diff options
author | Marc Delisle <marc@infomarc.info> | 2004-09-25 01:27:13 +0400 |
---|---|---|
committer | Marc Delisle <marc@infomarc.info> | 2004-09-25 01:27:13 +0400 |
commit | 951dcd011e9a8e366d3a68b32628eebb9c0118a8 (patch) | |
tree | a20861dddffff4fb634a5e7afac78e4419a5dad7 /read_dump.php | |
parent | ab1eb332e044c3fe80db7a840582868dff772bb1 (diff) |
bug #1034216 open_basedir and file upload
Diffstat (limited to 'read_dump.php')
-rw-r--r-- | read_dump.php | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/read_dump.php b/read_dump.php index f9832f1a8f..c9d1e14d96 100644 --- a/read_dump.php +++ b/read_dump.php @@ -76,8 +76,14 @@ if ($sql_file != 'none') { // loic1 : fixed a security issue // if ((file_exists($sql_file) && is_uploaded_file($sql_file)) // || file_exists($cfg['UploadDir'] . $sql_localfile)) { - if (file_exists($sql_file) - && ((isset($sql_localfile) && $sql_file == $cfg['UploadDir'] . $sql_localfile) || is_uploaded_file($sql_file))) { + + // file_exists() returns false if open_basedir is set + //if (file_exists($sql_file) + // && ((isset($sql_localfile) && $sql_file == $cfg['UploadDir'] . $sql_localfile) || is_uploaded_file($sql_file))) { + + if ((is_uploaded_file($sql_file)) + ||(isset($sql_localfile) && $sql_file == $cfg['UploadDir'] . $sql_localfile) && file_exists($sql_file)) { + $open_basedir = @ini_get('open_basedir'); if (!isset($sql_file_compression)) $sql_file_compression = ''; |