Index: includes/file.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/file.inc,v
retrieving revision 1.62
diff -u -r1.62 file.inc
--- includes/file.inc	18 Jan 2006 19:18:30 -0000	1.62
+++ includes/file.inc	24 Feb 2006 19:02:14 -0000
@@ -137,6 +137,9 @@
  * @param $source
  */
 function file_check_upload($source) {
+  static $upload_cache;
+  if (isset($upload_cache[$source])) return $upload_cache[$source];
+
   if (is_object($source)) {
     if (is_file($source->filepath)) {
       return $source;
@@ -145,7 +148,18 @@
   elseif ($_FILES["edit"]["name"][$source] && is_uploaded_file($_FILES["edit"]["tmp_name"][$source])) {
     $file = new StdClass();
     $file->filename = trim(basename($_FILES["edit"]["name"][$source]), '.');
-    $file->filepath = $_FILES["edit"]["tmp_name"][$source];
+
+    //create temporary name/path for newly uploaded files.
+    $file->filepath = tempnam(file_directory_temp(), 'tmp_');
+
+    //move uploaded files from php's upload_tmp_dir to Drupal's file temp, for preview and pre-submit
+    //operations.  overcomes open_basedir restriction as per node/5961
+    
+    if (!move_uploaded_file($_FILES["edit"]["tmp_name"][$source], $file->filepath)) {
+      drupal_set_message(t('File upload error. Could not move uploaded file.'));
+        watchdog('file', t('Upload Error. Could not move uploaded file(%file) to destination(%destination).', array('%file' => theme('placeholder', $_FILES["edit"]["tmp_name"][$source]), '%destination' => theme('placeholder', $file->filepath))));
+      return false;
+    }
 
     if (function_exists('mime_content_type')) {
       $file->filemime = mime_content_type($file->filepath);
@@ -166,6 +180,7 @@
     $file->error = $_FILES["edit"]["error"][$source];
     $file->filesize = $_FILES["edit"]["size"][$source];
     $file->source = $source;
+    $upload_cache[$source] = $file;
     return $file;
   }
   else {