ID: 41954
Updated by: [EMAIL PROTECTED]
Reported By: nlgordon at iastate dot edu
-Status: Open
+Status: Feedback
Bug Type: Safe Mode/open_basedir
Operating System: RedHat Enterprise 4
PHP Version: 5.2.3
New Comment:
So when upload_tmp_dir is unset and open_basedir is set, PHP tries to
autodetect temp dir and ends up with /tmp, which is not in
open_basedir.
Hence you get the error which says that /tmp is not in
/afs/iastate.edu/virtual/itssilver/.
Did I miss something? Where is the problem here?
Or you believe that /tmp IS in /afs/iastate.edu/virtual/itssilver/?
Previous Comments:
------------------------------------------------------------------------
[2007-07-10 19:47:45] nlgordon at iastate dot edu
Description:
------------
When uploading a file in a virtual host that has open_basedir enabled
and upload_tmp_dir unset the upload fails. Documentation claims that
move_uploaded_file is open_basedir aware, which might be all well and
true, but the file upload it self is not open_basedir aware. It would
also appear that upload_tmp_dir is not open_basedir aware.
I believe I have isolated it down to line 230 of
php_open_temporary_file.c in the php_open_temporary_fd function:
<snippet lines="226-235">
if (!dir || *dir == '\0') {
def_tmp:
temp_dir = php_get_temporary_directory();
if (temp_dir && *temp_dir != '\0' &&
!php_check_open_basedir(temp_dir
TSRMLS_CC)) { <--- Problem area
return php_do_open_temporary_file(temp_dir, pfx,
opened_path_p
TSRMLS_CC);
} else {
return -1;
}
}
</snippet>
The php_open_temporary_fd function is referenced by the file upload
handling code in rfc1867.c In short the open_basedir check is
unnecessary in the case of file uploads since page code can not affect
the temp directory uploaded to and move_uploaded_files works correctly.
Reproduce code:
---------------
<?php
if ($_POST['submit'])
{
echo "<pre>";
print_r($_FILES);
move_uploaded_file($_FILES['uploaded']['tmp_name'],
'/afs/iastate.edu/virtual/itssilver/WWW/uploads/' .
$_FILES['uploaded']['name']);
// move_uploaded_file();
}
?>
<form action="/testing/upload.php" enctype="multipart/form-data"
name="form_1" method="post">
Upload <input name="uploaded" type="file" size="50"/>
<input name="submit" type="submit" value="Submit"/>
</form>
Expected result:
----------------
$_FILES['uploaded'] should be filled with the information relating to a
successful upload.
Actual result:
--------------
Apache error log:
[Tue Jul 10 14:25:07 2007] [error] [client ***] PHP Warning: Unknown:
open_basedir restriction in effect. File(/tmp) is not within the allowed
path(s): (/afs/iastate.edu/virtual/itssilver/) in Unknown on line 0,
referer: http://silver.its.iastate.edu/testing/upload.php
[Tue Jul 10 14:25:07 2007] [error] [client ***] PHP Warning: File
upload error - unable to create a temporary file in Unknown on line 0,
referer: http://silver.its.iastate.edu/testing/upload.php
Also, this error is never sent to the browser, it would appear that the
internal engine does not have enough information about the script being
run to identify the file even being run in.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=41954&edit=1
