Smarty Forum Index Smarty
WARNING: All discussion is moving to https://reddit.com/r/smarty, please go there! This forum will be closing soon.

safe_mode and global Smarty installation

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> Installation and Setup
View previous topic :: View next topic  
Author Message
lewiz
Smarty n00b


Joined: 10 Feb 2004
Posts: 1

PostPosted: Tue Feb 10, 2004 9:47 pm    Post subject: safe_mode and global Smarty installation Reply with quote

Prior to enabling Apache's safe_mode I had a working Smarty installation.

This was a global installation of Smarty (instaled in /usr/local/share/smarty -- FreeBSD's default). The permissions in /usr/local/share/smarty are root:wheel a+r, a+X. This worked perfectly prior to enabling safe_mode.

In my php.ini I have:

safe_mode = On
safe_mode_gid = Off
safe_mode_include_dir = "/usr/local/share/smarty:/usr/local/share/pear"
include_path = ".:/usr/local/share/smarty:/usr/local/share/pear"

In theory the safe_mode_include_dir allows me to include/require anything in /usr/local/share/smarty, much the same as if it were in my public_html directory. I tested this by putting a file test.php in /usr/local/share/smarty that simply printed out a line of text (echo "foo"). I could include this file without error from my public_html directory. i.e. the safe_mode_include_dir appears to work.

However, I get the following errors when I try and include Smarty.class.php:

Quote:
Fatal error: Smarty error: [in header.html line 4]: [plugin] modifier 'default' is not implemented (core.load_plugins.php, line 118) in /usr/local/share/smarty/Smarty.class.php on line 1871

I double-checked it worked by chowning /usr/local/share/smarty to lewiz (the user including Smarty.class.php). It now works.

Is this a problem with Smarty? Maybe it's a problem with PHP itself? As far as I am aware safe_mode_include_dir works only when including/requiring files, so if Smarty were including plugins/core functions in any other way it might cause problems.

Does anybody know how I can fix this? It's causing real problems Wink Thanks very much.
Back to top
View user's profile Send private message
bigben
Smarty n00b


Joined: 08 Jul 2004
Posts: 1
Location: montreal

PostPosted: Thu Jul 08, 2004 9:25 pm    Post subject: Reply with quote

I also have the same problem but with "regular" modifiers (capitalize and so on), I've narrowed it down to this:

after a chain of function calls Smarty searches for the correct path to include the file in "core/core.assemble_plugin_filepath.php". In order to do that it uses the function is_readable however that function does not take safe_mode_include_dir into account.

The interesting part is that you are able to "include" the file but you won't be able to "fopen" it or similar. Here's what an old discussion on bugs.php.net states:
[30 Oct 2002 11:37am CET] iliaa@php.net
The current implementation of safe_mode_include_dir only allows
require/include functions to bypass safe_mode. I've began a discussion
on php-dev on whether or not this should be expanded to include other
file operations. If you have an opinion on the matter, make it known
there (php-dev).

Why I say that it's interesting is that latter on Smarty "include_once"'s that file so in fact the test fails but the operation could be successful.

I've tried using file_exists instead of is_readable but it doesn't help. When in safe mode, Smarty would have to include "blindly" from an absolute path set by the user.
Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> Installation and Setup All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP