ID: 31931 User updated by: website at cellpacksolutions dot com Reported By: website at cellpacksolutions dot com Status: Open Bug Type: HTTP related Operating System: linux PHP Version: 4CVS-2005-02-11 (stable) Assigned To: iliaa New Comment:
I have tried using the basic upload code posted on the following thread: http://www.phpfreaks.com/forums/index.php?showtopic=52077&pid=202571&st=0&#entry202571 which returns: File (C:\\SEARCH PROGRAM\\product_pics\\3b880.jpg) uploaded! testupload C:\\SEARCH PROGRAM\\product_pics\\3b880.jpg jpg scrolling over and selecting properties of the link shows: http://domainname.co.uk/testupload/C://SEARCH this is using the latest cvs version 9 am this morning! Previous Comments: ------------------------------------------------------------------------ [2005-02-14 12:23:52] website at cellpacksolutions dot com just recieved this comment from our hosts this morning: We have tested the most recent available snapshot (9:30am) and the bug regarding PHP file uploads is still present. I would advise using the temporary workaround (all it does is remove everything upto and include the final \ thus providing you with only the filename) until the issue is resolved with PHP 4.3.11. As advised, unfortunately we are unable to revert back to 4.3.10 as this contains severe vulnerabilities which we are unable to allow to exist on our systems. I will leave this ticket suspended in our queue and when we have further information for you we will mail you again. ------------------------------------------------------------------------ [2005-02-12 17:48:18] [EMAIL PROTECTED] Already fixed in CVS. (Can't reproduce with it) ------------------------------------------------------------------------ [2005-02-12 02:33:53] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with <?php and ends with ?>, is max. 10-20 lines long and does not require any external resources such as databases, etc. If possible, make the script source available online and provide an URL to it here. Try to avoid embedding huge scripts into the report. ------------------------------------------------------------------------ [2005-02-11 18:13:36] [EMAIL PROTECTED] Ilia, you "broke" it. :) For the reportee: Provide test case. ------------------------------------------------------------------------ [2005-02-11 17:57:24] website at cellpacksolutions dot com it seems to append the local drive onto the upload path http://domiannamehere.co.uk/data/500/thumbs/C://SEARCH_PROGRAM//test.jpg testing my local version of php4.3.10 works great it is a well known script i use, and the develops also say it may be a bug! Thankyou! ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/31931 -- Edit this bug report at http://bugs.php.net/?id=31931&edit=1
