PHP :: Bug #7842 :: doc_root setting behavior is wrong

Bug #7842	doc_root setting behavior is wrong
Submitted:	2000-11-16 10:15 UTC	Modified:	2002-01-08 08:17 UTC
From:	jim at perigee dot net	Assigned:
Status:	Closed	Package:	PHP options/info functions
PHP Version:	4.0.3pl1	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

[2000-11-16 10:15 UTC] jim at perigee dot net

doc_root string -  PHP's "root directory" on the server. If PHP is configured with safe mode, no files outside this directory are served. 
--
Why does php 4 handle this so differently than 3 did, especially when it comes to referencing file locations like  when including files?

I have had to resort to using either "../" or $HTTP_SERVER_VARS['DOCUMENT_ROOT'] to access included files in PHP4 when before I used to be able to use /name.php notation to absolutely refer to the include files within the web site doc_root directory.  We are running PHP in SAFE MODE.

I think this may just be an oversight, but, if not, I would love an explanation of the rationale.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-01-08 08:17 UTC] sander@php.net

This is not a bug, just a change of behaviour, which is IMO much more logical and more clear than the old behaviour.

Use open_basedir to restrict access to directories.

include("/script.php") refers to the absolute path /script.php (the file script.php under the root)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Nov 06 08:00:01 2025 UTC