nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bug #1034216 open_basedir and file upload

Browse Source
This commit is contained in:
Marc Delisle
2004-09-24 21:27:13 +00:00
parent ab1eb332e0
commit 951dcd011e
2 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@@ -10,6 +10,8 @@ $Source$
not displayed anymore
* read_dump.php: bug #1033133, left frame not reloaded after dump read
* db_datadict.php: bug #1034299, error in SHOW KEYS for data dict
* read_dump.php: bug #1034216 open_basedir and file upload,
thanks to Dominique Rousseau - domi
2004-09-24 Michal Čihař <michal@cihar.com>
* libraries/export/sql.php: Fixed export of '0' string (bug #1033869).

10
read_dump.php
View File

@@ -76,8 +76,14 @@ if ($sql_file != 'none') {
// loic1 : fixed a security issue
// if ((file_exists($sql_file) && is_uploaded_file($sql_file))
// || file_exists($cfg['UploadDir'] . $sql_localfile)) {
if (file_exists($sql_file)
&& ((isset($sql_localfile) && $sql_file == $cfg['UploadDir'] . $sql_localfile) || is_uploaded_file($sql_file))) {
// file_exists() returns false if open_basedir is set
//if (file_exists($sql_file)
// && ((isset($sql_localfile) && $sql_file == $cfg['UploadDir'] . $sql_localfile) || is_uploaded_file($sql_file))) {
if ((is_uploaded_file($sql_file))
||(isset($sql_localfile) && $sql_file == $cfg['UploadDir'] . $sql_localfile) && file_exists($sql_file)) {
$open_basedir = @ini_get('open_basedir');
if (!isset($sql_file_compression)) $sql_file_compression = '';