I have come across as problem that has me scratching my head since a couple of days now. I am using jQuery Uploadify to upload files to a web server. I am using a slightly amended uploadify.php script that handles the file upload:
if (!empty($_FILES)) {
$tempFile = $_FILES['Filedata']['tmp_name'];
$targetPath = $_SERVER['DOCUMENT_ROOT'] . "/file-repository/" . $_REQUEST['folder'] . '/';
$targetFilename = str_replace(" ","-",$_FILES['Filedata']['name']);
$targetFilename = preg_replace('/[^a-zA-Z0-9-_.]/', '', $targetFilename);
$targetFile = str_replace('//','/',$targetPath) . $targetFilename;
move_uploaded_file($tempFile,$targetFile);
echo str_replace($_SERVER['DOCUMENT_ROOT'],'',$targetFile);
}
?>
This script was working fine until yesterday. Now it throws the following error:
Warning:
move_uploaded_file(/home/server/public_html/devhealth-safety/administration/group/image.jpg)
[function.move-uploaded-file]:
failed to open stream: No such file or directory in
/home/tdserver/public_html/sb3/lib/js/uploadify/uploadify.php
on line 46 Warning: move_uploaded_file()
[function.move-uploaded-file]:
Unable to move \'/tmp/phpYH8nfH\' to
\'/home/server/public_html/devhealth-safety/administration/group/image.jpg\'
in
/home/server/public_html/dev/lib/js/uploadify/uploadify.php
on line 46
For some reason the . "/file-repository/" . portion in uploadify.php is dropped, which means that the script tries to move the file to a bogus path on the server.
Now, as I said, the script has worked and I haven't modified it. I have fiddled with the folder structures, but the file path is correct, the file-repository folder has all read/write/execute permissions and belongs to the PHP owner and owner groups (which in this case is nobody:nobody). So I would not think that my tinkering with the folders has anything to do with this problem (but who knows?)
Oddly enough, if I replace . "/file-repository/" . with . "/filerepository/" . the script throws the error I would expect:
Warning:
move_uploaded_file(/home/server/public_html/dev/filerepository/health-safety/administration/group/image.jpg)
[function.move-uploaded-file]:
failed to open stream: No such file or directory in
/home/tdserver/public_html/sb3/lib/js/uploadify/uploadify.php
on line 46
So the question is... why does PHP drop the string portion that contains the hyphen? Any ideas?
in your regular expression , the hyphen should be placed at last !!
'/[^a-zA-Z0-9-_.]/' should be '/[^a-zA-Z0-9_.-]/'
Related
I made a website a couple of year ago which has worked fine till now.
now, when I try to load an image from the backend it raises me some warning and the Image fails to be moved in the destination directory.
here is the warning I get
Warning: move_uploaded_file(path/image_name.jpg): failed to open
stream: Permission denied in
D:\inetpub\webs\remote_directory\php_script_name.php on line 184
Warning: move_uploaded_file(): Unable to move
'C:\PHPVersions\PHP55\uploadtemp\php418A.tmp' to 'path/image_name.jpg'
in D:\inetpub\webs\remote_directory\php_script_name.php on line 184
here is the line giving me the warning
if (!move_uploaded_file($_FILES['img_'.$pos]['tmp_name'], 'path/'."part_of_image_name".$_FILES['img_'.$pos]['name'])) {
$msg = "<p>Error loading image!!</p>";
break;
}
it does not even print the error message.
I tried to change permissions on directory (and all subdirs and files) via ftp but I'm not sure it succeded because it was giving me the following message
Comando: SITE CHMOD 740 Photo4.jpg.
Risposta: 500 'SITE': command not
understood
(by the way I read somewhere that it does not fix the problem. However the guy said he solved by using some magic which is not working for me - or I'm misunderstanding how to do it)
Everything worked until a few days/weeks ago (the customer wasn't clear on that point) so I just wanted to know if this is a kind of known issue or what (and a possible solution), since after a littlebit of research I could not find anything usefull.
try this, but first create a directory named uploads in the root directory:
$target_path = "uploads/";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['uploadedfile']['name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}
Found out to solve the problem by using the control panel of site hosting provider to change manually permissions on directory.
I have a form and with input type file....what I am trying to do is save that file to the server (in this case, localhost)
move_uploaded_file($_FILES["image"]["tmp_name"], "/admin-uploads/" . $_FILES["image"]["name"]);
and this is the error I get:
Warning: move_uploaded_file(/admin-uploads/home.jpg): failed to open stream: No such file or directory in /Applications/XAMPP/xamppfiles/htdocs/Site/admin/Insert.php on line 30
Warning: move_uploaded_file(): Unable to move '/Applications/XAMPP/xamppfiles/temp/phpsoF2wg' to '/admin-uploads/home.jpg' in /Applications/XAMPP/xamppfiles/htdocs/Site/admin/Insert.php on line 30
Am I missing code?
Assuming "/admin-uploads/" directory is a subdirectory of where this script is run. You need the full path to the destination directory.
as:
move_uploaded_file($_FILES["image"]["tmp_name"], __DIR__."/admin-uploads/" . $_FILES["image"]["name"]);
fyi: please be aware that the 'user supplied' [image][name] may not be a valid filename. it may be worthwhile 'sanitizing' it.
This question already has answers here:
PHP Fatal Error Failed opening required File
(7 answers)
Closed 3 years ago.
I am working on a PHP project,i am getting an error in require_once(or even in require)
Warning: require_once(C:/wamp/www/MyFiles/MyProject/includes/db_config.php) [function.require-once]: failed to open stream: No such file or directory in C:\wamp\www\MyFiles\MyProject\includes\autoloads.php on line 9
Fatal error: require_once() [function.require]: Failed opening required 'C:/wamp/www/MyFiles/MyProject/includes/db_config.php' (include_path='.;C:\php5\pear') in C:\wamp\www\MyFiles\MyProject\includes\autoloads.php on line 9
this is how i am including the file
$root = $_SERVER['DOCUMENT_ROOT'];
//config..
require_once($root . '/MyFiles/MyProject/includes/db_config.php');
i have tried using
echo $root . '/MyFiles/MyProject/includes/db_config.php';
It is printing URL properly
ie C:\wamp\www\MyFiles\MyProject\includes\db_config.php
I am using WAMP server 5 autload.php and db_config.php are in same folder
Double check if the file exists on the server. If you can't for whatever reason, this will do it:
if(file_exists($myFile)){
echo"The file is there";
}//end of file exists
else{
echo"the file does NOT exist....fool";
}//end of else - the file is not there
That's the only problem I can think of - the file is not where it should be... Try the above and keep me updated.
Might as well be a problem with the directory separator being diffrent on linux and windows machines.
Maybe try using the constant DIRECTORY_SEPARATOR instead of hardcoded separators?
check the existence of file, if exists, check the permission of file.
Try this require construction
require 'file';
..or this root settings
$root = realpath($_SERVER['DOCUMENT_ROOT']);
update
use virtual host
Is the file readable?
Try this:
<?php
echo "Does file exist?". file_exists($file) ? 'true' : 'false';
echo "Is it readable?".is_readable($file) ? 'true' : 'false';
require_once $file;
You can also use path relative to the file you're in, instead of relying on the DOCUMENT_ROOT string:
<?php
$root = realpath(dirname(__FILE__));
Additionally, the directory separate in windows is by default \, not / (alltough / should resolve aswell, even for require). There's a predefined constant you could use, just to make sure it's compatible everywhere though:
require_once($root . DIRECTORY_SEPARATOR . 'MyFiles' . DIRECTORY_SEPARATOR . 'MyProject' . DIRECTORY_SEPARATOR . 'includes' . DIRECTORY_SEPARATOR . 'db_config.php';
Also, if you are using APC cache, you can attempt to restart it, if there's a stale cache of the file. (E.G filemtime is incorrect)
I'm making a image uploader but I have come across 2 errors. Which are:
Warning: move_uploaded_file(upload/Corgi 007.jpg) [function.move-uploaded-file]: failed to open stream: No such file or directory in /home/stationr/public_html/admin/doupload.php on line 12
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/chroot/tmp/phpMvRSbS' to 'upload/Corgi 007.jpg' in /home/stationr/public_html/admin/doupload.php on line 12
The errors are occuring when I call the move_uploaded_file() method. Here is my code (note this has no error checking what so ever it is just bare ones uploading).
<?php
error_reporting(E_ALL);
error_reporting(-1);
ini_set('error_reporting', E_ALL);
$filename = $_FILES["file"]["name"];
$filesize = $_FILES["file"]["size"];
move_uploaded_file($_FILES["file"]["tmp_name"],"upload/$filename");
?>
You've failed to check if the upload succeeded at all:
if ($_FILES['file']['error'] === UPLOAD_ERR_OK) {
move file ...
} else {
die("Upload failed with error code " . $_FILES['file']['error']);
}
The error codes are documented here: http://www.php.net/manual/en/features.file-upload.errors.php
As well, is there a "upload" subdirectory in whatever your script's current working directory is? Does the web server process have write permissions on that directory?
And as a MAJOR security hole, blindlly using the ['name'] parameter of the upload as your target filename allows a malicious user to scribble on ANY file on your server. Never ever blindly use that filename. If the upload filename is provided as (say) ../../../../../../etc/passwd, you've now allowed someone to replace your system password file.
using this line
$file_move = move_uploaded_file($_FILES['uploadedfile']['tmp_name'],
plugins_url('/css', __FILE__));
returns:
move_uploaded_file(http://localhost/*) [function.move-uploaded-file]: failed to open stream: HTTP wrapper does not support writeable connections in /Applications/MAMP/htdocs/***/as_settings.php on line 60
I have checked both arguments, and they are correct. I'm new to this side of coding, what have I missed?
---EDIT
In response to answers, have changed code to:
$dir = ABSPATH . 'wp-content/plugins/app-switcher/css';
$file = $_FILES['uploadedfile']['tmp_name'];
$file_move = move_uploaded_file($file,$dir);
Now my error response is:
Warning: move_uploaded_file(/Applications/MAMP/htdocs//wp-content/plugins/app-switcher/css/) [function.move-uploaded-file]: failed to open stream: Is a directory in /Applications/MAMP/htdocs//wp-content/plugins/app-switcher/as_settings.php on line 61
The error message is pretty obvious, your destination file should be a path, not a URL
You can't use a http:// URL as the target for move_uploaded_file(). You need to use a file path.
You're not saying what framework you are using, but it may have a counterpart to plugins_url() that returns a file path.
second parameter should not be URL
It's still obvious.
you have to pass a filename, not directory to this function