I tried uploading a picture to a directory in my server with the code below. However, when i run it, I get this error:
Warning: move_uploaded_file(images/) [function.move-uploaded-file]: failed to open stream: Is a directory in /home/a2943534/public_html/add.php on line 24
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/php7yEkDe' to 'images/' in /home/a2943534/public_html/add.php on line 24
What am I missing here, please?
<?php
include_once("connect.php");
?>
<?php
//This is the directory where images will be saved
$target = "images/";
$target = $target . basename( $_FILES['photo']['title']);
//This gets all the other information from the form
$title=$_POST['title'];
$name=$_POST['name'];
$describe=$_POST['describe'];
$pic=($_FILES['photo']['title']);
$url=$_POST['url'];
$country=$_POST['country'];
$endDate=$_POST['endDate'];
//Writes the information to the database
mysql_query("INSERT INTO `authors` VALUES ('$title', '$name', '$describe', '$pic', '$url', '$country', '$endDate')") ;
//Writes the photo to the server
if(move_uploaded_file($_FILES['photo']['tmp_name'], $target))
{
//Tells you if its all ok
$result = "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory";
}
else {
//Gives and error if its not
$result = "Sorry, there was a problem uploading your file.";
}
?>
<?php
// if the form has been submitted, display result
if (isset($result)) {
echo "<p><strong>$result</strong></p>";
}
?>
rather than writing
$target = $target . basename( $_FILES['photo']['title']);
you should write
$target = $target . basename( $_FILES['photo']['name']);
i think there is nothing like $_FILES['photo']['title']..
I think you make a mistake with
$target = $target . basename( $_FILES['photo']['title']);
Which should be
$target = $target . basename( $_FILES['photo']['name']);
This because title does not exists within the $_FILES['photo']
Also this error states it:
Unable to move '/tmp/php7yEkDe' to 'images/' in /home/a2943534/public_html/add.php on line 24
The to images/ does not contain your filename.
the error is obvious and self-explanatory.
the second parameter have to be a filename, not directory.
Apart from the SQL injection issue which seems to be present in every single PHP question that features MySQL here on SO, you should start debugging.
You're getting a pretty clear error on which line and what function call causes the error. Look the error up on Google, read the manual for the functions you're using.
Long story short: you should create two variables, print them before your function call, and figure out what's wrong.
<?php
$source = $_FILES['photo']['tmp_name'];
$target = "images/" . basename( $_FILES['photo']['title']);
echo "Moving '$source' to '$target'";
move_uploaded_file($source, $target);
You'll immediately see where the error occurs.
Related
I have been trying to create an upload.php script however the condition doesn't seem to work and PHP can not move the uploaded file to the folder upload.
Apache2 log output below
PHP Warning: move_uploaded_file(): The second argument to copy() function cannot be a directory in /var/www/html/upload.php on line 18, referer: http://192.168.0.110/stream.php
PHP Warning: move_uploaded_file(): Unable to move '/tmp/phpC34Agu' to '/var/www/html/upload/' in /var/www/html/upload.php on line 18, referer: http://192.168.0.110/stream.php
Upload.php code
<?php
$target_path = "/var/www/html/upload/";
$target = $target_path . basename($_FILES['uploadedfile']['name'][0] );
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'] [0], $target_path))
{
echo "The file ". basename( $_FILES['uploadefile']['name'] [0]). " has been uploaded";
}
else {
echo "Sorry, there was a problem uploading your file.";
}
?>
I would also like php to execute this ffmpeg command directly afterwards, but i'm unsure where to insert it.
FFMPEG command
ffmpeg -re -i uploadedfile.name -vcodec copy -f mpegts udp://239.1.1.1:5000
Thanks for all your help.
Kind Regards,
Mark Couto
You need to specify the INDEX KEY of the file:
$_FILES['uploaded']['tmp_name'][0]
$target = $target . basename($_FILES["fileToUpload"]["name"][0]);
if(move_uploaded_file($_FILES['uploaded']['tmp_name'][0], $target))
{
echo "The file ". basename( $_FILES['uploadedfile']['name'][0]). " has been uploaded";
}
This is the part of code where the problem is
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
$_FILES['uploaded'] should be $_FILES[ 'FileToUpload' ]
Try this
if(move_uploaded_file($_FILES['FileToUpload']['tmp_name'], $target))
<=
http://php.net/manual/en/features.file-upload.post-method.php
I am trying to build a script to upload and rename an image to a folder and store the path in my sql db.
Here is where I am at: The file get uploaded both to the folder and the pathname to the db but I cannot figure out how to rename the filename. Ideally I would like to make the filename unique so I don't duplicates.
<?php
//preparing the patch to copy the uploaded file
$target_path = "upload/";
//adding the name of the file, finishing the path
$target_path = $target_path . basename( $_FILES['picture']['name']);
//moving the file to the folder
if(move_uploaded_file($_FILES['picture']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['picture']['name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}
//getting input from the form
$name = $_POST['name'];
$description = $_POST['description'];
//preparing the query to insert the values
$query = "INSERT INTO complete_table (name, description, picture) VALUES ('$name', '$description', '". $target_path ."')";
//opening connection to db
$link = mysql_connect('localhost', 'root', 'password');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
//selecting a db
mysql_select_db("wcs_venues", $link) or die(mysql_error());
//running the query
$result = mysql_query($query) or die (mysql_error());
//closing the connection
mysql_close($link);
?>
I am new with all this and I am really trying but after looking at many tutorial and answered questions on Stack-overflow, I realized I needed help. Thank you in advance for helping this newbie.
Well, this is where you set the name of the file being saved:
$target_path = "upload/";
$target_path = $target_path . basename( $_FILES['picture']['name']);
In this case, you're building the file name in the variable $target_path. Just change that to something else. What you change it to is up to you. For example, if you don't care about the name of the file and just want it to always be unique, you could create a GUID or a Unique ID and use that as the file name. Something like:
$target_path = "upload/";
$target_path = $target_path . uniqid();
Note that this would essentially throw away the existing name of the file and replace it entirely. If you want to keep the original name, such as for display purposes on the web page, you can store that in the database as well.
First get the file extension:
$file_extension = strrchr($uploaded_file_name, ".");
Then rename the uploaded file with a unique id + file extension
$uploaded_file_name = uniqid() . $file_extension;
Example:
TIP: Save the original file name and other information in a database.
First get the extension with pathinfo()
Then create your unique name:
$name = 'myname'.uniqid();
Then rename your file.
$target_path = $target_path . $name.$ext);
move_upload_file takes the second parameters $destination, its where you are inserting the target_path ( where your file is going to be saved with that given name ).
I am trying to do a php upload that will upload into a specific folder.
One would choose the file they wish to upload next to a dropdown box which is a folder list. This is because it organises files.
<?php
session_start();
if(!isset($_SESSION["USER"]["Admin"])){
header("Location: index.html?unath");
}
$folder = mysql_real_escape_string($_POST['loc']);
$target_path = "../../shared/docs/$folder";
$upload2 = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $upload2)) {
echo "The file ". basename( $_FILES['uploadedfile']['name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}
?>
Currently the code uploads the file into the "docs" folder and not docs/folder. Instead it puts the folder name in front of the file. For example- if the folder is called "abc" and my file is called robs.docx it will upload it to the main Docs folder and call it abcrobs.docx
You have a missing slash
Replace this line:
$upload2 = $target_path . basename( $_FILES['uploadedfile']['name']);
with:
$upload2 = $target_path ."/". basename( $_FILES['uploadedfile']['name']);
OR:
Replace this line:
$target_path = "../../shared/docs/$folder";
with:
$target_path = "../../shared/docs/".$folder."/";
You do not need mysql_real_escape_string because there's no SQL involved here.
If no database connection is established, mysql_real_escape_string returns null. So you're probably throwing away the $_POST['loc'] value.
You should never ever use user supplied values for manipulating anything on the filesystem without really, really thorough inspection of what you're going to manipulate. See Security threats with uploads.
Use var_dump liberally to see what your values look like at various stages and do some debugging.
You are missing a slash after $target_path
Add a / on the end of your $target_path:
$target_path = "../../shared/docs/$folder/";
You should properly escape your variables:
$target_path = "../../shared/docs/". $folder ."/";
I'm using the following code to upload and rename files. That part works awesome, however it also posts some data to a db table.
The problem is the old name is getting posted to the db, but the file is renaming to the ID...how can I get the new name into the db?
Thanks in advance here is my code:
<?php
//This is the directory where images will be saved
$allowed_filetypes = array('.jpg','.pdf','.xlsx','.xls','.doc','.docx','.ppt','.pptx','.jpeg','.png','.gif','.pdf');
$max_filesize = 52428800; // max file size = 50MB
$target = $target . basename( $_FILES['document']['name']);
//This gets all the other information from the form
$billing_id=$_POST['billing_id'];
$shipping_id=$_POST['shipping_id'];
$file_name=$_POST['file_name'];
$file_type=$_POST['file_type'];
$file_description=$_POST['file_description'];
$file = $_FILES['document']['name']; // Get the name of the file (including file extension).
$ext = substr($file, strpos($file,'.'), strlen($file)-1);
if(!in_array($ext,$allowed_filetypes))//check if file type is allowed
die('The file extension you attempted to upload is not allowed.'); //not allowed
if(filesize($_FILES['document']['tmp_name']) > $max_filesize) //check that filesize is less than 50MB
die ('The file you attempted to upload is too large, compress it below 50MB.');
// Connects to your Database
mysql_connect("localhost", "root", "password") or die(mysql_error()) ;
mysql_select_db("table") or die(mysql_error()) ;
//Writes the information to the database
mysql_query("INSERT INTO customer_files (billing_id, shipping_id, file_name, file_type, file_description, file)
VALUES ('$billing_id', '$shipping_id', '$file_name', '$file_type', '$file_description', '$target')") ;
$target = "../../file_management/uploads/customers/" .mysql_insert_id() . $ext;
//Writes the file to the server
if(move_uploaded_file($_FILES['document']['tmp_name'], $target))
{
//Tells you if its all ok
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory";
}
else {
//Gives and error if its not
echo "Sorry, there was a problem uploading your file.";
}
?>
You are inserting the values to the database before you are renaming the file. You have to make change in your code. First insert the billing and shipping id in the databse, then take the last inserted id, rename the file with the last insert id and update the new name in databse. Change your code to:
<?php
//This is the directory where images will be saved
$allowed_filetypes =array('.jpg','.pdf','.xlsx','.xls','.doc','.docx','.ppt','.pptx','.jpeg','.png','.gif','.pdf');
$max_filesize = 52428800; // max file size = 50MB
$target = $target . basename( $_FILES['document']['name']);
//This gets all the other information from the form
$billing_id=$_POST['billing_id'];
$shipping_id=$_POST['shipping_id'];
$file_name=$_POST['file_name'];
$file_type=$_POST['file_type'];
$file_description=$_POST['file_description'];
$file = $_FILES['document']['name']; // Get the name of the file (including file extension).
$ext = substr($file, strpos($file,'.'), strlen($file)-1);
if(!in_array($ext,$allowed_filetypes))//check if file type is allowed
die('The file extension you attempted to upload is not allowed.'); //not allowed
if(filesize($_FILES['document']['tmp_name']) > $max_filesize) //check that filesize is less than 50MB
die ('The file you attempted to upload is too large, compress it below 50MB.');
// Connects to your Database
mysql_connect("localhost", "root", "password") or die(mysql_error()) ;
mysql_select_db("table") or die(mysql_error()) ;
//Writes the information to the database
mysql_query("INSERT INTO customer_files (billing_id, shipping_id) VALUES ('$billing_id', '$shipping_id')") ;
$target = "../../file_management/uploads/customers/" .mysql_insert_id() . $ext;
$last_id = mysql_insert_id();
$new_file_name = mysql_insert_id() . $ext;
mysql_query("UPDATE customer_files SET file_name='$new_file_name',file_type='$file_type',file_description='$file_description',file='$target' WHERE id=$last_id");
//Writes the file to the server
if(move_uploaded_file($_FILES['document']['tmp_name'], $target))
{
//Tells you if its all ok
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory";
}
else {
//Gives and error if its not
echo "Sorry, there was a problem uploading your file.";
}
?>
Hope this helps
The new 'name' is already in the DB - it's the primary key of the record that was created when you inserted the upload data:
$target = "../../file_management/uploads/customers/" .mysql_insert_id() . $ext;
^^^^^^^^^^^^^^^^^ the new filename
Okay so I am running into issues inserting a file into my database as a blob. I am able to upload the file to a folder on my database but I now want to insert the file into my database as a blob. I know this isnt generally ok to do but I WANT TO DO IT. Anyways I was wondering if anyone had any PHP code to insert a file into a blob table? I've tried using this to no avail maybe I am just not writing the SQL statement right?
<?php
$target = "./";
$target = $target . basename( $_FILES['uploadedfile']['name']);
$file=($_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['uploadedfile']['name']).
" has been uploaded";
}else{
echo "There was an error uploading the file, please try again!";
}
mysql_connect("localhost","root","");
mysql_select_db("ivrsupport");
$sql=mysql_query("insert into CUSTOMER (AUDIO_FILE)values
('$file') where PHONE_NUMBER = ('15555215554')");
$r=mysql_query($sql);
if(!$r){
echo "Error in query: ".mysql_error();
}
mysql_close();
?>
I would avoid storing files in the database. That's what FileSystems are for and are much better at doing so. There are millions of posts out there in the blogosphere explaining why not to. Even for a small application I wouldn't do it. It just feels dirty. A blob in the database holds no metadata about the file itself where as a FS can be queried in many ways to gleem information like file size, modification times, permissions etc... My $0.02
You need to read the file into a variable and then insert it.. giving it the filename only wont do.
$fp = fopen($basename, 'r');
$content = fread($fp, filesize($basename));
fclose($fp);
$sql=mysql_query("insert into CUSTOMER (AUDIO_FILE)values
('$content') where PHONE_NUMBER = ('15555215554')");
$file simply contains the name of the file not it's contents.
Try the following:
<?php
$target = "./";
$target = $target . basename( $_FILES['uploadedfile']['name']);
$file=($_FILES['uploadedfile']['name']);
$fileContents = file_get_contents($file);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['uploadedfile']['name']).
" has been uploaded";
}else{
echo "There was an error uploading the file, please try again!";
}
mysql_connect("localhost","root","");
mysql_select_db("ivrsupport");
$sql=mysql_query("insert into CUSTOMER (AUDIO_FILE)values
('$fileContents') where PHONE_NUMBER = ('15555215554')");
$r=mysql_query($sql);
if(!$r){
echo "Error in query: ".mysql_error();
}
mysql_close();