> RL> Yup, as far as I can see it is a completely useless function other than
> RL> the fact that it reads an entire file into a string. This is actually
> RL> something we should add, but it should be a generic load_file() or
> RL> str_file() or some other such function.
> RL> -Rasmus
>
> Probably you have not understood a problem, if is used open_basedir or
> safe_mode you have no any possibility to read a file until you move it
> in directory which you may read it.
That's where you are wrong. Look at the php_checkuid() function in
safe_mode.c you will find this code:
if (SG(rfc1867_uploaded_files)) {
if (zend_hash_exists(SG(rfc1867_uploaded_files), (char *) filename,
strlen(filename)+1)) {
return 1;
}
}
And for open_basedir sites, the move_uploaded_file() function can be used
to move the file into the right directory at which point it can be read.
-Rasmus
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
