Argh! Horrible logic here. The safemode include dir check defaulted

to letting stuff through if no safemode include dir was defined.
@ Another safe-mode fix related to the safemode incdir feature (Rasmus)

1 files changed, 4 insertions, 2 deletions

diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c
index 7cf55651d4..3c077dea08 100644
--- a/main/fopen_wrappers.c
+++ b/main/fopen_wrappers.c
@@ -234,6 +234,8 @@ PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC)
 		char *end;
 		char resolved_name[MAXPATHLEN];
 
+		php_printf("safe_mode_include_dir check for %s<br>\n",path);
+
 		/* Resolve the real path into resolved_name */
 		if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL)
 			return -1;
@@ -268,7 +270,7 @@ PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC)
 	}
 
 	/* Nothing to check... */
-	return 0;
+	return -1;
 }
 /* }}} */
 
@@ -441,7 +443,7 @@ PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char **
 	}
 
 	filename_length = strlen(filename);
-	
+
 	/* Relative path open */
 	if (*filename == '.') {
 		if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) {