Issue Type: Bug Created: 2010-02-13T08:00:21.000+0000 Last Updated: 2010-04-27T09:40:10.000+0000 Status: Resolved Fix version(s): - 1.10.4 (28/Apr/10)
Reporter: Gillou (gillou) Assignee: Matthew Weier O'Phinney (matthew) Tags: - Zend_Loader
Related issues: - ZF-9263
I just changed from version 1.10.0 to version 1.10.1, and encountered Warnings i never saw before. I use WampServer 2.0 for windows and did not change anything in my configuration files, just changed ZF libraries.
Warning: is_readable() [function.is-readable]: open_basedir restriction in effect. File(G:/phpapplications/lib/ZendFramework-1.10.1/library/G:/phpapplications/myapp/views\helpers/Partial.php) is not within the allowed path(s): (G:/phpapplications) in G:\phpapplications\lib\ZendFramework-1.10.1\library\Zend\Loader.php on line 190
It seems like every call to methods headTitle(), headLink(), headMeta(), headScript(), partial() on a Zend_View instance generates theses Warnings...
Could it be a bug ?
Posted by Max Mondaine (mondaine) on 2010-02-15T06:01:36.000+0000
I have the same problem, I upgraded from 1.10 to 1.10.1. I just replaced the library/Zend folder and get many error like this:
function.is-readable]: open_basedir restriction in effect. File(/usr/share/php/My/Helper/BaseUrl.php) is not within the allowed path(s): (/var/www/clients/client4/web39) in /var/www/clients/client4/web39/gui/library/Zend/Loader.php on line 190
Warning: is_readable() [function.is-readable]: open_basedir restriction in effect. File(/usr/share/pear/My/Helper/BaseUrl.php) is not within the allowed path(s): (/var/www/clients/client4/web39) in /var/www/clients/client4/web39/gui/library/Zend/Loader.php on line 190
I use custom view helper and decorator which worked fine in 1.10. I can't find any place where I add '/usr/share/php' to my path.
Posted by Matthew Weier O'Phinney (matthew) on 2010-02-15T06:24:44.000+0000
open_basedir limits you to files under a given tree. If you have include_path entries that are not under that tree, you will get warnings.
Prior to 1.10.1, we used fopen() in Zend_Loader::isReadable(). In this particular case, any directory on the include_path that is not under your specified basedir will simply be ignored, and it will only try those directories which are valid. In 1.10.1, to solve other issues that were manifesting, we now loop over the include_path manually and check paths using is_readable() -- which triggers the open_basedir restrictions.
The appropriate solution when using open_basedir is to ensure that all paths in your include_path are within the tree specified in that setting. This may mean copying libraries under your project directory.
We could potentially do checks on the open_basedir INI setting withing isReadable(), but I'm personally of the mind that its up to the developer to ensure appropriate configuration.
Posted by Christian Nordlohne (cnordlohne) on 2010-02-15T07:57:23.000+0000
I Changed from 1.8.1 to 1.10.1
Warning: is_readable() [function.is-readable]: open_basedir restriction in effect. File(/usr/share/pear/./views/helpers/Doctype.php) is not within the allowed path(s): (/usr/share/php:/usr/local/phpapps:/usr/local/cgi:/home/demo) in /usr/local/phpapps/ZendFramework-1.10.1/library/Zend/Loader.php on line 190
so if I add /usr/share/pear/ to my open_basedir (via apache vhost) it works again but
/usr/share/pear/./views/helpers/Doctype.php is not a file under that destination
/usr/local/phpapps/ZendFramework-1.10.1/library/Zend/View/Helper/Doctype.php /usr/local/phpapps/ZendFramework-1.6.1/library/Zend/View/Helper/Doctype.php /usr/local/phpapps/ZendFramework-1.7.1/library/Zend/View/Helper/Doctype.php /usr/local/phpapps/ZendFramework-1.8.1/library/Zend/View/Helper/Doctype.php
Posted by Matthew Weier O'Phinney (matthew) on 2010-02-23T10:12:34.000+0000
@Max -- /usr/share/php is probably in your global php.ini file, or defined in your vhost.
@Christian: the PluginLoader searches across paths that are provided to it, and checks these against the include_path as well. Make sure that all paths you add to the PluginLoader are either absolute paths that are within your open_basedir setting, or on one or more include_paths (and that all include_paths are within your open_basedir setting).
We are unlikely to change the behavior of isReadable() back to use fopen(), as this was basically a bad hack, and clearly was circumventing security policies.
Posted by Cristian Bichis (avantis) on 2010-02-25T11:31:44.000+0000
I was having a similar problem. So i raised a ticket (seems to be duplicated of current ticket)
So i found out a potential solution:
Posted by Matthew Weier O'Phinney (matthew) on 2010-04-27T09:39:57.000+0000
This issue, as reported, is better diagnosed in ZF-9263.
Have you found an issue?
See the Overview section for more details.