Opened 17 years ago
Closed 17 years ago
#6465 closed defect (bug) (fixed)
tempnam() has been disabled for security reason
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | 2.6 | Priority: | normal |
Severity: | normal | Version: | 2.5 |
Component: | Administration | Keywords: | has-patch |
Focuses: | Cc: |
Description
http://wordpress.org/support/topic/164139?replies=1
OK, this might not be a WordPress problem exactly, but maybe someone could help me.
When I click the auto-update option for plugins, the page displays:
Warning: tempnam() has been disabled for security reasons in //wp-admin/includes/file.php on line 316
Is there a way to fix it?
Appears some hosts disable tempnam() all together, Might be worth simply using basename($url) as the filename in the upgrade folder.
It causes the plugin auto upgrade to fail.
Attachments (2)
Change History (10)
#4
@
17 years ago
- Keywords has-patch added; needs-patch removed
attachment 6465.diff added.
- Introduces
wp_tempnam()
to find a filename which is useable, based off a provided filename/url & optionally a path (Note: The args are not the same as PHP's tempnam, as the arguement order makes more sense in this fasion for WordPress's use) - Adds checks for
getmyuid()
andfileowner()
before attempting to use them - And adds a filter to the filesystem method.
Note: See
TracTickets for help on using
tickets.
Just for reference, its used in
download_url()
andget_filesystem_method()