From 0719e7e0061068e60d54d77088bdc9aff9bd170c Mon Sep 17 00:00:00 2001 From: "Thies C. Arntzen" Date: Tue, 9 Jan 2001 11:58:57 +0000 Subject: [PATCH] @- Allow access to uploaded files in safe_mode. Beware that you can only @ read the file. If you copy it to new location the copy will not have the @ right UID and you script won't be able to access that copy. (Thies) --- main/safe_mode.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/main/safe_mode.c b/main/safe_mode.c index d8ae18fa12..d677a48977 100644 --- a/main/safe_mode.c +++ b/main/safe_mode.c @@ -121,6 +121,14 @@ PHPAPI int php_checkuid(const char *filename, char *fopen_mode, int mode) if (duid == (uid=php_getuid())) { return 1; } else { + SLS_FETCH(); + + if (SG(rfc1867_uploaded_files)) { + if (zend_hash_exists(SG(rfc1867_uploaded_files),filename,strlen(filename)+1)) { + return 1; + } + } + php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid); return 0; } -- 2.40.0