if file exists before check for permissions. Why none feedback from here from some developers? I can describe this problem detaily: On server php5.cz with this configuration of php http://slapstick.php5.cz/info.php include_path is set: /www/7/site2017/:.:/usr/lib/php open_basedir is set: /www/7/site2017/ Reproduce code: In file /www/7/site2017/wwwroot/index.php : require_once('../controller/inc.controller.php'); In file /www/7/site2017/controller/inc.controller.php : error_reporting(E_ALL | E_STRICT); if (!include_once('inc.config.php')) die('Application error0'); Require works as expected. Include not. Because php is first searching in paths related to directory /www/7/site2017/wwwroot/ and after trying to include file /usr/lib/php/inc.config.php raises warning permission denied for this include (due open_basedir) and ends proccessing of script even if the file /usr/lib/php/inc.config.php doesn't exist. Why rising permission warning even if file doesn't exist? Expected result: Including file /www/7/site2017/controller/inc.config.php Actual result: Warning: main() [function.main]: open_basedir restriction in effect. File(/usr/lib/php/inc.config.php) is not within the allowed path(s): (/www/7/site2017/) in /www/7/site2017/controller/inc.controller.php on line 6 Warning: main(inc.config.php) [function.main]: failed to open stream: Operation not permitted in /www/7/site2017/controller/inc.controller.php on line 6 Warning: main() [function.include]: Failed opening 'inc.config.php' for inclusion (include_path='/www/7/site2017/:.:/usr/lib/php') in /www/7/site2017/controller/inc.controller.php on line 6 Application error0 Previous Comments: [2002-10-24 01:00:03] php-bugs at lists dot php dot net No feedback was provided for this bug for over 2 weeks, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". [2002-10-08 22:51:06] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-latest.zip [2002-05-27 01:16:34] mitch at webcob dot com I have set open_basedir = /home/user I have set include_path = .:/home/user/lib:/home/user/site/lib I have a file located in: /home/user/site/htdocs/ which requires another file in the same directory. The include WORKS. BUT IT PRODUCED A WARNING: Warning: open_basedir restriction in effect. File is in wrong directory in /home/user/site/htdocs/file1.php on line 3 File2 is here. The "File2 is here" is produced by the included file. I've seen others comment on this problem, but could find no solution or open occurance of it in the bug list. Thanks. Mitch. -- Edit this bug report at http://bugs.php.net/?id=17445&edit=1
#30495 [Com]: Apache crashes when calling array_walk_recursive twice.
ID: 30495 Comment by: stv at seznam dot cz Reported By: jaakkos at mbnet dot fi Status: Open Bug Type: Reproducible crash Operating System: Windows XP PHP Version: 5.0.2 New Comment: Is there any problem of overloading of system in recursion if user posts big multidimenzional field for example 100 000 of depth ? If positive there would be one parameter more for array_walk_recursive with max_depth level indication. Previous Comments: [2004-10-20 15:06:45] jaakkos at mbnet dot fi Description: Apache server crashes when array_walk_recursive is called twice. Tested on Apache 2.0.52 and 1.3.29 (Windows XP). Reproduce code: --- //Just for testing + $_POST['ab'] = 'cd'; $_GET['ef'] = 'gh'; //Just for testing - function cleanup(&$value,$key){ if (is_string($value)){ $value = trim(strip_tags($value)); get_magic_quotes_gpc() && $value = stripslashes($value); } } array_walk_recursive($_POST,'cleanup'); array_walk_recursive($_GET,'cleanup'); Expected result: Remove tags and slashes from $_POST and $_GET hashes. Actual result: -- szAppName : Apache.exe szAppVer : 2.0.52.0 szModName : unknown szModVer : 0.0.0.0 offset : -- Edit this bug report at http://bugs.php.net/?id=30495&edit=1
#29929 [Com]: array_walk_recursive unusable in mod_php
ID: 29929 Comment by: stv at seznam dot cz Reported By: jr at terragate dot net Status: Open Bug Type: Reproducible crash Operating System: Gentoo Linux 1.4 PHP Version: 5.0.1 New Comment: Same problem with apache 1.3.31 with php 5.0.1 or 5.0.2 as module on Win2000. Vasek Previous Comments: [2004-09-01 10:25:25] jr at terragate dot net Description: An Apache child (1.3.x and 2.0.x prefork) crashes if a call to array_walk_recursive has been made in a previous request. For this reason this bug isn't reproduceable with php-cgi nor php-cli. To reliably reproduce this bug run apache (with mod_php) in single process mode (-X) to be sure that the same process will serve the two requests and request the given page twice (or any other php page as second request). PHP configure: './configure' '--prefix=/usr' '--host=i686-pc-linux-gnu' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--datadir=/usr/share' '--sysconfdir=/etc' '--localstatedir=/var/lib' '--with-apxs=/usr/sbin/apxs' '--with-config-file-path=/etc/php/apache1-php5' '--without-pear' '--disable-bcmath' '--without-bz2' '--disable-calendar' '--without-jpeg-dir' '--without-cpdflib' '--disable-ctype' '--without-curl' '--without-curlwrappers' '--disable-dbase' '--disable-dio' '--disable-exif' '--without-fam' '--without-fbsql' '--without-fdftk' '--disable-filepro' '--disable-ftp' '--with-gettext' '--without-gmp' '--without-hwapi' '--without-iconv' '--without-informix' '--without-ingres' '--without-interbase' '--enable-mbstring' '--with-mcrypt' '--without-openssl-dir' '--without-mcve' '--disable-memory-limit' '--without-mhash' '--without-mime-magic' '--without-ming' '--without-mnogosearch' '--without-msql' '--without-mssql' '--with-ncurses' '--without-oci8' '--without-oracle' '--with-openssl' '--without-ovrimos' '--enable-pcntl' '--without-pfpro' '--without-pgsql' '--with-pspell' '--without-recode' '--disable-simplexml' '--disable-shmop' '--without-snmp' '--disable-soap' '--disable-sockets' '--disable-spl' '--without-sybase' '--without-sybase-ct' '--disable-sysvmsg' '--disable-sysvsem' '--disable-sysvshm' '--without-tidy' '--disable-tokenizer' '--disable-wddx' '--without-xsl' '--without-xmlrpc' '--disable-yp' '--with-zlib' '--without-cdb' '--with-db4' '--without-dbm' '--without-flatfile' '--with-gdbm' '--without-inifile' '--without-qdbm' '--with-freetype-dir=/usr' '--with-t1lib=/usr' '--enable-gd-jis-conf' '--enable-gd-native-ttf' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--with-tiff-dir=/usr' '--without-xpm-dir' '--with-gd' '--with-ldap' '--without-ldap-sasl' '--with-mysql' '--with-mysql-sock=/var/run/mysqld/mysqld.sock' '--without-mm' '--without-msession' '--without-sqlite' '--enable-dba' '--with-readline' '--without-libedit' Reproduce code: --- array('bar' => 'baz')); array_walk_recursive($nested_array, 'process_value'); ?> Expected result: No Segmentation fault Actual result: -- Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 16384 (LWP 15154)] 0x0006 in ?? () (gdb) bt #0 0x0006 in ?? () #1 0x4062404f in zend_call_function (fci=0xbfffcd60, fci_cache=0x4083458c) at /var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/Zend/zend_execute_API.c:853 #2 0x4056dfa0 in php_array_walk (target_hash=0x81724ac, userdata=0x0, recursive=1) at /var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/ext/standard/array.c:1045 #3 0x4056de86 in php_array_walk (target_hash=0x81725fc, userdata=0x0, recursive=1) at /var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/ext/standard/array.c:1019 #4 0x4056e3f7 in zif_array_walk_recursive (ht=2, return_value=0x81725b4, this_ptr=0x0, return_value_used=0) at /var/tmp/portage/mod_php-5.0.1/work/php-5.0.1/ext/standard/array.c:1135 #5 0x40651739 in execute_internal (execute_data_ptr=0xbfff