ID: 31931 Comment by: tech at rzpressure dot co dot uk Reported By: website at cellpacksolutions dot com Status: Open Bug Type: HTTP related Operating System: linux PHP Version: 4CVS-2005-02-11 (stable) Assigned To: iliaa New Comment:
i get this to, it seems as though basename is no longer stripping windows paths. mind this seems to only affect ie browsers! Previous Comments: ------------------------------------------------------------------------ [2005-02-14 12:36:35] website at cellpacksolutions dot com I have tried using the basic upload code posted on the following thread: http://www.phpfreaks.com/forums/index.php?showtopic=52077&pid=202571&st=0&#entry202571 which returns: File (C:\\SEARCH PROGRAM\\product_pics\\3b880.jpg) uploaded! testupload C:\\SEARCH PROGRAM\\product_pics\\3b880.jpg jpg scrolling over and selecting properties of the link shows: http://domainname.co.uk/testupload/C://SEARCH this is using the latest cvs version 9 am this morning! ------------------------------------------------------------------------ [2005-02-14 12:23:52] website at cellpacksolutions dot com just recieved this comment from our hosts this morning: We have tested the most recent available snapshot (9:30am) and the bug regarding PHP file uploads is still present. I would advise using the temporary workaround (all it does is remove everything upto and include the final \ thus providing you with only the filename) until the issue is resolved with PHP 4.3.11. As advised, unfortunately we are unable to revert back to 4.3.10 as this contains severe vulnerabilities which we are unable to allow to exist on our systems. I will leave this ticket suspended in our queue and when we have further information for you we will mail you again. ------------------------------------------------------------------------ [2005-02-12 17:48:18] [EMAIL PROTECTED] Already fixed in CVS. (Can't reproduce with it) ------------------------------------------------------------------------ [2005-02-12 02:33:53] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with <?php and ends with ?>, is max. 10-20 lines long and does not require any external resources such as databases, etc. If possible, make the script source available online and provide an URL to it here. Try to avoid embedding huge scripts into the report. ------------------------------------------------------------------------ [2005-02-11 18:13:36] [EMAIL PROTECTED] Ilia, you "broke" it. :) For the reportee: Provide test case. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/31931 -- Edit this bug report at http://bugs.php.net/?id=31931&edit=1
