[25-May-2014 05:45:01 Europe/Vienna] PHP Warning: file_exists(): open_basedir restriction in effect. File(vendor/autoload.php) is not within the allowed path(s): (/usr/share/roundcubemail:/var/log/roundcubemail:/etc/roundcubemail:/usr/share/pear:/var/www/uploadtemp) in /usr/share/roundcubemail/program/include/iniset.php on line 64
GENERAL: please use @file_exists() everywhere to prevent such messages on production servers running witeh E_ALL fro good reasons and sending twice an hour anything from the php errorlog via email to the admin which normally is empty
[builduser@buildserver64:/rpmbuild/SOURCES]$ cat roundcubemail-flie_exists_warning.patch --- roundcubemail-1.0.1-dep-original/program/include/iniset.php 2014-05-09 16:09:02.000000000 +0200 +++ roundcubemail-1.0.1-dep-patched/program/include/iniset.php 2014-05-25 10:44:05.730983819 +0200 @@ -61,7 +61,7 @@ spl_autoload_register('rcmail_autoload');
// include composer autoloader (if available) -if (file_exists('vendor/autoload.php')) { +if (@file_exists('vendor/autoload.php')) { require 'vendor/autoload.php'; }
On 05/25/2014 10:47 AM, Reindl Harald wrote:
[25-May-2014 05:45:01 Europe/Vienna] PHP Warning: file_exists(): open_basedir restriction in effect. File(vendor/autoload.php) is not within the allowed path(s): (/usr/share/roundcubemail:/var/log/roundcubemail:/etc/roundcubemail:/usr/share/pear:/var/www/uploadtemp) in /usr/share/roundcubemail/program/include/iniset.php on line 64
GENERAL: please use @file_exists() everywhere to prevent such messages on production servers running witeh E_ALL fro good reasons and sending twice an hour anything from the php errorlog via email to the admin which normally is empty
Please, use trac.roundcube.net for bug reports.
Am 25.05.2014 10:58, schrieb A.L.E.C:
On 05/25/2014 10:47 AM, Reindl Harald wrote:
[25-May-2014 05:45:01 Europe/Vienna] PHP Warning: file_exists(): open_basedir restriction in effect. File(vendor/autoload.php) is not within the allowed path(s): (/usr/share/roundcubemail:/var/log/roundcubemail:/etc/roundcubemail:/usr/share/pear:/var/www/uploadtemp) in /usr/share/roundcubemail/program/include/iniset.php on line 64
GENERAL: please use @file_exists() everywhere to prevent such messages on production servers running witeh E_ALL fro good reasons and sending twice an hour anything from the php errorlog via email to the admin which normally is empty
Please, use trac.roundcube.net for bug reports
don't get me wrong but please understand that i don't register because a *one char* bugfix on a bugtracker which to fix would have been the same work as type this reply just for bureaucracy
i fixed that now with patches for my rpm SPEC
Name: roundcubemail Version: 1.0.1 Release: 3%{?dist} Summary: Round Cube Webmail is a browser-based multilingual IMAP client Group: Applications/System License: GPLv2 URL: http://www.roundcube.net Source0: http://downloads.sourceforge.net/%%7Bname%7D/%%7Bname%7D-%%7Bversion%7D-dep.... Source1: %{name}.logrotate Patch1: roundcubemail-0.9.3-no_swf.patch Patch2: roundcubemail-1.0.0-confpath.patch Patch3: roundcubemail-file_exists_warning.patch Patch4: roundcubemail-str_to_lower_warning.patch
On Sun, May 25, 2014 at 10:47 AM, Reindl Harald h.reindl@thelounge.net wrote:
[25-May-2014 05:45:01 Europe/Vienna] PHP Warning: file_exists(): open_basedir restriction in effect. File(vendor/autoload.php) is not within the allowed path(s): (/usr/share/roundcubemail:/var/log/roundcubemail:/etc/roundcubemail:/usr/share/pear:/var/www/uploadtemp) in /usr/share/roundcubemail/program/include/iniset.php on line 64
GENERAL: please use @file_exists() everywhere to prevent such messages on production servers running witeh E_ALL fro good reasons and sending twice an hour anything from the php errorlog via email to the admin which normally is empty
I clearly object against that. Suppressing errors with @ (or with any other means) should not become a GENERAL habit. Yes, we use @ within the Roundcube codebase but very selectively and we should even try to reduce its use. And if open_basedir moans about a prevented file access attempt, that's clearly something that should catch your attention in the logs.
Regarding this particular problem with the check for composer's autoload file, we might want to seek for another solution. I actually didn't expect any errors coming from a file_exists() check within the Roundcube install directory but obviously I was wrong with that.
But after dropping support for PHP < 5.3, we could move on to generally use Composer for managing and pulling 3rd party libs in Roundcube and get rid of the copies on our git repository. Although unrelated to your request for generally muting file_exists() errors, it would solve this access to vendoer/autoload.php because that file would always exists.
~Thomas
Am 26.05.2014 09:48, schrieb Thomas Bruederli:
On Sun, May 25, 2014 at 10:47 AM, Reindl Harald h.reindl@thelounge.net wrote:
[25-May-2014 05:45:01 Europe/Vienna] PHP Warning: file_exists(): open_basedir restriction in effect. File(vendor/autoload.php) is not within the allowed path(s): (/usr/share/roundcubemail:/var/log/roundcubemail:/etc/roundcubemail:/usr/share/pear:/var/www/uploadtemp) in /usr/share/roundcubemail/program/include/iniset.php on line 64
GENERAL: please use @file_exists() everywhere to prevent such messages on production servers running witeh E_ALL fro good reasons and sending twice an hour anything from the php errorlog via email to the admin which normally is empty
I clearly object against that. Suppressing errors with @ (or with any other means) should not become a GENERAL habit. Yes, we use @ within the Roundcube codebase but very selectively and we should even try to reduce its use. And if open_basedir moans about a prevented file access attempt, that's clearly something that should catch your attention in the logs.
no in that case @file_exists() is the way to go or just use is_file() which don't throw open_basedir warnings for the same path, that's a bad behavior of PHP where both functions behave different in case of such checks for at least 11 years
if you have libraries which try to find conditional includes file_exists('../whatever.inc.php'); called from the docroot will throw such a warnining and calld from /popups/file.php don't
@file_exists() *is* very selectively because it is a conditional check if something exists and if not skip some action and that is not something which should trigger warnings
-
A.L.E.C -
Reindl Harald -
Thomas Bruederli