Issues

ZF-9166: function is_readable() generates Warnings

Description

I just changed from version 1.10.0 to version 1.10.1, and encountered Warnings i never saw before. I use WampServer 2.0 for windows and did not change anything in my configuration files, just changed ZF libraries.

Warning: is_readable() [function.is-readable]: open_basedir restriction in effect. File(G:/phpapplications/lib/ZendFramework-1.10.1/library/G:/phpapplications/myapp/views\helpers/Partial.php) is not within the allowed path(s): (G:/phpapplications) in G:\phpapplications\lib\ZendFramework-1.10.1\library\Zend\Loader.php on line 190

It seems like every call to methods headTitle(), headLink(), headMeta(), headScript(), partial() on a Zend_View instance generates theses Warnings...

Could it be a bug ?

Comments

I have the same problem, I upgraded from 1.10 to 1.10.1. I just replaced the library/Zend folder and get many error like this:

function.is-readable]: open_basedir restriction in effect. File(/usr/share/php/My/Helper/BaseUrl.php) is not within the allowed path(s): (/var/www/clients/client4/web39) in /var/www/clients/client4/web39/gui/library/Zend/Loader.php on line 190

Warning: is_readable() [function.is-readable]: open_basedir restriction in effect. File(/usr/share/pear/My/Helper/BaseUrl.php) is not within the allowed path(s): (/var/www/clients/client4/web39) in /var/www/clients/client4/web39/gui/library/Zend/Loader.php on line 190

I use custom view helper and decorator which worked fine in 1.10. I can't find any place where I add '/usr/share/php' to my path.

open_basedir limits you to files under a given tree. If you have include_path entries that are not under that tree, you will get warnings.

Prior to 1.10.1, we used fopen() in Zend_Loader::isReadable(). In this particular case, any directory on the include_path that is not under your specified basedir will simply be ignored, and it will only try those directories which are valid. In 1.10.1, to solve other issues that were manifesting, we now loop over the include_path manually and check paths using is_readable() -- which triggers the open_basedir restrictions.

The appropriate solution when using open_basedir is to ensure that all paths in your include_path are within the tree specified in that setting. This may mean copying libraries under your project directory.

We could potentially do checks on the open_basedir INI setting withing isReadable(), but I'm personally of the mind that its up to the developer to ensure appropriate configuration.

Same here

I Changed from 1.8.1 to 1.10.1

Warning: is_readable() [function.is-readable]: open_basedir restriction in effect. File(/usr/share/pear/./views/helpers/Doctype.php) is not within the allowed path(s): (/usr/share/php:/usr/local/phpapps:/usr/local/cgi:/home/demo) in /usr/local/phpapps/ZendFramework-1.10.1/library/Zend/Loader.php on line 190

so if I add /usr/share/pear/ to my open_basedir (via apache vhost) it works again but

/usr/share/pear/./views/helpers/Doctype.php is not a file under that destination

/usr/local/phpapps/ZendFramework-1.10.1/library/Zend/View/Helper/Doctype.php /usr/local/phpapps/ZendFramework-1.6.1/library/Zend/View/Helper/Doctype.php /usr/local/phpapps/ZendFramework-1.7.1/library/Zend/View/Helper/Doctype.php /usr/local/phpapps/ZendFramework-1.8.1/library/Zend/View/Helper/Doctype.php

@Max -- /usr/share/php is probably in your global php.ini file, or defined in your vhost.

@Christian: the PluginLoader searches across paths that are provided to it, and checks these against the include_path as well. Make sure that all paths you add to the PluginLoader are either absolute paths that are within your open_basedir setting, or on one or more include_paths (and that all include_paths are within your open_basedir setting).

We are unlikely to change the behavior of isReadable() back to use fopen(), as this was basically a bad hack, and clearly was circumventing security policies.

I was having a similar problem. So i raised a ticket (seems to be duplicated of current ticket)

So i found out a potential solution:

http://framework.zend.com/issues/browse/ZF-9263

This issue, as reported, is better diagnosed in ZF-9263.