|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #52065 Warning about open_basedir restriction while accessing a file as directory
Submitted: 2010-06-12 14:58 UTC Modified: 2015-06-04 00:00 UTC
Avg. Score:4.2 ± 1.0
Reproduced:25 of 25 (100.0%)
Same Version:11 (44.0%)
Same OS:13 (52.0%)
From: manuel at mausz dot at Assigned:
Status: Verified Package: Safe Mode/open_basedir
PHP Version: 5.6.8 OS: Unix
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2010-06-12 14:58 UTC] manuel at mausz dot at
fopen_wrappers raise warning about open_basedir restriction in effect while accessing a file as a directory. This only occurs if the file exists.

Test script:
# sapi/cli/php -n -d open_basedir="$(pwd)" -r 'var_dump(is_readable("myfile/doesntexist"));'
# touch myfile
# sapi/cli/php -n -d open_basedir="$(pwd)" -r 'var_dump(is_readable("myfile/doesntexist"));'

Expected result:


Actual result:

Warning: is_readable(): open_basedir restriction in effect. File(myfile/doesntexist) is not within the allowed path(s): (/home/manuel/php5.3-201006120030) in Command line code on line 1


open-basedir-without-realpath (last revision 2015-04-29 20:11 UTC) by

Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2010-08-11 12:20 UTC] manuel at mausz dot at
Can someone please finally take a look at this?
 [2012-04-28 07:18 UTC] nick at aussiecom dot com
Why hasn't this bug been resolved? It's nearly 2 years old...
 [2012-08-08 07:20 UTC] mein at e3b dot org
This bug is also present in php 5.4...
 [2015-04-29 20:11 UTC]
The following patch has been added/updated:

Patch Name: open-basedir-without-realpath
Revision:   1430338315
 [2015-04-29 20:14 UTC]
-Status: Open +Status: Verified -PHP Version: 5.3SVN-2010-06-12 (SVN) +PHP Version: 5.6.8
 [2015-04-29 20:14 UTC]
The patch open-basedir-without-realpath would fix this issue, but
it might have security implications or other undesired side
 [2015-06-03 08:26 UTC]
Any news on this one? Edge case but still :)
 [2015-06-04 00:00 UTC]
Considering the amount of closely related bug reports[1], I
wouldn't necessarily call that an edge case, Pierre. :)

I'll make a PR based on my patch with some tests, if no one beats
me to it.

[1] I've assembled a maybe non-exhaustive list in
 [2015-09-22 10:20 UTC] jan dot prachar at gmail dot com
Broken since 5.3.0, see
 [2018-02-28 22:26 UTC] a19836 at gmail dot com
Why isn't this bug fixed yet?
It was detected in 2013 or even before. And already passed 5 years... 

I trying the following example with PHP 7 and I'm getting exactly the same error.

ini_set("open_basedir", __DIR__);
file_put_contents(__DIR__ . "/foo.txt", "bar");
echo "EXISTS:".file_exists(__DIR__ . "/foo.txt/");

Error: PHP Warning:  file_exists(): open_basedir restriction in effect. File(/var/www/html/test/foo.txt/) is not within the allowed path(s): (/var/www/html/test) in /var/www/html/test/test.php on line 4

Can you please fix this and let me know please?
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC