I'm using PHPass to encrypt passwords stored in my database. When running this code:
if (is_readable('/dev/urandom') && ($fh = @fopen('/dev/urandom', 'rb'))) {
...
}
it produces this warning:
Warning: is_readable() [function.is-readable]: open_basedir restriction in effect. File(/dev/urandom) is not within the allowed path(s):
(/home/d36234:/usr/local/lib/php:/var/apachefs/uploads:/tmp:/etc/file/magic) in /home/d36234/.../PasswordHash.php on line 51
What's wrong here, and how do I fix it?
It tells you what's going on: /dev/ is not one of the folders your are allowed to open files from, these are given in the error message. You would need to change the open_basedir value, if you can.
Otherwise, suppress the warning by replacing is_readable with @is_readable. PHPass will then use PHP functions to generate random values.