CC-3086: When uploading a file to /tmp filename collisions can occur
- mktemp is used to generate temp name within /tmp dir - it generate temp file when the file gets uploade to /tmp and then copy to organize folder as original file name
This commit is contained in:
James
parent
37da2bf0c5
commit
ab0dc64ba9
4 changed files with 28 additions and 38 deletions
|
|
@ -397,9 +397,11 @@ class ApiController extends Zend_Controller_Action
|
|||
}
|
||||
|
||||
$upload_dir = ini_get("upload_tmp_dir");
|
||||
Application_Model_StoredFile::uploadFile($upload_dir);
|
||||
$tempFilePath = Application_Model_StoredFile::uploadFile($upload_dir);
|
||||
$tempFileName = basename($tempFilePath);
|
||||
|
||||
$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
|
||||
Application_Model_StoredFile::copyFileToStor($upload_dir, $fileName);
|
||||
Application_Model_StoredFile::copyFileToStor($upload_dir, $fileName, $tempFileName);
|
||||
}
|
||||
|
||||
public function uploadRecordedAction()
|
||||
|
|
|
|||
|
|
@ -26,15 +26,17 @@ class PluploadController extends Zend_Controller_Action
|
|||
public function uploadAction()
|
||||
{
|
||||
$upload_dir = ini_get("upload_tmp_dir") . DIRECTORY_SEPARATOR . "plupload";
|
||||
Application_Model_StoredFile::uploadFile($upload_dir);
|
||||
$tempFilePath = Application_Model_StoredFile::uploadFile($upload_dir);
|
||||
$tempFileName = basename($tempFilePath);
|
||||
|
||||
die('{"jsonrpc" : "2.0"}');
|
||||
die('{"jsonrpc" : "2.0", "tempfilepath" : "'.$tempFileName.'" }');
|
||||
}
|
||||
|
||||
public function copyfileAction(){
|
||||
$upload_dir = ini_get("upload_tmp_dir") . DIRECTORY_SEPARATOR . "plupload";
|
||||
$filename = $this->_getParam('name');
|
||||
Application_Model_StoredFile::copyFileToStor($upload_dir, $filename);
|
||||
$tempname = $this->_getParam('tempname');
|
||||
Application_Model_StoredFile::copyFileToStor($upload_dir, $filename, $tempname);
|
||||
|
||||
die('{"jsonrpc" : "2.0"}');
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue