archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-19 08:49:28 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

@- Allow access to uploaded files in safe_mode. Beware that you can only

Browse source 
@  read the file. If you copy it to new location the copy will not have the
@  right UID and you script won't be able to access that copy. (Thies)
This commit is contained in:
Thies C. Arntzen 2001-01-09 11:58:57 +00:00
parent e247b206e0
commit 0719e7e006
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
main/safe_mode.c
View file

@ -121,6 +121,14 @@ PHPAPI int php_checkuid(const char *filename, char *fopen_mode, int mode)
if (duid == (uid=php_getuid())) { if (duid == (uid=php_getuid())) {
return 1; return 1;
} else { } else {
SLS_FETCH();
if (SG(rfc1867_uploaded_files)) {
if (zend_hash_exists(SG(rfc1867_uploaded_files),filename,strlen(filename)+1)) {
return 1;
}
}
php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid); php_error(E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld", uid, filename, duid);
return 0; return 0;
} }