From 9cbcc9b822c40d1a20ec7ebab80eed7722e528a4 Mon Sep 17 00:00:00 2001
From: Rasmus Lerdorf <rasmus@php.net>
Date: Sat, 11 May 2002 18:35:59 +0000
Subject: [PATCH] show_source() safe-mode fix @ show_source() was evading
 safe-mode - fixed (Rasmus)

---
 ext/standard/basic_functions.c | 8 ++++++++
 ext/standard/url_scanner_ex.c  | 4 ++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index cbb9922da6..27452efa19 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -1866,6 +1866,14 @@ PHP_FUNCTION(highlight_file)
 	}
 	convert_to_string(filename);
 
+	if (PG(safe_mode) && (!php_checkuid(Z_STRVAL_P(filename), NULL, CHECKUID_ALLOW_ONLY_FILE))) {
+		RETURN_FALSE;
+	}
+
+	if (php_check_open_basedir(Z_STRVAL_P(filename) TSRMLS_CC)) {
+		RETURN_FALSE;
+	}
+
 	if (i) {
 		php_start_ob_buffer (NULL, 0, 1 TSRMLS_CC);
 	}
diff --git a/ext/standard/url_scanner_ex.c b/ext/standard/url_scanner_ex.c
index 41e8fb7436..9ec1458788 100644
--- a/ext/standard/url_scanner_ex.c
+++ b/ext/standard/url_scanner_ex.c
@@ -1,5 +1,5 @@
-/* Generated by re2c 0.5 on Sun May  5 18:40:01 2002 */
-#line 1 "/home/thies/devel/php4/ext/standard/url_scanner_ex.re"
+/* Generated by re2c 0.5 on Wed May  8 08:08:09 2002 */
+#line 1 "/home/rasmus/php4/ext/standard/url_scanner_ex.re"
 /*
   +----------------------------------------------------------------------+
   | PHP Version 4                                                        |
-- 
2.50.1