[wp-trac] [WordPress Trac] #7390: forbiddance of ini_set('include_path', ...) function causes fatal error at revision feature

WordPress Trac wp-trac at lists.automattic.com
Wed Jul 23 22:01:36 GMT 2008 

#7390: forbiddance of ini_set('include_path', ...) function causes fatal error at
revision feature
-------------------------+--------------------------------------------------
 Reporter:  codestyling  |       Owner:  anonymous        
     Type:  defect       |      Status:  new              
 Priority:  high         |   Milestone:  2.6.1            
Component:  General      |     Version:  2.6              
 Severity:  blocker      |    Keywords:  fatal error crash
-------------------------+--------------------------------------------------
 The newly introduced revision feature uses PHP ini_set() function but must
 not. Several provider doesn't permit setting ''php.ini'' values especially
 the ''include_path'', which should be temporary switched during load of
 Text/Diff files. The fatal error resulting looks like this out of real
 customer occurance:

 {{{
 Warning: ini_set() has been disabled for security reasons in
 /srv/www/httpd/phost/l/de/pytalhost/laz/web/wordpress/wp-
 includes/pluggable.php on line 1517
 Warning: require_once(Text/Diff/Renderer.php) [function.require-once]:
 failed to open stream: No such file or directory in
 /srv/www/httpd/phost/l/de/pytalhost/laz/web/wordpress/wp-
 includes/Text/Diff/Renderer/inline.php on line 17
 Fatal error: require_once() [function.require]: Failed opening required
 ‘Text/Diff/Renderer.php’
 (include_path=’.:/srv/www/httpd/phost/l/de/pytalhost/laz/web’) in
 /srv/www/httpd/phost/l/de/pytalhost/laz/web/wordpress/wp-
 includes/Text/Diff/Renderer/inline.php on line 17
 }}}

 This error affects all editor pages won't longer behave as expected.
 Moreover some provider doesn't show any errors and silently abort the
 engine. This results in white pages served!
 I have attached a patch suggestion (containing 4 file from WP 2.6.0) which
 doesn't use ini_set() anymore but all require calls now using _ _FILE_ _
 evaluation of their appropriated complete file path. Has been successful
 tested at this affected system. Can also be simulated, if you comment the
 ''ini_set()'' inside '''pluggable.php''' ''function wp_text_diff()''.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/7390>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list