[Vtigercrm-commits] [vtiger development] #7194: Export to Excel class.writeexcel_worksheet.inc.ph tempnam() open_basedir restriction
vtiger development
vtiger-tickets at trac.vtiger.com
Thu Nov 3 02:02:37 PDT 2011
#7194: Export to Excel class.writeexcel_worksheet.inc.ph tempnam() open_basedir
restriction
------------------------+---------------------------------------------------
Reporter: jcrisp | Owner: developer
Type: defect | Status: new
Priority: unassigned | Milestone: Unassigned
Component: vtigercrm | Version: 5.2.1
Severity: Medium | Keywords:
------------------------+---------------------------------------------------
Get the following error.
class.writeexcel_worksheet.inc.php line 204 tempnam() [<a
href='function.tempnam'>function.tempnam</a>]: open_basedir restriction
in effect. File() is not within the allowed path(s):
(/home/vtiger/html/)
class.writeexcel_worksheet.inc.php line 205 - fopen() [<a
href='function.fopen'>function.fopen</a>]: Filename cannot be empty
phpbasedir is set to /home/vtiger/html/ (I have several directories in
this space)
The root directory is
/home/vtiger/html/vtiger_521
It would seem that in CreateXL.php it creates the workbook without
problems as the $tmp_dir gets passed in $fname
But when it goes to create the worksheet, it has no temporary directory
set, checks with PHPBasedir and if that is not correct (no idea why it
still doesn't like mine) then it will fail.
Effectively it fails at Line 21 in CreateXL.php once it gets to
_initialize in class.writeexcel_worksheet.inc.php
>From CreateXL.php :
19 global $tmp_dir, $root_directory;
21 $fname = tempnam($root_directory.$tmp_dir, "merge2.xls");
22 $workbook = &new writeexcel_workbook($fname);
23 $worksheet =& $workbook->addworksheet();
Still trying to sort this small but irritating problem.
Following on from my previous I note that there are other users who have
suffered the same problem :
http://forums.vtiger.com/viewtopic.php?f=104&t=39503&p=126401
http://forums.vtiger.com/viewtopic.php?f=104&t=39377&p=126194
(5.1.0) but same problem
http://forums.vtiger.com/viewtopic.php?f=96&t=29369
Having read around a bit more I found these seem related :
http://pear.php.net/bugs/bug.php?id=16938&edit=12&patch=correct-
open_basedir-check&revision=1261435638
http://pear.php.net/bugs/bug.php?id=16936
I'm not sure that it is an open_basedir error - that's just a misnomer.
I have a feeling that tempnam doesn't quite work as it should, but there
should be something in place to catch it when it fails.
For whatever reason, the $tmp_dir/_tempdir is not set, and tempnam fails
to find anywhere else to write too, though it should use the system temp
directory if all else fails but it doesn't see to find this.
sys_get_temp_dir() reports mine as /tmp
Anyway, in theory, if the file checks fail, the function (as shown below
- note the ToDo comment about warning when unable to create file) should
go on to load the sheet in memory, but it fails before it gets that far
as there is no test for tempnam failing.
Ran a quick test with open_basedir :
/home/vtiger/html/:/tmp/
tmp = /tmp
The following fails with an open_basedir error
$tmpfname = tempnam("/home/", "FOO");
So tempnam doesn't do exactly what it says on the tin, probably
depending on the flavour & setup of your server, and needs a proper
variable set.
The following quick fix from the above post sets _tempdir to prevent the
problem. But I'm sure that this is not the best method.
Index: include/php_writeexcel/class.writeexcel_worksheet.inc.php
===================================================================
--- include/php_writeexcel/class.writeexcel_worksheet.inc.php (revision
69)
+++ include/php_writeexcel/class.writeexcel_worksheet.inc.php (working
copy)
@@ -200,7 +200,8 @@
function _initialize() {
# Open tmp file for storing Worksheet data.
- $this->_tmp_file_name = tempnam($this->_tempdir, "php_writeexcel");
+ $this->_tempdir=sys_get_temp_dir();
+ $this->_tmp_file_name = tempnam($this->_tempdir,
"php_writeexcel");
$fh=fopen($this->_tmp_file_name, "w+b");
if ($fh) {
--
Ticket URL: <http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/7194>
vtiger development <http://trac.vtiger.com/>
vtigerCRM
More information about the vtigercrm-commits
mailing list