Topic: PHP basedir restriction error

[edb]

I have a php website setup in an Ibay which is working fine with the exception of one page that is a servicecall form. I had this working fine in SME6.0.1 but I don't remember how I ended up doing it as it was a long time ago. However, I'm now using SME7.2 and maybe things are a bit different it seems.

What I'm trying to setup is a form in my ibay that is generated by a script.
Here is the part of the code that seems to be tripping me up:
require($_SERVER["DOCUMENT_ROOT"] . "/Myform/Myform.php");

This is telling it to access my form at /home/e-smith/files/ibays/Primary/html/Myform/Myform.php but this is the wrong path because /Myform/Myform.php reside within the ibay I created not the Primary.

So I thought I would copy the folder Myform to the Primary ibay just to see what happens since it wanted to look for it there for some reason anyway.

So due to this issue here is the error generated in the messages log:

Aug  9 22:18:33 defcon1 httpd: PHP Warning:  main(): open_basedir restriction in effect. File(/home/e-smith/files/ibays/Primary/html/Myform/Myform.php) is not within the allowed path(s): (/home/e-smith/files/ibays/test/:/tmp) in /home/e-smith/files/ibays/test/html/servicecall.php on line 185
Aug  9 22:18:33 defcon1 httpd: PHP Warning:  main(/home/e-smith/files/ibays/Primary/html/Myform/Myform.php): failed to open stream: Operation not permitted in /home/e-smith/files/ibays/test/html/servicecall.php on line 185
Aug  9 22:18:33 defcon1 httpd: PHP Fatal error:  main(): Failed opening required '/home/e-smith/files/ibays/Primary/html/Myform/Myform.php' (include_path='.:/opt/store/include:/usr/share/pear-addons:/usr/share/pear') in /home/e-smith/files/ibays/test/html/servicecall.php on line 185

Anyone have any ideas as to how I can get around the basedir error?

Thanks

edb

[kruhm]

try:

<?php require_once('Myform/Myform.php'); ?>
so that MyForm is the subdir of ibay not the ibay itself.

==================
require($_SERVER["DOCUMENT_ROOT"]
is a superglobal variable set by Apache:
http://www.php.net/variables.predefined

[cactus]

So due to this issue here is the error generated in the messages log:

Aug  9 22:18:33 defcon1 httpd: PHP Warning:  main(): open_basedir restriction in effect. File(/home/e-smith/files/ibays/Primary/html/Myform/Myform.php) is not within the allowed path(s): (/home/e-smith/files/ibays/test/:/tmp) in /home/e-smith/files/ibays/test/html/servicecall.php on line 185
Aug  9 22:18:33 defcon1 httpd: PHP Warning:  main(/home/e-smith/files/ibays/Primary/html/Myform/Myform.php): failed to open stream: Operation not permitted in /home/e-smith/files/ibays/test/html/servicecall.php on line 185
Aug  9 22:18:33 defcon1 httpd: PHP Fatal error:  main(): Failed opening required '/home/e-smith/files/ibays/Primary/html/Myform/Myform.php' (include_path='.:/opt/store/include:/usr/share/pear-addons:/usr/share/pear') in /home/e-smith/files/ibays/test/html/servicecall.php on line 185

Unless you really need the /tmp folder you should remove that from the basedir pat as this is a potential security risk, you are better of making a tmp folder for the application within the scope of the ibay (for instance in the files folder, which can not be viewed from the web and is still owned by the rights you defined for the ibay)

Anyone have any ideas as to how I can get around the basedir error?

You seem to have done it once already... you can modify the PhpBasedir setting of the ibay in the configuration database, see the wiki as well:

First lookup the old value:

Code: [Select]

db accounts getprop ibayname PhpBasedir
After that add the new path you would like to add to the old value separated by a colon ( and let the server update the apache configuration file and reload it in the webserver:

Code: [Select]

db accounts setprop ibayname PhpBasedir value
signal-event ibay-modify ibayname