Commit cdc39e43 authored by Richard Mansfield's avatar Richard Mansfield

When open_basedir is set, don't set CURLOPT_FOLLOWLOCATION (bug #909168)

Trying to set this option fails when an open_basedir restriction is in
effect.  This patch also checks open_basedir and adds a warning to the
admin area, and in the sanity check for an unwritable dataroot, the
open_basedir directories are listed on the screen as a hint for
installation.

Change-Id: Ic394517f436955b038f321b06011b818d4967026
Signed-off-by: default avatarRichard Mansfield <richard.mansfield@catalyst.net.nz>
parent af9e6e57
......@@ -129,3 +129,6 @@ $string['postmaxlessthanuploadmax'] = 'Your PHP post_max_size setting (%s) is sm
$string['smallpostmaxsize'] = 'Your PHP post_max_size setting (%s) is very small. Uploads larger than %s will fail without displaying an error.';
$string['notenoughsessionentropy'] = 'Your PHP session.entropy_length setting is too small. Set it to at least 16 in your php.ini to ensure that generated session IDs are random and unpredictable enough.';
$string['noreplyaddressmissingorinvalid'] = 'The noreply address setting is either empty or has an invalid email address. Please check the configuration in the <a href="%s">site options in the email settings</a>.';
$string['openbasedirenabled'] = 'Your server has the php open_basedir restriction enabled.';
$string['openbasedirpaths'] = 'Mahara can only open files within the following path(s): %s';
$string['openbasedirwarning'] = 'Some requests for external sites may fail to complete. This could stop certain feeds from updating, among other things.';
......@@ -147,7 +147,13 @@ function ensure_sanity() {
// dataroot not writable..
if (!check_dir_exists(get_config('dataroot')) || !is_writable(get_config('dataroot'))) {
throw new ConfigSanityException(get_string('datarootnotwritable', 'error', get_config('dataroot')));
$message = get_string('datarootnotwritable', 'error', get_config('dataroot'));
if ($openbasedir = ini_get('open_basedir')) {
$message .= "\n(" . get_string('openbasedirenabled', 'error') . ' '
. get_string('openbasedirpaths', 'error', htmlspecialchars($openbasedir)) // hsc() is not defined yet
. ')';
}
throw new ConfigSanityException($message);
}
if (
......
......@@ -1200,5 +1200,9 @@ function site_warnings() {
$warnings[] = get_string('smallpostmaxsize', 'error', $postmax, $postmax);
}
if (ini_get('open_basedir')) {
$warnings[] = get_string('openbasedirenabled', 'error') . ' ' . get_string('openbasedirwarning', 'error');
}
return $warnings;
}
......@@ -3230,8 +3230,10 @@ function mahara_http_request($config, $quiet=false) {
// standard curl_setopt stuff; configs passed to the function can override these
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
if (!ini_get('open_basedir')) {
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
}
curl_setopt_array($ch, $config);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment