Am 26.05.2014 09:48, schrieb Thomas Bruederli:
On Sun, May 25, 2014 at 10:47 AM, Reindl Harald h.reindl@thelounge.net wrote:
[25-May-2014 05:45:01 Europe/Vienna] PHP Warning: file_exists(): open_basedir restriction in effect. File(vendor/autoload.php) is not within the allowed path(s): (/usr/share/roundcubemail:/var/log/roundcubemail:/etc/roundcubemail:/usr/share/pear:/var/www/uploadtemp) in /usr/share/roundcubemail/program/include/iniset.php on line 64
GENERAL: please use @file_exists() everywhere to prevent such messages on production servers running witeh E_ALL fro good reasons and sending twice an hour anything from the php errorlog via email to the admin which normally is empty
I clearly object against that. Suppressing errors with @ (or with any other means) should not become a GENERAL habit. Yes, we use @ within the Roundcube codebase but very selectively and we should even try to reduce its use. And if open_basedir moans about a prevented file access attempt, that's clearly something that should catch your attention in the logs.
no in that case @file_exists() is the way to go or just use is_file() which don't throw open_basedir warnings for the same path, that's a bad behavior of PHP where both functions behave different in case of such checks for at least 11 years
if you have libraries which try to find conditional includes file_exists('../whatever.inc.php'); called from the docroot will throw such a warnining and calld from /popups/file.php don't
@file_exists() *is* very selectively because it is a conditional check if something exists and if not skip some action and that is not something which should trigger warnings