Proposed open_basedir workaround using shell script
| Project: | ImageAPI |
| Version: | 5.x-1.x-dev |
| Component: | Code |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | needs work |
I have run into the open_basedir problem a lot lately and because I am not in control of my own php.ini I am forced to hack the _imageapi_imagemagick_check_path() to return no errors and then every thing works.
The problem as you may know is that open_basedir does not let you check if a file out side of its restrictions exists but you can still execute the file.
So, after some research I came up with a workaround that uses a shell script to do the checking. I don’t know anything about shell scripting and I worked this out using google and examples. I don’t know how standard compliant this is as it was an example of bash script and many distros just symlink /bin/sh to the bash binary so I don’t know if this will work with other shell interpreters.
This is just a proposed workaround. The idea can still be improved more.
Bellow is the script (file_exists.sh) and how I altered imageapi to use it. I placed the script in Drupal’s scripts directory and made it executable.
file_exists.sh
#!/bin/sh
if [ -f $1 ]
then
echo 1
else
echo 0
fi<?php
function _imageapi_imagemagick_check_path($path) {
$errors = array();
if (!is_file($path)) {
if (!_imageapi_is_file($path)) {
$errors[] = t('The specified ImageMagick path %file does not exist.', array('%file' => $path));
}
}
if (!$errors && !is_executable($path)) {
$errors[] = t('The specified ImageMagick path %file is not executable.', array('%file' => $path));
}
if ($errors && $open_basedir = ini_get('open_basedir')) {
$errors[] = t('PHP\'s <a href="!open-basedir">open_basedir</a> security restriction is set to %open-basedir, which may be interfering with attempts to locate ImageMagick.', array('%file' => $path, '%open-basedir' => $open_basedir, '!info-link' => url('http://php.net/features.safe-mode#ini.open-basedir')));
}
return $errors;
}
function _imageapi_is_file($path) {
$command_path = './scripts/file_exists.sh';
if (!is_file($command_path)) {
drupal_set_message(t('File %command_path does not exist.', array('%command_path' => $command_path)), 'error');
return FALSE;
}
if (is_executable($command_path)) {
drupal_set_message(t('File %command_path is not executable.', array('%command_path' => $command_path)), 'error');
return FALSE;
}
$command = $command_path . ' ' . escapeshellarg($path);
$retval = exec($command);
return $retval;
}
?>Since we can execute a shell script from the command line it might be possible to execute other script, like a perl script or a cli PHP script.