configured temp path is ignored by js_uploader plugin and App.php

[planetar]

friendica is installed on a system with open_basedir restriction,
admin/site/ Temp path is set to the valid phptemp folder.

js_uploader plugin fails to upload anything

The logs show:
mod_fcgid: stderr: PHP Warning: tempnam(): open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (/var/www/web45/web/:/var/www/web45/phptmp/) in /var/www/web45/web/friendica/addon/js_upload/js_upload.php on line 205, referer: https://friendica.farm-leben.de/photos/malister/upload

The relevant line in js_upload.php reads:
$upload_dir = Config::get('system','tempdir');

When I insert a hard coded path to the phptemp dir here (exactly like given in the configuration) the plugin works as expected.

Other entries in the error log point to App.php:
mod_fcgid: stderr: PHP Warning: file_exists(): open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (/var/www/web45/web/:/var/www/web45/phptmp/) in /var/www/web45/web/friendica/src/App.php on line 916

Expected behavior

The configured Temp path is used and passed to plugins thus enabling js_upload.php to actually upload files.

Actual behavior

Plugins try to create folders and files below /tmp which is not a valid path when open_basedir restriction are active.

Steps to reproduce the problem

install friendica on a system with open_basedir restriction, enable js_upload and try to use it.

Friendica version you encountered the problem

Friendica 'The Tazmans Flax-lily' 2018-05-dev - 1259

see example.com/friendica on your Friendica node for the version information.

Friendica source (git, zip)

git

PHP version

PHP 7.0.27-0+deb9u1 (cli) (built: Jan 5 2018 13:51:52) ( NTS )

SQL version

mariadb Ver 15.1 Distrib 10.1.26-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2

[MrPetovan]

Thanks for the report!

[annando]

Is it your own server? Then you could set the temp path for the web account to some different server. This isn't a Friendica issue, since the tempnam function in PHP should return a path that is usable within PHP.

[MrPetovan]

Not everybody can change the temp path for the web account on their server, we should honor the Friendica temp path no matter what.

[planetar]

@annando it is my own server but I don't get your point.
I was not looking for another dirty 'solution', The plugin works for me now after I replaced Config::get('system','tempdir'); with the path to the tempdir I already entered into the config before.
This is about as quick and dirty as you can get and I feel it smells buggy when I'm forced to do that.
The config (wisely) offers the option to set a custom path for the temp dir. It was my expectation that this entered value is later returned when a plugin asks the temp dir path from the config object.
If this is not a friendica issue, who else should I ask?
BTW, which other server would you recommend to host a temp path?
Kindly explain, please, TIA.