This question already has answers here:
PHP - Failed to open stream : No such file or directory
(10 answers)
Reference - What does this error mean in PHP?
(38 answers)
Closed 2 years ago.
I am using Heroku for creating my website, as part of it, there is the ability to upload videos to the site. I have got it sort of working but I am struggling to get one last part working. As I have understood for uploading videos, the name of the file is uploaded to the database whilst the actual video itself is uploaded to a folder defined by myself. I have got it working so the video name is uploaded to the database but the video is not saving to the video folder I have created.
This is the code I have:
<?php
session_start();
require_once('../../includes/config.php');
require('../../vendor/autoload.php');
if(!isset($_SESSION['loggedin'])){ //if login in session is not set
header("Location: ../../index.php");
}
if($_SESSION['role'] !="admin") {
header("Location: ../../index.php");
}
if(isset($_POST["submit"])) {
//collect form data
extract($_POST);
$allowedExts = array("ogg", "mp4", "wma");
$extension = pathinfo($_FILES['video']['name'], PATHINFO_EXTENSION);
if ((($_FILES["video"]["type"] == "video/mp4")
|| ($_FILES["video"]["type"] == "video/ogg")
|| ($_FILES["video"]["type"] == "video/wma")
&& ($_FILES["video"]["size"] < 16000000 )
&& in_array($extension, $allowedExts))){
if ($_FILES["video"]["error"] > 0)
{
echo "Return Code: " . $_FILES["video"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["video"]["name"] . "<br />";
echo "Type: " . $_FILES["video"]["type"] . "<br />";
echo "Size: " . ($_FILES["video"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["video"]["tmp_name"] . "<br />";
$upload = $_FILES["video"]["name"];
if (file_exists("../videos/" . $_FILES["video"]["name"]))
{
echo $_FILES["video"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["video"]["tmp_name"],
"../videos/" . $_FILES["video"]["name"]);
echo "Stored in: " . "../videos/" . $_FILES["video"]["name"];
}
}
}else{
echo "Invalid file";
}
try {
//insert into database
$stmt = $dbconn->prepare('INSERT INTO videos (videotitle,video,editedBy,duration) VALUES (:videoTitle, :video, :editedBy, :duration)') ;
$stmt->execute(array(
':videoTitle' => $videoTitle,
':video' => $upload,
':editedBy' => "admin",
':duration' => "12"
));
//redirect to videos page
header('Location: index.php');
exit;
} catch(PDOException $e) {
echo $e->getMessage();
}
}
?>
I have looked at the heroku logs and the errors I am getting are:
PHP Warning: move_uploaded_file(../videos/VID_20201129_223935.mp4): failed to open stream: No such file or directory in /app/users/admin/videoUpload.php on line 53
PHP Warning: move_uploaded_file(): Unable to move '/tmp/phpoLjPU4' to '../videos/VID_20201129_223935.mp4' in /app/users/admin/videoUpload.php on line 53
This is to do with the lines:
// this is line 53
move_uploaded_file($_FILES["video"]["tmp_name"],
"../videos/" . $_FILES["video"]["name"]);
I am not sure what would cause this error, is there something I am missing or could it be to do with how I have heroku set up?
As a side note, I have become aware that using extract is not the most secure way to get form data and I am looking to change this.
Thanks
Edit -
This is the form where the information is gathered
<form action='videoUpload.php' method='post' enctype="multipart/form-data">
<h2>Add Video</h2>
<p><label>Title</label><br />
<input type='text' name='videoTitle' required value='<?php if(isset($error)){ echo $_POST['videoTitle'];}?>'></p>
<p><label>Video</label><br />
<input type="file" name='video' id="video" required value='<?php if(isset($error)){ echo $_POST['video'];}?>'></p>
<p><input type='submit' name='submit' value='Submit'></p>
</form>
In view of the comments I made regarding using the full path I put the following together with the hope that it might help solve your problem ~ though it is untested.
Any fields from the form that submits to this script that is used in the extract method should really be validated and sanitised ( though the prepared statement will help protect the db anyway ) - so by declaring these fields with a suitable filter you can call filter_input or filter_input_array to assist that protection. I usually run checks on the POST array before filtering so that I can deduce if I have omitted fields or have extra - you'll see what I mean below.
In terms of processing the upload if the target folder is not found you need to know about it and act accordingly before trying to save the file or write to the db ( pointless logging an upload that failed perhaps ). chdir returns true if it succeeds in navigating to the target directory so you can fork the logic at that stage to either bailout or create the folder structure ( using mkdir )
<?php
error_reporting( E_ALL | E_STRICT );
session_start();
$errors=array();
$createpath=true;
if( $_SERVER['REQUEST_METHOD']=='POST' ){
try{
$kb=1024;
$mb=pow( $kb,2 );
$maxfs=$mb * 15; # 15728640 ~ 15Mb
if( !isset( $_SESSION['loggedin'], $_SESSION['role'] ) or $_SESSION['role'] !== 'admin' ) {
exit( header( 'Location: ../../index.php' ) );
}
if( isset( $_POST['submit'], $_FILES['video'] ) ) {
require_once('../../includes/config.php');
require_once('../../vendor/autoload.php');
/*
To use `extract` in a more secure manner
*/
# create filter rules for form fields with their expected data type
$args=array(
'submit' => FILTER_SANITIZE_STRING,
'videoTitle' => array(
'filter' => FILTER_SANITIZE_STRING,
'flags' => FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH
)
);
# if there are fields that MUST be submitted
foreach( array_keys( $args ) as $field ){
if( !isset( $_POST[ $field ] ) or empty( $_POST[ $field ] ) ) $errors[]=sprintf('The field "%s" does not appear in the POST array',$field);
}
# check that no additional POST variables are present
foreach( $_POST as $field => $value ){
if( !in_array( $field, array_keys( $args ) ) ) $errors[]=sprintf('Unknown parameter supplied "%s"',$field);
}
$_POST=filter_input_array( INPUT_POST, $args );
extract( $_POST );
$name=$_FILES['video']['name'];
$type=$_FILES['video']['type'];
$size=$_FILES['video']['size'];
$error=$_FILES['video']['error'];
$tmp=$_FILES['video']['tmp_name'];
function uploaderror( $error ){
switch( $error ) {
case UPLOAD_ERR_INI_SIZE: return 'The uploaded file exceeds the upload_max_filesize directive in php.ini';
case UPLOAD_ERR_FORM_SIZE: return 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form';
case UPLOAD_ERR_PARTIAL: return 'The uploaded file was only partially uploaded';
case UPLOAD_ERR_NO_FILE: return 'No file was uploaded';
case UPLOAD_ERR_NO_TMP_DIR: return 'Missing a temporary folder';
case UPLOAD_ERR_CANT_WRITE: return 'Failed to write file to disk';
case UPLOAD_ERR_EXTENSION: return 'File upload stopped by extension';
default: return 'Unknown error';
}
}
$allowedExts = array('ogg', 'mp4', 'wma');
$types=array('video/mp4','video/ogg','video/wma');
$extension = pathinfo( $name, PATHINFO_EXTENSION );
if( in_array( $type, $types ) && in_array( $extension, $allowedExts ) && $size <= $maxfs ) {
if( $error !==UPLOAD_ERR_OK ) {
$errors[]=sprintf('Error uploading file: %s',uploaderror( $error ));
} else {
# get the full path to current working directory
$cwd=getcwd();
# attempt to traverse directory structure to desired location - up one level and find folder
$status=chdir('../videos/');
# If the directory does not exist...
if( !$status ) {
chdir('../');
$targetpath=sprintf( '%s/videos/', getcwd() );
# Attempt to create THIS path or exit???
if( $createpath ){
mkdir( $targetpath, 0777, true );
chdir( $targetpath );
} else exit( sprintf( '<h1>Fatal Error: Target Directory "%s" does not exist!</h1>', $targetpath ) );
}
# get the fully qualified path of the target directory
$target=getcwd();
# create the full filepath for uploaded file
$targetfile=sprintf('%s/%s',$target,$name);
# save the file
if( !file_exists( $targetfile ) ){
$status=move_uploaded_file( $tmp, $targetfile );
if( !$status )$errors[]=sprintf( 'Failed to move file to target directory: %s', $target );
}else{
$errors[]=sprintf('The file "%s" already exists!',$name);
}
}
if( empty( $dbconn ) )$errors[]='No database connection available';
if( empty( $errors ) ){
$sql='INSERT INTO `videos` ( `videotitle`, `video`, `editedBy`, `duration` ) VALUES ( :videoTitle, :video, :editedBy, :duration )';
try{
$stmt=$dbconn->prepare( $sql );
$args=array(
':videoTitle' => $videoTitle,
':video' => $name,
':editedBy' => 'admin',
':duration' => 12
);
$result=$stmt->execute( $args );
if( !$result ) $errors[]='Failed to add record';
# redirect if everything went OK
if( empty( $errors ) )exit( header( 'Location: index.php' ) );
}catch( PDOException $e ){
$errors[]=$e->getMessage();
}
}else{
$errors[]='Unwilling to commit to db due to previous errors';
}
}else{
$errors[]='File failed testing - incorrect type or too large';
}
}else{
$errors[]='Critical error';
}
# if there were errors, let the user know
foreach( $errors as $error )printf( '<div>%s</div>', $error );
}catch( Exception $e ){
exit( 'Bad foo: '.$e->getCode() );
}
}
# if page accessed by GET or similar....
http_response_code(404);
?>
I have this upload file system in wordpress and everything is working fine but the file wont go into the folder. Here's what i have right now:
if ( ! function_exists( 'wp_handle_upload' ) ) {
require_once( ABSPATH . 'wp-admin/includes/file.php' );
}
// Change your upload directory
function my_upload_dir(){
return PLUGIN_DIR . '/uploads/';
}
// Register our path override.
add_filter( 'upload_dir', 'my_upload_dir' );
// Set where to get the file from
$uploadedfile = $_FILES["attach"];
$upload_overrides = array( 'test_form' => false );
// Do the file move
$movefile = wp_handle_upload($uploadedfile, $upload_overrides);
// Set everything back to normal.
remove_filter( 'upload_dir', 'my_upload_dir' );
// Return an error if it couldn't be done
if (!$movefile || isset( $movefile['error'])) {
echo $movefile['error'];
}
its seems to be working fine (no errors) but the image wont show in the folder.
any help would be appreciated.
I think This code is working Fine.
$date=strtotime(date('Y-m-d H:i:s'));
$pro_image_name = $date.$_FILES['your Input type File Name']['name'];
$allowed = array('gif','png','jpg');
$ext = pathinfo($pro_image_name, PATHINFO_EXTENSION);
$root_path = get_template_directory();
if(!in_array($ext,$allowed) ) { ?>
<span style="font-size:22px; color:red;">Uploaded File Not Supported</span>
<?php } else {
move_uploaded_file($_FILES['updateimg']['tmp_name'],$root_path."/images/".$pro_image_name);
$image_get_path = site_url()."/wp-content/themes/prathak/images/".$pro_image_name;
update_user_meta(get_current_user_id() , 'userpic' , $image_get_path );
}
Good Luck
I am trying to list the contents of a directory by passing a folder name as a URL parameter to invoke a php function. I followed some other examples provided on stackoverflow and have been able to get the php function invoked and am certain I am reaching the code inside because of the echo statements that are output.
The url seems to be encoded correctly because when I display the path info inside the php function all the paths check out.
www.mysite.com/php/genListing.php?function=genListing&folder=wp-content/uploads/myfiles
The check on is_readable() appears to be failing. I have checked the file permissions for that directory and all users have read access. Anybody have any idea of what the problem might be?
genListing.php
if ( ! empty( $_GET['function'] ) && function_exists( $_GET['function'] ) ) {
if ( $_GET['function'] == 'genListing')
{
$atts = $_POST;
genListing( $atts );
}
}
function genListing( $atts ) {
$folder = $_GET[ 'folder' ];
if ( ! empty( $_GET['title'] ) ) {
$title = $_GET['title'];
}
else
{
$title = 'Directory Listing';
}
echo "<p>Made it inside genListing(): " . $folder . "</p>";
$fullFolderPath = trailingslashit( WP_INSTANCE_HOME ) . $folder;
echo "<p> Trying: " . $fullFolderPath . "</p>";
// bad folder check
if ( empty( $folder ) || ! is_readable( $fullFolderPath ) ) {
echo "<p>The folder selected was not valid.</p>";
return 'The folder selected was not valid.';
}
I'm trying to delete a given file from a directory using PHP. Here is the code I've tried:
// Get the file name
$id = '61514';
// Get the folder path
$uploads_folder_dir = 'some/dir';
// Check if the directory exists
if ( ! file_exists( $uploads_folder_dir ) )
return false;
// Open the directory
if ( $dir = opendir( $uploads_folder_dir ) ) {
// Loop through each file in the directory
while ( false !== ( $file = readdir( $dir ) ) ) {
// Target the file to be deleted and delete. All files in folder are .png
if ( $file == ( $id . '.png' ) )
#unlink( $uploads_folder_dir . '/' . $file );
}
}
// Housekeeping
closedir( $dir );
#rmdir( $uploads_folder_dir );
Each time I run the code, the particular file I'm trying to delete is not deleted.
My guess is when I'm looping through the directory, my logic to find the file isn't working. I can confirm that file 61514.png is definitely in directory some/dir
Hoping someone can spot where I'm going wrong here?
First debug your file path is ok or not just by printing whole file path like
// Target the file to be deleted and delete. All files in folder are .png
if ( $file == ( $id . '.png' ) ){
echo $uploads_folder_dir . '/' . $file; die;
#unlink( $uploads_folder_dir . '/' . $file );
}
}
Why do you loop through the files? This one would be much easier:
// Get the file name
$id = '61514';
// Get the folder path
$uploads_folder_dir = 'some/dir';
// Check if the directory exists
if ( ! file_exists( $uploads_folder_dir ) )
return false;
unlink("$uploads_folder_dir/$id.png");
// Housekeeping
#rmdir( $uploads_folder_dir );
#unlink -> use unlink and if you don't see permission denied problem, the file and "dir" should be removed.
$path = realpath( dirname( __FILE__ ) ) . '/Uploads/'; // Upload directory
// Decode content array.
$ContentArray = json_decode( stripslashes( $_POST['content'] ) );
foreach( $ContentArray as $ContentIndividualFilename )
{
echo $path.$ContentIndividualFilename;
// Move uploaded files.
if( copy( $_FILES["files"]["tmp_name"][$ContentIndividualFilename], $path.$ContentIndividualFilename) )
{
}
}
this is wrong $_FILES["files"]["tmp_name"][$ContentIndividualFilename] because i get here through ajax function without page refresh. $ContentIndividualFilename contains filenames of the files.How do i transfer the file to the required folder?