1--TEST-- 2Bug #54446 (Arbitrary file creation via libxslt 'output' extension with php.ini setting) 3--SKIPIF-- 4<?php 5if (!extension_loaded('xsl')) die("skip Extension XSL is required\n"); 6?> 7--FILE-- 8<?php 9include("prepare.inc"); 10 11$outputfile = dirname(__FILE__)."/bug54446test.txt"; 12if (file_exists($outputfile)) { 13 unlink($outputfile); 14} 15 16$sXsl = <<<EOT 17<xsl:stylesheet version="1.0" 18 xmlns:xsl="http://www.w3.org/1999/XSL/Transform" 19 xmlns:sax="http://icl.com/saxon" 20 extension-element-prefixes="sax"> 21 22 <xsl:template match="/"> 23 <sax:output href="$outputfile" method="text"> 24 <xsl:value-of select="'0wn3d via PHP and libxslt ...'"/> 25 </sax:output> 26 </xsl:template> 27 28</xsl:stylesheet> 29EOT; 30 31$xsl->loadXML( $sXsl ); 32 33# START XSLT 34$proc->importStylesheet( $xsl ); 35 36# TRASNFORM & PRINT 37print $proc->transformToXML( $dom ); 38 39 40if (file_exists($outputfile)) { 41 print "$outputfile exists, but shouldn't!\n"; 42} else { 43 print "OK, no file created\n"; 44} 45 46#SET NO SECURITY PREFS 47ini_set("xsl.security_prefs", XSL_SECPREF_NONE); 48 49# TRASNFORM & PRINT 50print $proc->transformToXML( $dom ); 51 52 53if (file_exists($outputfile)) { 54 print "OK, file exists\n"; 55} else { 56 print "$outputfile doesn't exist, but should!\n"; 57} 58 59unlink($outputfile); 60 61#SET SECURITY PREFS AGAIN 62ini_set("xsl.security_prefs", XSL_SECPREF_WRITE_FILE | XSL_SECPREF_WRITE_NETWORK | XSL_SECPREF_CREATE_DIRECTORY); 63 64# TRASNFORM & PRINT 65print $proc->transformToXML( $dom ); 66 67if (file_exists($outputfile)) { 68 print "$outputfile exists, but shouldn't!\n"; 69} else { 70 print "OK, no file created\n"; 71} 72 73#SET NO SECURITY PREFS with ini, but set them with ->setSecurityPrefs 74ini_set("xsl.security_prefs", XSL_SECPREF_NONE); 75$proc->setSecurityPrefs( XSL_SECPREF_WRITE_FILE | XSL_SECPREF_WRITE_NETWORK | XSL_SECPREF_CREATE_DIRECTORY); 76 77print $proc->transformToXML( $dom ); 78if (file_exists($outputfile)) { 79 print "$outputfile exists, but shouldn't!\n"; 80} else { 81 print "OK, no file created\n"; 82} 83 84#don't throw a warning if both ini and through-the-method have the same value 85$proc->setSecurityPrefs(XSL_SECPREF_NONE); 86 87print $proc->transformToXML( $dom ); 88 89if (file_exists($outputfile)) { 90 print "OK, file exists\n"; 91} else { 92 print "$outputfile doesn't exist, but should!\n"; 93} 94unlink($outputfile); 95 96 97 98--EXPECTF-- 99Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %s element output in %s on line %d 100 101Warning: XSLTProcessor::transformToXml(): File write for %s/bug54446test.txt refused in %s on line %s 102 103Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %d element output in %s on line %d 104 105Warning: XSLTProcessor::transformToXml(): xsltDocumentElem: write rights for %s/bug54446test.txt denied in %s on line %d 106OK, no file created 107 108Deprecated: XSLTProcessor::transformToXml(): The xsl.security_prefs php.ini option is deprecated; use XsltProcessor->setSecurityPrefs() instead in %s on line %d 109OK, file exists 110 111Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %s element output in %s on line %d 112 113Warning: XSLTProcessor::transformToXml(): File write for %s/bug54446test.txt refused in %s on line %s 114 115Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %d element output in %s on line %d 116 117Warning: XSLTProcessor::transformToXml(): xsltDocumentElem: write rights for %s/bug54446test.txt denied in %s on line %d 118OK, no file created 119 120Deprecated: XSLTProcessor::transformToXml(): The xsl.security_prefs php.ini option is deprecated; use XsltProcessor->setSecurityPrefs() instead in %s on line %d 121 122Notice: XSLTProcessor::transformToXml(): The xsl.security_prefs php.ini was not used, since the XsltProcessor->setSecurityPrefs() method was used in %s on line %d 123 124Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %s element output in %s on line %d 125 126Warning: XSLTProcessor::transformToXml(): File write for %s/bug54446test.txt refused in %s on line %s 127 128Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %d element output in %s on line %d 129 130Warning: XSLTProcessor::transformToXml(): xsltDocumentElem: write rights for %s/bug54446test.txt denied in %s on line %d 131OK, no file created 132OK, file exists 133--CREDITS-- 134Christian Stocker, chregu@php.net 135 136
