2

首先抱歉标题太长了,没想到会出现这个错误,不知道怎么形容。

我收到此错误:

Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/usr/local/apache/bin/apachectl) is not within the allowed path(s): (/home/:/backup/:/tmp/) in /home/xxxxx/public_html/plugins/system/jch_optimize/jchoptimize/helper.php on line 176

这是否意味着 tmp 目录中的某些内容已被使用或缺少某些内容?

我迷路了,我该从哪里开始?

这是helper.php:

<?php
use JchOptimize\JSMinRegex;
/**
 * JCH Optimize - Joomla! plugin to aggregate and minify external resources for
 * optmized downloads
 * @author Samuel Marshall <sdmarshall73@gmail.com>
 * @copyright Copyright (c) 2010 Samuel Marshall
 * @license GNU/GPLv3, See LICENSE file
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * If LICENSE file missing, see <http://www.gnu.org/licenses/>.
 *
 * This plugin, inspired by CssJsCompress <http://www.joomlatags.org>, was
 * created in March 2010 and includes other copyrighted works. See individual
 * files for details.
 */
defined('_JEXEC') or die('Restricted access');
/**
 * Some helper functions
 * 
 */
class JchOptimizeHelper
{
        /**
         * Checks if file (can be external) exists
         * 
         * @param type $sPath
         * @return boolean
         */
        public static function fileExists($sPath)
        {
                //global $_PROFILER;
                //JCH_DEBUG ? $_PROFILER->mark('beforeFileExists - ' . $sPath . ' plgSystem (JCH Optimize)') : null;
                $bExists = (file_exists($sPath) || @fopen($sPath, "r") != FALSE);
                //JCH_DEBUG ? $_PROFILER->mark('afterFileExists - ' . $sPath . ' plgSystem (JCH Optimize)') : null;
                return $bExists;
        }
        /**
         * Get local path of file from the url if internal
         * If external or php file, the url is returned
         *
         * @param string  $sUrl  Url of file
         * @return string       File path
         */
        public static function getFilePath($sUrl)
        {
               // global $_PROFILER;
                //JCH_DEBUG ? $_PROFILER->mark('beforeGetFilePath - ' . $sUrl . ' plgSystem (JCH Optimize)') : null;
                $sUriBase = str_replace('/administrator/', '', JUri::base());
                $sUriPath = str_replace('/administrator', '', JUri::base(TRUE));
                $oUri = clone JUri::getInstance($sUriBase);
                if (JchOptimizeHelper::isInternal($sUrl) && !preg_match('#\.php#i', $sUrl))
                {
                        $sUrl = preg_replace(
                                array(
                                '#^' . preg_quote($sUriBase, '#') . '#',
                                '#^' . preg_quote($sUriPath, '#') . '/#',
                                '#\?.*?$#'
                                ), '', $sUrl);
                        //JCH_DEBUG ? $_PROFILER->mark('afterGetFilePath - ' . $sUrl . ' plgSystem (JCH Optimize)') : null;
                        return JPATH_ROOT . DIRECTORY_SEPARATOR . str_replace('/', DIRECTORY_SEPARATOR, $sUrl);
                }
                else
                {
                        switch (TRUE)
                        {
                                case preg_match('#://#', $sUrl):
                                        break;
                                case (substr($sUrl, 0, 2) == '//'):
                                        $sUrl = $oUri->toString(array('scheme')) . substr($sUrl, 2);
                                        break;
                                case (substr($sUrl, 0, 1) == '/'):
                                        $sUrl = $oUri->toString(array('scheme', 'host')) . $sUrl;
                                        break;
                                default:
                                        $sUrl = $sUriBase . $sUrl;
                                        break;
                        }
                        //JCH_DEBUG ? $_PROFILER->mark('afterGetFilePath - ' . $sUrl . ' plgSystem (JCH Optimize)') : null;
                        return html_entity_decode($sUrl);
                }
        }
        /**
         * Gets the name of the current Editor
         * 
         * @staticvar string $sEditor
         * @return string
         */
        public static function getEditorName()
        {
                static $sEditor;
                if (!isset($sEditor))
                {
                        $sEditor = JFactory::getUser()->getParam('editor');
                        $sEditor = !isset($sEditor) ? JFactory::getConfig()->get('editor') : $sEditor;
                }
                return $sEditor;
        }
        /**
         * Determines if file is internal
         * 
         * @param string $sUrl  Url of file
         * @return boolean
         */
        public static function isInternal($sUrl)
        {
                $oUrl = JUri::getInstance($sUrl);
                //trying to resolve bug in php with parse_url before 5.4.7
                if (preg_match('#^//([^/]+)(/.*)$#i', $oUrl->getPath(), $aMatches))
                {
                        if (!empty($aMatches))
                        {
                                $oUrl->setHost($aMatches[1]);
                                $oUrl->setPath($aMatches[2]);
                        }
                }
                $sBase = $oUrl->toString(array('scheme', 'host', 'port', 'path'));
        $sHost = $oUrl->toString(array('scheme', 'host', 'port'));
        if (stripos($sBase, JUri::base()) !== 0 && !empty($sHost))
        {
            return FALSE;
        }
        return TRUE;
        }
        /**
         * 
         * @staticvar string $sContents
         * @return boolean
         */
        public static function modRewriteEnabled()
        {
                if (function_exists('apache_get_modules'))
                {
                        return (in_array('mod_rewrite', apache_get_modules()));
                }
                elseif (file_exists('/usr/local/apache/bin/apachectl'))
                {
                        return (strpos(shell_exec('/usr/local/apache/bin/apachectl -l'), 'mod_rewrite') !== false);
                }
                else
                {
                        static $sContents = '';
                        if ($sContents == '')
                        {
                                $oFileRetriever = JchOptimizeFileRetriever::getInstance($GLOBALS['oParams']);
                                $sJbase         = JUri::base(true);
                                $sBaseFolder = $sJbase == '/' ? $sJbase : $sJbase . '/';
                                $sUrl        = JUri::base() . 'plugins/system/jch_optimize/assets' . $sBaseFolder . 'test_mod_rewrite';
                                if (!$oFileRetriever->isUrlFOpenAllowed())
                                {
                                        return FALSE;
                                }
                                $sContents = $oFileRetriever->getFileContents($sUrl);
                        }
                        if ($sContents == 'TRUE')
                        {
                                return TRUE;
                        }
                        else
                        {
                                return FALSE;
                        }
                }
        }
        /**
         * 
         * @param type $aArray
         * @param type $sString
         * @return boolean
         */
        public static function findExcludes($aArray, $sString, $bScript=FALSE)
        {
                foreach ($aArray as $sValue)
                {
                        if($bScript)
                        {
                                $sString = JSMinRegex::minify($sString);
                        }
                        if ($sValue && strpos($sString, $sValue) !== FALSE)
                        {
                                return TRUE;
                        }
                }
                return FALSE;
        }
}
4

2 回答 2

5

open_basedir是一种服务器配置安全措施,用于禁止 webroot 之外的文件访问(通常)。

这可以防止脚本读取服务器上的随机文件。如果您的服务器已经受到攻击open_basedir,可以帮助减少攻击的影响。

一般来说这是一件好事,但你似乎想做一些有点可疑的事情。

看看你的,php.ini或者httpd.conf你可以在那里禁用它。


看起来这个脚本想要检查那个文件夹中的某个插件。这是不好的做法,使用apache_get_modules是正确的。您可以简单地删除有问题的代码。

该脚本甚至会尝试 a shell_exec,这就是为什么您必须非常小心在 Internet 上找到的随机代码。在这种情况下,它不是恶意的,只是很奇怪。

于 2014-03-31T16:39:51.167 回答
2

该脚本想要打开“/usr/local/apache/bin/apachectl”,但您的服务器主机不允许这样做。

看第 176 行:

elseif (file_exists('/usr/local/apache/bin/apachectl'))

看起来删除这些行是安全的。

于 2014-03-31T16:36:32.940 回答