我在cakephp 3中有一个应用程序,几个星期前开始报告open_basedir restriction in effect. File(/) is not within the allowed path(s)。我试着调试它,但我没有成功地找到原因。这个应用程序工作了大约2.5年,现在才开始出现,但没有任何使用缓存或更改配置的代码部分的变化。在配置中,我有"路径"正确设置每个缓存模式。它也不是来自一致的url/方法。它随机出现在不到1%的电话中。通常是在第一周左右。是否有任何方法来调试这个并找到原因?你知道这种行为可能的原因吗?我已经试过了所有我能想到的方法,但都没有成功。
配置示例:
'hour' => [
'className' => 'File',
'path' => CACHE,
'serialize' => true,
'duration' => '+1 hour',
'url' => env('CACHE_DEFAULT_URL', null),
],
调试跟踪一个示例:
CakeErrorBaseErrorHandler::handleError() - CORE/src/Error/BaseErrorHandler.php, line 153
is_dir - [internal], line ??
CakeCacheEngineFileEngine::_clearDirectory() - CORE/src/Cache/Engine/FileEngine.php, line 303
CakeCacheEngineFileEngine::clear() - CORE/src/Cache/Engine/FileEngine.php, line 284
CakeCacheEngineFileEngine::gc() - CORE/src/Cache/Engine/FileEngine.php, line 116
CakeCacheCacheRegistry::_create() - CORE/src/Cache/CacheRegistry.php, line 98
CakeCoreObjectRegistry::load() - CORE/src/Core/ObjectRegistry.php, line 96
DebugKitCacheEngineDebugEngine::init() - ROOT/vendor/cakephp/debug_kit/src/Cache/Engine/DebugEngine.php, line 79
CakeCacheCacheRegistry::_create() - CORE/src/Cache/CacheRegistry.php, line 90
CakeCoreObjectRegistry::load() - CORE/src/Core/ObjectRegistry.php, line 96
CakeCacheCache::_buildEngine() - CORE/src/Cache/Cache.php, line 170
CakeCacheCache::engine() - CORE/src/Cache/Cache.php, line 228
CakeCacheCache::read() - CORE/src/Cache/Cache.php, line 356
AppControllerAppController::beforeRender() - APP/Controller/AppController.php, line 169
CakeEventEventManager::_callListener() - CORE/src/Event/EventManager.php, line 416
CakeEventEventManager::dispatch() - CORE/src/Event/EventManager.php, line 393
CakeControllerController::dispatchEvent() - CORE/src/Event/EventDispatcherTrait.php, line 110
CakeControllerController::render() - CORE/src/Controller/Controller.php, line 610
CakeHttpActionDispatcher::_invoke() - CORE/src/Http/ActionDispatcher.php, line 125
CakeHttpActionDispatcher::dispatch() - CORE/src/Http/ActionDispatcher.php, line 93
CakeHttpBaseApplication::__invoke() - CORE/src/Http/BaseApplication.php, line 108
CakeHttpRunner::__invoke() - CORE/src/Http/Runner.php, line 65
CakeHttpMiddlewareEncryptedCookieMiddleware::__invoke() - CORE/src/Http/Middleware/EncryptedCookieMiddleware.php, line 89
CakeHttpRunner::__invoke() - CORE/src/Http/Runner.php, line 65
CakeHttpMiddlewareCsrfProtectionMiddleware::__invoke() - CORE/src/Http/Middleware/CsrfProtectionMiddleware.php, line 106
AppApplication::App{closure}() - APP/Application.php, line 93
CakeHttpRunner::__invoke() - CORE/src/Http/Runner.php, line 65
CakeHttpMiddlewareSecurityHeadersMiddleware::__invoke() - CORE/src/Http/Middleware/SecurityHeadersMiddleware.php, line 176
CakeHttpRunner::__invoke() - CORE/src/Http/Runner.php, line 65
CakeRoutingMiddlewareRoutingMiddleware::__invoke() - CORE/src/Routing/Middleware/RoutingMiddleware.php, line 104
CakeHttpRunner::__invoke() - CORE/src/Http/Runner.php, line 65
CakeRoutingMiddlewareAssetMiddleware::__invoke() - CORE/src/Routing/Middleware/AssetMiddleware.php, line 88
CakeHttpRunner::__invoke() - CORE/src/Http/Runner.php, line 65
CakeErrorMiddlewareErrorHandlerMiddleware::__invoke() - CORE/src/Error/Middleware/ErrorHandlerMiddleware.php, line 98
CakeHttpRunner::__invoke() - CORE/src/Http/Runner.php, line 65
CakeHttpMiddlewareEncryptedCookieMiddleware::__invoke() - CORE/src/Http/Middleware/EncryptedCookieMiddleware.php, line 89
CakeHttpRunner::__invoke() - CORE/src/Http/Runner.php, line 65
DebugKitMiddlewareDebugKitMiddleware::__invoke() - ROOT/vendor/cakephp/debug_kit/src/Middleware/DebugKitMiddleware.php, line 52
CakeHttpRunner::__invoke() - CORE/src/Http/Runner.php, line 65
CakeHttpRunner::run() - CORE/src/Http/Runner.php, line 51
CakeHttpServer::run() - CORE/src/Http/Server.php, line 81
[main] - ROOT/webroot/index.php, line 40
如有任何提示,我将不胜感激。
感谢@ndm,我能够找到这种行为的原因和解决方案。它的发生是由于流量在某些条件下-多个请求将文件放在删除队列中,并且在第一个请求删除文件后,其他请求失败-getRealPath()返回false,然后附加/,因此结果路径是/。
如果没有basedir限制(引用@ndm),最坏的情况:web服务器用户有权在/目录下删除的所有文件(通常应为none)将被删除
方案1(推荐):用3.9.7或4.2.4补丁更新你的Cake应用
解决方案2:手动修正代码以检查getRealPath()不返回false