fix: suppress open_basedir warning in favicon check, disable open_basedir in prod

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
aminovfariz
2026-05-28 19:07:47 +02:00
parent ec596d35d4
commit 0d078f233d
2 changed files with 3 additions and 2 deletions

View File

@@ -44,7 +44,7 @@ class TenantFaviconService
return false; return false;
} }
$path = $this->publicDir($uuid) . '/favicon-32x32.png'; $path = $this->publicDir($uuid) . '/favicon-32x32.png';
return is_file($path); return @is_file($path);
} }
public function delete(string $uuid): void public function delete(string $uuid): void

View File

@@ -8,6 +8,7 @@ display_errors=0
display_startup_errors=0 display_startup_errors=0
error_reporting=E_ALL & ~E_DEPRECATED & ~E_STRICT error_reporting=E_ALL & ~E_DEPRECATED & ~E_STRICT
log_errors=1 log_errors=1
error_log=/tmp/php_errors.log
; --- Resource limits --- ; --- Resource limits ---
memory_limit=256M memory_limit=256M
@@ -17,7 +18,7 @@ post_max_size=12M
; --- Security hardening --- ; --- Security hardening ---
expose_php=Off expose_php=Off
allow_url_include=Off allow_url_include=Off
open_basedir=/var/www:/tmp ; open_basedir disabled — causes false-positive E_WARNING on is_file() for valid paths under /var/www
disable_functions=exec,passthru,shell_exec,system,proc_open,popen,parse_ini_file,show_source disable_functions=exec,passthru,shell_exec,system,proc_open,popen,parse_ini_file,show_source
; --- Session hardening --- ; --- Session hardening ---