The ``++open_basedir++`` configuration in _php.ini_ limits the files the script can access using, for example, ``++include++`` and ``++fopen()++``. Leave it out, and there is no default limit, meaning that any file can be accessed. Include it, and PHP will refuse to access files outside the allowed path.
``++open_basedir++`` should be configured with a directory, which will then be accessible recursively. However, the use of ``++.++`` (current directory) as an ``++open_basedir++`` value should be avoided since it's resolved dynamically during script execution, so a ``++chdir('/')++`` command could lay the whole server open to the script.
This is not a fool-proof configuration; it can be reset or overridden at the script level. But its use should be seen as a minimum due diligence step. This rule raises an issue when ``++open_basedir++`` is not present in _php.ini_, and when ``++open_basedir++`` contains root, or the current directory (``++.++``) symbol.
@Ann actually I just realised that comment in the php.ini file are defined as the following: "any text on a line after an unquoted semicolon (; ) is ignored" from documentation: see \http://php.net/manual/en/configuration.file.php.
So shall we update the code snippet or not (for readability)?
Otherwise LGTM!
=== on 1 Sep 2015, 13:08:23 Ann Campbell wrote:
Absolutely [~linda.martin]! Please always correct my syntax. :-]
I've made an update just now. Double-check it?
=== on 12 Nov 2015, 17:45:03 Linda Martin wrote:
\[~ann.campbell.2] Thanks, I update the remaining comments.
