Is_dir(): open_basedir restriction in effect. File

I have this error and my CMS not work in the hosting:
Warning : is_dir(): open_basedir restriction in effect. File(/home/vol15_5/epizy.com/epiz_24965587/htdocs/…) is not within the allowed path(s): (/php_sessions:/tmp:/var/www/errors:/usr/share/pear:/home/vol15_5/epizy.com/epiz_24965587/htdocs) in /home/vol15_5/epizy.com/epiz_24965587/htdocs/public/index.php on line 27

My website URL is:
http://p7cmstextpress.epizy.com/public/

the code:

$_SESSION['public'] = '/formacion/cms/public/';

$_SESSION['home'] = $_SESSION['public'].'index.php/';

//Defino y llamo a la función que autocargará las clases cuando se instancien

spl_autoload_register('App\autoload');

function autoload($clase,$dir=null){

    //Directorio raíz de mi proyecto

    if (is_null($dir)){

        $dirname = str_replace('\public', '', dirname(__FILE__));

        $dir = realpath($dirname);

    }

    //Escaneo en busca de la clase de forma recursiva

    foreach (scandir($dir) as $file){

        //Si es un directorio (y no es de sistema) accedo y

        //busco la clase dentro de él

        if (is_dir($dir."/".$file) AND substr($file, 0, 1) !== '.'){

            autoload($clase, $dir."/".$file);

        }

        //Si es un fichero y el nombr conicide con el de la clase

        else if (is_file($dir."/".$file) AND $file == substr(strrchr($clase, "\\"), 1).".php"){

            require($dir."/".$file);

        }

    }

}

Because you have two dots at the end of the path of the files, and files accessed outside of the htdocs folder can’t be accessed due to some open_basedir restrictions. So, you will have to change something in the code (for example the two dots at the end of htdocs/) to make it work.

1 Like

sorry i’m very new in php, in all files or only in the index.php?

I did a little bit of debugging with your code, and I think I see the issue.

In order to do the autoloading, you use scandir to list all the files and directories in the folder. However, it’s important to note that using scandir will also include the entries . and .. in the output. These are folders which refer to the local folder and the upper folder respectively.

So on line 27, your code tries to do an is_dir("htdocs/.."), which means it’s trying to read outside the files of your website. And scripts are not allowed to do that on our hosting.

To fix this, the easiest way is to simply check whether the $file parameter is equal to .. or . and skip the entry if it’s the case. So, substituting a part of your code:

    if (is_null($dir)){
        $dirname = str_replace('/public', '', dirname(__FILE__));
        $dir = realpath($dirname);
    }
    //Escaneo en busca de la clase de forma recursiva
    foreach (scandir($dir) as $file){
        if ($file == '.' || $file == '..') {
            continue;
        }
        //Si es un directorio (y no es de sistema) accedo y
        //busco la clase dentro de él
        if (is_dir($dir."/".$file) AND substr($file, 0, 1) !== '.'){
            autoload($clase, $dir."/".$file);
           }
1 Like

OK,

thanks a lot! now working

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.