I am trying to upload files to server using PHP.
I created a simple file input and a submit button and wrote the PHP function to handle that request.
Initially I tried using this library https://github.com/Gargron/fileupload which worked fine, but I thought I might be missing something so I wrote the php code myself.
It is uploading small files instantly. By small I mean maximum 1Mb.
I am looking to upload files up to 2-3GB or maybe bigger.
So I tried an 150Mb file which transferred nearly instantly as I have a very high uplink bandwidth, so it took few seconds to transfer it, but it never never arrived on the server, I haave no idea why, when I am tried with small files, they go directly on the server folder instantly.
I tried with a 25Mb file and the browser showed that the upload is 100% in less than 5 seconds, but then it took 4 minutes for the file to get on the destination folder on the server.
I am using Ubuntu 20.04 LTS, Apache2, PHP v7.3.20.
I checked PHP ini and I increased post_max_size and upload_max_filesize as per my requirements, so I am not sure what I am missing.
HTML Form
<form action="pages/upload-video" enctype="multipart/form-data" method="post" accept-charset="utf-8">
<input type="file" name="fileToUpload">
<br><br>
<input type="submit" value="upload">
</form>
PHP function
public function upload_video() {
$target_dir = VIDEO_PATH;
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo "The file " . basename($_FILES["fileToUpload"]["name"]) . " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
}
Next I tried to leave only
public function upload_video() {
print_r($_FILES['fileToUpload']);
}
And it takes so much time to execute the function. Not sure whats going on here. Never experienced this before.
Related
Hi I'm having a hard time figuring out how to upload my image on my raspberry pi directory. I tried the code below but it returns a blank array. /var/www/html/image
Here's my code
HTML:
<form action="upload.php" class="dropzone text-center" id="left-drop"> </form>
PHP:
<?php
$target_dir = "/var/www/html/image/main";
$target_file = $target_dir . basename($_FILES["image"]["tmp_name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
if (move_uploaded_file($_FILES["image"]["tmp_name"], $target_file)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "error\n";
}
?>
My raspberry pi permissions:
My folder permissions
Thank you.
I initially assumed that you knew the code you were writing allowed anyone to pwn your server, however you
present your permissions in a screen shot of the LXDE file manager
write code with no error checking or reporting
provide no explanation what did happen and why it did not meet your expectations
have not checked your log files for any errors
did not provide a MCVE
makes me suspect this is not the case. (some hints above about how to start solving the problems)
I am trying on upload file from local file system to a remote server using php.
I am using move_uploaded_file function but when i select a file on my local file system, it tries to find the file on remote server and hence fails. maybe i am missing something. Let's say if i am trying to upload a file from C:\Data\abc.txt. It tries to find the file on /server/abc.txt and hence fails to upload the file. Please let me know if i am missing something.
<?
if(isset($_FILES['image'])){
$errors= array();
$file_name = $_FILES['image']['name'];
$file_size =$_FILES['image']['size'];
$file_tmp =$_FILES['image']['tmp_name'];
$file_type=$_FILES['image']['type'];
$original = $root_path .$file_name;
echo $_FILES['image']['tmp_name'];
if($file_size > 100097152){
$errors[]='File size must be less than 100 MB';
}
if(empty($errors)==true){
move_uploaded_file($file_tmp, '/uploads');
echo "Success";
}else{
print_r($errors);
}
}
?>
<html>
<body>
<form action="" method="POST" enctype="multipart/form-data">
<input type="file" name="image" />
<input type="submit"/>
</form>
</body>
</html>
I dont know if I have understood you correctly, but you means with remote server your webserver?
This server doesnt access your file system directly because of your browser's sandbox mode. It gets only the submitted file, the origin path doesnt matter.
The second parameter of the function move_uploaded_file has to be the target file, not the target dictionary.
Example:
move_uploaded_file($file_tmp, '/uploads/' . $file_name);
diffcult to answer pls tell me the php version and as a hint: have you checked is_uploaded_file() php.net/manual/function.is-uploaded-file.php
could help to use the error/status-reporting in $_FILES['image']['error'] - gives feedback on error/status code of your file upload, so you can better understand what the source of the problem possibly is:
0 = success
1 = file too big (php.ini set)
2 = file too big (max file size directive)
4 = no file was uploaded
6 = no access to temp folder on server
7 = file could not be written to server
8 = upload stopped by a php extension
hope that helps
I've tried heaps of different things to get my php file upload to work, even trimming it right back to the absolute basics. I've tried different scripts and this and that but it's still giving me errors.
So I have this php script:
if (isset($_POST['submit'])) {
$target_path = "uploads/";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['uploadedfile']['name'])." has been uploaded";
} else {
echo "There was an error uploading the file, please try again!";
}
}
So as you can see, absolute bare minimum. This is my simple HTML form:
<form action="" enctype="multipart/form-data" name="uploadform" method="post" >
<input size="10" style="border:0px;" name="uploadedfile" type="file">
<input type="submit" name="submit" class="buttonUpload" value="Upload">
</form>
Any file I try and upload gives me the error. This isn't the first piece of code I've tried. I tried the code example of w3schools, that again gave me the file upload error.
I've checked my php.ini and allow file uploads is on.
It's on my local machine so no need to chmod the upload folder.
Any suggestions on why this may be happening ?
Cheers!
I have the following code that attempts to take a users form input of a file, and upload it to the webserver.
This code does work on a Apache server, however I'm now trying to get the same code working on my Windows IIS 6 web server, which has PHP (Version 5.2.3) installed and working. I have set the PHP.INI file so that
file_uploads = On
upload_tmp_dir = "C:\Temp"
My form is
<form method="POST" action="do_upload.php" enctype="multipart/form-data">
<input type="file" name="img1" size="30">
<input type="submit" name="BtnUpload" value="Click To Upload Now">
</form>
My PHP code to do the upload is
$abpath = "C:\MyWebs\Website1\httdocs\images";
#copy($img1, "$abpath/$img1_name") or $log .= "Couldn't copy image 1 to server";
if (file_exists("$abpath/$img1_name"))
{
$log .= "File 1 was uploaded";
}
else
{
$log .= "File 1 is not an image";
}
For some reason when I check the value of $img1 e.g echo $img1; it is empty. Therefore I tried to get the file using $_FILES['img1']['name']. This worked fine, but still I couldn't upload any files
Any ideas why this is happening.
Your code should be:
move_uploaded_file($_FILES['img1']['tmp_name'], "$abpath/$img1_name");
Don't copy() uploaded files. There are a few edge cases where an uploaded file can be tampered with, which is why move_uploaded_file() exists - it checks for those particular types of tampering.
As well, be VERY careful with how you create your filenames when processing the upload. If you directly use ANYTHING provided in $_FILES as part of the destination path/name for the file, you are opening bad security holes on your server, and a malicious user can exploit that to scribble a file anywhere they want on your server.
First question for quite a while. Essentially, I've got some code that (1) works perfectly in the live environment, (2) used to work in my home OSX environment but (3) doesn't work now.
The HTML:
<form id="upload_form" action="php/upload_class_list.php" method="post" accept-charset="UTF-8" enctype="multipart/form-data" target="upload_target" >
<label>File:</label>
<input name="myfile" type="file" size="35" />
<input id="upload_submit" type="submit" value="Upload" />
<iframe id="upload_target" name="upload_target" style="width:0;height:0;border:0px solid #fff;"></iframe>
</form>
The PHP file:
$destination_path = getcwd().DIRECTORY_SEPARATOR;
$result = 0;
$target_path = $destination_path . basename( $_FILES['myfile']['name']);
if(#move_uploaded_file($_FILES['myfile']['tmp_name'], $target_path)) {
...
}
sleep(1);
?>
<script language="javascript" type="text/javascript">top.upload_class_list(<?php echo $result; ?>);</script>
The script fires at the end, but the PHP code doesn't enter the if (in the local development environment) and so $result remains at 0.
It seems it's not picking up the path of the file to be uploaded; $destination_path points to the folder where the PHP file is located, and not where the file is found.
I think my local environment may have stopped working when I changed to Mountain Lion and rebuilt the PHP setup.
What is missing to stop the file being found?
Let me emphasise: exactly the same code works fine in my live Hostmonster setup, so it's an environment problem, I guess :)
Thanks.
if(#move_uploaded_file($_FILES['myfile']['tmp_name'], $target_path)) {
...
}
What is missing to stop the file being found?
What makes you think the problem is the file being found? Maybe the file is found, but what fails is the move... for example because the Web server has no permissions to write into the target_path.
You can check:
$src = $_FILES['myfile']['tmp_name'];
$dst = $target_path;
if (!file_exists($src))
die("Okay, the file is actually not found");
if (!is_readable($src))
die("Very bad hosting juju. The file was uploaded but I can't read it?!?");
if (!is_writeable($destination_path))
die("As expected, you can't upload a file here. This is a good thing.");
#touch($dst);
if (!file_exists($dst))
die("So call me a Marine, the file SHOULD be writeable (which is not so good), and yet I could not write it! Perhaps disk full? User overquota? Some weird security setup?");
The reason why it's a good thing is because that directory holds executable PHP files, and if anyone could upload a PHP file in there, well, that would be a major security hole.
You can set aside another directory and make it writeable (remember to put in there a .htaccess or other system to prohibit read/execute access from the outside).
may be this
<?php
$target = "upload/";
$target = $target . basename( $_FILES['uploaded']['name']) ;
$ok=1;
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file ". basename( $_FILES['uploaded']['name']). " has been uploaded";
}
else {
echo "Sorry, there was a problem uploading your file.";
}
?>