Bugtraq mailing list archives
Re: move_uploaded_file breaks safe_mode restrictions in PHP
From: sesser () php net
Date: Fri, 22 Mar 2002 11:05:23 +0100
Hi, maybe i should simply quote the documentation at: http://www.php.net/manual/en/function.move-uploaded-file.php it says: Note: move_uploaded_file() is not affected by the normal safe-mode UID-restrictions. This is not unsafe because move_uploaded_file() only operates on files uploaded via PHP. maybe all the guys complaining should first read the documentation of move_uploaded_file. It is wrong because it states that move_uploaded_file is safe_mode unaware (and it was only not aware of safe_mode because of that bug) but how comes you assume it is safe_mode aware if the documentation says it is not? Before crying around: RTFM. And feel free to disable move_uploaded_file () in your php.ini The next release of php will have move_uploaded_file() fully safe_mode aware. This feature is now added. Stefan Esser
Current thread:
- move_uploaded_file breaks safe_mode restrictions in PHP Tozz (Mar 19)
- Re: move_uploaded_file breaks safe_mode restrictions in PHP Jedi/Sector One (Mar 20)
- <Possible follow-ups>
- Re: move_uploaded_file breaks safe_mode restrictions in PHP sesser (Mar 21)
- Re: move_uploaded_file breaks safe_mode restrictions in PHP Patrick Oonk (Mar 21)
- Message not available
- Re: move_uploaded_file breaks safe_mode restrictions in PHP sesser (Mar 21)
- Re: move_uploaded_file breaks safe_mode restrictions in PHP sesser (Mar 22)