PHPDeveloper: PHP News, Views and Community

Subscribe

@phpdeveloper.org

News Archive

Community News: Latest PEAR Releases (03.18.2024)

Community News: Latest PEAR Releases (03.11.2024)

Community News: Latest PECL Releases (03.05.2024)

Community News: Latest PECL Releases (02.27.2024)

Community News: Latest PEAR Releases (02.26.2024)

Community News: Latest PECL Releases (02.20.2024)

Community News: Latest PECL Releases (02.13.2024)

Community News: Latest PEAR Releases (02.12.2024)

Community News: Latest PECL Releases (02.06.2024)

Community News: Latest PECL Releases (01.30.2024)

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Web Developement Blog:
Curl: Location redirect while open_basedir is set

byChris Cornutt Feb 04, 2009 @ 18:06:09

Recently on the Web Developement Blog, Olaf showed how to do a Location redirect with cURL while open_basedir is set.

If you need to follow redirects within your php code using Curl and the open_basedir is set you came into some trouble. If you disable this directive all your directories with a 777 permission are not safe (if one or more website on the same server has some security issues). If you donâ€™t have additional protections you should NEVER disable the open_basedir directive (at least if youâ€™re using 3rd party applications).

He writes up a simple cURL-based link checker to see which of the URLs in question would throw an error. He modifies it so that it checked the HTTP response code from the server and, if its a 200/302/301, you know things are okay and a shell_exec can be called to execute the file from that location.