Hi, maybe i should simply quote the documentation at: http://www.php.net/manual/en/function.move-uploaded-file.php it says: Note: move_uploaded_file() is not affected by the normal safe-mode UID-restrictions. This is not unsafe because move_uploaded_file() only operates on files uploaded via PHP. maybe all the guys complaining should first read the documentation of move_uploaded_file. It is wrong because it states that move_uploaded_file is safe_mode unaware (and it was only not aware of safe_mode because of that bug) but how comes you assume it is safe_mode aware if the documentation says it is not? Before crying around: RTFM. And feel free to disable move_uploaded_file () in your php.ini The next release of php will have move_uploaded_file() fully safe_mode aware. This feature is now added. Stefan Esser
