Support » Installing WordPress » What if ../naam.php is not allowed in php code

  • rein


    I would like to install WP on my website but my webhost uses safe php and does not allow moving up a directory. So thinks like
    will not work.

    Is there a version of WP without this or can someone point out what php-files contain such things and how I can possible got around this.


Viewing 11 replies - 1 through 11 (of 11 total)
  • Yngwin


    I think the only place where you would come across this is in wp-admin/admin.php. Everything else should go through the root folder’s index.php and wp-blog-header.php anyway. Or am I missing something?



    Ok, but how can I solve this?
    I have moved the files from wp-admin to the root directory, but then more thinks go wrong with finding files. Step 1 and 2 of the installing go well then, but login in and such are going wrong, I think because WP is then confused about where to find everything.



    WordPress should work fine with PHP Safe Mode switched on, who is your host?

    Also can you create a file info.php with the below contents and provide a link to the file?




    Doing this results in

    Warning: phpinfo() has been disabled for security reasons in /mnt/storage2/r/re/ on line 2

    My provider says it uses PHP versie 4.0.
    My provider is Active 24 in the Netherlands.

    The problem is not the safe mode, I think, but that constructions like ../<file> are disabled.



    I’ve got more info:
    With more info about the php version can be found.



    I have now tried to move all php-file up one directory into the root of my log and deleted all /wp-admin/ parts.
    I can now install my weblog and can even see it appear.

    However, I cannot login, probably because some paths now point to the root directory of my blog-directory. So simply deleting /wp-admin in all paths in php-code is not the solution.

    Also, I have moved wp-config.php down to the wp-admin dir. But this also confused wp.

    Is there somewhere a variable pointing to the blog-dir itself that I should adapt somewhere?



    Leave the wp-admin older as is, just adjust the wp-admin/admin.php file to use the full path for the required file.



    changing ../wp-config.php to




    still gives the error message that the wp-config.php file is not found.
    It seems that not only ../ is not allowed, but also full paths are not allowed as well.

    How to proceed now?



    When outcommenting the die-action is wp-admin/install.php it gives the error:

    Warning: main(): open_basedir restriction in effect. File(/mnt/storage2/r/re/ is not within the allowed path(s): (.) in /mnt/storage2/r/re/ on line 7

    Moderator Peter Westwood


    Reading it looks like the way your host has setup PHP is not particularly sensible:

    The special value . indicates that the working directory of the script will be used as the base-directory. This is, however, a little dangerous as the working directory of the script can easily be changed with chdir().

    This means that you could work around the issue with a lot of changes to the WordPress code but I would advise looking for a better host – this setup doesn’t look very sensible at all and will likely break any non-trivial PHP web application.



    I have forwarded your remark to my host (without any hope that something will improve, but you’ll never know).

    Indeed, I already found out that a lot of changes are needed to let wordpress work on my website with all these restrictions.

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘What if ../naam.php is not allowed in php code’ is closed to new replies.