diff options
| author | Christian Weiske <cweiske@cweiske.de> | 2011-11-02 06:42:14 +0100 |
|---|---|---|
| committer | Christian Weiske <cweiske@cweiske.de> | 2011-11-02 06:42:14 +0100 |
| commit | a0f0b2caf7bc3c569bd56e1f45d5746993f24050 (patch) | |
| tree | 01f9e8c4c56c816aea4fcfeeeb703f1b1f8a6562 | |
| parent | c45ea5a3c6fb69c204f73c22935224dc52613b03 (diff) | |
| download | semanticscuttle-a0f0b2caf7bc3c569bd56e1f45d5746993f24050.tar.gz semanticscuttle-a0f0b2caf7bc3c569bd56e1f45d5746993f24050.tar.bz2 | |
Fix bug #3431742: open_basedir problems with /etc/ config files
| -rw-r--r-- | doc/ChangeLog | 1 | ||||
| -rw-r--r-- | src/SemanticScuttle/Config.php | 26 |
2 files changed, 21 insertions, 6 deletions
diff --git a/doc/ChangeLog b/doc/ChangeLog index 2090953..35cb883 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -11,6 +11,7 @@ ChangeLog for SemantiScuttle - Fix bug #3388219: Incorrect URL when cancelling tag2tag-actions - Fix bug #3399815: PHP error in opensearch API in 0.98.3 - Fix bug #3407728: Can't delete users from admin page +- Fix bug #3431742: open_basedir problems with /etc/ config files - Implement request #3403609: fr_CA translation update diff --git a/src/SemanticScuttle/Config.php b/src/SemanticScuttle/Config.php index 0773310..756c303 100644 --- a/src/SemanticScuttle/Config.php +++ b/src/SemanticScuttle/Config.php @@ -62,6 +62,9 @@ class SemanticScuttle_Config * * Paths with host name have priority. * + * When open_basedir restrictions are in effect and /etc is not part of + * the setting, /etc/semanticscuttle/ is not checked for config files. + * * @return array Array with config file path as first value * and default config file path as second value. * Any may be NULL if not found @@ -72,12 +75,23 @@ class SemanticScuttle_Config $host = basename($_SERVER['HTTP_HOST']); $datadir = $this->getDataDir(); - $arFiles = array( - $datadir . 'config.' . $host . '.php', - '/etc/semanticscuttle/config.' . $host . '.php', - $datadir . 'config.php', - '/etc/semanticscuttle/config.php', - ); + $openbase = ini_get('open_basedir'); + if ($openbase && strpos($openbase, '/etc') === false) { + //open_basedir restrictions enabled and /etc not allowed? + // then don't look in /etc for config files. + // the check is not perfect, but it covers most cases + $arFiles = array( + $datadir . 'config.' . $host . '.php', + $datadir . 'config.php', + ); + } else { + $arFiles = array( + $datadir . 'config.' . $host . '.php', + '/etc/semanticscuttle/config.' . $host . '.php', + $datadir . 'config.php', + '/etc/semanticscuttle/config.php', + ); + } $configfile = null; foreach ($arFiles as $file) { |