Index: includes/file.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/file.inc,v
retrieving revision 1.62
diff -u -r1.62 file.inc
--- includes/file.inc	18 Jan 2006 19:18:30 -0000	1.62
+++ includes/file.inc	25 Feb 2006 03:42:12 -0000
@@ -30,11 +30,12 @@
   if (strpos($path, file_directory_path()) !== false) {
     $path = trim(substr($path, strlen(file_directory_path())), '\\/');
   }
+  
   switch (variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC)) {
     case FILE_DOWNLOADS_PUBLIC:
-      return $GLOBALS['base_url'] .'/'. file_directory_path() .'/'. str_replace('\\', '/', $path);
+      return  $GLOBALS['base_url'] .'/'. file_directory_path() .'/'. str_replace('\\', '/', $path);
     case FILE_DOWNLOADS_PRIVATE:
-      return url('system/files', 'file='. $path, NULL, TRUE);
+      return  url('system/files', 'file='. $path, NULL, TRUE);
   }
 }
 
@@ -137,15 +138,32 @@
  * @param $source
  */
 function file_check_upload($source) {
+  static $upload_cache = array();
+
   if (is_object($source)) {
     if (is_file($source->filepath)) {
       return $source;
     }
+    return false;
   }
-  elseif ($_FILES["edit"]["name"][$source] && is_uploaded_file($_FILES["edit"]["tmp_name"][$source])) {
+
+  if (isset($upload_cache[$source])) return $upload_cache[$source];
+    
+  if ($_FILES["edit"]["name"][$source] && is_uploaded_file($_FILES["edit"]["tmp_name"][$source])) {
     $file = new StdClass();
     $file->filename = trim(basename($_FILES["edit"]["name"][$source]), '.');
-    $file->filepath = $_FILES["edit"]["tmp_name"][$source];
+
+    //create temporary name/path for newly uploaded files.
+    $file->filepath = tempnam(file_directory_temp(), 'tmp_');
+
+    //move uploaded files from php's upload_tmp_dir to Drupal's file temp, for preview and pre-submit
+    //operations.  overcomes open_basedir restriction as per node/5961
+    
+    if (!move_uploaded_file($_FILES["edit"]["tmp_name"][$source], $file->filepath)) {
+      drupal_set_message(t('File upload error. Could not move uploaded file.'));
+        watchdog('file', t('Upload Error. Could not move uploaded file(%file) to destination(%destination).', array('%file' => theme('placeholder', $_FILES["edit"]["tmp_name"][$source]), '%destination' => theme('placeholder', $file->filepath))));
+      return false;
+    }
 
     if (function_exists('mime_content_type')) {
       $file->filemime = mime_content_type($file->filepath);
@@ -166,6 +184,7 @@
     $file->error = $_FILES["edit"]["error"][$source];
     $file->filesize = $_FILES["edit"]["size"][$source];
     $file->source = $source;
+    $upload_cache[$source] = $file;
     return $file;
   }
   else {