2019-06-12, 08:04 AM
Upload paths should support both forms, absolute and "relative" paths (if
For example, on admin/modules/forum/attachments.php#L235, absolute paths would not be supported.
Or, the whole inc/functions_upload.php considers the admin directory one level up from
Not specifying
./
is specified, you point the start of the path to MYBB_ROOT
), as admin/modules/tools/system_health.php already does.For example, on admin/modules/forum/attachments.php#L235, absolute paths would not be supported.
Or, the whole inc/functions_upload.php considers the admin directory one level up from
MYBB_ROOT
(what if I specify the admin directory two level ups?).Not specifying
MYBB_ROOT
on upload paths (as function_upload does) could bring to unexpected behaviours (error due to the execution of tasks using cron, where $_SERVER['DOCUMENT_ROOT']
is not set):<error>
<dateline>1560304831</dateline>
<script>inc/functions_upload.php</script>
<line>160</line>
<type>2</type>
<friendly_type>Warning</friendly_type>
<message>opendir(./uploads/avatars): failed to open dir: No such file or directory</message>
<back_trace>#0 errorHandler->log_error(2, opendir(./uploads/avatars): failed to open dir: No such file or directory, inc/functions_upload.php, 160) called at [/***/inc/class_error.php:189]
#1 errorHandler->error(2, opendir(./uploads/avatars): failed to open dir: No such file or directory, inc/functions_upload.php
#2 opendir(./uploads/avatars) called at [/***/inc/functions_upload.php:160]
#3 remove_avatars(121577895) called at [/***/inc/datahandlers/user.php:1668]
#4 UserDataHandler->delete_content() called at [/***/inc/datahandlers/user.php:1536]
#5 UserDataHandler->delete_user(Array ([121577414] =>