What is the difference between include_path
and open_basedir
in PHP? My php.ini
looks like this:
include_path = ".:/usr/share/php:/usr/share/pear:/var/www"
If, for example, I try using include('../../etc/passwd');
the file is included. On the other hand, when I'm modifying my php.ini
like this the output is empty:
open_basedir = /var/www
Why is this? I thought that using include_path
will restrict the file access to the directories listed there?