Index: wp-admin/admin-functions.php =================================================================== --- wp-admin/admin-functions.php (revision 3736) +++ wp-admin/admin-functions.php (working copy) @@ -1861,7 +1861,7 @@ // Increment the file number until we have a unique file to save in $dir. Use $override['unique_filename_callback'] if supplied. if ( isset($unique_filename_callback) && function_exists($unique_filename_callback) ) { - $filename = $unique_filename_callback($uploads['path'], $file['name']); + $filename = $unique_filename_callback(ABSPATH . $uploads['path'], $file['name']); } else { $number = ''; $filename = str_replace('#', '_', $file['name']); @@ -1880,13 +1880,13 @@ // Move the file to the uploads dir $new_file = $uploads['path'] . "/$filename"; - if ( false === @ move_uploaded_file($file['tmp_name'], $new_file) ) + if ( false === @ move_uploaded_file($file['tmp_name'], ABSPATH . $new_file) ) die(printf(__('The uploaded file could not be moved to %s.'), $file['path'])); // Set correct file permissions - $stat = stat(dirname($new_file)); + $stat = stat(dirname(ABSPATH . $new_file)); $perms = $stat['mode'] & 0000666; - @ chmod($new_file, $perms); + @ chmod(ABSPATH . $new_file, $perms); // Compute the URL $url = $uploads['url'] . "/$filename"; Index: wp-admin/inline-uploading.php =================================================================== --- wp-admin/inline-uploading.php (revision 3736) +++ wp-admin/inline-uploading.php (working copy) @@ -73,7 +73,7 @@ if ( preg_match('!^image/!', $attachment['post_mime_type']) ) { // Generate the attachment's postmeta. - $imagesize = getimagesize($file); + $imagesize = getimagesize(ABSPATH . $file); $imagedata['width'] = $imagesize['0']; $imagedata['height'] = $imagesize['1']; list($uwidth, $uheight) = get_udims($imagedata['width'], $imagedata['height']); @@ -84,9 +84,9 @@ if ( $imagedata['width'] * $imagedata['height'] < 3 * 1024 * 1024 ) { if ( $imagedata['width'] > 128 && $imagedata['width'] >= $imagedata['height'] * 4 / 3 ) - $thumb = wp_create_thumbnail($file, 128); + $thumb = wp_create_thumbnail(ABSPATH . $file, 128); elseif ( $imagedata['height'] > 96 ) - $thumb = wp_create_thumbnail($file, 96); + $thumb = wp_create_thumbnail(ABSPATH . $file, 96); if ( @file_exists($thumb) ) { $newdata = $imagedata; Index: wp-includes/functions-post.php =================================================================== --- wp-includes/functions-post.php (revision 3736) +++ wp-includes/functions-post.php (working copy) @@ -921,17 +921,15 @@ // Returns an array containing the current upload directory's path and url, or an error message. function wp_upload_dir() { $siteurl = get_settings('siteurl'); - //prepend ABSPATH to $dir and $siteurl to $url if they're not already there + //remove ABSPATH from upload_path if present $path = str_replace(ABSPATH, '', trim(get_settings('upload_path'))); - $dir = ABSPATH . $path; + if($path == '') + $path = 'wp-content/uploads'; + $dir = $path; $url = trailingslashit($siteurl) . $path; - if ( $dir == ABSPATH ) { //the option was empty - $dir = ABSPATH . 'wp-content/uploads'; - } - if ( defined('UPLOADS') ) { - $dir = ABSPATH . UPLOADS; + $dir = UPLOADS; $url = trailingslashit($siteurl) . UPLOADS; } @@ -945,12 +943,12 @@ } // Make sure we have an uploads dir - if ( ! wp_mkdir_p( $dir ) ) { - $message = sprintf(__('Unable to create directory %s. Is its parent directory writable by the server?'), $dir); + if ( ! wp_mkdir_p( ABSPATH . $dir ) ) { + $message = sprintf(__('Unable to create directory %s. Is its parent directory writable by the server?'), ABSPATH . $dir); return array('error' => $message); } - $uploads = array('path' => $dir, 'url' => $url, 'error' => false); + $uploads = array('path' => $dir, 'url' => $url, 'error' => false); return apply_filters('upload_dir', $uploads); } @@ -971,7 +969,7 @@ $ext = ''; else $ext = ".$ext"; - while ( file_exists($upload['path'] . "/$filename") ) { + while ( file_exists(ABSPATH . $upload['path'] . "/$filename") ) { if ( '' == "$number$ext" ) $filename = $filename . ++$number . $ext; else @@ -979,12 +977,12 @@ } $new_file = $upload['path'] . "/$filename"; - if ( ! wp_mkdir_p( dirname($new_file) ) ) { + if ( ! wp_mkdir_p( dirname(ABSPATH . $new_file) ) ) { $message = sprintf(__('Unable to create directory %s. Is its parent directory writable by the server?'), dirname($new_file)); return array('error' => $message); } - $ifp = @ fopen($new_file, 'wb'); + $ifp = @ fopen(ABSPATH . $new_file, 'wb'); if ( ! $ifp ) return array('error' => "Could not write file $new_file.");