File: bug81742.phpt

package info (click to toggle)
php8.4 8.4.16-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 211,276 kB
  • sloc: ansic: 1,176,142; php: 35,419; sh: 11,964; cpp: 7,208; pascal: 4,951; javascript: 3,091; asm: 2,817; yacc: 2,411; makefile: 696; xml: 446; python: 301; awk: 148
file content (13 lines) | stat: -rw-r--r-- 295 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
 
--TEST--
Bug #81742 (open_basedir bypass in SQLite3 by using url encoded file)
--EXTENSIONS--
sqlite3
--INI--
open_basedir=.
--FILE--
<?php
$db = new SQLite3(':memory:');
$db->query("ATTACH 'file:..%2ffoo.php' as db2;");
?>
--EXPECTF--
Warning: SQLite3::query(): not authorized in %s on line %d