[Phpmyadmin-devel] insert/update row with file contents
Sebastian Mendel
lists at sebastianmendel.de
Tue Dec 12 16:21:28 CET 2006
Marc Delisle schrieb:
> Sebastian Mendel a écrit :
>> Sebastian Mendel schrieb:
>>> Marc Delisle schrieb:
>>>> Sebastian Mendel a écrit :
>>>>> Hi,
>>>>>
>>>>> is there an option to select a file from a user directory to be filled
>>>>> into a field?
>>>> Yes, try Insert into a table containing a BLOB.
>>>>
>>>>> if so, than tbl_replace_fields.inc.php handles this, but it uses
>>>>> move_uploaded_file() on this file, did anybody test this this?
>>>> It has been tested a few years ago.
>>>>> does this work?
>>>>>
>>>>> move_uploaded_file() should only work on files uploaded by form ...
>>>>>
>>>>>
>>>> On the Insert page, the file is uploaded thru a form.
>>> i am not talking about uploaded files via form, i am talking about the
>>> file a user can select when $cfg['UploadDir'] is set
>>>
>>> if open_basedir restriction is set PMA checks for a directory ./tmp/,
>>> only checks, but does not create it, i don't know if this mentioned
>>> somewhere in the documentation
>>>
>>> if this directory exists and is writable, PMA trys to move the file out
>>> of the $cfg['UploadDir'] to this tmp-directory with the function
>>> move_uploaded_file() ... IMHO this will not work!
>>>
>>>
>>> can anyone confirm?
>> after manually creating this ./tmp/ directory in /phpMyAdmin/
>> move_uploaded_file() returns false - this is what i expected
>>
>>
>> my questions are:
>>
>> is it inetentionally that phpMyAdmin does not try to create this ./tmp/
>
> This might be impossible on a server running in safe mode, ownership
> would be wrong.
i didn't tried this, but can't imagine ...
>> folder or use a config variable for this?
>
> Could be done, but I wonder about the permissions.
i don't understand why this file is moved (or better tried to be moved),
if the file can be accessed than i can read in the contents and there is
no need to move the file before read in the contents ...
i think nijel or garvin did write this code - anyone of you remember why
it is/was used this way?
--
Sebastian Mendel
www.sebastianmendel.de
More information about the Developers
mailing list