We recently upgraded all our 2.2 sites to 2.2.4 for security reasons.
As a result uploading a file through the cms now fails with the following error:
FATAL ERROR: Folder::addUploadToFolder() File is not a valid upload
All our sites on the same server that are 2.3.1 work fine. I tracked the problem down to line 216 in 'sapphire/filesystem/Folder.php' and commented out the following code:
if(isset($tmpFile['tmp_name']) && !is_uploaded_file($tmpFile['tmp_name'])) {
user_error("Folder::addUploadToFolder() File is not a valid upload", E_USER_ERROR);
return false;
}
Now the uploads work. BUT what is the consequence of commenting this out? This is a security release, so has this code been added for any security reason?
I'd really appreciate any thoughts on this.
Thanks,
Barry.