PHP :: Bug #45262 :: file_exists throws warnings in basedir

Bug #45262	file_exists throws warnings in basedir_restriction mode
Submitted:	2008-06-13 14:13 UTC	Modified:	2008-06-13 16:39 UTC
From:	php at ralph-schuster dot eu	Assigned:
Status:	Not a bug	Package:	Safe Mode/open_basedir
PHP Version:	5.2.6	OS:	Linux 2.6.13/SuSE
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	php at ralph-schuster dot eu
New email:
PHP Version:		OS:

New Comment:

[2008-06-13 14:13 UTC] php at ralph-schuster dot eu

Description:
------------
function file_exists() throws warning message again when in safe mode. There was a bug #21531 that addressed similar problem with 4.x version.

Configuration used:

allow_call_time_pass_reference	On	On
allow_url_fopen	On	On
allow_url_include	Off	Off
always_populate_raw_post_data	Off	Off
arg_separator.input	&	&
arg_separator.output	&	&
asp_tags	Off	Off
auto_append_file	no value	no value
auto_globals_jit	On	On
auto_prepend_file	no value	no value
browscap	no value	no value
default_charset	no value	no value
default_mimetype	text/html	text/html
define_syslog_variables	Off	Off
disable_classes	no value	no value
disable_functions	no value	no value
display_errors	Off	Off
display_startup_errors	Off	Off
doc_root	no value	no value
docref_ext	no value	no value
docref_root	no value	no value
enable_dl	On	On
error_append_string	no value	no value
error_log	/var/log/php.log	/var/log/php.log
error_prepend_string	no value	no value
error_reporting	6135	6135
expose_php	On	On
extension_dir	/usr/local/php/CURRENT/extensions	/usr/local/php/CURRENT/extensions
file_uploads	On	On
highlight.bg	#FFFFFF	#FFFFFF
highlight.comment	#FF8000	#FF8000
highlight.default	#0000BB	#0000BB
highlight.html	#000000	#000000
highlight.keyword	#007700	#007700
highlight.string	#DD0000	#DD0000
html_errors	On	On
ignore_repeated_errors	Off	Off
ignore_repeated_source	Off	Off
ignore_user_abort	Off	Off
implicit_flush	Off	Off
include_path	.:/usr/local/php/CURRENT/lib/php	.:/usr/local/php/CURRENT/lib/php
log_errors	On	On
log_errors_max_len	1024	1024
magic_quotes_gpc	Off	On
magic_quotes_runtime	Off	Off
magic_quotes_sybase	Off	Off
mail.force_extra_parameters	no value	no value
max_execution_time	60	30
max_input_nesting_level	64	64
max_input_time	60	60
memory_limit	32M	128M
open_basedir	/srv/www/vhosts/euroversichert.de/subdomains/office/httpdocs:/tmp	no value
output_buffering	no value	no value
output_handler	no value	no value
post_max_size	8M	8M
precision	12	12
realpath_cache_size	16K	16K
realpath_cache_ttl	120	120
register_argc_argv	On	On
register_globals	Off	Off
register_long_arrays	On	On
report_memleaks	On	On
report_zend_debug	On	On
safe_mode	Off	Off
safe_mode_exec_dir	/srv/www/vhosts/safebin/	/srv/www/vhosts/safebin/
safe_mode_gid	Off	Off
safe_mode_include_dir	no value	no value
sendmail_from	no value	no value
sendmail_path	/usr/sbin/sendmail -t -i	/usr/sbin/sendmail -t -i
serialize_precision	100	100
short_open_tag	On	On
SMTP	localhost	localhost
smtp_port	25	25
sql.safe_mode	Off	Off
track_errors	Off	Off
unserialize_callback_func	no value	no value
upload_max_filesize	16M	2M
upload_tmp_dir	no value	no value
user_dir	no value	no value
variables_order	EGPCS	EGPCS
xmlrpc_error_number	0	0
xmlrpc_errors	Off	Off
y2k_compliance	On	On
zend.ze1_compatibility_mode	Off	Off

Reproduce code:
---------------
if (!file_exists($path)) {
...
}

// $path seems to combine URLs and local paths illegally
// but its third party code

Expected result:
----------------
no PHP warning message

Actual result:
--------------
[11-Jun-2008 10:45:44] PHP Warning:  file_exists() [<a href='function.file-exists'>function.file-exists</a>]: open_basedir restriction in effect. File(/srv/www/vhosts/euroversichert.de/subdomains/office/httpdocshttp://office.euroversichert.de/phpgwapi/templates/idots/css/idots.css?1180943265) is not within the allowed path(s): (/srv/www/vhosts/euroversichert.de/subdomains/office/httpdocs:/tmp) in /srv/www/vhosts/euroversichert.de/subdomains/office/httpdocs/phpgwapi/inc/class.egw_framework.inc.php on line 563

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-06-13 14:26 UTC] php at ralph-schuster dot eu

it is "in basedir_restriction" mode, not safe_mode. Sorry for confusion

[2008-06-13 16:39 UTC] felipe@php.net

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Jul 15 01:01:35 2025 UTC