I wrote a script that would allow me to upload images and files to my servers, and now that I've switched domains, everything seems a bit messed up.
I've changed the urls and directories, and I've got my chmod set at 777 for the directories needed (cdn and img)
Script:
$folder = "/cdn/img";
$HTTP_POST_FILES = "";
if(isset($_FILES['filename']['tmp_name'])) {
if (is_uploaded_file($_FILES['filename']['tmp_name'])) {
$ext = strtolower(end(explode('.', $_FILES['filename']['name'])));
$fileCode = fileCode($ext);
if(move_uploaded_file($_FILES['filename']['tmp_name'], $folder . $fileCode)) {
echo 'Your file has been uploaded! View and share your file here';
} else {
echo "THERE'S A GLITCH IN THE MATRIX! YOUR FILE COULDN'T BE UPLOADED!";
}
} else {
Echo "Failed. Try again.";
}
And I'm getting this error:
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/phpZ1TbaL' to 'http://codyleek.me/cdn/img/e6fmd6.png' in /home/codyleek/public_html/cdn/upload.php on line 17
Sorry that my formatting sucks. I'm new here aha.
But um, could any of you help me? I've tried redoing the URLs, resetting permissions, everything I can think of.
My PHP knowledge is limited.
Thanks in advance.
You should move it to a path on your disk (for example /srv/www/mydomain.com/img/test.png) and not to another website like you're doing now (http://...). By using http://x you are saying: 'use the HTTP-protocol, on domain x to ....'
Related
My aim is to download multiple files into the folder on my localhost. I am uploading them using the HTML form.
Here is the code (really sorry that I can't give a link to the executable version of the code because it relies on too many other files and database if anyone knows the way then please let me know)
foreach ($_FILES as $value) {
$dir = '/';
$filename = $dir.basename($value['name']);
if (move_uploaded_file($value['tmp_name'],$filename)) {
echo "File was uploaded";
echo '<br>';
}
else {
echo "Upload failed";
echo '<br>';
}
}
So this little piece of code give me an error:
And here are the lines of code:
The problem is that the adress is correct, I tried enterring it into my file directory and it worked fine, I have seen some adviced on other people's related questions that // or \ should be used instead, but my version works just fine! Also I have checked what's inside the $_FILES and here it is if that's required for someone trying to help:
Thank you very much if anyone could help!!
You are trying to move the file to an invalid (or non-existent) path.
For the test you will write
$dir = 'c:/existing_dir/';
$filename = $dir.basename($value['name']);
If you want to move the file to a folder that is relative to the running file try
$dir = '../../directory/';// '../' -> one directory back
$filename = $dir.basename($value['name']);
By starting your file path with $dir = '/'; you are saying store the file on the root folder, I assume of C:
Apache if correctly configures should not allow you access to C:\
So either do
$dir = '../';
$filename = $dir.basename($value['name']);
to make it a relative path or leave the $dir = '/'; out completely
I have a very basic, very straightforward function that takes a file (after checking it to make sure its a zip among other things) and uploads it, unpacks it and such:
public function theme(array $file){
global $wp_filesystem;
if(is_dir($wp_filesystem->wp_content_dir() . "/themes/Aisis-Framework/custom/theme/")){
$target_path = $wp_filesystem->wp_content_dir() . "/themes/Aisis-Framework/custom/theme/";
if(move_uploaded_file($file['tmp_name'], $target_path . '/' . $file['name'])) {
$zip = new ZipArchive();
$x = $zip->open($target_path);
if ($x === true) {
$zip->extractTo($target_path); // change this to the correct site path
$zip->close();
//unlink($target_path);
}
$this->success('We have uplaoded your new theme! Activate it bellow!');
} else {
$this->error('Oops!', 'Either your zip is corrupted, could not be unpacked or failed to be uploaded.
Please try again.');
}
}else{
$this->error('Missing Directory', 'The Directory theme under custom in Aisis Theme does not exist.');
}
if(count(self::$_errors) > 0){
update_option('show_errors', 'true');
}
if(count(self::$_messages) > 0){
update_option('show_success', 'true');
}
}
Extremely basic, yes I have used my target path as both the path to upload too and unpack (should I use a different path, by default it seems to use /tmp/tmp_name)
Note: $file is the array of $_FILES['some_file'];
My question is I get:
Warning: move_uploaded_file(/var/www/wordpress/wp-content//themes/Aisis-Framework/custom/theme//newtheme.zip): failed to open stream: Permission denied in /var/www/wordpress/wp-content/themes/Aisis-Framework/CoreTheme/FileHandling/Upload/Upload.php on line 82
Warning: move_uploaded_file(): Unable to move '/tmp/phpfwechz' to '/var/www/wordpress/wp-content//themes/Aisis-Framework/custom/theme//newtheme.zip' in /var/www/wordpress/wp-content/themes/Aisis-Framework/CoreTheme/FileHandling/Upload/Upload.php on line 82
Which basically means that "oh the folder your trying to move from is owned by root, no you cannot do that." the folder I am moving too is owned by apache, www-data. - I have full read/write/execute (it's localhost).
So question time:
Should my upload to and move to folder be different?
How, in a live environment, because this is a WordPress theme, will users who have the ability to upload files be able to get around this "you dont have permission"?
You should try to do it the wordpress way. Uploading all user content to wp-content/uploads, and doing it with the native functions.
As you mention, uploading to a custom directory, may be an issue to non tech savvy users. /uploads already have the special permissions.
Check out wp_handle_upload. You just have to limit the mime type of the file.
The path you are trying to upload is some where wrong here
wp-content//themes
try removing one slash
I'm not much of a PHPer, but I'm looking at a clients very old site as he's getting some errors.
It's an ancient, bespoke CMS, going back to Feb 2007.
When trying to upload an image the error:
Warning: copy() [function.copy]: Unable to access in blah/blah/blah
This is the part of the code in question:
$path= "images/".$new_file_name;
if($ufile !=none)
{
if(copy($HTTP_POST_FILES['ufile']['tmp_name'], $path))
{
echo "<h1>uploading...</h1>";
$img_name = $_POST['name'];
mysql_query("UPDATE properties SET img_main='$Xnew_file_name_small',img_main_name='$img_name' WHERE ref='$ref'");
$small_image=imagecreatefromjpeg('images/'.$new_file_name);
imagejpeg($small_image, 'images/'.$new_file_name_small, 50);
unlink('images/'.$new_file_name);
echo("<meta http-equiv='refresh' content='0;URL=upload_scipt_main_2.php?ref=". $ref."&img=".$new_file_name_small." '/>");
}
else
{
echo "Error";
}
}
What I'd like to know is if that means that the copy function doesn't have write access to the path it's trying to write to.
Also, as the site is so old, could this error be caused by the PHP version being upgraded?
It's on 5.3.14 now.
I realise that this is probably a shot in the dark and there could be a ton of reasons why it doesn't work and the bit of code posted isn't much of a help but any guidance at all would be really useful.
As the error-message included in your question is rather cryptic, i.e. blah/blah/blah, I can't tell if it's applying to the uploaded file or the destination. If the error is regarding the destination, that means that the images/ directory isn't writable by your web-server (such as Apache). Updating the folder's permissions to be writable may be enough to solve the issue.
On the other hand, if the error is regarding the uploaded file, I will have to agree with your statement that the error could be caused by the PHP version being upgraded.
According to the documentation, $HTTP_POST_FILES has been deprecated for some time in favor of the new(ish) $_FILES.
On the same topic, it appears that you're using this code to basically "upload a file". With that in mind, you won't want to use copy() but move_uploaded_file().
So, instead of a line like this:
copy($HTTP_POST_FILES['ufile']['tmp_name'], $path)
You'll want to try:
move_uploaded_file($_FILES['ufile']['tmp_name'], $path)
Though you may have it elsewhere, you should also verify whether or not the file has been uploaded; you can achieve this with is_uploaded_file(). In combination with the above, and your sample-code, the following should be what you're aiming for:
if(is_uploaded_file($_FILES['ufile']['tmp_name'])) {
$path= "images/".$new_file_name;
if(move_uploaded_file($_FILES['ufile']['tmp_name'], $path)) {
echo "<h1>uploading...</h1>";
$img_name = $_POST['name'];
mysql_query("UPDATE properties SET img_main='$Xnew_file_name_small',img_main_name='$img_name' WHERE ref='$ref'");
$small_image=imagecreatefromjpeg('images/'.$new_file_name);
imagejpeg($small_image, 'images/'.$new_file_name_small, 50);
unlink('images/'.$new_file_name);
echo("<meta http-equiv='refresh' content='0;URL=upload_scipt_main_2.php?ref=". $ref."&img=".$new_file_name_small." '/>");
} else {
echo "Error: The file could not be moved.";
}
} else {
echo "Error: The file could not be uploaded.";
}
I am trying to upload my php project into public server.
I made the image upload file when I create product or edit product.
It works in localhost, but when I move to public server, it is not working.
I think move_uploaded_file part does not working.
How can I change the link? or do I have to change anything?
When I see Filzilla, I can see remote site that it is '/www/eshopProject/inventory_images'.
And index file is '/www/eshopProject/storeAdmin'.
Do I have to change link like this?
I don't know how can I change the link.
Could you help me? uploading the image into public server is not working..
Is it any security issue? or something?
Please help me. Thanks.
--index.php--
$pid = mysql_insert_id();
//Place image in the folder
$newname = "$pid.jpg";
move_uploaded_file($_FILES['fileField']['tmp_name'], "../inventory_images/product_$newname");
First of all check the permissions of the directory as mentioned in come of the comments.
If you have shell access "chmod 777 target_dir" or "chmod 707 target_dir" should be sufficient.
Second try to debug it using if's and the file_exists function(http://php.net/manual/en/function.file-exists.php).
Something like this.
$uploadedFile = $_FILES['fileField']['tmp_name'];
$destination = "../inventory_images/product_$newname";
if(file_exists($uploadedFile))
{
echo "file uploaded to temp dir";
}
else
{
echo "file upload failed";
exit();
}
if(move_uploaded_file($uploadedFile, $destination))
{
echo "upload complete";
}
else
{
echo "move_uploaded_file failed";
exit();
}
You can also check your current working directory by using the FILE or DIR constants(http://php.net/manual/en/language.constants.predefined.php).
Try this.
echo __FILE__;
echo dirname(__FILE__);
echo __DIR__;
Use the copy() method. For me it worked.
copy($tmp_file, Destination) or
copy($tmp_image, IMAGE_DIRECTORY . SAM . $product_image);
Make sure you have write file permissions set to the folder you are trying to upload too.
I recommend setting the folders to "755" permissions and retry. This would make the permissions a little tighter.
This question is a bit old but i recently faced a similar issue where even with permission 777 on the upload folder it wouldn't work.
The issue was that the SELinux (https://wiki.centos.org/HowTos/SELinux) was on enforcing mode so i had to change it to permissive mode and then the upload works perfectly.
I hope this can help someone facing this issue.
<?php
if($_FILES['Filedata']['size']>=520000)
{
echo "\n Sorry, Not Moved Size below 5.2kb or 5200 bytes Only\n";
return;
}
$ext = end(explode('.', strtolower($_FILES['Filedata']['name'])));
if(move_uploaded_file($_FILES['Filedata']['tmp_name'], "./".$_FILES['Filedata']['name']))
{
echo "\nfile moved Success\n";
return;
}
?>
When i set path, it does not work... i dont know where to exactly set path such that the file gets saved in the directory.
See the move_uploaded_file documentation.
The first argument ($_FILES['Filedata']['tmp_name']) is the source, which you shouldn't change. The second argument ("./".$_FILES['Filedata']['name']) is the destination, which will currently put the file in the current working directory with its original name (This can be a security issue; you should put the file in an upload directory that has no execute permissions.)