I am using the following php file upload class to upload my files in relative security. I'll be adding more security features later:
http://www.verot.net/php_class_upload.htm
My problem is though, I would like to upload my file to the folder www.mysite.com/upload which I've already pre-created ready to take the files.
The only problem is I don't know how to set it properly to do that. I've confirmed the form is submitting fine. Here's what I tried to use:
$handle = new class_upload($_FILES['image_upload']);
if ($handle->uploaded) {
$handle->file_new_name_body = 'image_resized';
$handle->image_resize = true;
$handle->image_x = 100;
$handle->image_ratio_y = true;
$handle->process('/home/user/upload');
if ($handle->processed) {
echo 'image resized';
$handle->clean();
} else {
echo 'error : ' . $handle->error;
}
}
I get the error:
"Destination directory can't be created. Can't carry on a process."
What do I set for $handle->process('/home/user/upload'); so that it will upload into the correct directory?
The error message suggests that the user your webserver is running under may not have permissions to create directories... so it would imply the directory you've created is not being targeted.
You'll need full path to this folder... one way to get it would be to use:
$handle->process($_SERVER['DOCUMENT_ROOT'] . '/upload/');
I'd try and avoid this though as the $_SERVER variable can be tampered with or can be inaccurate in general.
The better approach imho would be:
$handle->process(realpath(dirname(__FILE__) . '/upload/');
And ensure the folder you've created has writable permissions for the web-server's user/group.
I suspect, what you are looking for is $handle->process(dirname(__FILE__).'/home');, assuming the calling script is directly in the web root folder.
Related
I make a site and it has this feature to upload a file and that file is uploaded to a server
Im just a newbie to php I download xampp and I run this site that i made in my local machine.
My site is like this you upload a file then that file will be uploaded to a server, but when i tried unlink() because when i try to remove the filename to a database I also want to remove that pic on the server, but instead I got an error and it says "Permission denied".
question:
How can I got permission to use unlink();?
I only run this on my localmachine using xampp
Permission denied error happens because you're trying to delete a file without having enough/right permissions for doing that.
To do this you must be using superuser account or be the same user that have uploaded the file.
You can go to the directory from your command line and check the permissions that are set to the file.
The easiest solution is to loggin as administrator/root and delete the file.
Here is another work around:
// define if we under Windows
$tmp = dirname(__FILE__);
if (strpos($tmp, '/', 0)!==false) {
define('WINDOWS_SERVER', false);
} else {
define('WINDOWS_SERVER', true);
}
$deleteError = 0;
if (!WINDOWS_SERVER) {
if (!unlink($fileName)) {
$deleteError = 1;
}
} else {
$lines = array();
exec("DEL /F/Q \"$fileName\"", $lines, $deleteError);
}
if ($deleteError) {
echo 'file delete error';
}
And some more: PHP Manual, unlink(), Post 106952
I would recommend, always first to check PHP Manual (in case your question concerns PHP), just go to the page with function that you have problems with and just click search CTRL+F in your browser and enter, for example, Windows, and as a result, in your case, you would find at least 7 related posts to that or very close to that what you were looking for.
Read this URL
How to use Unlink() function
I found this information in the comments of the function unlink()
Under Windows System and Apache, denied access to file is an usual error to unlink file. To delete file you must to change file's owern. An example:
<?php
chown($TempDirectory."/".$FileName,666); //Insert an Invalid UserId to set to Nobody Owern; 666 is my standard for "Nobody"
unlink($TempDirectory."/".$FileName);
?>
So try something like this:
$Path = './doc/stuffs/sample.docx';
chown($Path, 666);
if ( unlink($Path) )
echo "success";
else
echo "fail";
EDIT 1
Try to use this in the path:
$Path = '.'.DIRECTORY_SEPARATOR.'doc'.DIRECTORY_SEPARATOR.'stuffs'.DIRECTORY_SEPARATOR.'sample.docx';
I'm using PHP to create a website for a FileMaker database. What I want to do is upload an image file so it can be accessed by the database.
This is the code I have (which came from a tutorial):
if (isset($_POST['action']) and $_POST['action'] == 'Upload') {
# set the destination directory for the image
$image_directory = 'http://mydomain.com/Images/My_Example/';
# set the temp and dest file names with paths
$temporary_file = $_FILES['new_image']['tmp_name'];
$destination_file = $image_directory . $_FILES['new_image']['name'];
# move file to the images directory
$result = move_uploaded_file($temporary_file, $destination_file);
if ($result) {
# insert the URL into the product record
$edit = $fm->newEditCommand('Product', $_REQUEST['recid']);
$edit->setField('Thumbnail URL', $destination_file);
$edit->execute();
} else {
$error_message = nl2br("temporary_file = ".$temporary_file."\n");
$error_message.= nl2br("destination_file = ".$destination_file."\n\n");
echo $error_message;
die('There was an error moving the file.');
}
}
I understand that the function 'move_uploaded_file()' will move the temporary file, but I can't see a statement that actually uploads to the temporary file in the first place. What am I missing, please? (I don't know if this is a red herring!)
But 'move_uploaded_file()' fails, and I get the error message (which I added to try to debug it) and the 'die' message. Is there any way to get an error code, to tell me why it failed?
I'm assured that the relevant directory does have read/write access. And 'mydomain.com' is actually replaced by the real domain in the script.
Any advice gratefully received. I'm a newbie to PHP, so please bear that in mind when answering! Many thanks.
Cheers
you are using the destination directory path with 'http://mydomain.com/Images/My_Example/', which will not work.
in order to save the file, you need to give it absolute path on the server - means if the DOCUMENT_ROOT folder is "/var/www/html/", then you'll need to upload it to "/var/www/html/Images/My_Example'.
you can check your DOCUMENT_ROOT path in the $_SERVER['DOCUMENT_ROOT'] variable, with phpinfo() command in php, or in your apache.conf files.
also you need to make sure your php has writing permission on the folder you trying to save into.
The problem is in this statement :
$image_directory = 'http://mydomain.com/Images/My_Example/';
When you upload file, you cannot give the url in the destination path. You need to use the relative path like:
$image_directory = './Images/My_Example/';
first of all: try these error messages
the error message is in: $_FILES['upfile']['error']
switch ($_FILES['upfile']['error']) {
case UPLOAD_ERR_OK:
break;
case UPLOAD_ERR_NO_FILE:
throw new RuntimeException('No file sent.');
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
throw new RuntimeException('Exceeded filesize limit.');
default:
throw new RuntimeException('Unknown errors.');
}
secondly: http://mydomain.com/Images/My_Example/ is not a vaild upload path.
http://mydomain.com/Images/My_Example/ is not valid becuase it is a URL path. You need to specify a directory path:
//$image_directory = 'http://mydomain.com/Images/My_Example/';
// change to:
$image_directory = 'path/to/Images/folder/';
I have a very basic, very straightforward function that takes a file (after checking it to make sure its a zip among other things) and uploads it, unpacks it and such:
public function theme(array $file){
global $wp_filesystem;
if(is_dir($wp_filesystem->wp_content_dir() . "/themes/Aisis-Framework/custom/theme/")){
$target_path = $wp_filesystem->wp_content_dir() . "/themes/Aisis-Framework/custom/theme/";
if(move_uploaded_file($file['tmp_name'], $target_path . '/' . $file['name'])) {
$zip = new ZipArchive();
$x = $zip->open($target_path);
if ($x === true) {
$zip->extractTo($target_path); // change this to the correct site path
$zip->close();
//unlink($target_path);
}
$this->success('We have uplaoded your new theme! Activate it bellow!');
} else {
$this->error('Oops!', 'Either your zip is corrupted, could not be unpacked or failed to be uploaded.
Please try again.');
}
}else{
$this->error('Missing Directory', 'The Directory theme under custom in Aisis Theme does not exist.');
}
if(count(self::$_errors) > 0){
update_option('show_errors', 'true');
}
if(count(self::$_messages) > 0){
update_option('show_success', 'true');
}
}
Extremely basic, yes I have used my target path as both the path to upload too and unpack (should I use a different path, by default it seems to use /tmp/tmp_name)
Note: $file is the array of $_FILES['some_file'];
My question is I get:
Warning: move_uploaded_file(/var/www/wordpress/wp-content//themes/Aisis-Framework/custom/theme//newtheme.zip): failed to open stream: Permission denied in /var/www/wordpress/wp-content/themes/Aisis-Framework/CoreTheme/FileHandling/Upload/Upload.php on line 82
Warning: move_uploaded_file(): Unable to move '/tmp/phpfwechz' to '/var/www/wordpress/wp-content//themes/Aisis-Framework/custom/theme//newtheme.zip' in /var/www/wordpress/wp-content/themes/Aisis-Framework/CoreTheme/FileHandling/Upload/Upload.php on line 82
Which basically means that "oh the folder your trying to move from is owned by root, no you cannot do that." the folder I am moving too is owned by apache, www-data. - I have full read/write/execute (it's localhost).
So question time:
Should my upload to and move to folder be different?
How, in a live environment, because this is a WordPress theme, will users who have the ability to upload files be able to get around this "you dont have permission"?
You should try to do it the wordpress way. Uploading all user content to wp-content/uploads, and doing it with the native functions.
As you mention, uploading to a custom directory, may be an issue to non tech savvy users. /uploads already have the special permissions.
Check out wp_handle_upload. You just have to limit the mime type of the file.
The path you are trying to upload is some where wrong here
wp-content//themes
try removing one slash
I make a site and it has this feature to upload a file and that file is uploaded to a server
Im just a newbie to php I download xampp and I run this site that i made in my local machine.
My site is like this you upload a file then that file will be uploaded to a server, but when i tried unlink() because when i try to remove the filename to a database I also want to remove that pic on the server, but instead I got an error and it says "Permission denied".
question:
How can I got permission to use unlink();?
I only run this on my localmachine using xampp
Permission denied error happens because you're trying to delete a file without having enough/right permissions for doing that.
To do this you must be using superuser account or be the same user that have uploaded the file.
You can go to the directory from your command line and check the permissions that are set to the file.
The easiest solution is to loggin as administrator/root and delete the file.
Here is another work around:
// define if we under Windows
$tmp = dirname(__FILE__);
if (strpos($tmp, '/', 0)!==false) {
define('WINDOWS_SERVER', false);
} else {
define('WINDOWS_SERVER', true);
}
$deleteError = 0;
if (!WINDOWS_SERVER) {
if (!unlink($fileName)) {
$deleteError = 1;
}
} else {
$lines = array();
exec("DEL /F/Q \"$fileName\"", $lines, $deleteError);
}
if ($deleteError) {
echo 'file delete error';
}
And some more: PHP Manual, unlink(), Post 106952
I would recommend, always first to check PHP Manual (in case your question concerns PHP), just go to the page with function that you have problems with and just click search CTRL+F in your browser and enter, for example, Windows, and as a result, in your case, you would find at least 7 related posts to that or very close to that what you were looking for.
Read this URL
How to use Unlink() function
I found this information in the comments of the function unlink()
Under Windows System and Apache, denied access to file is an usual error to unlink file. To delete file you must to change file's owern. An example:
<?php
chown($TempDirectory."/".$FileName,666); //Insert an Invalid UserId to set to Nobody Owern; 666 is my standard for "Nobody"
unlink($TempDirectory."/".$FileName);
?>
So try something like this:
$Path = './doc/stuffs/sample.docx';
chown($Path, 666);
if ( unlink($Path) )
echo "success";
else
echo "fail";
EDIT 1
Try to use this in the path:
$Path = '.'.DIRECTORY_SEPARATOR.'doc'.DIRECTORY_SEPARATOR.'stuffs'.DIRECTORY_SEPARATOR.'sample.docx';
I am uploading a file to soundcloud.com from my own server with using an API in PHP:
if (isset($mime)) {
$tmp_file = $tmp_path . $_FILES['file']['name'];
// Store the track temporary.
if (move_uploaded_file($_FILES['file']['tmp_name'], $tmp_file)) {
$post_data = array(
'track[title]' => stripslashes($_POST['title']),
'track[asset_data]' => realpath($tmp_file),
'track[sharing]' => 'private'
);
if ($response = $soundcloud->upload_track($post_data, $mime)) {
$response = new SimpleXMLElement($response);
$response = get_object_vars($response);
$message = 'Success! Your track has been uploaded!';
// Delete the temporary file.
unlink(realpath($tmp_file));
} else {
$message = 'Something went wrong while talking to SoundCloud, please try again.';
}
} else {
$message = 'Couldn\'t move file, make sure the temporary path is writable by the server.';
}
} else {
$message = 'SoundCloud support .mp3, .aiff, .wav, .flac, .aac, and .ogg files. Please select a different file.';
}
}
This is my code. The temp path is http://122.166.23.38/dev3/bids4less/funkeymusic/upload
and it has permissions 777 (-rwxrwxrwx).
But it shows:
Couldn't move file, make sure the temporary path is writable by the server.
How do I fix this problem?
I believe your temp path in php should point to a directory on your server, not a http location.
This question is too old, but as it were popped anyway...
You don't have to move anything, nor unlink.
Just read uploaded file from it's temporary location.
And it comes extremely handy to split your complex task into smaller chunks, in order to locate an error. Try to send a static file first, then test file upload, and only then join these tasks into final application.
TRY S_SERVER you will get brief description from this url http://php.net/manual/en/reserved.variables.server.php
Here is the example given to find address for your server
try big example to sort out you method
What's the file size, and how long takes it to upload the file?
Can you please verify those 2 php.ini values:
max_execution_time
post_max_size
Maybe PHP's upload facility is constrained in some way? Is PHP in safe_mode?