From code inspection.... _set_upload_path seems designed to insulate against invalid upload_locations in the configuration, by only setting upload_path if the location is traversable. However the code that actually does the upload references the unsanitized upload_location value instead!
From code inspection....
_set_upload_path
seems designed to insulate against invalidupload_location
s in the configuration, by only settingupload_path
if the location is traversable. However the code that actually does the upload references the unsanitizedupload_location
value instead!