[BACK]Return to open_basedir.inc CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / php / tests / security
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / php / tests / security / open_basedir.inc
Revision 1.1: download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 23:48:06 2012 UTC (12 years, 4 months ago) by misho
CVS tags: MAIN, HEAD
Initial revision

    1: <?php
    2: 
    3: // This file contains helper functions for testing open_basedir configuration
    4: // Care must be taken with where the directories are created because different
    5: // SAPIs set the working directory differently. So simply creating a directory
    6: // relative to the current working directory like this: mkdir("blah") might 
    7: // actually create it in several different places depending on the SAPI..!
    8: //
    9: // Note also depending on the version of php being tested, so the open_basedir
   10: // configuration may or may not be changeable from a script (PHP_INI_SYSTEM).
   11: //
   12: // For this reason we set the open_basedir to . (current directory) and then
   13: // move around to various directories for testing using chdir(). This is NOT
   14: // recommended for production use as . bypasses all semblence of security..!
   15: //
   16: // Although safe mode has been removed in php 6.0, open_basedir is still valid.
   17: //      See http://www.php.net/features.safe-mode for more information
   18: 
   19: function recursive_delete_directory($directory) {
   20: 
   21:     // Remove any trailing slash first
   22:     if (substr($directory, -1) == '/') {
   23:         $directory = substr($directory, 0, -1);
   24:     }
   25: 
   26:     // Make sure the directory is valid
   27:     if (is_dir($directory) == FALSE) {
   28:         return FALSE;
   29:     } 
   30: 
   31:     // Check we can access the directory
   32:     if (is_readable($directory) == FALSE) {
   33:         return FALSE;
   34:     }
   35: 
   36:     $handle = opendir($directory);
   37: 
   38:     // Scan through the directory contents
   39:     while (FALSE !== ($item = readdir($handle))) {
   40:         if ($item != '.') {
   41:              if ($item != '..') {
   42:                 $path = ($directory.'/'.$item);
   43:                 if (is_dir($path) == TRUE) {
   44:                     recursive_delete_directory($path);
   45:                 } else {
   46: 					@chmod($path, 0777);
   47:                     unlink($path);
   48:                 }
   49:             }
   50:         }
   51:     }
   52: 
   53:     closedir($handle);
   54: 	@chmod($directory, 0777);
   55:     rmdir($directory);
   56: 
   57:     return TRUE;
   58: }
   59: 
   60: function create_directories() {
   61:     delete_directories();
   62:     $directory = getcwd();
   63: 
   64:     var_dump(mkdir($directory."/test"));
   65:     var_dump(mkdir($directory."/test/ok"));
   66:     var_dump(mkdir($directory."/test/bad"));
   67:     file_put_contents($directory."/test/ok/ok.txt", "Hello World!");
   68:     file_put_contents($directory."/test/bad/bad.txt", "Hello World!");
   69: }
   70: 
   71: function delete_directories() {
   72:     $directory = (getcwd()."/test");
   73:     recursive_delete_directory($directory);
   74: }
   75: 
   76: function test_open_basedir_error($function) {
   77:     global $savedDirectory;
   78:     var_dump($function("../bad"));
   79:     var_dump($function("../bad/bad.txt"));
   80:     var_dump($function(".."));
   81:     var_dump($function("../"));
   82:     var_dump($function("/"));
   83:     var_dump($function("../bad/."));
   84:     $directory = $savedDirectory;
   85:     var_dump($function($directory."/test/bad/bad.txt"));
   86:     var_dump($function($directory."/test/bad/../bad/bad.txt"));
   87: }
   88: 
   89: function test_open_basedir_before($function, $change = TRUE) {
   90:     global $savedDirectory;
   91:     echo "*** Testing open_basedir configuration [$function] ***\n";
   92:     $directory = getcwd();
   93:     $savedDirectory = $directory;
   94:     var_dump(chdir($directory));
   95:     create_directories();
   96: 
   97:     // Optionally change directory
   98:     if ($change == TRUE) {
   99:         var_dump(chdir($directory."/test/ok"));
  100:     }
  101: }
  102: 
  103: // Delete directories using a --CLEAN-- section!
  104: function test_open_basedir_after($function) {
  105:     echo "*** Finished testing open_basedir configuration [$function] ***\n";
  106: }
  107: 
  108: // This is used by functions that return an array on success
  109: function test_open_basedir_array($function) {
  110:     global $savedDirectory;
  111: 
  112:     test_open_basedir_before($function);
  113:     test_open_basedir_error($function); 
  114:     var_dump(is_array($function("./../.")));
  115:     var_dump(is_array($function("../ok")));
  116:     var_dump(is_array($function("ok.txt")));
  117:     var_dump(is_array($function("../ok/ok.txt")));
  118:     $directory = $savedDirectory;
  119:     var_dump(is_array($function($directory."/test/ok/ok.txt")));
  120:     var_dump(is_array($function($directory."/test/ok/../ok/ok.txt")));
  121:     test_open_basedir_after($function);
  122: }
  123: 
  124: function test_open_basedir($function) {
  125:     global $savedDirectory;
  126:     test_open_basedir_before($function);
  127:     test_open_basedir_error($function);     
  128:     var_dump($function("./../."));
  129:     var_dump($function("../ok"));
  130:     var_dump($function("ok.txt"));
  131:     var_dump($function("../ok/ok.txt"));
  132:     $directory = $savedDirectory;
  133:     var_dump($function($directory."/test/ok/ok.txt"));
  134:     var_dump($function($directory."/test/ok/../ok/ok.txt"));
  135:     test_open_basedir_after($function);
  136: }
  137: 
  138: ?>
  139:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>