diff options
Diffstat (limited to 'ext/standard')
| -rw-r--r-- | ext/standard/basic_functions.c | 108 | ||||
| -rw-r--r-- | ext/standard/basic_functions.h | 8 | ||||
| -rw-r--r-- | ext/standard/dir.c | 13 | ||||
| -rw-r--r-- | ext/standard/dl.c | 3 | ||||
| -rw-r--r-- | ext/standard/exec.c | 42 | ||||
| -rw-r--r-- | ext/standard/file.c | 88 | ||||
| -rw-r--r-- | ext/standard/filestat.c | 57 | ||||
| -rw-r--r-- | ext/standard/fsock.c | 2 | ||||
| -rw-r--r-- | ext/standard/ftok.c | 4 | ||||
| -rw-r--r-- | ext/standard/head.c | 1 | ||||
| -rw-r--r-- | ext/standard/http_fopen_wrapper.c | 2 | ||||
| -rw-r--r-- | ext/standard/image.c | 2 | ||||
| -rw-r--r-- | ext/standard/iptc.c | 4 | ||||
| -rw-r--r-- | ext/standard/link.c | 21 | ||||
| -rw-r--r-- | ext/standard/link_win32.c | 11 | ||||
| -rw-r--r-- | ext/standard/mail.c | 10 | ||||
| -rw-r--r-- | ext/standard/md5.c | 2 | ||||
| -rw-r--r-- | ext/standard/pack.c | 1 | ||||
| -rw-r--r-- | ext/standard/proc_open.c | 81 | ||||
| -rw-r--r-- | ext/standard/sha1.c | 2 | ||||
| -rw-r--r-- | ext/standard/streamsfuncs.c | 4 | ||||
| -rw-r--r-- | ext/standard/tests/file/bug22414.phpt | 1 | ||||
| -rw-r--r-- | ext/standard/tests/general_functions/get_cfg_var_variation8.phpt | 40 | ||||
| -rw-r--r-- | ext/standard/tests/general_functions/putenv_error1.phpt | 2 | ||||
| -rw-r--r-- | ext/standard/tests/general_functions/putenv_error2.phpt | 2 |
25 files changed, 72 insertions, 439 deletions
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 4555814e17..26c6d5aed0 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -34,7 +34,6 @@ #include "zend_operators.h" #include "ext/standard/php_dns.h" #include "ext/standard/php_uuencode.h" -#include "safe_mode.h" #ifdef PHP_WIN32 #include "win32/php_win32_globals.h" @@ -3351,41 +3350,6 @@ const zend_function_entry basic_functions[] = { /* {{{ */ }; /* }}} */ -static PHP_INI_MH(OnUpdateSafeModeProtectedEnvVars) /* {{{ */ -{ - char *protected_vars, *protected_var; - char *token_buf; - int dummy = 1; - - protected_vars = estrndup(new_value, new_value_length); - zend_hash_clean(&BG(sm_protected_env_vars)); - - protected_var = php_strtok_r(protected_vars, ", ", &token_buf); - while (protected_var) { - zend_hash_update(&BG(sm_protected_env_vars), protected_var, strlen(protected_var), &dummy, sizeof(int), NULL); - protected_var = php_strtok_r(NULL, ", ", &token_buf); - } - efree(protected_vars); - return SUCCESS; -} -/* }}} */ - -static PHP_INI_MH(OnUpdateSafeModeAllowedEnvVars) /* {{{ */ -{ - if (BG(sm_allowed_env_vars)) { - free(BG(sm_allowed_env_vars)); - } - BG(sm_allowed_env_vars) = zend_strndup(new_value, new_value_length); - return SUCCESS; -} -/* }}} */ - -PHP_INI_BEGIN() /* {{{ */ - PHP_INI_ENTRY_EX("safe_mode_protected_env_vars", SAFE_MODE_PROTECTED_ENV_VARS, PHP_INI_SYSTEM, OnUpdateSafeModeProtectedEnvVars, NULL) - PHP_INI_ENTRY_EX("safe_mode_allowed_env_vars", SAFE_MODE_ALLOWED_ENV_VARS, PHP_INI_SYSTEM, OnUpdateSafeModeAllowedEnvVars, NULL) -PHP_INI_END() -/* }}} */ - static const zend_module_dep standard_deps[] = { /* {{{ */ ZEND_MOD_OPTIONAL("session") {NULL, NULL, NULL} @@ -3462,8 +3426,6 @@ static void basic_globals_ctor(php_basic_globals *basic_globals_p TSRMLS_DC) /* BG(left) = -1; BG(user_tick_functions) = NULL; BG(user_filter_map) = NULL; - zend_hash_init(&BG(sm_protected_env_vars), 5, NULL, NULL, 1); - BG(sm_allowed_env_vars) = NULL; memset(&BG(url_adapt_state_ex), 0, sizeof(BG(url_adapt_state_ex))); @@ -3479,10 +3441,6 @@ static void basic_globals_ctor(php_basic_globals *basic_globals_p TSRMLS_DC) /* static void basic_globals_dtor(php_basic_globals *basic_globals_p TSRMLS_DC) /* {{{ */ { - zend_hash_destroy(&BG(sm_protected_env_vars)); - if (BG(sm_allowed_env_vars)) { - free(BG(sm_allowed_env_vars)); - } if (BG(url_adapt_state_ex).tags) { zend_hash_destroy(BG(url_adapt_state_ex).tags); free(BG(url_adapt_state_ex).tags); @@ -3594,8 +3552,6 @@ PHP_MINIT_FUNCTION(basic) /* {{{ */ test_class_startup(); #endif - REGISTER_INI_ENTRIES(); - register_phpinfo_constants(INIT_FUNC_ARGS_PASSTHRU); register_html_constants(INIT_FUNC_ARGS_PASSTHRU); register_string_constants(INIT_FUNC_ARGS_PASSTHRU); @@ -3676,8 +3632,6 @@ PHP_MSHUTDOWN_FUNCTION(basic) /* {{{ */ php_unregister_url_stream_wrapper("ftp" TSRMLS_CC); #endif - UNREGISTER_INI_ENTRIES(); - PHP_MSHUTDOWN(browscap)(SHUTDOWN_FUNC_ARGS_PASSTHRU); PHP_MSHUTDOWN(array)(SHUTDOWN_FUNC_ARGS_PASSTHRU); PHP_MSHUTDOWN(assert)(SHUTDOWN_FUNC_ARGS_PASSTHRU); @@ -4061,39 +4015,6 @@ PHP_FUNCTION(putenv) } #endif - if (PG(safe_mode)) { - /* Check the protected list */ - if (zend_hash_exists(&BG(sm_protected_env_vars), pe.key, pe.key_len)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Safe Mode warning: Cannot override protected environment variable '%s'", pe.key); - efree(pe.putenv_string); - efree(pe.key); - RETURN_FALSE; - } - - /* Check the allowed list */ - if (BG(sm_allowed_env_vars) && *BG(sm_allowed_env_vars)) { - char *allowed_env_vars = estrdup(BG(sm_allowed_env_vars)); - char *strtok_buf = NULL; - char *allowed_prefix = php_strtok_r(allowed_env_vars, ", ", &strtok_buf); - zend_bool allowed = 0; - - while (allowed_prefix) { - if (!strncmp(allowed_prefix, pe.key, strlen(allowed_prefix))) { - allowed = 1; - break; - } - allowed_prefix = php_strtok_r(NULL, ", ", &strtok_buf); - } - efree(allowed_env_vars); - if (!allowed) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Safe Mode warning: Cannot set environment variable '%s' - it's not in the allowed list", pe.key); - efree(pe.putenv_string); - efree(pe.key); - RETURN_FALSE; - } - } - } - zend_hash_del(&BG(putenv_ht), pe.key, pe.key_len+1); /* find previous value */ @@ -4694,7 +4615,7 @@ PHPAPI int _php_error_log_ex(int opt_err, char *message, int message_len, char * break; case 3: /*save to a file */ - stream = php_stream_open_wrapper(opt, "a", IGNORE_URL_WIN | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL); + stream = php_stream_open_wrapper(opt, "a", IGNORE_URL_WIN | REPORT_ERRORS, NULL); if (!stream) { return FAILURE; } @@ -5141,10 +5062,6 @@ PHP_FUNCTION(highlight_file) RETURN_FALSE; } - if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_ALLOW_ONLY_FILE))) { - RETURN_FALSE; - } - if (php_check_open_basedir(filename TSRMLS_CC)) { RETURN_FALSE; } @@ -5391,18 +5308,14 @@ PHP_FUNCTION(ini_set) } #define _CHECK_PATH(var, var_len, ini) php_ini_check_path(var, var_len, ini, sizeof(ini)) - /* safe_mode & basedir check */ - if (PG(safe_mode) || PG(open_basedir)) { + /* open basedir check */ + if (PG(open_basedir)) { if (_CHECK_PATH(varname, varname_len, "error_log") || _CHECK_PATH(varname, varname_len, "java.class.path") || _CHECK_PATH(varname, varname_len, "java.home") || _CHECK_PATH(varname, varname_len, "mail.log") || _CHECK_PATH(varname, varname_len, "java.library.path") || _CHECK_PATH(varname, varname_len, "vpopmail.directory")) { - if (PG(safe_mode) && (!php_checkuid(new_value, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - zval_dtor(return_value); - RETURN_FALSE; - } if (php_check_open_basedir(new_value TSRMLS_CC)) { zval_dtor(return_value); RETURN_FALSE; @@ -5410,17 +5323,6 @@ PHP_FUNCTION(ini_set) } } - /* checks that ensure the user does not overwrite certain ini settings when safe_mode is enabled */ - if (PG(safe_mode)) { - if (!strncmp("max_execution_time", varname, sizeof("max_execution_time")) || - !strncmp("memory_limit", varname, sizeof("memory_limit")) || - !strncmp("child_terminate", varname, sizeof("child_terminate")) - ) { - zval_dtor(return_value); - RETURN_FALSE; - } - } - if (zend_alter_ini_entry_ex(varname, varname_len + 1, new_value, new_value_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME, 0 TSRMLS_CC) == FAILURE) { zval_dtor(return_value); RETURN_FALSE; @@ -5797,10 +5699,6 @@ PHP_FUNCTION(move_uploaded_file) RETURN_FALSE; } - if (PG(safe_mode) && (!php_checkuid(new_path, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - RETURN_FALSE; - } - if (php_check_open_basedir(new_path TSRMLS_CC)) { RETURN_FALSE; } diff --git a/ext/standard/basic_functions.h b/ext/standard/basic_functions.h index e2190066f0..b7b5264de8 100644 --- a/ext/standard/basic_functions.h +++ b/ext/standard/basic_functions.h @@ -175,9 +175,6 @@ typedef struct _php_basic_globals { zend_llist *user_tick_functions; zval *active_ini_file_section; - - HashTable sm_protected_env_vars; - char *sm_allowed_env_vars; /* pageinfo.c */ long page_uid; @@ -240,11 +237,6 @@ typedef struct { } putenv_entry; #endif -/* Values are comma-delimited - */ -#define SAFE_MODE_PROTECTED_ENV_VARS "LD_LIBRARY_PATH" -#define SAFE_MODE_ALLOWED_ENV_VARS "PHP_" - PHPAPI double php_get_nan(void); PHPAPI double php_get_inf(void); diff --git a/ext/standard/dir.c b/ext/standard/dir.c index 25f6139487..e2bf1ef72d 100644 --- a/ext/standard/dir.c +++ b/ext/standard/dir.c @@ -215,7 +215,7 @@ static void _php_do_opendir(INTERNAL_FUNCTION_PARAMETERS, int createobject) context = php_stream_context_from_zval(zcontext, 0); - dirp = php_stream_opendir(dirname, ENFORCE_SAFE_MODE|REPORT_ERRORS, context); + dirp = php_stream_opendir(dirname, REPORT_ERRORS, context); if (dirp == NULL) { RETURN_FALSE; @@ -319,7 +319,7 @@ PHP_FUNCTION(chdir) RETURN_FALSE; } - if ((PG(safe_mode) && !php_checkuid(str, NULL, CHECKUID_CHECK_FILE_AND_DIR)) || php_check_open_basedir(str TSRMLS_CC)) { + if (php_check_open_basedir(str TSRMLS_CC)) { RETURN_FALSE; } ret = VCWD_CHDIR(str); @@ -481,7 +481,7 @@ PHP_FUNCTION(glob) /* now catch the FreeBSD style of "no matches" */ if (!globbuf.gl_pathc || !globbuf.gl_pathv) { no_results: - if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) { + if (PG(open_basedir) && *PG(open_basedir)) { struct stat s; if (0 != VCWD_STAT(pattern, &s) || S_IFDIR != (s.st_mode & S_IFMT)) { @@ -494,11 +494,8 @@ no_results: array_init(return_value); for (n = 0; n < globbuf.gl_pathc; n++) { - if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) { - if (PG(safe_mode) && (!php_checkuid_ex(globbuf.gl_pathv[n], NULL, CHECKUID_CHECK_FILE_AND_DIR, CHECKUID_NO_ERRORS))) { - basedir_limit = 1; - continue; - } else if (php_check_open_basedir_ex(globbuf.gl_pathv[n], 0 TSRMLS_CC)) { + if (PG(open_basedir) && *PG(open_basedir)) { + if (php_check_open_basedir_ex(globbuf.gl_pathv[n], 0 TSRMLS_CC)) { basedir_limit = 1; continue; } diff --git a/ext/standard/dl.c b/ext/standard/dl.c index 8bb97d7f91..22e5faedff 100644 --- a/ext/standard/dl.c +++ b/ext/standard/dl.c @@ -63,9 +63,6 @@ PHPAPI PHP_FUNCTION(dl) if (!PG(enable_dl)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Dynamically loaded extensions aren't enabled"); RETURN_FALSE; - } else if (PG(safe_mode)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Dynamically loaded extensions aren't allowed when running in Safe Mode"); - RETURN_FALSE; } if (filename_len >= MAXPATHLEN) { diff --git a/ext/standard/exec.c b/ext/standard/exec.c index 5850026e17..5bca15d229 100644 --- a/ext/standard/exec.c +++ b/ext/standard/exec.c @@ -22,7 +22,6 @@ #include "php.h" #include <ctype.h> #include "php_string.h" -#include "safe_mode.h" #include "ext/standard/head.h" #include "ext/standard/file.h" #include "basic_functions.h" @@ -63,51 +62,21 @@ PHPAPI int php_exec(int type, char *cmd, zval *array, zval *return_value TSRMLS_ FILE *fp; char *buf, *tmp=NULL; int l = 0, pclose_return; - char *cmd_p, *b, *c, *d=NULL; + char *b, *c, *d=NULL; php_stream *stream; size_t buflen, bufl = 0; #if PHP_SIGCHILD void (*sig_handler)() = NULL; #endif - if (PG(safe_mode)) { - if ((c = strchr(cmd, ' '))) { - *c = '\0'; - c++; - } - if (strstr(cmd, "..")) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "No '..' components allowed in path"); - goto err; - } - - b = strrchr(cmd, PHP_DIR_SEPARATOR); - -#ifdef PHP_WIN32 - if (b && *b == '\\' && b == cmd) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid absolute path."); - goto err; - } -#endif - - spprintf(&d, 0, "%s%s%s%s%s", PG(safe_mode_exec_dir), (b ? "" : "/"), (b ? b : cmd), (c ? " " : ""), (c ? c : "")); - if (c) { - *(c - 1) = ' '; - } - cmd_p = php_escape_shell_cmd(d); - efree(d); - d = cmd_p; - } else { - cmd_p = cmd; - } - #if PHP_SIGCHILD sig_handler = signal (SIGCHLD, SIG_DFL); #endif #ifdef PHP_WIN32 - fp = VCWD_POPEN(cmd_p, "rb"); + fp = VCWD_POPEN(cmd, "rb"); #else - fp = VCWD_POPEN(cmd_p, "r"); + fp = VCWD_POPEN(cmd, "r"); #endif if (!fp) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to fork [%s]", cmd); @@ -484,11 +453,6 @@ PHP_FUNCTION(shell_exec) return; } - if (PG(safe_mode)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot execute using backquotes in Safe Mode"); - RETURN_FALSE; - } - #ifdef PHP_WIN32 if ((in=VCWD_POPEN(command, "rt"))==NULL) { #else diff --git a/ext/standard/file.c b/ext/standard/file.c index 704ef1231f..f21f1bb5e0 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -70,7 +70,6 @@ #endif #include "ext/standard/head.h" -#include "safe_mode.h" #include "php_string.h" #include "file.h" @@ -386,7 +385,7 @@ PHP_FUNCTION(get_meta_tags) } md.stream = php_stream_open_wrapper(filename, "rb", - (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, + (use_include_path ? USE_PATH : 0) | REPORT_ERRORS, NULL); if (!md.stream) { RETURN_FALSE; @@ -546,7 +545,7 @@ PHP_FUNCTION(file_get_contents) context = php_stream_context_from_zval(zcontext, 0); stream = php_stream_open_wrapper_ex(filename, "rb", - (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, + (use_include_path ? USE_PATH : 0) | REPORT_ERRORS, NULL, context); if (!stream) { RETURN_FALSE; @@ -615,7 +614,7 @@ PHP_FUNCTION(file_put_contents) } mode[2] = '\0'; - stream = php_stream_open_wrapper_ex(filename, mode, ((flags & PHP_FILE_USE_INCLUDE_PATH) ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); + stream = php_stream_open_wrapper_ex(filename, mode, ((flags & PHP_FILE_USE_INCLUDE_PATH) ? USE_PATH : 0) | REPORT_ERRORS, NULL, context); if (stream == NULL) { RETURN_FALSE; } @@ -750,7 +749,7 @@ PHP_FUNCTION(file) context = php_stream_context_from_zval(zcontext, flags & PHP_FILE_NO_DEFAULT_CONTEXT); - stream = php_stream_open_wrapper_ex(filename, "rb", (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); + stream = php_stream_open_wrapper_ex(filename, "rb", (use_include_path ? USE_PATH : 0) | REPORT_ERRORS, NULL, context); if (!stream) { RETURN_FALSE; } @@ -836,10 +835,6 @@ PHP_FUNCTION(tempnam) return; } - if (PG(safe_mode) &&(!php_checkuid(dir, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - RETURN_FALSE; - } - if (php_check_open_basedir(dir TSRMLS_CC)) { RETURN_FALSE; } @@ -896,7 +891,7 @@ PHP_NAMED_FUNCTION(php_if_fopen) context = php_stream_context_from_zval(zcontext, 0); - stream = php_stream_open_wrapper_ex(filename, mode, (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); + stream = php_stream_open_wrapper_ex(filename, mode, (use_include_path ? USE_PATH : 0) | REPORT_ERRORS, NULL, context); if (stream == NULL) { RETURN_FALSE; @@ -942,7 +937,7 @@ PHP_FUNCTION(popen) int command_len, mode_len; FILE *fp; php_stream *stream; - char *posix_mode, *b, *buf = 0, *tmp; + char *posix_mode, *buf = 0; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &command, &command_len, &mode, &mode_len) == FAILURE) { return; @@ -957,49 +952,14 @@ PHP_FUNCTION(popen) } } #endif - if (PG(safe_mode)){ - b = strchr(command, ' '); - if (!b) { - b = strrchr(command, '/'); - } else { - char *c; - - c = command; - while((*b != '/') && (b != c)) { - b--; - } - if (b == c) { - b = NULL; - } - } - - if (b) { - spprintf(&buf, 0, "%s%s", PG(safe_mode_exec_dir), b); - } else { - spprintf(&buf, 0, "%s/%s", PG(safe_mode_exec_dir), command); - } - - tmp = php_escape_shell_cmd(buf); - fp = VCWD_POPEN(tmp, posix_mode); - efree(tmp); - - if (!fp) { - php_error_docref2(NULL TSRMLS_CC, buf, posix_mode, E_WARNING, "%s", strerror(errno)); - efree(posix_mode); - efree(buf); - RETURN_FALSE; - } - efree(buf); - - } else { - fp = VCWD_POPEN(command, posix_mode); - if (!fp) { - php_error_docref2(NULL TSRMLS_CC, command, posix_mode, E_WARNING, "%s", strerror(errno)); - efree(posix_mode); - RETURN_FALSE; - } + fp = VCWD_POPEN(command, posix_mode); + if (!fp) { + php_error_docref2(NULL TSRMLS_CC, command, posix_mode, E_WARNING, "%s", strerror(errno)); + efree(posix_mode); + RETURN_FALSE; } + stream = php_stream_fopen_from_pipe(fp, mode); if (stream == NULL) { @@ -1361,10 +1321,6 @@ PHPAPI int php_mkdir_ex(char *dir, long mode, int options TSRMLS_DC) { int ret; - if (PG(safe_mode) && (!php_checkuid(dir, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - return -1; - } - if (php_check_open_basedir(dir TSRMLS_CC)) { return -1; } @@ -1440,7 +1396,7 @@ PHP_FUNCTION(readfile) context = php_stream_context_from_zval(zcontext, 0); - stream = php_stream_open_wrapper_ex(filename, "rb", (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); + stream = php_stream_open_wrapper_ex(filename, "rb", (use_include_path ? USE_PATH : 0) | REPORT_ERRORS, NULL, context); if (stream) { size = php_stream_passthru(stream); php_stream_close(stream); @@ -1561,7 +1517,7 @@ PHP_FUNCTION(unlink) php_error_docref(NULL TSRMLS_CC, E_WARNING, "%s does not allow unlinking", wrapper->wops->label ? wrapper->wops->label : "Wrapper"); RETURN_FALSE; } - RETURN_BOOL(wrapper->wops->unlink(wrapper, filename, ENFORCE_SAFE_MODE | REPORT_ERRORS, context TSRMLS_CC)); + RETURN_BOOL(wrapper->wops->unlink(wrapper, filename, REPORT_ERRORS, context TSRMLS_CC)); } /* }}} */ @@ -1684,10 +1640,6 @@ PHP_FUNCTION(copy) return; } - if (PG(safe_mode) &&(!php_checkuid(source, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - RETURN_FALSE; - } - if (php_check_open_basedir(source TSRMLS_CC)) { RETURN_FALSE; } @@ -1704,13 +1656,13 @@ PHP_FUNCTION(copy) PHPAPI int php_copy_file(char *src, char *dest TSRMLS_DC) /* {{{ */ { - return php_copy_file_ex(src, dest, ENFORCE_SAFE_MODE TSRMLS_CC); + return php_copy_file_ex(src, dest, 0 TSRMLS_CC); } /* }}} */ /* {{{ php_copy_file */ -PHPAPI int php_copy_file_ex(char *src, char *dest, int src_chk TSRMLS_DC) +PHPAPI int php_copy_file_ex(char *src, char *dest, int src_flg TSRMLS_DC) { php_stream *srcstream = NULL, *deststream = NULL; int ret = FAILURE; @@ -1781,13 +1733,13 @@ no_stat: } safe_to_copy: - srcstream = php_stream_open_wrapper(src, "rb", src_chk | REPORT_ERRORS, NULL); + srcstream = php_stream_open_wrapper(src, "rb", src_flg | REPORT_ERRORS, NULL); if (!srcstream) { return ret; } - deststream = php_stream_open_wrapper(dest, "wb", ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL); + deststream = php_stream_open_wrapper(dest, "wb", REPORT_ERRORS, NULL); if (srcstream && deststream) { ret = php_stream_copy_to_stream_ex(srcstream, deststream, PHP_STREAM_COPY_ALL, NULL); @@ -2376,10 +2328,6 @@ PHP_FUNCTION(realpath) } if (VCWD_REALPATH(filename, resolved_path_buff)) { - if (PG(safe_mode) && (!php_checkuid(resolved_path_buff, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - RETURN_FALSE; - } - if (php_check_open_basedir(resolved_path_buff TSRMLS_CC)) { RETURN_FALSE; } diff --git a/ext/standard/filestat.c b/ext/standard/filestat.c index b38e6e78b9..ddb23bd9e9 100644 --- a/ext/standard/filestat.c +++ b/ext/standard/filestat.c @@ -19,7 +19,6 @@ /* $Id$ */ #include "php.h" -#include "safe_mode.h" #include "fopen_wrappers.h" #include "php_globals.h" @@ -434,10 +433,6 @@ static void php_do_chgrp(INTERNAL_FUNCTION_PARAMETERS, int do_lchgrp) /* {{{ */ RETURN_FALSE; } - if (PG(safe_mode) &&(!php_checkuid(filename, NULL, CHECKUID_ALLOW_FILE_NOT_EXISTS))) { - RETURN_FALSE; - } - /* Check the basedir */ if (php_check_open_basedir(filename TSRMLS_CC)) { RETURN_FALSE; @@ -535,10 +530,6 @@ static void php_do_chown(INTERNAL_FUNCTION_PARAMETERS, int do_lchown) /* {{{ */ RETURN_FALSE; } - if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_ALLOW_FILE_NOT_EXISTS))) { - RETURN_FALSE; - } - /* Check the basedir */ if (php_check_open_basedir(filename TSRMLS_CC)) { RETURN_FALSE; @@ -603,36 +594,12 @@ PHP_FUNCTION(chmod) return; } - if (PG(safe_mode) &&(!php_checkuid(filename, NULL, CHECKUID_ALLOW_FILE_NOT_EXISTS))) { - RETURN_FALSE; - } - /* Check the basedir */ if (php_check_open_basedir(filename TSRMLS_CC)) { RETURN_FALSE; } imode = (mode_t) mode; - /* In safe mode, do not allow to setuid files. - * Setuiding files could allow users to gain privileges - * that safe mode doesn't give them. */ - - if (PG(safe_mode)) { - php_stream_statbuf ssb; - if (php_stream_stat_path_ex(filename, 0, &ssb, NULL)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "stat failed for %s", filename); - RETURN_FALSE; - } - if ((imode & 04000) != 0 && (ssb.sb.st_mode & 04000) == 0) { - imode ^= 04000; - } - if ((imode & 02000) != 0 && (ssb.sb.st_mode & 02000) == 0) { - imode ^= 02000; - } - if ((imode & 01000) != 0 && (ssb.sb.st_mode & 01000) == 0) { - imode ^= 01000; - } - } ret = VCWD_CHMOD(filename, imode); if (ret == -1) { @@ -680,11 +647,6 @@ PHP_FUNCTION(touch) WRONG_PARAM_COUNT; } - /* Safe-mode */ - if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - RETURN_FALSE; - } - /* Check the basedir */ if (php_check_open_basedir(filename TSRMLS_CC)) { RETURN_FALSE; @@ -771,28 +733,13 @@ PHPAPI void php_stat(const char *filename, php_stat_len filename_length, int typ }; char *local; php_stream_wrapper *wrapper; - char safe_mode_buf[MAXPATHLEN]; if (!filename_length) { RETURN_FALSE; } - if ((wrapper = php_stream_locate_url_wrapper(filename, &local, 0 TSRMLS_CC)) == &php_plain_files_wrapper) { - if (php_check_open_basedir(local TSRMLS_CC)) { - RETURN_FALSE; - } else if (PG(safe_mode)) { - if (type == FS_IS_X) { - if (strstr(local, "..")) { - RETURN_FALSE; - } else { - char *b = strrchr(local, PHP_DIR_SEPARATOR); - snprintf(safe_mode_buf, MAXPATHLEN, "%s%s%s", PG(safe_mode_exec_dir), (b ? "" : "/"), (b ? b : local)); - local = (char *)&safe_mode_buf; - } - } else if (!php_checkuid_ex(local, NULL, CHECKUID_ALLOW_FILE_NOT_EXISTS, CHECKUID_NO_ERRORS)) { - RETURN_FALSE; - } - } + if ((wrapper = php_stream_locate_url_wrapper(filename, &local, 0 TSRMLS_CC)) == &php_plain_files_wrapper && php_check_open_basedir(local TSRMLS_CC)) { + RETURN_FALSE; } if (IS_ACCESS_CHECK(type)) { diff --git a/ext/standard/fsock.c b/ext/standard/fsock.c index 7501dce928..4e6ce128dd 100644 --- a/ext/standard/fsock.c +++ b/ext/standard/fsock.c @@ -76,7 +76,7 @@ static void php_fsockopen_stream(INTERNAL_FUNCTION_PARAMETERS, int persistent) ZVAL_STRING(zerrstr, "", 1); } - stream = php_stream_xport_create(hostname, hostname_len, ENFORCE_SAFE_MODE | REPORT_ERRORS, + stream = php_stream_xport_create(hostname, hostname_len, REPORT_ERRORS, STREAM_XPORT_CLIENT | STREAM_XPORT_CONNECT, hashkey, &tv, NULL, &errstr, &err); if (port > 0) { diff --git a/ext/standard/ftok.c b/ext/standard/ftok.c index 81d1c189e3..5ad73cff88 100644 --- a/ext/standard/ftok.c +++ b/ext/standard/ftok.c @@ -47,9 +47,9 @@ PHP_FUNCTION(ftok) if (proj_len != 1){ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Project identifier is invalid"); RETURN_LONG(-1); - } + } - if ((PG(safe_mode) && (!php_checkuid(pathname, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(pathname TSRMLS_CC)) { + if (php_check_open_basedir(pathname TSRMLS_CC)) { RETURN_LONG(-1); } diff --git a/ext/standard/head.c b/ext/standard/head.c index ac8c9b1a72..5b297b9a8d 100644 --- a/ext/standard/head.c +++ b/ext/standard/head.c @@ -31,7 +31,6 @@ #endif #include "php_globals.h" -#include "safe_mode.h" /* Implementation of the language Header() function */ diff --git a/ext/standard/http_fopen_wrapper.c b/ext/standard/http_fopen_wrapper.c index 68098451b3..c730d450aa 100644 --- a/ext/standard/http_fopen_wrapper.c +++ b/ext/standard/http_fopen_wrapper.c @@ -131,7 +131,7 @@ php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper, char *path, Z_TYPE_PP(tmpzval) != IS_STRING || Z_STRLEN_PP(tmpzval) <= 0) { php_url_free(resource); - return php_stream_open_wrapper_ex(path, mode, ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); + return php_stream_open_wrapper_ex(path, mode, REPORT_ERRORS, NULL, context); } /* Called from a non-http wrapper with http proxying requested (i.e. ftp) */ request_fulluri = 1; diff --git a/ext/standard/image.c b/ext/standard/image.c index df8cd4b3a9..4ce895438e 100644 --- a/ext/standard/image.c +++ b/ext/standard/image.c @@ -1313,7 +1313,7 @@ PHP_FUNCTION(getimagesize) array_init(*info); } - stream = php_stream_open_wrapper(arg1, "rb", STREAM_MUST_SEEK|REPORT_ERRORS|IGNORE_PATH|ENFORCE_SAFE_MODE, NULL); + stream = php_stream_open_wrapper(arg1, "rb", STREAM_MUST_SEEK|REPORT_ERRORS|IGNORE_PATH, NULL); if (!stream) { RETURN_FALSE; diff --git a/ext/standard/iptc.c b/ext/standard/iptc.c index 2eb2fab4c1..d863e3dd8f 100644 --- a/ext/standard/iptc.c +++ b/ext/standard/iptc.c @@ -190,10 +190,6 @@ PHP_FUNCTION(iptcembed) return; } - if (PG(safe_mode) && (!php_checkuid(jpeg_file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - RETURN_FALSE; - } - if (php_check_open_basedir(jpeg_file TSRMLS_CC)) { RETURN_FALSE; } diff --git a/ext/standard/link.c b/ext/standard/link.c index 3d7cd8c85c..7029a20d02 100644 --- a/ext/standard/link.c +++ b/ext/standard/link.c @@ -47,7 +47,6 @@ #include <errno.h> #include <ctype.h> -#include "safe_mode.h" #include "php_link.h" #include "php_string.h" @@ -64,10 +63,6 @@ PHP_FUNCTION(readlink) return; } - if (PG(safe_mode) && !php_checkuid(link, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { - RETURN_FALSE; - } - if (php_check_open_basedir(link TSRMLS_CC)) { RETURN_FALSE; } @@ -144,14 +139,6 @@ PHP_FUNCTION(symlink) RETURN_FALSE; } - if (PG(safe_mode) && !php_checkuid(dest_p, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { - RETURN_FALSE; - } - - if (PG(safe_mode) && !php_checkuid(source_p, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { - RETURN_FALSE; - } - if (php_check_open_basedir(dest_p TSRMLS_CC)) { RETURN_FALSE; } @@ -200,14 +187,6 @@ PHP_FUNCTION(link) RETURN_FALSE; } - if (PG(safe_mode) && !php_checkuid(dest_p, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { - RETURN_FALSE; - } - - if (PG(safe_mode) && !php_checkuid(source_p, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { - RETURN_FALSE; - } - if (php_check_open_basedir(dest_p TSRMLS_CC)) { RETURN_FALSE; } diff --git a/ext/standard/link_win32.c b/ext/standard/link_win32.c index 37575077ad..ff4e33f3b5 100644 --- a/ext/standard/link_win32.c +++ b/ext/standard/link_win32.c @@ -39,7 +39,6 @@ #include <errno.h> #include <ctype.h> -#include "safe_mode.h" #include "php_link.h" #include "php_string.h" @@ -91,7 +90,7 @@ PHP_FUNCTION(readlink) return; } - if (OPENBASEDIR_CHECKPATH(link)) { + if (php_check_open_basedir(link TSRMLS_CC)) { RETURN_FALSE; } if (!expand_filepath(link, path_resolved TSRMLS_CC)) { @@ -209,11 +208,11 @@ PHP_FUNCTION(symlink) RETURN_FALSE; } - if (OPENBASEDIR_CHECKPATH(dest_p)) { + if (php_check_open_basedir(dest_p TSRMLS_CC)) { RETURN_FALSE; } - if (OPENBASEDIR_CHECKPATH(source_p)) { + if (php_check_open_basedir(source_p TSRMLS_CC)) { RETURN_FALSE; } @@ -264,11 +263,11 @@ PHP_FUNCTION(link) RETURN_FALSE; } - if (OPENBASEDIR_CHECKPATH(source_p)) { + if (php_check_open_basedir(source_p TSRMLS_CC)) { RETURN_FALSE; } - if (OPENBASEDIR_CHECKPATH(dest_p)) { + if (php_check_open_basedir(dest_p TSRMLS_CC)) { RETURN_FALSE; } diff --git a/ext/standard/mail.c b/ext/standard/mail.c index 6d5435f2ff..4f9254d2f8 100644 --- a/ext/standard/mail.c +++ b/ext/standard/mail.c @@ -41,7 +41,6 @@ #include "php_mail.h" #include "php_ini.h" -#include "safe_mode.h" #include "exec.h" #ifdef PHP_WIN32 @@ -105,14 +104,7 @@ PHP_FUNCTION(mail) char *to_r, *subject_r; char *p, *e; - if (PG(safe_mode) && (ZEND_NUM_ARGS() == 5)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "SAFE MODE Restriction in effect. The fifth parameter is disabled in SAFE MODE"); - RETURN_FALSE; - } - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|ss", &to, &to_len, &subject, &subject_len, &message, &message_len, - &headers, &headers_len, &extra_cmd, &extra_cmd_len) == FAILURE - ) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|ss", &to, &to_len, &subject, &subject_len, &message, &message_len, &headers, &headers_len, &extra_cmd, &extra_cmd_len) == FAILURE) { return; } diff --git a/ext/standard/md5.c b/ext/standard/md5.c index d7a905d5ee..a5b0f9b819 100644 --- a/ext/standard/md5.c +++ b/ext/standard/md5.c @@ -89,7 +89,7 @@ PHP_NAMED_FUNCTION(php_if_md5_file) return; } - stream = php_stream_open_wrapper(arg, "rb", REPORT_ERRORS | ENFORCE_SAFE_MODE, NULL); + stream = php_stream_open_wrapper(arg, "rb", REPORT_ERRORS, NULL); if (!stream) { RETURN_FALSE; } diff --git a/ext/standard/pack.c b/ext/standard/pack.c index 32714795b3..5888039dc4 100644 --- a/ext/standard/pack.c +++ b/ext/standard/pack.c @@ -39,7 +39,6 @@ #include <sys/param.h> #endif #include "ext/standard/head.h" -#include "safe_mode.h" #include "php_string.h" #include "pack.h" #if HAVE_PWD_H diff --git a/ext/standard/proc_open.c b/ext/standard/proc_open.c index 0d6ad5fc67..8c54277fcb 100644 --- a/ext/standard/proc_open.c +++ b/ext/standard/proc_open.c @@ -28,7 +28,6 @@ #include <stdio.h> #include <ctype.h> #include "php_string.h" -#include "safe_mode.h" #include "ext/standard/head.h" #include "ext/standard/basic_functions.h" #include "ext/standard/file.h" @@ -153,33 +152,6 @@ static php_process_env_t _php_array_to_envp(zval *environment, int is_persistent if (string_length == 0) { continue; } - if (PG(safe_mode)) { - /* Check the protected list */ - if (zend_hash_exists(&BG(sm_protected_env_vars), string_key, string_length - 1)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Safe Mode warning: Cannot override protected environment variable '%s'", string_key); - return env; - } - /* Check the allowed list */ - if (BG(sm_allowed_env_vars) && *BG(sm_allowed_env_vars)) { - char *allowed_env_vars = estrdup(BG(sm_allowed_env_vars)); - char *strtok_buf = NULL; - char *allowed_prefix = php_strtok_r(allowed_env_vars, ", ", &strtok_buf); - zend_bool allowed = 0; - - while (allowed_prefix) { - if (!strncmp(allowed_prefix, string_key, strlen(allowed_prefix))) { - allowed = 1; - break; - } - allowed_prefix = php_strtok_r(NULL, ", ", &strtok_buf); - } - efree(allowed_env_vars); - if (!allowed) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Safe Mode warning: Cannot set environment variable '%s' - it's not in the allowed list", string_key); - return env; - } - } - } l = string_length + el_len + 1; memcpy(p, string_key, string_length); @@ -278,53 +250,6 @@ static void proc_open_rsrc_dtor(zend_rsrc_list_entry *rsrc TSRMLS_DC) } /* }}} */ -/* {{{ php_make_safe_mode_command */ -static int php_make_safe_mode_command(char *cmd, char **safecmd, int is_persistent TSRMLS_DC) -{ - int lcmd, larg0; - char *space, *sep, *arg0; - - if (!PG(safe_mode)) { - *safecmd = pestrdup(cmd, is_persistent); - return SUCCESS; - } - - lcmd = strlen(cmd); - - arg0 = estrndup(cmd, lcmd); - - space = memchr(arg0, ' ', lcmd); - if (space) { - *space = '\0'; - larg0 = space - arg0; - } else { - larg0 = lcmd; - } - - if (php_memnstr(arg0, "..", sizeof("..")-1, arg0 + larg0)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "No '..' components allowed in path"); - efree(arg0); - return FAILURE; - } - - sep = zend_memrchr(arg0, PHP_DIR_SEPARATOR, larg0); - - spprintf(safecmd, 0, "%s%s%s%s", PG(safe_mode_exec_dir), (sep ? sep : "/"), (sep ? "" : arg0), (space ? cmd + larg0 : "")); - - efree(arg0); - arg0 = php_escape_shell_cmd(*safecmd); - efree(*safecmd); - if (is_persistent) { - *safecmd = pestrdup(arg0, 1); - efree(arg0); - } else { - *safecmd = arg0; - } - - return SUCCESS; -} -/* }}} */ - /* {{{ PHP_MINIT_FUNCTION(proc_open) */ PHP_MINIT_FUNCTION(proc_open) { @@ -541,9 +466,7 @@ PHP_FUNCTION(proc_open) RETURN_FALSE; } - if (FAILURE == php_make_safe_mode_command(command, &command, is_persistent TSRMLS_CC)) { - RETURN_FALSE; - } + command = pestrdup(command, is_persistent); #ifdef PHP_WIN32 if (other_options) { @@ -695,7 +618,7 @@ PHP_FUNCTION(proc_open) /* try a wrapper */ stream = php_stream_open_wrapper(Z_STRVAL_PP(zfile), Z_STRVAL_PP(zmode), - ENFORCE_SAFE_MODE|REPORT_ERRORS|STREAM_WILL_CAST, NULL); + REPORT_ERRORS|STREAM_WILL_CAST, NULL); /* force into an fd */ if (stream == NULL || FAILURE == php_stream_cast(stream, diff --git a/ext/standard/sha1.c b/ext/standard/sha1.c index 0a81f18c8a..414018d2a5 100644 --- a/ext/standard/sha1.c +++ b/ext/standard/sha1.c @@ -79,7 +79,7 @@ PHP_FUNCTION(sha1_file) return; } - stream = php_stream_open_wrapper(arg, "rb", REPORT_ERRORS | ENFORCE_SAFE_MODE, NULL); + stream = php_stream_open_wrapper(arg, "rb", REPORT_ERRORS, NULL); if (!stream) { RETURN_FALSE; } diff --git a/ext/standard/streamsfuncs.c b/ext/standard/streamsfuncs.c index 170618f76c..3f44a5c0a6 100644 --- a/ext/standard/streamsfuncs.c +++ b/ext/standard/streamsfuncs.c @@ -128,7 +128,7 @@ PHP_FUNCTION(stream_socket_client) ZVAL_STRING(zerrstr, "", 1); } - stream = php_stream_xport_create(host, host_len, ENFORCE_SAFE_MODE | REPORT_ERRORS, + stream = php_stream_xport_create(host, host_len, REPORT_ERRORS, STREAM_XPORT_CLIENT | (flags & PHP_STREAM_CLIENT_CONNECT ? STREAM_XPORT_CONNECT : 0) | (flags & PHP_STREAM_CLIENT_ASYNC_CONNECT ? STREAM_XPORT_CONNECT_ASYNC : 0), hashkey, &tv, context, &errstr, &err); @@ -204,7 +204,7 @@ PHP_FUNCTION(stream_socket_server) ZVAL_STRING(zerrstr, "", 1); } - stream = php_stream_xport_create(host, host_len, ENFORCE_SAFE_MODE | REPORT_ERRORS, + stream = php_stream_xport_create(host, host_len, REPORT_ERRORS, STREAM_XPORT_SERVER | flags, NULL, NULL, context, &errstr, &err); diff --git a/ext/standard/tests/file/bug22414.phpt b/ext/standard/tests/file/bug22414.phpt index 90e4c58bd9..fcd85489f3 100644 --- a/ext/standard/tests/file/bug22414.phpt +++ b/ext/standard/tests/file/bug22414.phpt @@ -1,7 +1,6 @@ --TEST-- Bug #22414 (passthru() does not read data correctly) --INI-- -safe_mode= output_handler= --FILE-- <?php diff --git a/ext/standard/tests/general_functions/get_cfg_var_variation8.phpt b/ext/standard/tests/general_functions/get_cfg_var_variation8.phpt index c22fdd0d16..2c79668f7b 100644 --- a/ext/standard/tests/general_functions/get_cfg_var_variation8.phpt +++ b/ext/standard/tests/general_functions/get_cfg_var_variation8.phpt @@ -1,20 +1,20 @@ ---TEST-- -Test function get_cfg_var() by calling deprecated option ---CREDITS-- -Francesco Fullone ff@ideato.it -#PHPTestFest Cesena Italia on 2009-06-20 ---INI-- -safe_mode=1 ---SKIPIF-- -<?php if (version_compare(PHP_VERSION, "5.3", "<")) die("skip requires 5.3 or greater"); ?> ---FILE-- -<?php -echo "*** Test by calling method or function with deprecated option ***\n"; -var_dump(get_cfg_var( 'safe_mode' ) ); - -?> ---EXPECTF-- -Warning: Directive 'safe_mode' is deprecated in PHP 5.3 and greater in %s on line 0 -*** Test by calling method or function with deprecated option *** -string(1) "1" - +--TEST--
+Test function get_cfg_var() by calling deprecated option
+--CREDITS--
+Francesco Fullone ff@ideato.it
+#PHPTestFest Cesena Italia on 2009-06-20
+--INI--
+magic_quotes_gpc=1
+--SKIPIF--
+<?php if (version_compare(PHP_VERSION, "5.3", "<")) die("skip requires 5.3 or greater"); ?>
+--FILE--
+<?php
+echo "*** Test by calling method or function with deprecated option ***\n";
+var_dump(get_cfg_var( 'magic_quotes_gpc' ) );
+
+?>
+--EXPECTF--
+Warning: Directive 'magic_quotes_gpc' is deprecated in PHP 5.3 and greater in %s on line 0
+*** Test by calling method or function with deprecated option ***
+string(1) "1"
+
diff --git a/ext/standard/tests/general_functions/putenv_error1.phpt b/ext/standard/tests/general_functions/putenv_error1.phpt index c4b49f3f87..6339a7c160 100644 --- a/ext/standard/tests/general_functions/putenv_error1.phpt +++ b/ext/standard/tests/general_functions/putenv_error1.phpt @@ -5,6 +5,8 @@ Brian DeShong <brian@deshong.net> --INI-- safe_mode=1 safe_mode_allowed_env_vars=TESTING_ +--SKIPIF-- +<?php if (PHP_VERSION_ID < 503099) { die('SKIP Safe mode is no longer available'); } ?> --FILE-- <?php putenv('FOO=bar'); diff --git a/ext/standard/tests/general_functions/putenv_error2.phpt b/ext/standard/tests/general_functions/putenv_error2.phpt index 456a7ab690..4df2c4f50b 100644 --- a/ext/standard/tests/general_functions/putenv_error2.phpt +++ b/ext/standard/tests/general_functions/putenv_error2.phpt @@ -5,6 +5,8 @@ Brian DeShong <brian@deshong.net> --INI-- safe_mode=1 safe_mode_protected_env_vars=FOO,BAZ +--SKIPIF-- +<?php if (PHP_VERSION_ID < 503099) { die('SKIP Safe mode is no longer available'); } ?> --FILE-- <?php putenv('FOO=bar'); |