Annotation of embedaddon/php/tests/security/open_basedir.inc, revision 1.1
1.1 ! misho 1: <?php
! 2:
! 3: // This file contains helper functions for testing open_basedir configuration
! 4: // Care must be taken with where the directories are created because different
! 5: // SAPIs set the working directory differently. So simply creating a directory
! 6: // relative to the current working directory like this: mkdir("blah") might
! 7: // actually create it in several different places depending on the SAPI..!
! 8: //
! 9: // Note also depending on the version of php being tested, so the open_basedir
! 10: // configuration may or may not be changeable from a script (PHP_INI_SYSTEM).
! 11: //
! 12: // For this reason we set the open_basedir to . (current directory) and then
! 13: // move around to various directories for testing using chdir(). This is NOT
! 14: // recommended for production use as . bypasses all semblence of security..!
! 15: //
! 16: // Although safe mode has been removed in php 6.0, open_basedir is still valid.
! 17: // See http://www.php.net/features.safe-mode for more information
! 18:
! 19: function recursive_delete_directory($directory) {
! 20:
! 21: // Remove any trailing slash first
! 22: if (substr($directory, -1) == '/') {
! 23: $directory = substr($directory, 0, -1);
! 24: }
! 25:
! 26: // Make sure the directory is valid
! 27: if (is_dir($directory) == FALSE) {
! 28: return FALSE;
! 29: }
! 30:
! 31: // Check we can access the directory
! 32: if (is_readable($directory) == FALSE) {
! 33: return FALSE;
! 34: }
! 35:
! 36: $handle = opendir($directory);
! 37:
! 38: // Scan through the directory contents
! 39: while (FALSE !== ($item = readdir($handle))) {
! 40: if ($item != '.') {
! 41: if ($item != '..') {
! 42: $path = ($directory.'/'.$item);
! 43: if (is_dir($path) == TRUE) {
! 44: recursive_delete_directory($path);
! 45: } else {
! 46: @chmod($path, 0777);
! 47: unlink($path);
! 48: }
! 49: }
! 50: }
! 51: }
! 52:
! 53: closedir($handle);
! 54: @chmod($directory, 0777);
! 55: rmdir($directory);
! 56:
! 57: return TRUE;
! 58: }
! 59:
! 60: function create_directories() {
! 61: delete_directories();
! 62: $directory = getcwd();
! 63:
! 64: var_dump(mkdir($directory."/test"));
! 65: var_dump(mkdir($directory."/test/ok"));
! 66: var_dump(mkdir($directory."/test/bad"));
! 67: file_put_contents($directory."/test/ok/ok.txt", "Hello World!");
! 68: file_put_contents($directory."/test/bad/bad.txt", "Hello World!");
! 69: }
! 70:
! 71: function delete_directories() {
! 72: $directory = (getcwd()."/test");
! 73: recursive_delete_directory($directory);
! 74: }
! 75:
! 76: function test_open_basedir_error($function) {
! 77: global $savedDirectory;
! 78: var_dump($function("../bad"));
! 79: var_dump($function("../bad/bad.txt"));
! 80: var_dump($function(".."));
! 81: var_dump($function("../"));
! 82: var_dump($function("/"));
! 83: var_dump($function("../bad/."));
! 84: $directory = $savedDirectory;
! 85: var_dump($function($directory."/test/bad/bad.txt"));
! 86: var_dump($function($directory."/test/bad/../bad/bad.txt"));
! 87: }
! 88:
! 89: function test_open_basedir_before($function, $change = TRUE) {
! 90: global $savedDirectory;
! 91: echo "*** Testing open_basedir configuration [$function] ***\n";
! 92: $directory = getcwd();
! 93: $savedDirectory = $directory;
! 94: var_dump(chdir($directory));
! 95: create_directories();
! 96:
! 97: // Optionally change directory
! 98: if ($change == TRUE) {
! 99: var_dump(chdir($directory."/test/ok"));
! 100: }
! 101: }
! 102:
! 103: // Delete directories using a --CLEAN-- section!
! 104: function test_open_basedir_after($function) {
! 105: echo "*** Finished testing open_basedir configuration [$function] ***\n";
! 106: }
! 107:
! 108: // This is used by functions that return an array on success
! 109: function test_open_basedir_array($function) {
! 110: global $savedDirectory;
! 111:
! 112: test_open_basedir_before($function);
! 113: test_open_basedir_error($function);
! 114: var_dump(is_array($function("./../.")));
! 115: var_dump(is_array($function("../ok")));
! 116: var_dump(is_array($function("ok.txt")));
! 117: var_dump(is_array($function("../ok/ok.txt")));
! 118: $directory = $savedDirectory;
! 119: var_dump(is_array($function($directory."/test/ok/ok.txt")));
! 120: var_dump(is_array($function($directory."/test/ok/../ok/ok.txt")));
! 121: test_open_basedir_after($function);
! 122: }
! 123:
! 124: function test_open_basedir($function) {
! 125: global $savedDirectory;
! 126: test_open_basedir_before($function);
! 127: test_open_basedir_error($function);
! 128: var_dump($function("./../."));
! 129: var_dump($function("../ok"));
! 130: var_dump($function("ok.txt"));
! 131: var_dump($function("../ok/ok.txt"));
! 132: $directory = $savedDirectory;
! 133: var_dump($function($directory."/test/ok/ok.txt"));
! 134: var_dump($function($directory."/test/ok/../ok/ok.txt"));
! 135: test_open_basedir_after($function);
! 136: }
! 137:
! 138: ?>
! 139:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>