php move_uploaded_file not working

jijikikishoes · **php move_uploaded_file not working -** 06-23-2008, 10:17 AM

Since moving my site to this server the call to move_uploaded_file isn't working.

I have looked at the $_FILE array and the file seems to being uploaded to the /tmp directory but when i try use move_uploaded_file to move it to my images/product directory it doesn't work.

I have done some looking into this and think it may be that the php process doesn't have permissions to move the file? To test this i gave my images and images/product a chmod to 777 but no luck.

one possible problem could be the public html directory isn't chowned to the user:apache or maybe the apache process doesn't have write permissions to the directory i am trying to move from/too

futrther investigation has made me come to the conclusion that the public html directory isn't chowned to the user:apache or maybe the apache process doesn't have write permissions to the directory I am trying to move from/too

has anyone else had this problem and come up with a work around?

boffel · 07-01-2008, 01:31 PM

So cant you just give permission to the directory?

Right click the directory you want to move the files to and change the chmod to 777 for the directory to...

samy4ever · 07-15-2008, 01:53 PM

uhm... I dunno if you still have this problem but I had some problems too and I manage to solve it luckily.

Here is my code:

Code:

//datos del arhivo -1-
$namefile1 = $_FILES['userfile']['name'];
$typefile1 = $_FILES['userfile']['type'];
$lengthfile1 = $_FILES['userfile']['size'];

//datos del arhivo -2-
$namefile2 = $_FILES['userfile2']['name'];
$typefile2 = $_FILES['userfile2']['type'];
$lengthfile2 = $_FILES['userfile2']['size'];


$ini=$year1."-".$month1."-".$day1;
$fin=$year2."-".$month2."-".$day2;
$ini=strtotime($ini,0);
$fin=strtotime($fin,0);
$period = $fin-$ini;
$period = floor($period/86400);

// Si el tipus del fitxer és correcte i tenim dos fitxers, podem procedir
if (($typefile1 != "text/plain") || ($typefile2 != "text/plain")) {	echo "<br>File type wrong. You will be redirected in 5 seconds. Please, wait... <br><meta http-equiv='refresh' content='5;URL=http://samybux.site88.net'>";	} else {	
if ($period == 0) {	echo "<br>Your files are from the same day. It doesn't make sense. Please, enter two files with different dates. You will be redirected in 5 seconds, wait... <br><meta http-equiv='refresh' content='5;URL=http://samybux.site88.net'>";	} else {	
// Preparem nom dels fitxers a pujar al servidor i carguem el contador
$Counter = file("counter.txt"); 		// La variable cargada es UN STRING.
$fitxer1 = $Counter[0] . ".1." . $namefile1;
$fitxer2 = $Counter[0] . ".2." . $namefile2;

// Comprovem que s'hagi pujat correctament
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $fitxer1)) {   /* echo "El fichero 1 ha sido cargado correctamente.<br>"; */	} else {    echo "ERROR uploading your file nº 1. Try it again.";	}
if (move_uploaded_file($_FILES['userfile2']['tmp_name'], $fitxer2)) {   /* echo "El fichero 2 ha sido cargado correctamente.<br>"; */	} else {	echo "ERROR uploading your file nº 2. Try it again.";   }

............

I hope it helps!

anthony-tietjen

Quote:

Originally Posted by boffel

So cant you just give permission to the directory?

Right click the directory you want to move the files to and change the chmod to 777 for the directory to...

I am using PSPad and the built in ftp support. I was able to right-click the folder and click CHMOD and make sure all the boxes were checked (that put the permissions at 777), and then move_uploaded_file worked for me.

dohlik · 07-28-2008, 11:35 AM

I have the same problems with uploaded files

dohlik · 07-28-2008, 01:41 PM

this code works:

PHP Code:


			
// to upload file with path like '/uploads/dir1/dir2/'
$imgpath = './uploads/'; // this dir must be already exists with rights for writing
$imgpath.= 'dir1/';
mkdir($imgpath, 0777);
$imgpath.= 'dir2/';
mkdir($imgpath, 0777);
$cnt = count($_FILES['f']['name']);
for ($i=0; $i<$cnt; $i++)
    if (!move_uploaded_file($_FILES["f"]["tmp_name"][$i], $imgpath.$_FILES["f"]["name"][$i]))
    { // some error!   }
....

jijikikishoes · **No Chmod 777! its very bad -** 08-07-2008, 07:18 AM

please don't advice people to chmod 777. Its a massive security hole

here is why the problem exists and how to fix it without making a massive security hole in your website.

the problem is because the php scripts are in the 99 group but all the directories under publichtml are in a group of your user name.

You can to write a php script to create a directory to to this you will have to temporarily change the publichtml directory permissions to 777, do not leave them like this. After the new directory is created change your publichtml back to 775. Once you have created the directory your php scripts can chown and chmod it as much as you like.

Any file's you create through cpanel will be of limits for php to chmod and chown but any files or directories php creates can be modified with chmod and chown from php scripts.

It’s all to do with the permissions and the groups.

Note: some people will say just leave the publichtml as 777 but this means anyone on the server can create a script to delete all your files or run malicious code from your site.

dohlik · 08-07-2008, 07:31 AM

So I must change permissions back to 775 after move_uploaded_file?
Or this problem can be solved by correct .htaccess file?

jijikikishoes · 08-07-2008, 12:45 PM

I would advise you to use my solution as its secure.

If you have some directories or files set to 777 all I need to know is your user name and I can write php scripts on the 000webhost server that can read write etc the said directories and files.

The problem is the public_html is in a group, which is your user name, and the php process another group, 99. Group 99 doesn’t have access permissions on the username group.

The fix: -

Change your public_html folder to 777, and any subfolders needed, to allow a php script to create some directories that you want to move files too etc.

Create and run a script to make some directories. These will belong to the 99 group.

Change the public_html folder back to 755, to protect against other people on the server.

Now the new directories your script created can be used in the future by any other php script you run, e.g. the one calling move_uploaded_file

dohlik · 08-07-2008, 12:55 PM

So, if I'll create a folder "Uploads" with a php script, all subdirectories (like "Uploads/Images/") will be able for move_uploaded_file() and others? Its because "Uploads" group will be 99?