From 466b41c36bf7093cdde9d2856eb520503f52640c Mon Sep 17 00:00:00 2001
From: Hendrik Langer <hendrik.langer@gmx.de>
Date: Wed, 19 Oct 2011 23:38:35 +0200
Subject: [PATCH] Don't use sys_get_temp_dir(), as it reports the wrong path in
restricted environments
---
apps/admin_export/settings.php | 2 +-
apps/user_openid/phpmyid.php | 48 ++++++++++++++++++++--------------
lib/base.php | 25 +++++++++---------
lib/db.php | 4 +--
lib/files.php | 6 ++---
lib/filestorage/local.php | 2 +-
lib/filestorage/remote.php | 2 +-
lib/installer.php | 4 +--
lib/remote/cloud.php | 8 +++---
9 files changed, 55 insertions(+), 46 deletions(-)
diff --git a/apps/admin_export/settings.php b/apps/admin_export/settings.php
index cf1daa250f..a33c872ccf 100644
--- a/apps/admin_export/settings.php
+++ b/apps/admin_export/settings.php
@@ -25,7 +25,7 @@ OC_Util::checkAppEnabled('admin_export');
if (isset($_POST['admin_export'])) {
$root = OC::$SERVERROOT . "/";
$zip = new ZipArchive();
- $filename = sys_get_temp_dir() . "/owncloud_export_" . date("y-m-d_H-i-s") . ".zip";
+ $filename = get_temp_dir() . "/owncloud_export_" . date("y-m-d_H-i-s") . ".zip";
OC_Log::write('admin_export',"Creating export file at: " . $filename,OC_Log::INFO);
if ($zip->open($filename, ZIPARCHIVE::CREATE) !== TRUE) {
exit("Cannot open <$filename>\n");
diff --git a/apps/user_openid/phpmyid.php b/apps/user_openid/phpmyid.php
index d8168c9a10..c984dc8f5e 100644
--- a/apps/user_openid/phpmyid.php
+++ b/apps/user_openid/phpmyid.php
@@ -603,7 +603,7 @@ function test_mode () {
$res['gmp'] = 'pass - n/a';
}
- // sys_get_temp_dir
+ // get_temp_dir
$res['logfile'] = is_writable($profile['logfile'])
? 'pass' : "warn - log is not writable";
@@ -1374,30 +1374,38 @@ function str_diff_at ($a, $b) {
}
-if (! function_exists('sys_get_temp_dir') && ini_get('open_basedir') == false) {
+if (! function_exists('get_temp_dir')) {
/**
* Create function if missing
* @return string
*/
-function sys_get_temp_dir () {
- $keys = array('TMP', 'TMPDIR', 'TEMP');
- foreach ($keys as $key) {
- if (isset($_ENV[$key]) && is_dir($_ENV[$key]) && is_writable($_ENV[$key]))
- return realpath($_ENV[$key]);
- }
+ if (ini_get('open_basedir') == false) {
+ function get_temp_dir () {
+ $keys = array('TMP', 'TMPDIR', 'TEMP');
+ foreach ($keys as $key) {
+ if (isset($_ENV[$key]) && is_dir($_ENV[$key]) && is_writable($_ENV[$key]))
+ return realpath($_ENV[$key]);
+ }
- $tmp = tempnam(false, null);
- if (file_exists($tmp)) {
- $dir = realpath(dirname($tmp));
- unlink($tmp);
- return realpath($dir);
- }
+ $tmp = tempnam(false, null);
+ if (file_exists($tmp)) {
+ $dir = realpath(dirname($tmp));
+ unlink($tmp);
+ return realpath($dir);
+ }
- return realpath(dirname(__FILE__));
-}} elseif (! function_exists('sys_get_temp_dir')) {
-function sys_get_temp_dir () {
- return realpath(dirname(__FILE__));
-}}
+ return realpath(dirname(__FILE__));
+ }
+ }
+ else {
+ function get_temp_dir () {
+ if (isset(ini_get('upload_tmp_dir')) && is_dir(ini_get('upload_tmp_dir')) && is_writable(ini_get('upload_tmp_dir')))
+ return ini_get('upload_tmp_dir');
+ else
+ return realpath(dirname(__FILE__));
+ }
+ }
+}
/**
@@ -1694,7 +1702,7 @@ if (! array_key_exists('lifetime', $profile)) {
// Set a default log file
if (! array_key_exists('logfile', $profile))
- $profile['logfile'] = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $profile['auth_realm'] . '.debug.log';
+ $profile['logfile'] = get_temp_dir() . DIRECTORY_SEPARATOR . $profile['auth_realm'] . '.debug.log';
/*
diff --git a/lib/base.php b/lib/base.php
index 8adb1cc910..d5fff1e0a7 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -186,18 +186,19 @@ if( !isset( $RUNTIME_NOAPPS )){
OC::init();
-if(!function_exists('sys_get_temp_dir')) {
- function sys_get_temp_dir() {
- if( $temp=getenv('TMP') ) return $temp;
- if( $temp=getenv('TEMP') ) return $temp;
- if( $temp=getenv('TMPDIR') ) return $temp;
- $temp=tempnam(__FILE__,'');
- if (file_exists($temp)) {
- unlink($temp);
- return dirname($temp);
- }
- return null;
- }
+if(!function_exists('get_temp_dir')) {
+ function get_temp_dir() {
+ if( $temp=ini_get('upload_tmp_dir') ) return $temp;
+ if( $temp=getenv('TMP') ) return $temp;
+ if( $temp=getenv('TEMP') ) return $temp;
+ if( $temp=getenv('TMPDIR') ) return $temp;
+ $temp=tempnam(__FILE__,'');
+ if (file_exists($temp)) {
+ unlink($temp);
+ return dirname($temp);
+ }
+ return null;
+ }
}
require_once('fakedirstream.php');
diff --git a/lib/db.php b/lib/db.php
index bcfda4592f..44be619fde 100644
--- a/lib/db.php
+++ b/lib/db.php
@@ -285,7 +285,7 @@ class OC_DB {
$content = file_get_contents( $file );
// Make changes and save them to a temporary file
- $file2 = tempnam( sys_get_temp_dir(), 'oc_db_scheme_' );
+ $file2 = tempnam( get_temp_dir(), 'oc_db_scheme_' );
$content = str_replace( '*dbname*', $CONFIG_DBNAME, $content );
$content = str_replace( '*dbprefix*', $CONFIG_DBTABLEPREFIX, $content );
if( $CONFIG_DBTYPE == 'pgsql' ){ //mysql support it too but sqlite don't
@@ -392,7 +392,7 @@ class OC_DB {
$content = file_get_contents( $file );
// Make changes and save them to a temporary file
- $file2 = tempnam( sys_get_temp_dir(), 'oc_db_scheme_' );
+ $file2 = tempnam( get_temp_dir(), 'oc_db_scheme_' );
$content = str_replace( '*dbname*', $CONFIG_DBNAME, $content );
$content = str_replace( '*dbprefix*', $CONFIG_DBTABLEPREFIX, $content );
file_put_contents( $file2, $content );
diff --git a/lib/files.php b/lib/files.php
index 631726bf9b..88b559059f 100644
--- a/lib/files.php
+++ b/lib/files.php
@@ -91,7 +91,7 @@ class OC_Files {
if(is_array($files)){
$zip = new ZipArchive();
- $filename = sys_get_temp_dir()."/ownCloud.zip";
+ $filename = get_temp_dir()."/ownCloud.zip";
if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) {
exit("cannot open <$filename>\n");
}
@@ -108,7 +108,7 @@ class OC_Files {
$zip->close();
}elseif(OC_Filesystem::is_dir($dir.'/'.$files)){
$zip = new ZipArchive();
- $filename = sys_get_temp_dir()."/ownCloud.zip";
+ $filename = get_temp_dir()."/ownCloud.zip";
if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) {
exit("cannot open <$filename>\n");
}
@@ -271,7 +271,7 @@ class OC_Files {
* @return string guessed mime type
*/
static function pull($source,$token,$dir,$file){
- $tmpfile=tempnam(sys_get_temp_dir(),'remoteCloudFile');
+ $tmpfile=tempnam(get_temp_dir(),'remoteCloudFile');
$fp=fopen($tmpfile,'w+');
$url=$source.="/files/pull.php?token=$token";
$ch=curl_init();
diff --git a/lib/filestorage/local.php b/lib/filestorage/local.php
index 8e0907f8d3..8db0ffead4 100644
--- a/lib/filestorage/local.php
+++ b/lib/filestorage/local.php
@@ -161,7 +161,7 @@ class OC_Filestorage_Local extends OC_Filestorage{
}
public function toTmpFile($path){
- $tmpFolder=sys_get_temp_dir();
+ $tmpFolder=get_temp_dir();
$filename=tempnam($tmpFolder,'OC_TEMP_FILE_'.substr($path,strrpos($path,'.')));
$fileStats = stat($this->datadir.$path);
if(copy($this->datadir.$path,$filename)){
diff --git a/lib/filestorage/remote.php b/lib/filestorage/remote.php
index fb14c4121a..88bdbca481 100644
--- a/lib/filestorage/remote.php
+++ b/lib/filestorage/remote.php
@@ -211,7 +211,7 @@ class OC_Filestorage_Remote extends OC_Filestorage{
$parent=dirname($path);
$name=substr($path,strlen($parent)+1);
$file=$this->remote->getFile($parent,$name);
- $file=tempnam(sys_get_temp_dir(),'oc_');
+ $file=tempnam(get_temp_dir(),'oc_');
file_put_contents($file,$data);
if($return=$this->remote->sendTmpFile($file,$parent,$name)){
$this->notifyObservers($path,OC_FILEACTION_WRITE);
diff --git a/lib/installer.php b/lib/installer.php
index 242ca97934..9248f68e01 100644
--- a/lib/installer.php
+++ b/lib/installer.php
@@ -62,7 +62,7 @@ class OC_Installer{
//download the file if necesary
if($data['source']=='http'){
- $path=tempnam(sys_get_temp_dir(),'oc_installer_');
+ $path=tempnam(get_temp_dir(),'oc_installer_');
if(!isset($data['href'])){
OC_Log::write('core','No href specified when installing app from http',OC_Log::ERROR);
return false;
@@ -77,7 +77,7 @@ class OC_Installer{
}
//extract the archive in a temporary folder
- $extractDir=tempnam(sys_get_temp_dir(),'oc_installer_uncompressed_');
+ $extractDir=tempnam(get_temp_dir(),'oc_installer_uncompressed_');
unlink($extractDir);
mkdir($extractDir);
$zip = new ZipArchive;
diff --git a/lib/remote/cloud.php b/lib/remote/cloud.php
index 75d60155d0..a9c74e8bf5 100644
--- a/lib/remote/cloud.php
+++ b/lib/remote/cloud.php
@@ -17,7 +17,7 @@ class OC_REMOTE_CLOUD{
*/
private function apiCall($action,$parameters=false,$assoc=false){
if(!$this->cookiefile){
- $this->cookiefile=sys_get_temp_dir().'/remoteCloudCookie'.uniqid();
+ $this->cookiefile=get_temp_dir().'/remoteCloudCookie'.uniqid();
}
$url=$this->path.='/files/api.php';
$fields_string="action=$action&";
@@ -168,9 +168,9 @@ class OC_REMOTE_CLOUD{
}
$ch=curl_init();
if(!$this->cookiefile){
- $this->cookiefile=sys_get_temp_dir().'/remoteCloudCookie'.uniqid();
+ $this->cookiefile=get_temp_dir().'/remoteCloudCookie'.uniqid();
}
- $tmpfile=tempnam(sys_get_temp_dir(),'remoteCloudFile');
+ $tmpfile=tempnam(get_temp_dir(),'remoteCloudFile');
$fp=fopen($tmpfile,'w+');
$url=$this->path.="/files/api.php?action=get&dir=$dir&file=$file";
curl_setopt($ch,CURLOPT_URL,$url);
@@ -191,7 +191,7 @@ class OC_REMOTE_CLOUD{
public function sendTmpFile($tmp,$targetDir,$targetFile){
$token=sha1(uniqid().$tmp);
- $file=sys_get_temp_dir().'/'.'remoteCloudFile'.$token;
+ $file=get_temp_dir().'/'.'remoteCloudFile'.$token;
rename($tmp,$file);
if( OC_Config::getValue( "forcessl", false ) or isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') {
$url = "https://". $_SERVER['SERVER_NAME'] . OC::$WEBROOT;
--
GitLab