Temporary files naming logic in PHPWord_Template can lead to a collision

[ghost]

Temporary files naming logic in PHPWord_Template can lead to a collision

The problem is in the followed peace of code:

public function __construct($strFilename) {
    $path = dirname($strFilename);
    $this->_tempFileName = $path.DIRECTORY_SEPARATOR.time().'.docx';

    copy($strFilename, $this->_tempFileName); // Copy the source File to the temp File

    $this->_objZip = new ZipArchive();
    $this->_objZip->open($this->_tempFileName);

    $this->_documentXML = $this->_objZip->getFromName('word/document.xml');
}

As we may see, temporary files are named using "the current time measured in the number of seconds since the Unix Epoch (January 1 1970 00:00:00 GMT)". In this case, if we have several requests per one second, the code will generate us files with exactly the same names, and that may lead to some confusions. So, we need to generate really unique filenames. tempnam() function meets this requirement.

Moreover, according to ETL, it's not correct to transform data right in the source we extract this data from. But this is what the peace of code does while creating temporary file in the datasource directory. It's not correct to generate temporary files in the destination directory too. There may be tons of such destination directories and, in case of bugs in our code, they may be populated with garbage temporary files. So, we need separate temporary directory for our temporary files, which allows us easily maintain it's content (when deal with garbage). sys_get_temp_dir() function meets this requirement.

Finally, what we need to do is to correct couple lines of code. :)