From: mueller at intertrend dot de
Operating system: SUSE LINUX 10.0
PHP version: 4.4.7
PHP Bug Type: Safe Mode/open_basedir
Bug description: move_uploaded_file open_basedir problem
Description:
------------
move_uploaded_file() does not work if open_basedir is set.
settings in php.ini:
file_uploads = On
upload_tmp_dir = /tmp
settings in httpd.conf:
php_admin_value open_basedir /www/com/servername
tmp-dir and destination-dir are on the same filesystem.
Reproduce code:
---------------
$uploaddir = '/www/com/servername';
$uploadfile = $uploaddir . basename($_FILES['userfile']['tmp_name']);
echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
Expected result:
----------------
File is valid, and was successfully uploaded.
Actual result:
--------------
Warning: move_uploaded_file() [function.move-uploaded-file]: open_basedir
restriction in effect. File(/tmp/php5bwW9n) is not within the allowed
path(s): (/www/com/servername) in /www/com/servername/test.php on line 9
Warning: move_uploaded_file(/tmp/php5bwW9n)
[function.move-uploaded-file]: failed to open stream: Operation not
permitted in /www/com/servername/test.php on line 9
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to
move '/tmp/php5bwW9n' to '/www/com/servername/php5bwW9n' in
/www/com/servername/test.php on line 9
Possible file upload attack!
Here is some more debugging info:Array
(
[userfile] => Array
(
[name] => Neu Textdokument (2).txt
[type] => text/plain
[tmp_name] => /tmp/php5bwW9n
[error] => 0
[size] => 1500
)
)
--
Edit bug report at http://bugs.php.net/?id=41824&edit=1
--
Try a CVS snapshot (PHP 4.4):
http://bugs.php.net/fix.php?id=41824&r=trysnapshot44
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=41824&r=trysnapshot52
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=41824&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=41824&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=41824&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=41824&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=41824&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=41824&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=41824&r=support
Expected behavior: http://bugs.php.net/fix.php?id=41824&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=41824&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=41824&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=41824&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=41824&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=41824&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=41824&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=41824&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=41824&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=41824&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=41824&r=mysqlcfg
