From 29c92d7b080152bfc8c60b90c185e2faab2a6bbb Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Sat, 23 Jan 2016 12:13:03 +0300
Subject: prevent frontend updating of feeds on view if open_basedir is set to
 prevent plugins potentially not working correctly (i.e. if backend system has
 open_basedir disabled)

---
 classes/api.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'classes/api.php')

diff --git a/classes/api.php b/classes/api.php
index c3ea627fd..9be04cff9 100644
--- a/classes/api.php
+++ b/classes/api.php
@@ -416,7 +416,9 @@ class API extends Handler {
 
 		$feed_id = (int) $this->dbh->escape_string($_REQUEST["feed_id"]);
 
-		update_rss_feed($feed_id, true);
+		if (!ini_get("open_basedir")) {
+			update_rss_feed($feed_id, true);
+		}
 
 		$this->wrap(self::STATUS_OK, array("status" => "OK"));
 	}
-- 
cgit v1.2.3