PHP Won't Access Files Outside WebServer

[LUCI5R]

Ave,

 

Somehow my PHP won't access, won't even acknowledge the existence of a file that is outside the /Library/WebServer/Documents folder. This was never a a problem before in any Mac version - it just started with Leopard.

 

I don't know what has changed where, in httpd.conf or php.ini or somewhere else, but something changed that's crippling access to files outside of the webserver.

 

This Works in Mac OS X 10.3.9 (i.e., prints File Exists) but the same exact script does not work in Mac OS X 10.5, and yes, the file is available in Leopard in the mentioned location - path is exact same - permissions are all set:

 

$filename = "/Users/username/Documents/Transfers/test.txt";

if (file_exists($filename)) {

echo "The file $filename exists<br><br>";

} else {

echo "The file $filename does not exist<br><br>";

}

 

Any ideas what might be causing this?

 

Thanks!

[exscape]

PHP safe mode?

http://se.php.net/features.safe-mode

 

According to that, safe mode should generate warnings, though...

[LUCI5R]

This is what safe_mode settings look like in my php.ini, so I don't think they are the problem:

 

;

; Safe Mode

;

safe_mode = Off

 

; By default, Safe Mode does a UID compare check when

; opening files. If you want to relax this to a GID compare,

; then turn on safe_mode_gid.

safe_mode_gid = Off

 

; When safe_mode is on, UID/GID checks are bypassed when

; including files from this directory and its subdirectories.

; (directory must also be in include_path or full path must

; be used when including)

safe_mode_include_dir =

 

; When safe_mode is on, only executables located in the safe_mode_exec_dir

; will be allowed to be executed via the exec family of functions.

safe_mode_exec_dir =

 

; Setting certain environment variables may be a potential security breach.

; This directive contains a comma-delimited list of prefixes. In Safe Mode,

; the user may only alter environment variables whose names begin with the

; prefixes supplied here. By default, users will only be able to set

; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).

;

; Note: If this directive is empty, PHP will let the user modify ANY

; environment variable!

safe_mode_allowed_env_vars = PHP_

 

; This directive contains a comma-delimited list of environment variables that

; the end user won't be able to change using putenv(). These variables will be

; protected even if safe_mode_allowed_env_vars is set to allow to change them.

safe_mode_protected_env_vars = LD_LIBRARY_PATH

 

; open_basedir, if set, limits all file operations to the defined directory

; and below. This directive makes most sense if used in a per-directory

; or per-virtualhost web server configuration file. This directive is

; *NOT* affected by whether Safe Mode is turned On or Off.

;open_basedir =

 

 

PHP safe mode?

http://se.php.net/features.safe-mode

 

According to that, safe mode should generate warnings, though...

[LUCI5R]

Here's another way of explaining my problem.

In Panther, I was able to specify Apache Web Server to be the User/Group for the share being mounted with -u 70 -g 70 during mount_smbfs.

 

In Leopard I'm not able to do that because they eliminated the -u -g arguments for mount_smbfs - in fact they even eliminated NetInfo Manager so I don't even know Apache's UID & GID.

 

So after mounting the share on the share point, this is what happens:

 

 

As you can see files within the mounted share had "www" (Apache) as the user & group and PHP didn't have any problems accessing the files. But in Leopard, "www" (Apache) is not the user/group - which I think is the problem.

[manitoba98]

As far as finding the user ID, that's trivial (in Terminal):

 

id www

 

That will print the user id, group id, and gids of all groups "www" is a member of. As for your real problem, I don't have Leopard (yet), so I don't know. I don't even have the man page for mount_smbfs...