php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #42912 file_exists don't work Correctly with NTLM and User with Lower Rights
Submitted: 2007-10-10 07:57 UTC Modified: 2007-10-11 13:38 UTC
From: administrator dot bau at josephinum dot at Assigned:
Status: Not a bug Package: Filesystem function related
PHP Version: 5.2.4 OS: Windows 2003 SP2
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2007-10-10 07:57 UTC] administrator dot bau at josephinum dot at 
Description:
------------
Windows 2003 SP2 / IIS 6.0 / PHP 5.2.4
Anonymous Auth OFF
Basic Auth,NTLM Auth ON

With a Higher Right User(Admin) file_exsists Work Correctly, but with a Lower Right User file_exists Return False but the HTML File get Included.

So it the File must be Checkable if Exists

I tripplecheck since 4 Days the Security Settings, also trying to figure it out with NT Filemon for Accses Denieds

Find this Error(Is it a Bug?) by try to Securing :-) an Typo3 Website with NTLM and SSL for Internal Authentification

This Error Stops Typo3 from loading External Files, because of @is_File = False



Reproduce code:
---------------
<?php
	$file='fileadmin/template/main.html';
	clearstatcache();
	if (@is_File("".$file))	{
			echo ('File Exists:'.$file);
		}else{
			echo('File ERROR:'.$file);
		}
	include_once($file);
	echo('Loaded');
?>

Expected result:
----------------
File Exists:fileadmin/template/main.html
<The HTML Code>
Loaded

Actual result:
--------------
File Error:fileadmin/template/main.html
<The HTML Code>
Loaded

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-10-10 08:13 UTC] administrator dot bau at josephinum dot at 
Ohh i forgot

IIS 6.0 + PHP ISAPI Module Sorry :-)
 [2007-10-10 11:25 UTC] administrator dot bau at josephinum dot at 
When i Reload the Page Reload Fast enough(under a half second) i become True sometimes, but when i Relod the Page Every Second i become alwayse false.

But the HTML File get included
 [2007-10-10 12:19 UTC] administrator dot bau at josephinum dot at 
After IIS restart

When i first Open the Page with Admin Rights the it Shows "File Exists" after that i Open it with User Rights and it Shows "File Exists"

Again IIS Restart

BUT First open with user Rigths it Shows "File Error" after i open it with Admin Rights then it Shows File Exists with User rights.

i keep looking for it, i hope someone can help me.
 [2007-10-10 13:06 UTC] administrator dot bau at josephinum dot at 
Looks similar to Bug ID:40818

but i have 5.2.4

I keep going on trail and error :-)
 [2007-10-10 13:32 UTC] administrator dot bau at josephinum dot at 
Edit some of the Sample Code from and PHP irc chanel for testing purpose
<?php
	$file='fileadmin/template/loadme.html';
	ini_set("include_path", "/fileadmin/template");
	clearstatcache();
	if (is_File($file))	{
			echo ('File Exists:'.$file.'<br>');
		}else{
			echo('File ERROR:'.$file.'<br>');
		}
	include_once($file);
	echo('<br>Loaded at'.date("r"));
?>
 [2007-10-10 13:57 UTC] administrator dot bau at josephinum dot at 
I think i got it

When i get "getcwd" from Admin i get the Path to the Correct Root Folder
With lower Right User i get "c:\windows\system32\inetsrv"

and then php cannot Accses the File because of the wrong Root Folder
 [2007-10-10 14:19 UTC] administrator dot bau at josephinum dot at 
OK i it works now!

Folder A
   Webrootfolder
     index.php < where the Script is
     fileadmin
       Template
         main.html


The "Folder A" (Parent Folder of Root folder!!!) need Directory Listing Rights for the User how Connect on IIS

Is this an ISAPI oder IIS Bug?

Or iam a dumb man??
 [2007-10-11 13:38 UTC] jani@php.net 
We are aware of PHP's problems with stability under IIS and are working 
to rectify the problem. Unfortunatly your bug report does not contain any
extra useful information and we already have enough bug reports open about
this issue. If you can provide more detailed information such as a 
reproducable crash or a backtrace please do so and reopen this bug. 
Otherwise please keep trying new releases as we are working to resolve 
the problems on this platform
 
Thanks for your interest in PHP.
 [2007-10-11 13:38 UTC] jani@php.net 
And most likely IIS bug.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Jun 01 01:01:35 2024 UTC