{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 ゆ 、 Hurt° 的问题《How do I limit PHP apps to their own directories a》','https://www.manongdao.com/q-297666.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am running multiple PHP apps on my Mac, running OS X 10.5.6, Apache 2, PHP 5. I have subdomains setup for each project, a host file entries for each subdomain, and Virtual Directory blocks in the Apache config. So
project1.localhost goes to /Library/WebServer/Documents/Project1
project2.localhost goes to /Library/WebServer/Documents/Project2
etc...
However, this method doesn't really "isolate" the web apps. For example, if I include a script like so:
<?php
include("/includes/include.php");
?>
It references the script from the base directory of my computer. So it accesses
C:/includes/include.php
Is there a way for me to make it reference
C:/Library/WebServer/Documents/Project2/includes/include.php
Basically, make it so that its not aware of anything outside of its own directory. Also, is there a way to use php.ini's on a per subdomain basis as well?
You can limit a scripts ability to see anything above a specific folder tree by adding the open_basedir directive a folder block in the httpd.conf file. It should look like:
One thing - if you don't end the path with a / then it's a wildcard match. In other words, "/var/etc/my" will match "/var/etc/myFolder" as well as "/var/etc/myMothersFolder", while "/var/etc/my/" will only match that exact folder name.
Try a relative path! Like:
or
I believe it's possible to set a php.ini per virtual host
this way you can customize open_basedir and others
Regarding application isolation ~ is this in regards to securing PHP scripts so they cannot access others? Please elaborate -
Regarding php.ini - I am not aware of any way to use a specific php.ini per directory, but you could certainly create a php include page with a bunch of ini_set() lines, perhaps something like this ..
and the ini_set.php script:
If you are interested in learning more about the ini_set() function, here is the documentation page on php.net: http://us3.php.net/ini_set
Hope this was somewhat helpful ~
If you want to use full path name, you can use that:
Possible solution for php.ini file
Best way to do so is to use PHP via FCGI (mod_fcgid). This way you can run PHP using a different user and a different php.ini per vHost.
Here's an example how to set up such a configuration on Ubuntu: http://www.howtoforge.com/how-to-set-up-apache2-with-mod_fcgid-and-php5-on-ubuntu-8.10