The role of the open_basedir option in the baseband PHP configuration file

The following is the original description and default configuration in php.ini:
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory or
; per- virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
open_basedir = .
open_basedir can limit the scope of user access to files to a specified area, usually their home directory The path can also be represented by the symbol "." to represent the current directory. Note that the restrictions specified with open_basedir are actually prefixes, not directory names.
For example: If "open_basedir = /dir/user", then the directories "/dir/user" and "/dir/user1" are both
accessible. So if you want to restrict access to only a specified directory, end the pathname with a slash. For example, set it to:
"open_basedir = /dir/user/"
open_basedir can also set multiple directories at the same time. Use semicolons to separate directories in Windows, and use
colons to separate directories in any other system. When it acts on the Apache module, the open_basedir path in the parent directory is automatically inherited.
There are three methods to make independent settings for specified users in Apache:
(a) The corresponding setting method of Directory in Apache’s httpd.conf:
php_admin_value open_basedir /usr/local/apache/htdocs/
#Multiple settings A directory can be referred to as follows:
php_admin_value open_basedir /usr/local/apache/htdocs/:/tmp/
(b) The corresponding setting method of VirtualHost in Apache’s httpd.conf:
php_admin_value open_basedir /usr/local/apache/htdocs /
#To set multiple directories, you can refer to the following:
php_admin_value open_basedir /var/www/html/:/var/tmp/
(c) Because after open_basedir is set in VirtualHost, this virtual user will no longer automatically inherit php. The value of open_basedir in ini
is set, which makes it difficult to achieve flexible configuration measures, so it is recommended that you do not set this restriction in VirtualHost
. For example, you can set open_basedir = .:/tmp/ in php.ini, this setting Indicates that
is allowed to access the current directory (that is, the directory where the PHP script file is located) and the /tmp/ directory.
Please note: If the temporary directory for uploading files set in php.ini is /tmp/, then it must be included when setting open_basedir. /tmp/, otherwise the upload will fail. The new version of PHP will prompt "open_basedir restriction in effect"
warning message, but the move_uploaded_file() function can still successfully remove the uploaded file in the /tmp/ directory. I don't know if this is a vulnerability or not. New feature.
Configuration for ShopEx472 version:
open_basedir = "D:/Server;../catalog;../include;../../home;../syssite;../templates;../ language;../../language;../../../language;../../../../language"
The above introduces the role of the open_basedir option in the baseband PHP configuration file, including baseband content. I hope it will be helpful to friends who are interested in PHP tutorials.