From: Rasmus Lerdorf <rasmus@php.net>
Date: Sat, 11 May 2002 19:56:10 +0000 (+0000)
Subject: Argh!  Horrible logic here.  The safemode include dir check defaulted
X-Git-Tag: php-4.2.1~9
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f9ee6d3d9e0e8ea4f082cfaa11ad3ed7de9b650d;p=php

Argh!  Horrible logic here.  The safemode include dir check defaulted
to letting stuff through if no safemode include dir was defined.
@ Another safe-mode fix related to the safemode incdir feature (Rasmus)
---

diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c
index 7cf55651d4..3c077dea08 100644
--- a/main/fopen_wrappers.c
+++ b/main/fopen_wrappers.c
@@ -234,6 +234,8 @@ PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC)
 		char *end;
 		char resolved_name[MAXPATHLEN];
 
+		php_printf("safe_mode_include_dir check for %s<br>\n",path);
+
 		/* Resolve the real path into resolved_name */
 		if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL)
 			return -1;
@@ -268,7 +270,7 @@ PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC)
 	}
 
 	/* Nothing to check... */
-	return 0;
+	return -1;
 }
 /* }}} */
 
@@ -441,7 +443,7 @@ PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char **
 	}
 
 	filename_length = strlen(filename);
-	
+
 	/* Relative path open */
 	if (*filename == '.') {
 		if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) {