From 6c763cd8b65c1b63d57fb0f176d2c98a44076df1 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Fri, 22 Aug 2008 12:52:48 +0000 Subject: change the way we do chmodd'ing. I know, my implementation really sucked... good we have motivated community members who point this out. ;) Thanks to faw for providing a way better function and for discussing and also abiding to our needs. :) LEW21 should maybe credited too... he gave the inspiration without knowing it. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8780 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_upload.php | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) (limited to 'phpBB/includes/functions_upload.php') diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index aaec7a28e4..f3363992cf 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -263,11 +263,10 @@ class filespec * * @param string $destination_path Destination path, for example $config['avatar_path'] * @param bool $overwrite If set to true, an already existing file will be overwritten - * @param string $chmod Permission mask for chmodding the file after a successful move. The mode entered here reflects the mode of phpbb_chmod() + * @param string $chmod Permission mask for chmodding the file after a successful move. The mode entered here reflects the mode of {@inline phpbb_chmod()} * @access public - * @see phpbb_chmod() */ - function move_file($destination, $overwrite = false, $skip_image_check = false, $chmod = 'rwrite') + function move_file($destination, $overwrite = false, $skip_image_check = false, $chmod = false) { global $user, $phpbb_root_path; @@ -276,6 +275,8 @@ class filespec return false; } + $chmod = ($chmod === false) ? CHMOD_READ | CHMOD_WRITE : $chmod; + // We need to trust the admin in specifying valid upload directories and an attacker not being able to overwrite it... $this->destination_path = $phpbb_root_path . $destination; @@ -346,15 +347,7 @@ class filespec break; } - // Backward compatibility - in versions prior to 3.0.3 $chmod was an octal - if (!is_string($chmod)) - { - @chmod($this->destination_file, $chmod); - } - else - { - phpbb_chmod($this->destination_file, $chmod); - } + phpbb_chmod($this->destination_file, $chmod); } // Try to get real filesize from destination folder -- cgit v1.2.1