Added missing safe_mode checks.

author Ilia Alshanetsky <iliaa@php.net>

Fri, 18 Apr 2003 00:20:22 +0000 (00:20 +0000)

committer Ilia Alshanetsky <iliaa@php.net>

Fri, 18 Apr 2003 00:20:22 +0000 (00:20 +0000)
author Ilia Alshanetsky <iliaa@php.net>
Fri, 18 Apr 2003 00:20:22 +0000 (00:20 +0000)
committer Ilia Alshanetsky <iliaa@php.net>
Fri, 18 Apr 2003 00:20:22 +0000 (00:20 +0000)
diff --git a/ext/domxml/php_domxml.c b/ext/domxml/php_domxml.c

index 42e0856513581757f074147c1d17571297d69a24..8d18cbea6c7997bdb45c9d39fc2e0b329fe77c17 100644 (file)
--- a/ext/domxml/php_domxml.c
+++ b/ext/domxml/php_domxml.c
@@ -3944,6 +3944,10 @@ PHP_FUNCTION(domxml_dump_mem_file)
  
         DOMXML_PARAM_FOUR(docp, id, le_domxmldocp, "s|ll", &file, &file_len, &compressmode, &format);
  
+       if ((PG(safe_mode) && (!php_checkuid(file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(file TSRMLS_CC)) {
+               RETURN_FALSE;
+       }
+
         xmlSetCompressMode(compressmode);
  
         if (format) {
@@ -5615,6 +5619,9 @@ PHP_FUNCTION(domxml_xslt_result_dump_file)
         if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "os|l", &idxml, &filename, &filename_len, &compression) == FAILURE) {
                 RETURN_FALSE;
         }
+       if ((PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC)) {
+               RETURN_FALSE;
+       }
  
         DOMXML_GET_OBJ(xmldocp, idxml, le_domxmldocp);
author	Ilia Alshanetsky <iliaa@php.net>
	Fri, 18 Apr 2003 00:20:22 +0000 (00:20 +0000)
committer	Ilia Alshanetsky <iliaa@php.net>
	Fri, 18 Apr 2003 00:20:22 +0000 (00:20 +0000)