base_path variable for dompdf.php
656 views
Skip to first unread message
sevensins
Nov 15, 2009, 12:33:10 PM11/15/09
to dompdf
I have been going through the samples in the example of dompdf.
The urls that i find for the php are given as
http://localhost/dompdf/dompdf.php?base_path=www/test/&input_file=center_table.html
Now my directory structure is as follows:
myProj(root directory)
lib(contains the files from dompdf)
pages/temp(contains the html files that needs to be converted to pdf)
Both the folders lib and pages are in the same hierarchical level and
inside myProj folder.
So what should be the base_path variable in the below mentioned case?
http://localhost/myProj/lib/dompdf.php?base_path=<?>&input_file=myFile.html
where myFile.html is at
http://localhost/myProj/pages/temp/myFile.html
Also since the files in pages/temp directory are created by php are
there any file permissions that i need to set up for the files in the
pages/temp folder?
The urls that i find for the php are given as
http://localhost/dompdf/dompdf.php?base_path=www/test/&input_file=center_table.html
Now my directory structure is as follows:
myProj(root directory)
lib(contains the files from dompdf)
pages/temp(contains the html files that needs to be converted to pdf)
Both the folders lib and pages are in the same hierarchical level and
inside myProj folder.
So what should be the base_path variable in the below mentioned case?
http://localhost/myProj/lib/dompdf.php?base_path=<?>&input_file=myFile.html
where myFile.html is at
http://localhost/myProj/pages/temp/myFile.html
Also since the files in pages/temp directory are created by php are
there any file permissions that i need to set up for the files in the
pages/temp folder?
BrianS
Nov 16, 2009, 4:18:57 PM11/16/09
to dompdf
On Nov 15, 12:33 pm, sevensins <kaustuv.roybur...@gmail.com> wrote:
> I have been going through the samples in the example of dompdf.
> The urls that i find for the php are given ashttp://localhost/dompdf/dompdf.php?base_path=www/test/&input_file=cen...
> I have been going through the samples in the example of dompdf.
>
> Now my directory structure is as follows:
>
> myProj(root directory)
> lib(contains the files from dompdf)
> pages/temp(contains the html files that needs to be converted to pdf)
>
> Both the folders lib and pages are in the same hierarchical level and
> inside myProj folder.
>
> So what should be the base_path variable in the below mentioned case?
>
> http://localhost/myProj/lib/dompdf.php?base_path=<?>&input_file=myFile.html
>
> where myFile.html is at
>
> http://localhost/myProj/pages/temp/myFile.html
Are you using DOMPDF 0.5.1 or DOMPDF 0.6.0 alpha 2? The alpha version
> Now my directory structure is as follows:
>
> myProj(root directory)
> lib(contains the files from dompdf)
> pages/temp(contains the html files that needs to be converted to pdf)
>
> Both the folders lib and pages are in the same hierarchical level and
> inside myProj folder.
>
> So what should be the base_path variable in the below mentioned case?
>
> http://localhost/myProj/lib/dompdf.php?base_path=<?>&input_file=myFile.html
>
> where myFile.html is at
>
> http://localhost/myProj/pages/temp/myFile.html
has a hard-coded limitation on what directory it will read from. This
is due to a security vulnerability in 0.5.1. And, because of this
vulnerability, it is recommended that you *not* allow access to
dompdf.php over the web. The recommended method of use is via the
class.
That being said, if you are using DOMPDF 0.5.1 I believe the following
URL should work:
http://localhost/myProj/lib/dompdf.php?input_file=../pages/temp/myFile.html
The base_path parameter is used if DOMPDF needs to locate any images
or CSS files. If you need it, however, make sure it points to the
directory of your file, either relative to the location of dompdf.php
or using an absolute file-system path.
And with this you should be able to see why making dompdf.php
accessible via the web is bad. It can access any file that your web
server has access to because it goes through the local file system.
> Also since the files in pages/temp directory are created by php are
> there any file permissions that i need to set up for the files in the
> pages/temp folder?
any additional permissions to be required.
sevensins
Nov 23, 2009, 12:26:03 AM11/23/09
to dompdf
Hi Brian,
Thanks for the reply.
I am using DOMPDF 0.6.0 alpha 2 and am using the class to generate the
PDF.
Also i found out with the input_file method that it's unsecure.
So am not using the same.
Also i found that when i create a PDF from a well formed HTML DOMPDF
0.5.1 fails but DOMPDF 0.6.0 alpha 2 generates the same perfectly
fine.
The HTML has got reference to external style sheet.
But since DOMPDF 0.6.0 alpha 2 is just workign fine, I have decded to
go with it.
Hope DOMPDF 0.6.0 alpha 2 goes into stable very soon. :D
On Nov 17, 2:18 am, BrianS <eclecticg...@gmail.com> wrote:
> On Nov 15, 12:33 pm, sevensins <kaustuv.roybur...@gmail.com> wrote:
>
>
>
>
>
> > I have been going through the samples in the example of dompdf.
> > The urls that i find for the php are given ashttp://localhost/dompdf/dompdf.php?base_path=www/test/&input_file=cen...
>
> > Now my directory structure is as follows:
>
> > myProj(root directory)
> > lib(contains the files from dompdf)
> > pages/temp(contains the html files that needs to be converted to pdf)
>
> > Both the folders lib and pages are in the same hierarchical level and
> > inside myProj folder.
>
> > So what should be the base_path variable in the below mentioned case?
>
> >http://localhost/myProj/lib/dompdf.php?base_path=<?>&input_file=myFile.html
>
> > where myFile.html is at
>
> >http://localhost/myProj/pages/temp/myFile.html
>
> Are you using DOMPDF 0.5.1 or DOMPDF 0.6.0 alpha 2? The alpha version
> has a hard-coded limitation on what directory it will read from. This
> is due to a security vulnerability in 0.5.1. And, because of this
> vulnerability, it is recommended that you *not* allow access to
> dompdf.php over the web. The recommended method of use is via the
> class.
>
> That being said, if you are using DOMPDF 0.5.1 I believe the following
> URL should work:http://localhost/myProj/lib/dompdf.php?input_file=../pages/temp/myFil...
>
> - Show quoted text -
Thanks for the reply.
I am using DOMPDF 0.6.0 alpha 2 and am using the class to generate the
PDF.
Also i found out with the input_file method that it's unsecure.
So am not using the same.
Also i found that when i create a PDF from a well formed HTML DOMPDF
0.5.1 fails but DOMPDF 0.6.0 alpha 2 generates the same perfectly
fine.
The HTML has got reference to external style sheet.
But since DOMPDF 0.6.0 alpha 2 is just workign fine, I have decded to
go with it.
Hope DOMPDF 0.6.0 alpha 2 goes into stable very soon. :D
On Nov 17, 2:18 am, BrianS <eclecticg...@gmail.com> wrote:
> On Nov 15, 12:33 pm, sevensins <kaustuv.roybur...@gmail.com> wrote:
>
>
>
>
>
> > I have been going through the samples in the example of dompdf.
> > The urls that i find for the php are given ashttp://localhost/dompdf/dompdf.php?base_path=www/test/&input_file=cen...
>
> > Now my directory structure is as follows:
>
> > myProj(root directory)
> > lib(contains the files from dompdf)
> > pages/temp(contains the html files that needs to be converted to pdf)
>
> > Both the folders lib and pages are in the same hierarchical level and
> > inside myProj folder.
>
> > So what should be the base_path variable in the below mentioned case?
>
> >http://localhost/myProj/lib/dompdf.php?base_path=<?>&input_file=myFile.html
>
> > where myFile.html is at
>
> >http://localhost/myProj/pages/temp/myFile.html
>
> Are you using DOMPDF 0.5.1 or DOMPDF 0.6.0 alpha 2? The alpha version
> has a hard-coded limitation on what directory it will read from. This
> is due to a security vulnerability in 0.5.1. And, because of this
> vulnerability, it is recommended that you *not* allow access to
> dompdf.php over the web. The recommended method of use is via the
> class.
>
> That being said, if you are using DOMPDF 0.5.1 I believe the following
>
> The base_path parameter is used if DOMPDF needs to locate any images
> or CSS files. If you need it, however, make sure it points to the
> directory of your file, either relative to the location of dompdf.php
> or using an absolute file-system path.
>
> And with this you should be able to see why making dompdf.php
> accessible via the web is bad. It can access any file that your web
> server has access to because it goes through the local file system.
>
> > Also since the files in pages/temp directory are created by php are
> > there any file permissions that i need to set up for the files in the
> > pages/temp folder?
>
> As long as the files are created by the web server I wouldn't expect
> any additional permissions to be required.- Hide quoted text -
> The base_path parameter is used if DOMPDF needs to locate any images
> or CSS files. If you need it, however, make sure it points to the
> directory of your file, either relative to the location of dompdf.php
> or using an absolute file-system path.
>
> And with this you should be able to see why making dompdf.php
> accessible via the web is bad. It can access any file that your web
> server has access to because it goes through the local file system.
>
> > Also since the files in pages/temp directory are created by php are
> > there any file permissions that i need to set up for the files in the
> > pages/temp folder?
>
> As long as the files are created by the web server I wouldn't expect
>
> - Show quoted text -
Reply all
Reply to author
Forward
0 new messages