|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #51949 open_basedir and move_uploaded_file does not harmonize!
Submitted: 2010-05-30 19:28 UTC Modified: 2018-05-05 20:16 UTC
Avg. Score:3.7 ± 1.9
Reproduced:2 of 3 (66.7%)
Same Version:1 (50.0%)
Same OS:1 (50.0%)
From: lars dot plessmann at gmx dot de Assigned:
Status: Not a bug Package: Filesystem function related
PHP Version: 5.3.2 OS: Linux h1638833 2.6.18-028stab064
Private report: No CVE-ID: None
 [2010-05-30 19:28 UTC] lars dot plessmann at gmx dot de
I have several vhosts and I'd like to use the open_basedir setting for them.

My PHP config is something like that:

Directive | Local Value | Master Value
safe_mode | Off | Off
safe_mode_exec_dir | /usr/local/php/bin | /usr/local/php/bin
safe_mode_gid | Off | Off
safe_mode_include_dir | no value | no value
upload_tmp_dir | /tmp | /tmp
open_basedir | /srv/www/vhosts/domain.tld/httpdocs;/tmp | no value

When I upload files, they do get in /tmp directory and have the privilege:

-rw-r--r--  1 wwwrun www  647585 30. Mai 15:43 demo.jpg

The move_uploaded_file function with using absolute directories and correct paths (I proofed this) returns always false on my PHP 5.3.1 and PHP 5.3.2 compilation!
The target directory has full rwx privileges for all user/group/others and there is not a filesystem privilege problem!

The php log files are not very verbose, in fact, it tells me nothing about the failed movement (also tried with report_error = E_ALL).

If I use rename instead of move_uploaded_file, PHP seems to move the file.

Test script:
// assumes the upload is successfully done (I can see the file in 
// in the filesystem with the privileges: -rw-r--r--  1 wwwrun www).


if(move_uploaded_file("/tmp/silverstripe-cache-srv-www-vhosts-domain.tld-httpdocs-silverstripe-v2.4.0/demo.jpg", "/srv/www/vhosts/domain.tld/httpdocs/silverstripe-4.2.0/assets/Upload/demo.jpg")) {
   return true;
} else {
   return false;


Expected result:
I expect that the file can be moved with the move_uploaded_file from /tmp to the /srv/www/vhosts/domain.tld/httpdocs/silverstripe-4.2.0/assets/Upload by PHP (apache user wwwrun) which created the file in the directory /tmp as well (just a few seconds before). It should take care of the open_basedir setting.
The target directory and also the source directory is specified in the open_basedir setting.

Actual result:
If I overwrite the open_basedir setting for the virtual host to "none", the upload and move_uploaded_file works fine:

Directive | Local Value | Master Value
open_basedir | no value | no value

But it's not a pretty solution for me just to turn off this security feature!

When I google I only find thousends of other people having problems with open_basedir. :-(


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2011-10-17 15:28 UTC] jo at feuersee dot de

I'd say it's an application level bug (in this case silverstripe), not a PHP 
Both move_uploaded_file and is_uploaded_file expect the 1st param to be the 
unmodified temp filename inside upload_dir, but siverstripe copies the 
uploaded file and then uses these function, thus they always fail.

A patch is avail
 [2018-05-05 20:16 UTC]
-Status: Open +Status: Not a bug
 [2018-05-05 20:16 UTC]
The link no longer works (and doesn't have it), but this
suggests that there was, in fact, a SilverStripe bug responsible at least in part. I also vaguely remember there being some issue with move_uploaded_file and open_basedir in the past that was fixed...

If anyone knows that this bug (a) is with PHP and (b) still exists, say something.
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Thu May 06 22:02:20 2021 UTC