> -----Original Message----- > From: Tony Beyers [mailto:nigelmas@xxxxxxxxx] > Sent: Wednesday, December 12, 2007 5:55 PM > To: PHP General list > Subject: Re: safe_mode_include_dir > > Sorry about the double posting. I thought I sent the first email > before I was subscribed. > > I definitely should've pointed out that the code works with safe_mode > off so I know the paths are correct. > > I'm actually not the author of the code. I'm a sys admin trying to > upgrade the site with safe_mode on. > > The target directory is a real world readable directory. > > On Dec 12, 2007 3:43 PM, Daniel Brown <parasane@xxxxxxxxx> wrote: > > Tony, > > > > Calm down. It may take us 21 minutes to respond sometimes, but we > > will. No need to repost. ;-P > > > > On Dec 12, 2007 3:26 PM, Tony Beyers <nigelmas@xxxxxxxxx> wrote: > > > I'm running php 5.2.5 with these settings in a virtualhost block in > > > apache 2.0.61: > > > php_admin_flag safe_mode on > > > php_admin_value include_path "/afs/msu.edu/.../web" > > > php_admin_value safe_mode_include_dir > "/afs/msu.edu/.../web" > > > I've got an index.php file in web/support/ that does a > > > require_once("../includes/support.php"); > > > > Is there a specific reason you're using require_once() instead of > > include_once() ? There actually is a difference.... include() and > > include_once() will only include the file if that line of code is > > executed, whereas require() and require_once() will include the file > > even if the line is inside of an if() {} block for which the > > condition(s) are never matched. > > > > > Being in afs with write access from multiple people, the uids of > the > > > files do not match and I get an error stating that. So I put the > > > safe_mode_include_dir line above in but it did not fix the problem > > > until I used the absolute path in the require_once line. > > > Is there a way to include files with relative paths? > > > > Of course there is. For example, say you're in a laterally-equal > > directory as one from which you want to include a file. > > > > <? include('../otherdir/file.php'); ?> > > > > As long as you have permissions to read the files, you're good to > > go. My guess is that you may have done the relative linking > > improperly. Is the file actually `web/includes/support.php` called > > from `web/index.php`? > > > > The other thing I would suggest is making sure your target include > > directory is a real directory and not a symlinked directory. > > > > -- > > Daniel P. Brown > > [Phone Numbers Go Here!] > > [They're Hidden From View!] > > > > If at first you don't succeed, stick to what you know best so that > you > > can make enough money to pay someone else to do it for you. > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php Hi Tony, Please keep in mind that the use of php_admin_value include_path "/afs/msu.edu/.../web" ...will prevent a user from changing the include_path because of the "admin" part (this is ok for the safe mode include dir, but not for the include_path setting I think). So, I'd say you keep the safe_mode_include_dir, and change the include path to: php_value include_path "/afs/msu.edu/.../web" Also, it is likely that while using relative paths you run into problems because the "current directory" can be anything except the expected one, so I'd rather use absolute paths (if it's my own code) or fix it using .htaccess files (this is your case as you are a sysadmin) like this: php_value include_path "/one/path;/another/path;./" ... but for that to work you must not use php_admin_value in the virtualhost config (notice that this is not related to safe mode security, if safe_mode is well configured, it doesn't mind what you are using as include_dir). If anyone has more ideas... please throw them (and fix my errors). Rob Andrés Robinet | Lead Developer | BESTPLACE CORPORATION 5100 Bayview Drive 206, Royal Lauderdale Landings, Fort Lauderdale, FL 33308 | TEL 954-607-4207 | FAX 954-337-2695 Email: info@xxxxxxxxxxxxx | MSN Chat: best@xxxxxxxxxxxxx | SKYPE: bestplace | Web: http://www.bestplace.biz | Web: http://www.seo-diy.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php