diff --git a/includes/file.inc b/includes/file.inc index 6dc7f88..4647c02 100644 --- a/includes/file.inc +++ b/includes/file.inc @@ -1523,7 +1523,7 @@ function file_save_upload($source, $validators = array(), $destination = FALSE, // directory. This overcomes open_basedir restrictions for future file // operations. $file->uri = $file->destination; - if (!move_uploaded_file($_FILES['files']['tmp_name'][$source], $file->uri)) { + if (!drupal_move_uploaded_file($_FILES['files']['tmp_name'][$source], $file->uri)) { form_set_error($source, t('File upload error. Could not move uploaded file.')); watchdog('file', 'Upload error. Could not move uploaded file %file to destination %destination.', array('%file' => $file->filename, '%destination' => $file->uri)); return FALSE; @@ -1550,6 +1550,47 @@ function file_save_upload($source, $validators = array(), $destination = FALSE, return FALSE; } +/** + * Moves an uploaded file to a new location. + * + * PHP's move_uploaded_file() does not properly support streams if safe_mode + * or open_basedir are enabled, so this function fills that gap. + * + * @see http://php.net/move_uploaded_file + * + * Compatibility: normal paths and stream wrappers. + * @see http://drupal.org/node/515192 + * + * @param $filename + * The filename of the uploaded file. + * @param $uri + * A string containing the destination URI of the file. + * + * @return + * TRUE on success, or FALSE on failure. + * + * @see move_uploaded_file() + * @ingroup php_wrappers + */ +function drupal_move_uploaded_file($filename, $uri) { + // Attempt to move the file using the provided URI. Errors are supressed here + // so that if streams aren't properly supported, we don't see a warning + // message for every upload. + $result = @move_uploaded_file($filename, $uri); + // If the move failed and a real path can be found, attempt to move the file + // using the real path. + if (!$result && drupal_realpath($uri)) { + $result = move_uploaded_file($filename, drupal_realpath($uri)); + } + // Otherwsie, attempt the failed move again so that a useful error message + // is produced. + else { + $result = move_uploaded_file($filename, $uri); + } + + return $result; +} + /** * Check that a file meets the criteria specified by the validators.