[imp] IMP 2.2.5: some problems

Christopher Crowley ccrowley@tulane.edu
Wed, 30 May 2001 10:24:05 -0500

Previous message: [imp] IMP 2.2.5: some problems
Next message: [imp] IMP 2.2.5: some problems
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Quoting Christopher Crowley <ccrowley@tulane.edu>:
>
> > I commented out this entire if() and the upload worked. Should I test
with
> > this syntax and let you know how it works?
> > if (!is_uploaded_file($file_upload))
> > {
> >     break;  /* ignore attempt to spoof us; back to composing */
> >  }
>
> Yes, that's what I meant. You need a check there to make sure that someone
> isn't putting "/etc/passwd" into the upload filename form value.

This works correctly to attach files so the safe_file is the location
problem.  I also determined that the upload_tmp_dir that I assigned in
php/php.ini is not being used. Instead, another directory is being used.  I
will try to track down in my code to determine what the cause of this is.

Chris

Previous message: [imp] IMP 2.2.5: some problems
Next message: [imp] IMP 2.2.5: some problems
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]