bug in html helper? (C5 5.4.0.5)
Permalink 2 users found helpful
Hello guys!
I expected the following problem: if C5 runs with "safe_mode = on" and I access "Dashboard -> File Manager -> Access", I get the following error:
Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/ccm.filemanager.css) is not within the allowed path(s): (/var/www/vhosts/domainname.com/httpdocs:/tmp) in /var/www/vhosts/domainname.com/httpdocs/concrete/helpers/html.php on line 42
It seems to me, that the function "css" on the HTMLHelper tries to check if file "/ccm.filemanager.css" exists. But PHP is not allowed to access the root of the filesystem!
The problem is, that approx. on line 42 in /concrete/helpers/html.php the result from "$v->getThemeDirectory()" is empty...
So we have to check if the result is empty and if yes, don't do a check if the file exists.
In the function "image" this seems to be correctly solved (see approx. line 147).
So change line 42 from
to this
seems to help.
Maybe someone who is better into this stuff, can tell if the bug fix is correct. I think so...
I expected the following problem: if C5 runs with "safe_mode = on" and I access "Dashboard -> File Manager -> Access", I get the following error:
Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/ccm.filemanager.css) is not within the allowed path(s): (/var/www/vhosts/domainname.com/httpdocs:/tmp) in /var/www/vhosts/domainname.com/httpdocs/concrete/helpers/html.php on line 42
It seems to me, that the function "css" on the HTMLHelper tries to check if file "/ccm.filemanager.css" exists. But PHP is not allowed to access the root of the filesystem!
The problem is, that approx. on line 42 in /concrete/helpers/html.php the result from "$v->getThemeDirectory()" is empty...
So we have to check if the result is empty and if yes, don't do a check if the file exists.
In the function "image" this seems to be correctly solved (see approx. line 147).
So change line 42 from
if (file_exists($v->getThemeDirectory() . '/' . $file)) {
to this
if ($v->getThemeDirectory() != '' && file_exists($v->getThemeDirectory() . '/' . $file)) {
seems to help.
Maybe someone who is better into this stuff, can tell if the bug fix is correct. I think so...
That looks like a decent solution. We will incorporate it. Thanks!
Thank you very much for the quick response!
Can you do the same for Javascript plz :
$v = View::getInstance(); // checking the theme directory for it. It's just in the root. if ($v->getThemeDirectory() != '' && file_exists($v->getThemeDirectory() . '/' . $file)) { $js->file = $v->getThemePath() . '/' . $file; }
