I have a server with 30 websites.
Now I want to copy a file from site A to site B.
Code:
$sExternPath = str_replace(strtolower(SITENAME), strtolower($aBoardInfo['name']), CORE_PATH_PRIVATE);
$sNewLogo = file_get_contents(CORE_PATH_PRIVATE.'users_upload/company_logos/'.$sFileName);
//Put it in the folder
file_put_contents($sExternPath.$sFileName, $sNewLogo);
Error:
[20-Mar-2015 10:32:30] PHP Warning: file_put_contents() [function.file-put-contents]: open_basedir restriction in effect. File(/var/www/vhosts/SITEB.nl/private/logo.jpg) is not within the allowed path(s): (/var/www/vhosts/SITEA.nl/:/tmp/) in /var/www/vhosts/SITEA.nl/httpdocs/pages/login/script.php on line 1262
[20-Mar-2015 10:32:30] PHP Warning: file_put_contents(/var/www/vhosts/SITEB.nl/private/logo.jpg) [function.file-put-contents]: failed to open stream: Bewerking niet toegestaan in /var/www/vhosts/SITEA.nl/httpdocs/pages/login/script.php on line 1262
/var/www/vhosts/SITEB.nl is outside the tree set in the open_basedir setting -You need to edit your php.ini file and change the open_basedir setting to
'/var/www/vhosts/:/tmp/' rather than '/var/www/vhosts/SITEA.nl/:/tmp/' or unset it by commenting it out, then restart apache.
http://php.net/manual/en/ini.core.php#ini.open-basedir
When a script tries to access the filesystem, for example using include, or fopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to access it. All symbolic links are resolved, so it's not possible to avoid this restriction with a symlink. If the file doesn't exist then the symlink couldn't be resolved and the filename is compared to (a resolved) open_basedir .
Related
Recently I mounted another hard drive to /mnt/sdb on Debian server as the first hard disk was already full. Then, I started to upload files to the second hard drive such as images.
In order to access new files, I created a shortcut from web folder and linked to the new hard drive folder. I can access files through html and everything is working fine, but The problem is when I access files via php with functions such as imagecreatefromjpeg I receive following errors:
Warning: imagecreatefromjpeg(): open_basedir restriction in effect.
File(foldername/filename.jpg) is not within the allowed path(s):
Warning: imagecreatefromjpeg(foldername/filename.jpg): failed to open stream: Operation not permitted
How can I access files with php functions?
Supposing your PHP is implemented as a module of apache, locate your php.ini file (it could be /etc/php/7.1/apache2/php.ini), you will find a not uncommented line beginning with open_basedir = and append the path to the directory where the pictures are, something like /mnt/sdb/some_sub_directory, using : as separator from the previous path.
After saving changes in the php.ini file, restart apache for applying these with some command like:
sudo /etc/init.d/apache2 restart
As per Wiris guide.
Give execution rights to the web server user on the PHP files contained at to ckeditor/plugins/ckeditor_wiris/integration.
→ My settings: Folder "integration": 755. All files inside this folder: 754
Give write permissions to ckeditor/plugins/ckeditor_wiris/cache and to ckeditor/plugins/ckeditor_wiris/formulas directories to the web server user. Those folders will be used to store formula MathML codes and temporal images.
→ My settings for these folder: 775
However, I get following warnings while trying to open Wiris "Math Popup", and doesn't open properly.
Warning: is_file(): open_basedir restriction in effect. File(/home/my_user_name/public_html/ckeditor/plugins/ckeditor_wiris/integration/../../../../../../../../lib/moodlelib.php) is not within the allowed path(s): (/home/my_user_name:/usr/lib/php:/tmp) in /home/my_user_name/public_html/ckeditor/plugins/ckeditor_wiris/integration/bootstrap.php on line 39
Warning: is_file(): open_basedir restriction in effect. File(/home/my_user_name/public_html/ckeditor/plugins/ckeditor_wiris/integration/../../../../../../lib/moodlelib.php) is not within the allowed path(s): (/home/my_user_name:/usr/lib/php:/tmp) in /home/my_user_name/public_html/ckeditor/plugins/ckeditor_wiris/integration/bootstrap.php on line 39
Are my permissions correct? Do these warnings relate to file/folder permissions? I am using www.serversfree.com webhosting to test this out.
It looks like there's an issue in your installation. Please check the plugin test page:
<url>/ckeditor/plugins/ckeditor_wiris/integration/test.php. There shouldn't be any errors there. Please review the installation instructions at http://www.wiris.com/plugins/docs/ckeditor.
Your permissions are correct. Those warnings are related to an extra check in the /integration/bootstrap.php file, it checks a directory several levels above your working directory and you're not allowed to do so due to an open_basedir restriction in your server. This issue will be fixed in our next plugin release. To supress the warning simply comment the whole bootstrap.php file or add a return true; right after <?php.
Edit: This issue is currently fixed in our latest version.
Please give permission to 777 to folder named cache and formulas
inside path
ckeditor4/plugins/ckeditor_wiris
I've got some trouble on a apache2 server with using symlink.
The base www folder is in "/var/www//htdocs".
I did a symlink form /home//log" to "/var/www//htdocs/l/" and called it "log".
In my oppinion, all rights are given correctly for the www-data user and the group for .
In my script, i got this error:
Warning: fopen(): open_basedir restriction in effect.File(/var/www/<domain>/htdocs/l/log/logs_test.log) is not within the allowed path(s): (/var/www/<domain>:/usr/share/pear:/usr/share/php:/tmp:/usr/share/phpmyadmin) in /var/www/<domain>/htdocs/l/test.php on line 7 Warning: fopen(/var/www/<domain>/htdocs/l/log/logs_test.log): failed to open stream: Operation not permitted in /var/www/<domain>/htdocs/l/test.php on line 7
This problem should be solved when I add in the apache2.conf the real-path from the symlink. But, and this is my problem: I would not add the real-path for every symlink.
I hope you can understand my problem, if you need some more information, let me know.
Yes the problem is with the open_basedir security restrictions in PHP. You just need to relax the restriction if you want to open files outside the specified directory tree. Read here for more options on how to do this:
http://www.php.net/manual/en/ini.core.php#ini.open-basedir
Im beginner in php language. in my web project i created a filepath.config.ini file which stores all file path in the website directories. for eg.
CLASS1 = bin/myclass1.php
CLASS2 = bin/myclass2.php
and im accessing those path by using:
require $_SERVER['DOCUMENT_ROOT'].'/'.GetfilePath('CLASS1');
in localhost server its working good and giving me path like this
D:/myproject/bin/myclass1.php
when i upload those file on test server im getting this open_basedir restriction error.
Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/usr/local/apache/htdocs/projectfolder/bin/myclass1.php) is not within the allowed path(s): (/home/:/usr/lib/php:/tmp)
i know we can disable this restriction...but i dont know how to do that :P.
but is it good to use this server DOCUMENT_ROOT ???
or is their any alternate way to use the file path? what you people do to access those file path.
and what happen if i disable the open_basedir restriction? is it secure to do that?
please help me what to do?
Edit your php.ini file (PHP: Configuration Changes) and either disable open_basedir or add /usr/local/apache/htdocs to it.
Warning: touch() [function.touch]: open_basedir restriction in effect.
File() is not within the allowed path(s):
(/var/www/vhosts/site.com/httpdocs/) in
/var/www/vhosts/site.com/httpdocs/Manuals/updater.php on line 5 There
was an error loading your Manual, please press the back button and try
again.
im trying to figure out why the heck this isn't working - currently, I am using plesk, and it is set to default, which should be working as this is within a subdirectory of the httpdocs...
any ideas?
UPDATER.PHP
<?php
// $URL="manualframe.php";
$URL=$_GET["URL"];
// header( 'Location: '.$URL.'' ) ;
if (touch($URL)) {
echo 'loading!';
} else {
echo 'There was an error loading your Manual, please press the back button and try again.';
}
echo '<meta http-equiv="refresh" content="1;URL='.$URL.'">';
?>
Would the Manuals directory be a symlink to a directory outside the webroot by any chance?
open_basedir is also in effect on symlinks within your allowed path(s).
See the PHP manual on open_basedir for more information, which states:
When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to open it. All symbolic links are resolved, so it's not possible to avoid this restriction with a symlink. If the file doesn't exist then the symlink couldn't be resolved and the filename is compared to (a resolved) open_basedir .
Looks like PHP is running in Safe Mode. This restriction means you can't read any files outside your web root. That's probably what updater.php is trying to do.