I want to guarantee that the file will be created in the specified directory or else the function should return FALSE, I have a simple function that works, but I am unsure if its a potential security issue.
function dir_tempnam($dir, $prefix)
{
$real_dir_path = realpath($dir);
if (substr($real_dir_path, -1) != '/')
$real_dir_path .= '/';
$tempfile = tempnam($real_dir_path, $prefix);
$name = basename($tempfile);
if(is_file($real_dir_path.$name))
return $name;
else
{
@unlink($name);
return FALSE;
}
}
This function returns just the name of the temporary file in the specified directory, or FALSE.
Obviously it could return the entire $tempfile, but in my case, I actually want the basename value seperate.
