xref: /PHP-8.0/tests/security/open_basedir.inc (revision d114812f)
1<?php
2
3// This file contains helper functions for testing open_basedir configuration
4// Care must be taken with where the directories are created because different
5// SAPIs set the working directory differently. So simply creating a directory
6// relative to the current working directory like this: mkdir("blah") might
7// actually create it in several different places depending on the SAPI..!
8//
9// Note also depending on the version of php being tested, so the open_basedir
10// configuration may or may not be changeable from a script (PHP_INI_SYSTEM).
11//
12// For this reason we set the open_basedir to . (current directory) and then
13// move around to various directories for testing using chdir(). This is NOT
14// recommended for production use as . bypasses all semblances of security..!
15//
16// Although safe mode has been removed in php 6.0, open_basedir is still valid.
17//      See http://www.php.net/features.safe-mode for more information
18
19function recursive_delete_directory($directory) {
20
21    // Remove any trailing slash first
22    if (substr($directory, -1) == '/') {
23        $directory = substr($directory, 0, -1);
24    }
25
26    // Make sure the directory is valid
27    if (is_dir($directory) == FALSE) {
28        return FALSE;
29    }
30
31    // Check we can access the directory
32    if (is_readable($directory) == FALSE) {
33        return FALSE;
34    }
35
36    $handle = opendir($directory);
37
38    // Scan through the directory contents
39    while (FALSE !== ($item = readdir($handle))) {
40        if ($item != '.') {
41             if ($item != '..') {
42                $path = ($directory.'/'.$item);
43                if (is_dir($path) == TRUE) {
44                    recursive_delete_directory($path);
45                } else {
46                    @chmod($path, 0777);
47                    unlink($path);
48                }
49            }
50        }
51    }
52
53    closedir($handle);
54    @chmod($directory, 0777);
55    rmdir($directory);
56
57    return TRUE;
58}
59
60function create_directories() {
61    delete_directories();
62    $directory = getcwd();
63
64    var_dump(mkdir($directory."/test"));
65    var_dump(mkdir($directory."/test/ok"));
66    var_dump(mkdir($directory."/test/bad"));
67    file_put_contents($directory."/test/ok/ok.txt", "Hello World!");
68    file_put_contents($directory."/test/bad/bad.txt", "Hello World!");
69}
70
71function delete_directories() {
72    $directory = (getcwd()."/test");
73    recursive_delete_directory($directory);
74}
75
76function test_open_basedir_error($function) {
77    global $savedDirectory;
78    var_dump($function("../bad"));
79    var_dump($function("../bad/bad.txt"));
80    var_dump($function(".."));
81    var_dump($function("../"));
82    var_dump($function("/"));
83    var_dump($function("../bad/."));
84    $directory = $savedDirectory;
85    var_dump($function($directory."/test/bad/bad.txt"));
86    var_dump($function($directory."/test/bad/../bad/bad.txt"));
87}
88
89function test_open_basedir_before($function, $change = TRUE) {
90    global $savedDirectory;
91    echo "*** Testing open_basedir configuration [$function] ***\n";
92    $directory = getcwd();
93    $savedDirectory = $directory;
94    var_dump(chdir($directory));
95    create_directories();
96
97    // Optionally change directory
98    if ($change == TRUE) {
99        var_dump(chdir($directory."/test/ok"));
100    }
101}
102
103// Delete directories using a --CLEAN-- section!
104function test_open_basedir_after($function) {
105    echo "*** Finished testing open_basedir configuration [$function] ***\n";
106}
107
108// This is used by functions that return an array on success
109function test_open_basedir_array($function) {
110    global $savedDirectory;
111
112    test_open_basedir_before($function);
113    test_open_basedir_error($function);
114    var_dump(is_array($function("./../.")));
115    var_dump(is_array($function("../ok")));
116    var_dump(is_array($function("ok.txt")));
117    var_dump(is_array($function("../ok/ok.txt")));
118    $directory = $savedDirectory;
119    var_dump(is_array($function($directory."/test/ok/ok.txt")));
120    var_dump(is_array($function($directory."/test/ok/../ok/ok.txt")));
121    test_open_basedir_after($function);
122}
123
124function test_open_basedir($function) {
125    global $savedDirectory;
126    test_open_basedir_before($function);
127    test_open_basedir_error($function);
128    var_dump($function("./../."));
129    var_dump($function("../ok"));
130    var_dump($function("ok.txt"));
131    var_dump($function("../ok/ok.txt"));
132    $directory = $savedDirectory;
133    var_dump($function($directory."/test/ok/ok.txt"));
134    var_dump($function($directory."/test/ok/../ok/ok.txt"));
135    test_open_basedir_after($function);
136}
137
138?>
139