MFH - parse_ini_file() safe-mode fix

author Rasmus Lerdorf <rasmus@php.net>

Sat, 11 May 2002 19:23:05 +0000 (19:23 +0000)

committer Rasmus Lerdorf <rasmus@php.net>

Sat, 11 May 2002 19:23:05 +0000 (19:23 +0000)
author Rasmus Lerdorf <rasmus@php.net>
Sat, 11 May 2002 19:23:05 +0000 (19:23 +0000)
committer Rasmus Lerdorf <rasmus@php.net>
Sat, 11 May 2002 19:23:05 +0000 (19:23 +0000)
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c

index 26aef54e7b012e7975864785f5a4ceab23b6ff20..9376d834d04ffecf67bdec4666d80189c888a0da 100644 (file)
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -2501,6 +2501,15 @@ PHP_FUNCTION(parse_ini_file)
         }
  
         convert_to_string_ex(filename);
+
+       if (PG(safe_mode) && (!php_checkuid(Z_STRVAL_PP(filename), NULL, CHECKUID_ALLOW_ONLY_FILE))) {
+               RETURN_FALSE;
+       }
+
+       if (php_check_open_basedir(Z_STRVAL_PP(filename) TSRMLS_CC)) {
+               RETURN_FALSE;
+       }
+
         fh.handle.fp = VCWD_FOPEN(Z_STRVAL_PP(filename), "r");
         if (!fh.handle.fp) {
                 php_error(E_WARNING, "Cannot open '%s' for reading", Z_STRVAL_PP(filename));
author	Rasmus Lerdorf <rasmus@php.net>
	Sat, 11 May 2002 19:23:05 +0000 (19:23 +0000)
committer	Rasmus Lerdorf <rasmus@php.net>
	Sat, 11 May 2002 19:23:05 +0000 (19:23 +0000)