I have dokuwiki setup on a server running php in safemode. I found that even with safemode hack configured I could not upload image files through the media manager as the php code attempts to access the temporary upload file before moving it to a directory that is accessible to the script - the only php function that can succeed on the temporary file is move_uploaded_file().
I hacked mediai_upload in inc/media.php thusly;
if(empty($id)) $id = $file['name'];
/*
* start of my hack - part 1
*/
// move temp file to local directory
$tmpfile = "../../".$conf['tmpupload'].basename($file['tmp_name']);
move_uploaded_file($file['tmp_name'], $tmpfile);
$file['tmp_name'] = $tmpfile;
/*
* end of hack - part 1
*/
// check extensions
list($fext,$fmime) = mimetype($file['name']);
and further down replaced the original move_uploaded_file() with a io_rename() call;
// prepare directory
io_createNamespace($id, 'media');
if(io_rename($file['tmp_name'], $fn)) {
// Set the correct permission here.
and added to my conf/local.php
$conf['tmpupload'] = "tmp/";
The tmp directory was created with sufficient permissions for the apache user to create the temporary file.
This has only been tested on linux/php4.3.8/apache2.
As I've only recently dipped my toes into the pool that is dokuwiki I'm unsure of the 'right and proper' thing to do at this juncture.
Have I missed the obvious/easy solution?
Should this be submitted as a bug?
Is this of any use to anyone?
regards,
Alan