CRM-14126 - Wrap use of CURLOPT_FOLLOWLOCATION in a check for open_basedir and safe_mode.

----------------------------------------
* CRM-14126: HttpClient.php library used by CiviCRM issues a PHP warning when open_basedir is set
  http://issues.civicrm.org/jira/browse/CRM-14126

diff --git a/CRM/Core/Payment/Elavon.php b/CRM/Core/Payment/Elavon.php
index b1834a7e9c6cb0e1e35b3d5c14c93359c907053e..daccc44f2abba793c2db41136c22c261941b5e76 100644 (file)
--- a/CRM/Core/Payment/Elavon.php
+++ b/CRM/Core/Payment/Elavon.php
@@ -193,7 +193,9 @@ class CRM_Core_Payment_Elavon extends CRM_Core_Payment {
     // set this for debugging -look for output in apache error log
     //curl_setopt ($ch,CURLOPT_VERBOSE,1 );
     // ensures any Location headers are followed
-    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
+    if (ini_get('open_basedir') == '' && ini_get('safe_mode') == 'Off') {
+      curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
+    }
 
     /**********************************************************
      * Send the data out over the wire

diff --git a/CRM/Core/Payment/FirstData.php b/CRM/Core/Payment/FirstData.php
index 7c1dd49263dbe95c089c252f7d4f17cae817393c..8ea317f2444081fad1969377b7f830dcfdc205e2 100644 (file)
--- a/CRM/Core/Payment/FirstData.php
+++ b/CRM/Core/Payment/FirstData.php
@@ -222,7 +222,9 @@ class CRM_Core_Payment_FirstData extends CRM_Core_Payment {
     curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
     curl_setopt($ch, CURLOPT_TIMEOUT, 36000);
     // ensures any Location headers are followed
-    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
+    if (ini_get('open_basedir') == '' && ini_get('safe_mode') == 'Off') {
+      curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
+    }
 
     // Send the data out over the wire
     //--------------------------------

diff --git a/CRM/Core/Payment/PayflowPro.php b/CRM/Core/Payment/PayflowPro.php
index c977c182e300ff8d28935188be5d6b734dce4346..b9feab1883a608038709dc67056a6cb5b8dc8db8 100644 (file)
--- a/CRM/Core/Payment/PayflowPro.php
+++ b/CRM/Core/Payment/PayflowPro.php
@@ -484,7 +484,9 @@ class CRM_Core_Payment_PayflowPro extends CRM_Core_Payment {
     // return into a variable
     curl_setopt($ch, CURLOPT_TIMEOUT, 90);
     // times out after 90 secs
-    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
+    if (ini_get('open_basedir') == '' && ini_get('safe_mode') == 'Off') {
+      curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
+    }
     curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::SYSTEM_PREFERENCES_NAME, 'verifySSL'));
     // this line makes it work under https
     curl_setopt($ch, CURLOPT_POSTFIELDS, $payflow_query);

diff --git a/CRM/Core/Payment/PaymentExpressUtils.php b/CRM/Core/Payment/PaymentExpressUtils.php
index 9977aec4ab2b0e4153429b2b43b610d28d299908..d8eb2188b3ed59ceb00b31ba6595e4f97bf5fa41 100644 (file)
--- a/CRM/Core/Payment/PaymentExpressUtils.php
+++ b/CRM/Core/Payment/PaymentExpressUtils.php
@@ -67,7 +67,9 @@ function &_initCURL($query, $url) {
   curl_setopt($curl, CURLOPT_POSTFIELDSIZE, 0);
   curl_setopt($curl, CURLOPT_TIMEOUT, 30);
   curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
-  curl_setopt($curl, CURLOPT_FOLLOWLOCATION, FALSE);
+  if (ini_get('open_basedir') == '' && ini_get('safe_mode') == 'Off') {
+    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, FALSE);
+  }
   curl_setopt($curl, CURLOPT_HEADER, 0);
   curl_setopt($curl, CURLOPT_SSLVERSION, 3);
 

diff --git a/CRM/Utils/HttpClient.php b/CRM/Utils/HttpClient.php
index 14bf423f7480f269640a134259899257d8db47bc..c94b605fd9445f260a5e8962c50a593b6fcb945f 100644 (file)
--- a/CRM/Utils/HttpClient.php
+++ b/CRM/Utils/HttpClient.php
@@ -189,7 +189,9 @@ class CRM_Utils_HttpClient {
     curl_setopt($ch, CURLOPT_HEADER, FALSE);
     curl_setopt($ch, CURLOPT_ENCODING, 'gzip');
     curl_setopt($ch, CURLOPT_VERBOSE, 0);
-    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
+    if (ini_get('open_basedir') == '' && ini_get('safe_mode') == 'Off') {
+      curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
+    }
     if ($this->connectionTimeout !== NULL) {
       curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $this->connectionTimeout);
     }

diff --git a/tools/extensions/org.civicrm.sms.clickatell/org_civicrm_sms_clickatell.php b/tools/extensions/org.civicrm.sms.clickatell/org_civicrm_sms_clickatell.php
index 8c0a8dc3c5f1acdb092c18b8253e7a32cf9b4a1f..d08dc568a665b1f54d1b71ca956f83d1144d43d8 100644 (file)
--- a/tools/extensions/org.civicrm.sms.clickatell/org_civicrm_sms_clickatell.php
+++ b/tools/extensions/org.civicrm.sms.clickatell/org_civicrm_sms_clickatell.php
@@ -133,7 +133,9 @@ class org_civicrm_sms_clickatell extends CRM_SMS_Provider {
     curl_setopt($this->_ch, CURLOPT_TIMEOUT, 20);
     curl_setopt($this->_ch, CURLOPT_VERBOSE, 1);
     curl_setopt($this->_ch, CURLOPT_FAILONERROR, 1);
-    curl_setopt($this->_ch, CURLOPT_FOLLOWLOCATION, 1);
+    if (ini_get('open_basedir') == '' && ini_get('safe_mode') == 'Off') {
+      curl_setopt($this->_ch, CURLOPT_FOLLOWLOCATION, 1);
+    }
     curl_setopt($this->_ch, CURLOPT_COOKIEJAR, "/dev/null");
     curl_setopt($this->_ch, CURLOPT_SSL_VERIFYHOST, 2);
     curl_setopt($this->_ch, CURLOPT_USERAGENT, 'CiviCRM - http://civicrm.org/');