File upload issue in CI

Question

I am using CI and facing a problem while uploading file. It gives a message mentioned below.

================================================== Severity: Warning

Message: escapeshellarg() has been disabled for security reasons

Filename: libraries/Upload.php

Line Number: 1066

In some answers, I found that it is a server issue and CI has nothing to do with it. Now, is there any way to upload file bypassing the escapeshellarg() or is there any libraries I can use that doesn't require escapeshellarg()?

Please help.

you can use normal file uloading functoin – Himanshu Pandey Mar 25 '13 at 12:04 — Himanshu Pandey, Mar 25 '13 at 12:04

score 1 · Answer 1 · answered Mar 21 '13 at 16:02

1

I'm not sure which specific version of CI you're using, but the latest version does a check for that function before using it.

Take a look at the code here:

$cmd = function_exists('escapeshellarg')
    ? 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1'
    : 'file --brief --mime '.$file['tmp_name'].' 2>&1';

I'd say either upgrade or update the code manually.

answered Mar 21 '13 at 16:02

swatkins

13,530
4
46
78

I used the latest version 2.1.3. The problem was in Upload.php library class. I found the answer in this question http://stackoverflow.com/questions/10384336/escapeshellarg-has-been-disabled-for-security-reasons – Anik Mar 25 '13 at 04:40

File upload issue in CI

Line Number: 1066

1 Answers1