|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #34663 Patch to get around apache not expanding %0 when passed open_basedir in vhost
Submitted: 2005-09-27 20:22 UTC Modified: 2017-01-29 04:22 UTC
Avg. Score:4.7 ± 0.6
Reproduced:10 of 10 (100.0%)
Same Version:3 (30.0%)
Same OS:1 (10.0%)
From: php-bugs at antispam dot nerds dot org dot uk Assigned:
Status: No Feedback Package: *General Issues
PHP Version: 5.0.5 OS: FreeBSD
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2005-09-27 20:22 UTC] php-bugs at antispam dot nerds dot org dot uk
There are often cases where apache users with php5 installed will want to use dynamic vhosts (not least because it's in the apache docs), which leads to something like this:

    VirtualDocumentRoot /data/www/%0
    ServerName %0
    php_admin_value open_basedir %0

Unfortunately apache is naughty and doesn't expand the %0 on the php_admin_value line, which means that restricting the directories that php has access to is a pain!

This I know is an apache problem, rather than a php one, however I found a patch on a forum ( that gets around this nicely, and I just tweaked it to work in php5 (I'm not trying to claim any credit away from the original author, I just like the feature!).  I figured this was posted a long time ago, if he was going to submit it - he would have by now.

Basically it just adds a keyword of VIRTUAL_DOCUMENT_ROOT, which has essentially the same end result, as it causes the fopen wrapper to expand it to the VirtualDocumentRoot.

Patch included at the "Reproduce Code"

Reproduce code:
--- main/fopen_wrappers.c.orig  Sun Sep 25 22:25:20 2005
+++ main/fopen_wrappers.c       Sun Sep 25 22:28:40 2005
@@ -95,8 +95,18 @@
        char resolved_name[MAXPATHLEN];
        char resolved_basedir[MAXPATHLEN];
        char local_open_basedir[MAXPATHLEN];
+       char *local_open_basedir_sub; /* Substring pointer for strstr */
        int resolved_basedir_len;
        int resolved_name_len;
+       if ((strcmp(PG(open_basedir), "VIRTUAL_DOCUMENT_ROOT") == 0) &&
+               SG(request_info).path_translated && *SG(request_info).path_translated  ) {
+               strlcpy(local_open_basedir, SG(request_info).path_translated, sizeof(local_open_basedir));
+               local_open_basedir_sub=strstr(local_open_basedir,SG(request_info).request_uri);
+               /* Now insert null to break apart the string */
+               if (local_open_basedir_sub) *local_open_basedir_sub = '\0';
+       } else

        /* Special case basedir==".": Use script-directory */
        if (strcmp(basedir, ".") || !VCWD_GETCWD(local_open_basedir, MAXPATHLEN)) {


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2017-01-20 20:41 UTC]
-Status: Open +Status: Feedback -Package: Feature/Change Request +Package: *General Issues
 [2017-01-20 20:41 UTC]
Is this still relevant?
 [2017-01-29 04:22 UTC] php-bugs at lists dot php dot net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Re-Opened". Thank you.
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Mon Jul 15 18:01:26 2019 UTC