functions to not call __autoload(). (Dmitry)
- Changed opendir/dir/scandir to use default context
when no context argument is passed. (Sara)
+- Changed open_basedir to allow tightening in runtime contexts. (Sara)
- Removed old legacy:
. "register_globals" support. (Pierre)
#endif
/* }}} */
+/* {{{ OnUpdateBaseDir
+Allows any change to open_basedir setting in during Startup and Shutdown events,
+or a tightening during activation/runtime/deactivation */
+PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
+{
+ char **p, *pathbuf, *ptr, *end;
+#ifndef ZTS
+ char *base = (char *) mh_arg2;
+#else
+ char *base = (char *) ts_resource(*((int *) mh_arg2));
+#endif
+
+ p = (char **) (base+(size_t) mh_arg1);
+
+ if (stage == PHP_INI_STAGE_STARTUP || stage == PHP_INI_STAGE_SHUTDOWN) {
+ /* We're in a PHP_INI_SYSTEM context, no restrictions */
+ *p = new_value;
+ return SUCCESS;
+ }
+
+
+ /* Elsewise, we're in runtime */
+ if (!*p || !**p) {
+ /* open_basedir not set yet, go ahead and give it a value */
+ *p = new_value;
+ return SUCCESS;
+ }
+
+ /* Shortcut: When we have a open_basedir and someone tries to unset, we know it'll fail */
+ if (!new_value || !*new_value) {
+ return FAILURE;
+ }
+
+ /* Is the proposed open_basedir at least as restrictive as the current setting? */
+ ptr = pathbuf = estrdup(new_value);
+ while (ptr && *ptr) {
+ end = strchr(ptr, DEFAULT_DIR_SEPARATOR);
+ if (end != NULL) {
+ *end = '\0';
+ end++;
+ }
+ if (php_check_open_basedir_ex(ptr, 0 TSRMLS_CC) != 0) {
+ /* At least one portion of this open_basedir is less restrictive than the prior one, FAIL */
+ efree(pathbuf);
+ return FAILURE;
+ }
+ ptr = end;
+ }
+ efree(pathbuf);
+
+ /* Everything checks out, set it */
+ *p = new_value;
+
+ return SUCCESS;
+}
+/* }}} */
+
+
/* {{{ php_check_specific_open_basedir
When open_basedir is not NULL, check if the given filename is located in
open_basedir. Returns -1 if error or not in the open_basedir, else 0
BEGIN_EXTERN_C()
#include "php_globals.h"
+#include "php_ini.h"
PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC);
PHPAPI char *expand_filepath(const char *filepath, char *real_path TSRMLS_DC);
PHPAPI int php_is_url(char *path);
PHPAPI char *php_strip_url_passwd(char *path);
+
+PHPAPI ZEND_INI_MH(OnUpdateBaseDir);
END_EXTERN_C()
#endif
#else
# define DEFAULT_SENDMAIL_PATH NULL
#endif
+
/* {{{ PHP_INI
*/
PHP_INI_BEGIN()
STD_PHP_INI_ENTRY("extension_dir", PHP_EXTENSION_DIR, PHP_INI_SYSTEM, OnUpdateStringUnempty, extension_dir, php_core_globals, core_globals)
STD_PHP_INI_ENTRY("include_path", PHP_INCLUDE_PATH, PHP_INI_ALL, OnUpdateStringUnempty, include_path, php_core_globals, core_globals)
PHP_INI_ENTRY("max_execution_time", "30", PHP_INI_ALL, OnUpdateTimeout)
- STD_PHP_INI_ENTRY("open_basedir", NULL, PHP_INI_SYSTEM, OnUpdateString, open_basedir, php_core_globals, core_globals)
+ STD_PHP_INI_ENTRY("open_basedir", NULL, PHP_INI_ALL, OnUpdateBaseDir, open_basedir, php_core_globals, core_globals)
STD_PHP_INI_BOOLEAN("file_uploads", "1", PHP_INI_SYSTEM, OnUpdateBool, file_uploads, php_core_globals, core_globals)
STD_PHP_INI_ENTRY("upload_max_filesize", "2M", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong, upload_max_filesize, php_core_globals, core_globals)
projects / php / commitdiff