From 2995e32c7f160f3ebb0458946ac508ef59428d8b Mon Sep 17 00:00:00 2001 From: Andrey Mironov Date: Tue, 30 Oct 2012 14:42:37 +0600 Subject: [PATCH] Use mkdtemp in PHPExcel_Shared_ZipArchive to avoid race condition --- Classes/PHPExcel/Shared/File.php | 20 ++++++++++++++++++++ Classes/PHPExcel/Shared/ZipArchive.php | 5 +++-- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/Classes/PHPExcel/Shared/File.php b/Classes/PHPExcel/Shared/File.php index be0df9d4d..dbbd3636a 100644 --- a/Classes/PHPExcel/Shared/File.php +++ b/Classes/PHPExcel/Shared/File.php @@ -136,4 +136,24 @@ public static function sys_get_temp_dir() return realpath(sys_get_temp_dir()); } + /** + * Create a unique temporary directory. + * + * @return string + */ + public static function mkdtemp($prefix) + { + $tempname = tempnam(PHPExcel_Shared_File::sys_get_temp_dir(), $prefix); + + if (file_exists($tempname)) { + unlink($tempname); + } + + $ret = mkdir($tempname, 0700); + if (!$ret) { + throw new Exception("Error creating directory: " . $tempname); + } + + return $tempname; + } } diff --git a/Classes/PHPExcel/Shared/ZipArchive.php b/Classes/PHPExcel/Shared/ZipArchive.php index cebd32b64..a451dd4a3 100644 --- a/Classes/PHPExcel/Shared/ZipArchive.php +++ b/Classes/PHPExcel/Shared/ZipArchive.php @@ -26,7 +26,7 @@ */ if (!defined('PCLZIP_TEMPORARY_DIR')) { - define('PCLZIP_TEMPORARY_DIR', PHPExcel_Shared_File::sys_get_temp_dir()); + define('PCLZIP_TEMPORARY_DIR', PHPExcel_Shared_File::sys_get_temp_dir() . '/'); } require_once PHPEXCEL_ROOT . 'PHPExcel/Shared/PCLZip/pclzip.lib.php'; @@ -69,7 +69,7 @@ class PHPExcel_Shared_ZipArchive */ public function open($fileName) { - $this->_tempDir = PHPExcel_Shared_File::sys_get_temp_dir(); + $this->_tempDir = PHPExcel_Shared_File::mkdtemp('PHPExcel_Shared_ZipArchive'); $this->_zip = new PclZip($fileName); @@ -83,6 +83,7 @@ public function open($fileName) */ public function close() { + rmdir($this->_tempDir); }