Fixes #12514 - Uses sys_get_temp_dir in place of empty string for temporary file creation #12519
Conversation
…ng for temporary file creation Signed-off-by: Sudheesh Singanamalla <sudheesh1995@outlook.com>
sudheesh001
force-pushed
the
Issue-12514
branch
from
bb08495
to
da60d4f
Compare
Current coverage is 54.33% (diff: 100%)
|
|
I think the code should be rather changed to share logic with File class, which does handle various openbasedir restrictions just fine, see https://github.com/phpmyadmin/phpmyadmin/blob/master/libraries/File.php#L465 |
|
@nijel So should this be rewritten as follows ? $tmpfname = null;
if (! empty($GLOBALS['cfg']['TempDir']) && @is_writable($GLOBALS['cfg']['TempDir'])) {
$tmp_subdir = $GLOBALS['cfg']['TempDir'];
} else {
$tmp_subdir = ini_get('upload_tmp_dir');
if (empty($tmp_subdir)) {
$tmp_subdir = sys_get_temp_dir();
}
$tmp_subdir = rtrim($tmp_subdir, DIRECTORY_SEPARATOR);
}
$tmpfname = tempnam($tmp_subdir, $enc); |
|
Rather File class should export this code and this method should should be used by both File class and here in the Kanji encoding code. We don't want similar code copied over to multiple places... |
|
@nijel I've been looking through the code and realized that there's a todo that's put above the So should this part be moved into a function inside public function getDefaultTempDirectory() {
$tmp_subdir = null;
if (! empty($GLOBALS['cfg']['TempDir']) && @is_writable($GLOBALS['cfg']['TempDir'])) {
$tmp_subdir = $GLOBALS['cfg']['TempDir'];
} else {
$tmp_subdir = ini_get('upload_tmp_dir');
if (empty($tmp_subdir)) {
$tmp_subdir = sys_get_temp_dir();
}
$tmp_subdir = rtrim($tmp_subdir, DIRECTORY_SEPARATOR);
}
return $tmp_subdir;
}And then call this by doing Is that the right way to do this ? |
|
Yes, @sudheesh001 , that sounds like a good approach. |
|
@sudheesh001 will you get anytime soon to implementing described change? |
|
Closing due to no response, somebody else started to work on #12514 as well. |
Fix for #12514