Commit 7ecbf6d2 authored by Antoine Beaupré's avatar Antoine Beaupré

use move_uploaded_file to get uploaded files instead of copy (svn diff), as...

use move_uploaded_file to get uploaded files instead of copy (svn diff), as recommended in the php manual, see http://php.net/move_uploaded_file
parent ca5137fc
......@@ -399,17 +399,14 @@ class m_bro {
return false;
}
if (!strpos($_FILES['userfile']['name'],"/")) {
// move_uploaded_file($_FILES['userfile']['tmp_name'], $absolute."/".$_FILES['userfile']['name']);
if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
if (!file_exists($absolute."/".$_FILES['userfile']['name'])) {
touch($absolute."/".$_FILES['userfile']['name']);
}
copy($_FILES['userfile']['tmp_name'], $absolute."/".$_FILES['userfile']['name']);
move_uploaded_file($_FILES['userfile']['tmp_name'], $absolute."/".$_FILES['userfile']['name']);
} else {
$err->log("bro","uploadfile","Tentative d'attaque : ".$_FILES['userfile']['tmp_name']);
}
// TODO delete this if it works :)
// move_uploaded_file($_FILES['userfile']['tmp_name'], $absolute."/".$_FILES['userfile']['name']);
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment