I creating script and I need to let users upload files (images) . and for security reasons I want to make file folder outside public_html.
But my problem is maybe my potential customers may have different folders structure in their servers.
So my question is : There is a way in php to go back one folder before public_html ?
Another possible case if my client put script file in directory like that public_html/demo/ , so in that case I need to go 2 folders back.
I try to use $_SERVER["DOCUMENT_ROOT"] but it give the public server directory.
any help or suggestion will be helpfull. thank you
If the php user has the permission to do so, you should be able to include/write files to a directory using a relative path for example:
include("../test.php");
Likewise if you had a directory which was writable by the php user you should be able to create files in that directory also using a relative path:
$ cat test1.php
<?php
$file = fopen("../test.php", "w");
fwrite($file, "Hello World. Testing!\n");
fclose($file);
include("../test.php");
$ php test1.php
Hello World. Testing!
Related
Whenever I use move_uploaded_file to my an uploaded file, the file always ends up in my web root. What am I doing wrong? Should the path be relative to my web root, or should it be an absolute path on my file system?
Ultimately what I'm trying to do, it have a folder for php to upload/dowload files. I don't want web bots and anyone else just to be able to access the files, i want only authenticated people using my website to be able to download the files. So this is how I have my file structure laid out:
/var/www/website/public_html
and
/var/www/website/files
and my move_uploaded_file command is like this:
move_uploaded_file($_FILES['txtFileSelector']['tmp_name'], "/var/www/website/files/".$_FILES['txtFileSelector']['name']);
but no matter what i've tried, the file always ends up in
/var/www/website/public_html
I've even tried sending the file in other sub folders of public_html but still no luck.
ah-ha! Destination path is relative!
So the solution for me is:
echo move_uploaded_file($_FILES['txtFileSelector']['tmp_name'], "../files/".$_FILES['txtFileSelector']['name']
Because of the relative pathing, use .../ to go up from the web root, and then move it to the desired storage folder.
CORRECTION
Absolute path or relative path either will work. It was a combination of folder permissions (www-data needs to either be owner or group member with read/write permissions) and me being an idiot and discovering a programming bug. My code was in a php class and the uploading was function. In my constructor I had a bug in my code. When doing OO there's a big difference between
$upload_dir = "/path/to/upload";
and
$this->upload_dir = "/path/to/upload";
I'm creating a .php file that will be uploaded to the root directory of a server. I need that .php file to then figure out the path to the public_html folder or it's equivalent.
I need to do this because I want my .php file to be able to be uploaded to the root and used on any hosting account. Because many hosting companies use different file paths to the public_html folder or even call it something different, I'm trying to figure out how to detect it.
Preferable there is a server variable or easy test to do this. If not, the public_html folder will always contain a particular file so maybe I could search for this particular file and get the path that way. I'm just worried about a filename search being heavy on memory.
The .php file that is being executed is located inside the ROOT directory and needs to locate the public_html folder.
Like this: /home/user/file.php
needs to detect
/home/user/public_html/ or /home/user/var/www/ or /home/user/website.com/html/ etc.
The challenge with this is that a server can have very many public_html's so outside of the context of a request there is no real way to find out what that is.
One thing that you might be able to do to get this information from a php script (if you know the url to get to the host) is to create a php file called docroot.php that looks like this.
<?php
if ($_SERVER["REMOTE_ADDR"] == '127.0.0.1'){
echo $_SERVER["DOCUMENT_ROOT"];
}
Then within your file.php your would do something like
$docRoot = trim(file_get_contents("http://www.mydomain.com/docroot.php"));
This makes the assumption that the server can resolve to itself via the local interface by name.
I found this website which provided me with the only good solution I have found after scouring the web...
$root = preg_replace("!${_SERVER['SCRIPT_NAME']}$!", "", $_SERVER['SCRIPT_FILENAME']);
The way this works is by getting the full path of the file and then removing the relative path of the file from the full path.
I have a snippet that I want to use to upload a file.
The script seems to be running fine until it gets to the point where PHP transfers the file from temp docs to my own folder.
My folder is called 'uploads' and is the root.
On ModX the PHP files directory is
/core/cache/includes/elements/modsnippet
I cannot seem to figure out a way to direct the script to send the file back from the modsnippet directory to the public_html/uploads directory.
So far I have tried:
move_uploaded_file($_FILES['instlogo']['tmp_name'], dirname(__FILE__) . "/../../../../uploads".$new_file_name)
;
as well as absolute paths, eg:
http://mysite.com/uploads
To no avail.
Would anyone know a way of doing this correctly? Thanks!
(ps: permissions on that folder are 777)
can you try something like:
$my_uploads = $modx->getOption('base_path').'uploads/';
move_uploaded_file($_FILES['instlogo']['tmp_name'], $my_uploads.$new_file_name)
the base_path option will give you the full file system path [from the server root]
if not & you are getting a filesystem error, the server logs [aapche] should be telling you why. Do you have access to them?
Am trying to use a config file for a database and rating script but the problem is the config file is in this directory :
website.com/include/config.php aka websitename/include/config.php
The rating script needs the config and is accessed like this:
include_once("config.php");
I want the config to be in:
"/files/website/"
A directory level up from the website root folder.
I have been trying with:
"../files/website/" and other variations but can not figure out how to link them.
I have managed to put one config file and access it, but with this ajax rating script the only way for it to work is to have the config in the /include/ folder next to:
rating_process.php - has this link : include("inc/config.php");
rating_functions.php - has this link : include_once("config.php");
rating_total_functions.php - has this link : include("inc/config.php");
Hope i've explained myself here
Right, looking at my hosting now:
$_SERVER['DOCUMENT_ROOT']; outputs this: /foldy/homepages/11/username/htdocs/webbysite
My index file is located at: /foldy/homepages/11/username/htdocs/webbysite/index.php
The included rating script is located in: /foldy/homepages/11/username/htdocs/webbysite/include/
I want the config to be in /foldy/homepages/11/username/htdocs/secretfiles/config.php
Am trying to some how go out of: webbysite folder and then into secretfiles (sibling folders)
I have tried adding ../ and so on, but am missing something obviously :(
Try
$configLocation = $_SERVER['DOCUMENT_ROOT'].'../files/website/config.php';
include_once($configLocation)
but the problem is the config file is in this directory
it is not a problem at all.
just keep it as is.
Concerning your particular problem, your problem is that you don't know where you want to put your file. /files/website/ is not likely a right path and it is apparently not one level high from webroot.
So, first of all make your mind about the right path to the directory and it's relative position to the web root
if you are concerned about security ( because your config file contains the db details ) i would place the db config file outside the site root folder and then require_once('../../dbConfig.php') from the script that's creating xml or json for your ajax
more exactly ...
your site folder might be here: /var/www/html
set a virtual host (done differently on Linux and Windows) and point your domain to a sub folder inside /html so that the new path to the site root is /var/www/html/site.
then place your config file in /var/www/html and call it from your scripts inside your /site folder using require_once('../dbConfig.php)`.
your db details are outside the site folder
i have my web folder in c:/wamp/www/ which is the default webroot for wamp. Then i have a folder image in c:/image/ that contains images been processed by another application which i wont like to relocate. I want to be able to load up an image with its file name from c:/image/
e.g. img src = "c:/image/FA12.jpg"
within my PHP scripts. I really Need Help on this Please. Thanks for your support.
If you need to read a file into php use "c:\image\FA12.jpg". You may also create a link "file://c\image\FA12.jpg". There's no way to create a relative path, since it is outside root dir.
As per my knowledge it is better to create a folder of your images under your localhost or server ('var/www/images') to have a proper relative URL to that images.
Url's like c:\image\fa12.jpg can create problems when you make your product online. Other wise you can do provide static urls as kirilloid suggest or you can copy that images to some proper folder in your localhost sever with use of php function "copy" and use that folder as a reference. avoid static url's if possible.:)
as i have linux system now i tested below code locally. create one file test.php under /www and put below code in it and run file in browser. see if this can be your solution
<?php $link = $_SERVER['DOCUMENT_ROOT'];
$domain = strstr($link, '/www');
echo $domain;//this will output /www
$root = strstr($link, '/www', true);
echo "<br>".$root;//this will output /var
?>
You can try this by putting "/wamp/www" instead of "/www" in above code and you will get c:/ (perhaps) in $root and then appeng folder name images and path accordingly to $root.
May this will help you