I have a destination variable where when I upload a file then it goes to this destination:
<?php
// Edit upload location here
$destination_path = getcwd().DIRECTORY_SEPARATOR;
$result = 0;
$target_path = $destination_path . basename( $_FILES['fileImage']['name']);
if(#move_uploaded_file($_FILES['fileImage']['tmp_name'], $target_path)) {
$result = 1;
}
sleep(1);
?>
What I want to know is how do I edit the upload destination? Lets say I want the files to upload to the destination to go to portal.hud.ac.uk/Upload_App/Files/ then how do I change this?
Just change $destination_path to whatever you want. The way it is now (getcwd().DIRECTORY_SEPARATOR), it will save to the current working folder (which unless changed is the folder containing the script). This is very unsafe because I could just upload a file called index.php and anyone visiting your site would run whatever malicious code I would choose to insert.
Much safer would be to save it outside the webroot, where it can't be accessed directly via HTTP. Example:
$destination_path = $_SERVER['DOCUMENT_ROOT']."/../uploads/";
This will save to a folder called uploads found in the folder that contains the web root (probably public_html).
Related
I am using move_uploaded_file function to save my file into two folders, the folders name are uploads_meeting_document and uploads_filing_file. It just can let me upload my file to this folder name uploads_meeting_document, it can't save to uploads_filing_filefolder. Anyone can guide me which part I have problem in below the coding:
<?php
require_once("../conf/db_conn.php");
// Getting uploaded file
$file = $_FILES["file"];
// Uploading in "uplaods" folder
$pname = date("ymdhi")."-".$_FILES["file"]["name"];
//$title_name = $_FILES["file"]["name"];
$tname = $_FILES["file"]["tmp_name"];
$uploads_dir = 'uploads_meeting_document';
move_uploaded_file($tname, $uploads_dir.'/'.$pname);
$uploads_dir2 = 'uploads_filing_file';
move_uploaded_file($tname, $uploads_dir2.'/'.$pname);
?>
Below is my file path need to save to these folders(red arrow there)
In your example, the second move_uploaded_file does not work, because the file was already moved to /upload_meeting_document
You will need to copy your file from there:
...
$uploads_dir2 = 'uploads_filing_file';
copy($uploads_dir.'/'.$pname, $uploads_dir2.'/'.$pname);
In case this does not work, you may have insufficient permissions for the /uploads_filing_file directory. Chech its owner and permissions.
I am having a problem with move_uploaded_file().
I am trying to upload a image path to a database, which is working perfectly and everything is being uploaded and stored into the database correctly.
However, for some reason the move_uploaded_file is not working at all, it does not produce the file in the directory where I want it to, in fact it doesn't produce any file at all.
The file uploaded in the form has a name of leftfileToUpload and this is the current code I am using.
$filetemp = $_FILES['leftfileToUpload']['tmp_name'];
$filename = $_FILES['leftfileToUpload']['name'];
$filetype = $_FILES['leftfileToUpload']['type'];
$filepath = "business-ads/".$filename;
This is the code for moving the uploaded file.
move_uploaded_file($filetemp, $filepath);
Thanks in advance
Try this
$target_dir = "business-ads/";
$filepath = $target_dir . basename($_FILES["leftfileToUpload"]["name"]);
move_uploaded_file($_FILES["leftfileToUpload"]["tmp_name"], $filepath)
Reference - click here
Try using the real path to the directory you wish to upload to.
For instance "/var/www/html/website/business-ads/".$filename
Also make sure the web server has write access to the folder.
You need to check following details :
1) Check your directory "business-ads" exist or not.
2) Check your directory "business-ads" has permission to write files.
You need to give permission to write in that folder.
make sure that your given path is correct in respect to your current file path.
you may use.
if (is_dir("business-ads"))
{
move_uploaded_file($filetemp, $filepath);
} else {
die('directory not found.');
}
I am uploading files in php. The upload directory is
/var/www/html/oop/uploads/images/
But after uploading when i open the folder, it contains no image whatsoever. But when I try to include the image in a web page like this,
<img src="http://localhost/oop/uploads/images/1472722513.jpg" />
it is being included in the web page and works fine. I don't know how this is possible, I am using ubuntu 16.04.
my upload code
$file_path = '/var/www/html/oop/uploads/images/';
$name = $_SERVER['image']['name'];
$name = explode('.', $name);
$name = array_reverse($name);
$file_name = time() . '.' . $name[0];
$temporary_location = $_SERVER['image']['name']['tmp_name'];
if(move_uploaded_file($temporary_location, $file_path.$file_name)) {
echo "all ok";
} else {
echo $_SERVER['image']['name']['error'];
}
You didn't understand the concept of document root. A webserver does not reflect the local file system to public, mainly for security reasons.
When you are able to reference /var/www/../image.jpeg in your web browser, this actually points to a path relative to your document root e.g. /var/www/html/var/www/images/image.png
Read more about document root here
https://httpd.apache.org/docs/2.4/en/mod/core.html#documentroot
I have a form with a file to uplaod. All works find. But I don't want to move the file directly into a folder.
After submit I show a confirm page and there I show the uploaded file with
header('Content-Type: image/x-png');
$file = file_get_contents(\Illuminate\Support\Facades\Input::file('restImg'));
$imgType = \Illuminate\Support\Facades\Input::file('restImg')->guessClientExtension();
echo sprintf('<img src="data:image/png;base64,%s" style="max-height: 200px"/>', base64_encode($file));
This works fine. After the confirmation I like to move the file to a folder. How can I move the file after the confirmation? The Input::get('file') is not available anymore.
You will have to store the file in the initial upload somewhere temporarily other than the default tmp directory.
The documentation for PHP file uploads says:
The file will be deleted from the temporary directory at the end of the request if it has not been moved away or renamed
This means that moving onto the next request, the file will no longer be available.
Instead, move it to your own custom temp directory or rename it to something special, then keep the filename in the $_SESSION to persist it to the next request.
For Laravel, this should mean putting it in the /storage directory with something like this:
// Get the uploaded file
$file = app('request')->file('myfile');
// Build the new destination
$destination = storage_path() . DIRECTORY_SEPARATOR . 'myfolder';
// Make a semi-random file name to try to avoid conflicts (you can tweak this)
$extension = $file->getClientOriginalExtension();
$newFilename = md5($file->getClientOriginalName() . microtime()).'.'.$extension;
// Move the tmp file to new destination
app('request')->file('myfile')->move($destination, $newFilename);
// Remember the last uploaded file path at new destination
app('session')->put('uploaded_file', $destination.DIRECTORY_SEPARATOR.$newFilename);
Just remember to unlink() the file after the second request or do something else with it, or that folder will fill up fast.
Additional Reference:
http://api.symfony.com/2.7/Symfony/Component/HttpFoundation/File/UploadedFile.html
I have a file with 2 input fields one for file name (user will type) and the second one for choosing file what I want to upload the file to a directory with the name user typed.
down is the code I'm using guys please help me how to change the file name into what user typed.
<?php
$filename = $_POST["file"]
$upload = $_FILES['userfile'];
$target_path = "upload/";
$target_path .= $upload["name"];
$newname = "anything";
if(move_uploaded_file($upload["tmp_name"], $target_path))
{
echo "uploaded successfully";
}
?>
Change $target_path .= $upload["name"]; to something like $target_path .= $filename;.
edit: For the record, I have to say that letting people upload files (and choose the extension) to your web server raises some serious security concerns. I would suggest at least disabling the ability to execute scripts in your target folder.