From a0f0b2caf7bc3c569bd56e1f45d5746993f24050 Mon Sep 17 00:00:00 2001
From: Christian Weiske
Date: Wed, 2 Nov 2011 06:42:14 +0100
Subject: Fix bug #3431742: open_basedir problems with /etc/ config files

---
 doc/ChangeLog                  |  1 +
 src/SemanticScuttle/Config.php | 26 ++++++++++++++++++++------
 2 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/doc/ChangeLog b/doc/ChangeLog
index 2090953..35cb883 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -11,6 +11,7 @@ ChangeLog for SemantiScuttle
 - Fix bug #3388219: Incorrect URL when cancelling tag2tag-actions
 - Fix bug #3399815: PHP error in opensearch API in 0.98.3
 - Fix bug #3407728: Can't delete users from admin page
+- Fix bug #3431742: open_basedir problems with /etc/ config files
 - Implement request #3403609: fr_CA translation update
 
 
diff --git a/src/SemanticScuttle/Config.php b/src/SemanticScuttle/Config.php
index 0773310..756c303 100644
--- a/src/SemanticScuttle/Config.php
+++ b/src/SemanticScuttle/Config.php
@@ -62,6 +62,9 @@ class SemanticScuttle_Config
      *
      * Paths with host name have priority.
      *
+     * When open_basedir restrictions are in effect and /etc is not part of
+     * the setting, /etc/semanticscuttle/ is not checked for config files.
+     *
      * @return array Array with config file path as first value
      *               and default config file path as second value.
      *               Any may be NULL if not found
@@ -72,12 +75,23 @@ class SemanticScuttle_Config
         $host = basename($_SERVER['HTTP_HOST']);
         $datadir = $this->getDataDir();
 
-        $arFiles = array(
-            $datadir . 'config.' . $host . '.php',
-            '/etc/semanticscuttle/config.' . $host . '.php',
-            $datadir . 'config.php',
-            '/etc/semanticscuttle/config.php',
-        );
+        $openbase = ini_get('open_basedir');
+        if ($openbase && strpos($openbase, '/etc') === false) {
+            //open_basedir restrictions enabled and /etc not allowed?
+            // then don't look in /etc for config files.
+            // the check is not perfect, but it covers most cases
+            $arFiles = array(
+                $datadir . 'config.' . $host . '.php',
+                $datadir . 'config.php',
+            );
+        } else {
+            $arFiles = array(
+                $datadir . 'config.' . $host . '.php',
+                '/etc/semanticscuttle/config.' . $host . '.php',
+                $datadir . 'config.php',
+                '/etc/semanticscuttle/config.php',
+            );
+        }
 
         $configfile = null;
         foreach ($arFiles as $file) {
-- 
cgit v1.2.3-54-g00ecf


From 8d9e1665f7ba42eb290b480acbcae9e710d06fea Mon Sep 17 00:00:00 2001
From: Christian Weiske
Date: Wed, 2 Nov 2011 06:42:48 +0100
Subject: sort changelog entries by bug number

---
 doc/ChangeLog | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/ChangeLog b/doc/ChangeLog
index 35cb883..68f5617 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -7,8 +7,8 @@ ChangeLog for SemantiScuttle
 -------------------
 - Fix bug: URLs were escaped too often in bookmark list
 - Fix bug: Subtitle was not escaped
-- Fix bug #3393951: Logo images missing on bookmark page
 - Fix bug #3388219: Incorrect URL when cancelling tag2tag-actions
+- Fix bug #3393951: Logo images missing on bookmark page
 - Fix bug #3399815: PHP error in opensearch API in 0.98.3
 - Fix bug #3407728: Can't delete users from admin page
 - Fix bug #3431742: open_basedir problems with /etc/ config files
-- 
cgit v1.2.3-54-g00ecf