1--TEST-- 2Bug #54446 (Arbitrary file creation via libxslt 'output' extension with php.ini setting) 3--SKIPIF-- 4<?php 5if (!extension_loaded('xsl')) die("skip Extension XSL is required\n"); 6?> 7--FILE-- 8<?php 9include("prepare.inc"); 10 11$outputfile = __DIR__."/bug54446test_with_ini.txt"; 12if (file_exists($outputfile)) { 13 unlink($outputfile); 14} 15 16$sXsl = <<<EOT 17<xsl:stylesheet version="1.0" 18 xmlns:xsl="http://www.w3.org/1999/XSL/Transform" 19 xmlns:sax="http://icl.com/saxon" 20 extension-element-prefixes="sax"> 21 22 <xsl:template match="/"> 23 <sax:output href="$outputfile" method="text"> 24 <xsl:value-of select="'0wn3d via PHP and libxslt ...'"/> 25 </sax:output> 26 </xsl:template> 27 28</xsl:stylesheet> 29EOT; 30 31$xsl->loadXML( $sXsl ); 32 33# START XSLT 34$proc->importStylesheet( $xsl ); 35 36# TRASNFORM & PRINT 37print $proc->transformToXML( $dom ); 38 39 40if (file_exists($outputfile)) { 41 print "$outputfile exists, but shouldn't!\n"; 42} else { 43 print "OK, no file created\n"; 44} 45 46#SET NO SECURITY PREFS 47$proc->setSecurityPrefs(XSL_SECPREF_NONE); 48 49# TRANSFORM & PRINT 50print $proc->transformToXML( $dom ); 51 52 53if (file_exists($outputfile)) { 54 print "OK, file exists\n"; 55} else { 56 print "$outputfile doesn't exist, but should!\n"; 57} 58 59unlink($outputfile); 60 61#SET SECURITY PREFS AGAIN 62$proc->setSecurityPrefs(XSL_SECPREF_WRITE_FILE | XSL_SECPREF_WRITE_NETWORK | XSL_SECPREF_CREATE_DIRECTORY); 63 64# TRANSFORM & PRINT 65print $proc->transformToXML( $dom ); 66 67if (file_exists($outputfile)) { 68 print "$outputfile exists, but shouldn't!\n"; 69} else { 70 print "OK, no file created\n"; 71} 72 73?> 74--EXPECTF-- 75Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %s element output in %s on line %d 76 77Warning: XSLTProcessor::transformToXml(): File write for %s/bug54446test_with_ini.txt refused in %s on line %d 78 79Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %d element output in %s on line %d 80 81Warning: XSLTProcessor::transformToXml(): xsltDocumentElem: write rights for %s/bug54446test_with_ini.txt denied in %s on line %d 82OK, no file created 83OK, file exists 84 85Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %s element output in %s on line %d 86 87Warning: XSLTProcessor::transformToXml(): File write for %s/bug54446test_with_ini.txt refused in %s on line %d 88 89Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %d element output in %s on line %d 90 91Warning: XSLTProcessor::transformToXml(): xsltDocumentElem: write rights for %s/bug54446test_with_ini.txt denied in %s on line %d 92OK, no file created 93--CREDITS-- 94Christian Stocker, chregu@php.net 95