Forum Moderators: coopster
As far as I can tell, the file uploads to the temporary directory fine. It validates fine. Then the script tries to move the file to the desired directory but then fails. The script outputs the error "Could not move file!".
I think there is a problem with the $final_path string, but I have tried countless varieties for it with no joy. The path specified does exist.
The $tmp_path seems to be fine, because if I change it then I get a PHP error - "Cannot open stream".
The full $_FILES array I get is:
[file] => Array ( [name] => baba.gif [type] => image/gif [tmp_name] => /tmp/php4BQZnv [error] => 0 [size] => 104
My system setup is:
Apache/1.3.27 (Unix) (Red-Hat/Linux) PHP/4.3.2
The script code is:
$tmp_path = "/home/virtual/site6/fst/var/www/html";
$final_path = "/home/virtual/site6/fst/var/www/html/test/";
print_r($_FILES); if (!is_uploaded_file($_FILES['file']['tmp_name']))
{
$error = "You did not upload a file!";
unlink($_FILES['file']['tmp_name']);
// assign error message, remove uploaded file, redisplay form.
}
else
{
//a file was uploaded
$maxfilesize=10240;
if ($_FILES['file']['size'] > $maxfilesize)
{
$error = "file is too large";
unlink($_FILES['file']['tmp_name']);
// assign error message, remove uploaded file, redisplay form.
}
else
{// Check file MIME type
if ($_FILES['file']['type']!= "image/gif" && $_FILES['file']['type']!= "image/pjpeg" && $_FILES['file']['type']!= "image/jpeg" && $_FILES['file']['type']!= "image/png" && $_FILES['file']['type']!= "image/x-png")
{
$error = "This file type is not allowed";
unlink($_FILES['file']['tmp_name']);
// assign error message, remove uploaded file, redisplay form.
}
else
{
//File has passed all validation, copy it to the final destination and remove the temporary file:
if (move_uploaded_file($tmp_path . $_FILES['file']['tmp_name'], $final_path . $_FILES['file']['name']))
{ print "File has been successfully uploaded!"; }
else
{ print "Could not move file!"; }
unlink($_FILES['file']['tmp_name']);
exit;
}
}
}
Any suggestions? I'd be so very grateful :o)
Prem.
that is the first thing that comes to mind.
could it be a permissions problem?
that is the first thing that comes to mind.
Actually, no. I originally had the server set in safe mode, and each time I tried to upload I got an error saying that the ID of the script and the permissions of the file were different (or somesuch thing). Then safe mode was switched off and no error appeared.
So. Permissions are OK.
Other thoughts?
[ca.php.net...]
If filename is not a valid upload file, then no action will occur, and move_uploaded_file() will return FALSE.If filename is a valid upload file, but cannot be moved for some reason, no action will occur, and move_uploaded_file() will return FALSE. Additionally, a warning will be issued.
so if either of those are true all we get is false.
A couple of things to look at would be
1. is the file getting uploaded to the temp dir and just not being moved?
if so then we need to check if php considers it as an uploaded file, maybe try
$oldfile = $tmp_path . $_FILES['file']['tmp_name'];
if (is_uploaded_file [ca.php.net]($oldfile)) echo "this is an uploaded file";
else "not an uploaded file";
if this passes then we know that php knows where it is and also knows that it is an uploaded file, perfect.
Now we know it can't move it but we don't know why.
start with destination directory permissions and then we will see if something else comes to mind.
$oldfile = $tmp_path . $_FILES['file']['tmp_name'];
if (is_uploaded_file($oldfile)) echo "this is an uploaded file";
else echo "not an uploaded file";
Hmm. Interesting...
If I add this to the script, I get "not an uploaded file". But if I remove the $tmp_path variable, then I get "this is an uploaded file".
I then tried to remove the $tmp_path variable from my move_uploaded_file function to see what would happen:
move_uploaded_file($_FILES['file']['tmp_name'], $final_path . $_FILES['file']['name'])
...
And then I got the error message:
"Warning: move_uploaded_file(/home/virtual/site6/fst/var/www/html/baba.gif): failed to open stream: Permission denied in /home/virtual/site6/fst/var/www/html/test/upload_script.php on line 60"
Any idea what permissions I'd need to set?
Is this the source of the problem?
Thanks,
Prem
$_FILES['file']['tmp_name']The temporary filename of the file in which the uploaded file was stored on the server.
This autoglobal variable will already contain the path, so you are correct, no need to concatenate it again. Now all you have to do is set the permissions on your 'test' directory. CHMOD 0777 and you should be good to go.
1. Is this a safe thing to do? I am actually writing this upload script so I can upload files to any directory on the server, so I would need to allow write permissions on the entire site. Should I do this?
I changed the permissions setting on the server itself. Should I instead use a chmod to allow writing and then do another chmod at the end to disallow writing?
2. I still get an error:
"Warning: unlink(/tmp/phpObAH3K): No such file or directory in /home/virtual/site6/fst/var/www/html/test/upload_script.php on line 65"
Basically, the unlink is not successful after I move the file. It works in all other cases (i.e. when the move is not successful). Is this as expected? I guess moving the file automatically removes it from the tmp directory, so then I could remove the unlink command from the script?
Thanks,
Prem.
Well, no but I don't know why you would even need something like this. Just use an ftp program or scp.
2. I guess moving the file automatically removes it from the tmp directory
yes sir, you moved it not copied it, so the file that used to be in tmp is no longer there.
1. Is this a safe thing to do?
Well, no but I don't know why you would even need something like this. Just use an ftp program or scp.
Well, I'm open to some better suggestions...
The reason I am writing this script is because I need to update a website while I am on the road on a tour. I need to quickly get into a internet cafe, quickly upload some photos and pages and quickly get out again. My experience is that not all internet cafes will allow me to connect my laptop to their LAN, so I will need to put the files onto disc (or USB memory stick) then upload them. I thought the easiest way would be to just use the cafe's standard browser and go to my admin page (password protected) and use the upload script.
1. Is there a better way to do what I am trying to do?
2. If I use this upload script, should I chmod at the start to allow writing and then chmod at the end to disallow writing? I'm not quite sure how to do this at the moment, but will find out.
3. Would I be correct in saying that to achieve all this I should have the server set to "safe_mode - Off" and "safe_mode_gid - On"?
Thanks a lot for all your help. You are truly great!
Prem.
/pages/ - write your added pages to here
/images/ - write your added images to here
something like that or your #2 sounds pretty good too
2. that is not a bad idea, you could use chmod [ca.php.net]
3. if safe mode is off (which it should be) then safe_mode_gid is irrelevant because it is just figuring out whether to do a uid or gid comparison when safe mode is on.
The manual states that "The file will be deleted from the temporary directory at the end of the request if it has not been moved away or renamed."
Yes, I read that too. Does that mean that there is no need or advantage in using unlink in this kind of upload script?
2. that is not a bad idea, you could use chmod
OK, so I am trying to chmod the directory to allow writing at the start of the script, then chmod it back at the end of the script.
I am doing this:
// Start of script
$final_path = "/home/virtual/site6/fst/var/www/html/test/";
chmod($final_path, 0777);
// ........
// [upload script]
// ........
chmod($final_path, 0755);
// End of script
But I get this error:
"Warning: chmod(): Operation not permitted in /home/virtual/site6/fst/var/www/html/test/upload_script.php on line 18"
The server has safe_mode off.
What do I need to do?
Prem.
I see that I can only chmod a file or directory if it has the same owner as the script's owner ("apache").
So, I tried to chown (change owner), but that also fails - seems reasonable: how can the script change the owner of something that it doesn't own?
Confusing...
maybe your best bet then is to have a central place that things are uploaded to
I would do that, but then I would be unable to update existing files.
