RootForum Community

Code: Select all

; open_basedir, if set, limits all file operations to the defined directory
;open_basedir =

Code: Select all

;
; Safe Mode
;
; NOTE: this is considered a "broken" security measure.
;       Applications relying on this feature will not recieve full
;       support by the security team.  For more information please
;       see /usr/share/doc/php5-common/README.Debian.security
;
safe_mode = On

; By default, Safe Mode does a UID compare check when
; opening files. If you want to relax this to a GID compare,
; then turn on safe_mode_gid.
safe_mode_gid = Off

; When safe_mode is on, UID/GID checks are bypassed when
; including files from this directory and its subdirectories.
; (directory must also be in include_path or full path must
; be used when including)
safe_mode_include_dir =

; When safe_mode is on, only executables located in the safe_mode_exec_dir
; will be allowed to be executed via the exec family of functions.
safe_mode_exec_dir =

; Setting certain environment variables may be a potential security breach.
; This directive contains a comma-delimited list of prefixes.  In Safe Mode,
; the user may only alter environment variables whose names begin with the
; prefixes supplied here.  By default, users will only be able to set
; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
;
; Note:  If this directive is empty, PHP will let the user modify ANY
; environment variable!
safe_mode_allowed_env_vars = PHP_

; This directive contains a comma-delimited list of environment variables that
; the end user won't be able to change using putenv().  These variables will be
; protected even if safe_mode_allowed_env_vars is set to allow to change them.
safe_mode_protected_env_vars = LD_LIBRARY_PATH

; open_basedir, if set, limits all file operations to the defined directory
; and below.  This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.

; NOTE: this is considered a "broken" security measure.
;       Applications relying on this feature will not recieve full
;       support by the security team.  For more information please
;       see /usr/share/doc/php5-common/README.Debian.security
;

; open_basedir =

Code: Select all

; open_basedir, if set, limits all file operations to the defined directory 
; and below.  This directive makes most sense if used in a per-directory 
; or per-virtualhost web server configuration file. This directive is 
; *NOT* affected by whether Safe Mode is turned On or Off.

Code: Select all

 php_admin_value open_basedir "/usr/local/bin:/usr/bin:/home/user:/usr/local/lib/php"
php_admin_value upload_tmp_dir "/home/user/phptemp"
php_admin_value upload_max_filesize "30M"
php_admin_value max_execution_time "120"

Code: Select all

php_admin_value open_basedir /var/www/web63/html/:/var/www/web63/phptmp/:/var/www/web63/files/:/var/www/web63/atd/

Code: Select all

php -r "phpinfo(INFO_GENERAL);"
phpinfo()
PHP Version => 5.2.0-8+etch7

System => Linux srv1 2.6.8-3-686 #1 Tue Dec 5 21:26:38 UTC 2006 i686
Build Date => Jul  2 2007 21:44:16
Server API => Command Line Interface
Virtual Directory Support => disabled
Configuration File (php.ini) Path => /etc/php5/cli/php.ini
Scan this dir for additional .ini files => /etc/php5/cli/conf.d
additional .ini files parsed => /etc/php5/cli/conf.d/curl.ini,
/etc/php5/cli/conf.d/gd.ini,
/etc/php5/cli/conf.d/imap.ini,
/etc/php5/cli/conf.d/mysql.ini,
/etc/php5/cli/conf.d/mysqli.ini,
/etc/php5/cli/conf.d/pdo.ini,
/etc/php5/cli/conf.d/pdo_mysql.ini,
/etc/php5/cli/conf.d/xmlrpc.ini,
/etc/php5/cli/conf.d/xsl.ini

PHP API => 20041225
PHP Extension => 20060613
Zend Extension => 220060519
Debug Build => no
Thread Safety => disabled
Zend Memory Manager => enabled
IPv6 Support => enabled
Registered PHP Streams => zip
Registered Stream Socket Transports => tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
Registered Stream Filters => string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, convert.iconv.*, bzip2.*, zlib.*


This program makes use of the Zend Scripting Language Engine:
Zend Engine v2.2.0, Copyright (c) 1998-2006 Zend Technologies

Code: Select all

<?
    @include ("db_connect.php");

    // Herstellen der Basis-Verbindung
    $conn_id = ftp_connect("$FTP_host");
    // Einloggen mit Benutzername und Kennwort
    $login_result = ftp_login($conn_id, "$FTP_user", "$FTP_pass");
    // Upload der Datei
    $list = ftp_rawlist($conn_id, "$verzeichniss");
    // Schließen des FTP-Streams
    ftp_quit($conn_id);

   $i = 0;
      foreach ($list as $current) {
       $split = preg_split("[ ]", $current, 9, PREG_SPLIT_NO_EMPTY);
       if ($split[0] != "total") {
           $parsed[$i]['isdir']        = $split[0]{0} === "d";
           $parsed[$i]['perms']        = $split[0];
           $parsed[$i]['number']    = $split[1];
           $parsed[$i]['owner']        = $split[2];
           $parsed[$i]['group']        = $split[3];
           $parsed[$i]['size']        = $split[4];
           $parsed[$i]['month']        = $split[5];
           $parsed[$i]['day']        = $split[6];
           $parsed[$i]['time/year']    = $split[7];
           $parsed[$i]['name']        = $split[8];

           $ftp_liste[$i] = $parsed[$i]['name'];
           $ftp_liste_typ[$i] = $parsed[$i]['isdir'];

           $i++;
       }
   }


?>

Code: Select all

Warning: ftp_rawlist() [function.ftp-rawlist]: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (/var/www/web63/html/:/var/www/web63/phptmp/:/var/www/web63/files/:/var/www/web63/atd/) in /var/www/web63/html/admin/module/ftp_liste.php on line 9

Warning: ftp_rawlist() [function.ftp-rawlist]: Unable to create temporary file. Check permissions in temporary files directory. in /var/www/web63/html/admin/module/ftp_liste.php on line 9