--- file.inc.orig	2006-02-01 21:56:07.000000000 -0500
+++ file.inc	2006-02-01 23:02:29.000000000 -0500
@@ -145,7 +145,18 @@
   elseif ($_FILES["edit"]["name"][$source] && is_uploaded_file($_FILES["edit"]["tmp_name"][$source])) {
     $file = new StdClass();
     $file->filename = trim(basename($_FILES["edit"]["name"][$source]), '.');
-    $file->filepath = $_FILES["edit"]["tmp_name"][$source];
+
+    //create temporary name/path for newly uploaded files.
+    $file->filepath = tempnam(file_directory_temp(), 'tmp_');
+
+    //move uploaded files from php's upload_tmp_dir to Drupal's file temp, for preview and pre-submit
+    //operations.  overcomes open_basedir restriction as per node/5961
+    
+    if (!move_uploaded_file($_FILES["edit"]["tmp_name"][$source], $file->filepath)) {
+      drupal_set_message(t('File upload error. Could not move uploaded file.'));
+        watchdog('file', t('Upload Error. Could not move uploaded file(%file) to destination(%destination).', array('%file' => theme('placeholder', $_FILES["edit"]["tmp_name"][$source]), '%destination' => theme('placeholder', $file->filepath))));
+      return false;
+    }
 
     if (function_exists('mime_content_type')) {
       $file->filemime = mime_content_type($file->filepath);