nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

safer handling of temporary files with open_basedir (thanks to Thijs Kinkhorst)

Browse Source
This commit is contained in:
Michal Čihař
2008-08-29 15:49:06 +00:00
parent 5c658310aa
commit 6df6ebf95d
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libraries/File.class.php
View File

@@ -681,7 +681,7 @@ class PMA_File
$tmp_filename = $GLOBALS['cfg']['UploadDir'] . '/' . $_REQUEST['fields_uploadlocal_' . $key]['multi_edit'][$primary];
$tmp_file = fopen($tmp_filename, 'r');
$tmp_file_size = filesize($tmp_filename);
// check if fileinfo library exists
if ($PMA_Config->get('FILEINFO_EXISTS'))
{
@@ -936,7 +936,7 @@ class PMA_File
return false;
}
$new_file_to_upload = $GLOBALS['cfg']['TempDir'] . '/' . basename($this->getName());
$new_file_to_upload = tempnam(realpath($GLOBALS['cfg']['TempDir']), basename($this->getName()));
// surpress warnings from beeing displayed, but not from beeing logged
// any file access outside of open_basedir will issue a warning