Jump to content


Photo

Image Upload

php database

  • Please log in to reply
10 replies to this topic

#1 subhomoy

subhomoy

    Advanced Member

  • Members
  • PipPipPip
  • 115 posts
  • LocationIndia, Kolkata
  • Age:21

Posted 24 January 2013 - 12:45 PM

i wanted to upload a image in godaddy server with a php script. It worked on my computer, 3owl.com. but when ever i'm trying to upload in godaddy's server, i'm getting an error...

The script is
<?php include('_header.php'); ?> <------- Database connection is done here.
<?php
if(!isset($_SESSION['email']))
    header("Location:index.php");
?>
<?php
$pid=$_REQUEST['uid'];
?>
   <?php
if(isset($_REQUEST['Submit'])){
//define a maxim size for the uploaded images in Kb
define ("MAX_SIZE","10000000");
//This function reads the extension of the file. It is used to determine if the file is an image by checking the extension.
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
//This variable is used as a flag. The value is initialized with 0 (meaning no error found) and it will be changed to 1 if an errro occures. If the error occures the file will not be uploaded.
$errors=0;
//checks if the form has been submitted
if(isset($_POST['Submit']))
{
//reads the name of the file the user submitted for uploading
$image=$_FILES['image']['name'];
//if it is not empty
if ($image)
{
//get the original name of the file from the clients machine
$filename = stripslashes($_FILES['image']['name']);
//get the extension of the file in a lower case format
$extension = getExtension($filename);
$extension = strtolower($extension);
//if it is not a known extension, we will suppose it is an error and will not upload the file, otherwize we will do more tests
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
{
//print error message
echo '<h1>Unknown extension!</h1>';
$errors=1;
}
else
{
//get the size of the image in bytes
//$_FILES['image']['tmp_name'] is the temporary filename of the file in which the uploaded file was stored on the server
$size=filesize($_FILES['image']['tmp_name']);
//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*1024)
{
echo '<h1>You have exceeded the size limit!</h1>';
$errors=1;
}
//we will give an unique name, for example the time in unix time format
$image_name=time().'.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="upload/".$image_name;
//we verify if the image has been uploaded, and print error instead
$copied = copy($_FILES['image']['tmp_name'], $newname); <-------------- here i'm getting the error.
$sql="INSERT INTO images (image_id,product_id,images_link) VALUES('', '$pid', '$newname')";
$result= mysql_query($sql);
if (!$copied)
{
echo '<h1>Copy unsuccessfull!</h1>';
$errors=1;
}}}}
//If no errors registred, print the success message
if(isset($_POST['Submit']) && !$errors)
{
echo "<strong><font size='4' color='#2497e0'>Image Added Successfully</font></strong>";
}
}
?>
<form name="newad" method="post" enctype="multipart/form-data" action="">
<table>
<tr><td><input type="file" name="image"></td></tr>
<tr><td><input name="Submit" type="submit" value="Upload image"></td></tr>
</table>
</form>

And the error is
Warning: copy(upload/1359049130.jpg) [function.copy]: failed to open stream: Permission denied in D:\Hosting\7528824\html\Admin\product1.php on line 82

Any help guyssss....

Thanks in advance...

#2 1internet

1internet

    Advanced Member

  • Members
  • PipPipPip
  • 137 posts

Posted 24 January 2013 - 01:32 PM

Instead of your getExtension function, you can just use:
$type = $_FILES['image']['type'];
$allowed = array('image/jpeg', 'image/png', 'image/gif');
if(in_array($type, $allowed)) {
//image upload code
}
I would also either concatenate the errors or add them in an array, and echo them all out at the end.

Instead of copy, why not use
move_uploaded_file($_FILES['image']['tmp_name'], $newname)


#3 requinix

requinix

    Playful Member

  • Moderators
  • 5,744 posts
  • LocationWA

Posted 24 January 2013 - 01:51 PM

Make sure your upload/ folder has world-writable permissions: 0777.

[edit]

Instead of your getExtension function, you can just use:

$type = $_FILES['image']['type'];
$allowed = array('image/jpeg', 'image/png', 'image/gif');
if(in_array($type, $allowed)) {
//image upload code
}

Problem is that you can't trust the type - it's sent from the browser so it can be forged by a malicious user. Plus IE tends to use unusual values so you'd have to account for those.
Short of something like getimagesize (a good idea), checking the extension is the next best thing.

Edited by requinix, 24 January 2013 - 01:52 PM.


#4 subhomoy

subhomoy

    Advanced Member

  • Members
  • PipPipPip
  • 115 posts
  • LocationIndia, Kolkata
  • Age:21

Posted 25 January 2013 - 12:24 AM

im still having the same problem....
Warning: move_uploaded_file(upload/1359091396.jpg) [function.move-uploaded-file]: failed to open stream: Permission denied in D:\Hosting\7528824\html\Admin\product1.php on line 82
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move 'D:\Temp\php\php910C.tmp' to 'upload/1359091396.jpg' in D:\Hosting\7528824\html\Admin\product1.php on line 82


#5 requinix

requinix

    Playful Member

  • Moderators
  • 5,744 posts
  • LocationWA

Posted 25 January 2013 - 01:29 AM

"Still", after you changed to using move_uploaded_file()? Did you do anything else?

#6 subhomoy

subhomoy

    Advanced Member

  • Members
  • PipPipPip
  • 115 posts
  • LocationIndia, Kolkata
  • Age:21

Posted 25 January 2013 - 01:48 AM

no nothing else except the part u told me to do...

I think its with the php.ini file located in the server...

#7 requinix

requinix

    Playful Member

  • Moderators
  • 5,744 posts
  • LocationWA

Posted 25 January 2013 - 02:44 AM

What about the php.ini? Neither move_uploaded_file() nor the 0777 permissions have to do with it.

#8 White_Lily

White_Lily

    Advanced Member

  • Members
  • PipPipPip
  • 521 posts

Posted 25 January 2013 - 06:40 AM

I see a problem! Look at the second warning he posted and you will see he is moving a file to an image, rather than a directory.

Edited by White_Lily, 25 January 2013 - 06:40 AM.

"In order to be irreplaceable, one needs to be different from another."

CMS Development: http://cms.janedeaslart.co.uk/


#9 PFMaBiSmAd

PFMaBiSmAd

    Advanced Member

  • Staff Alumni
  • 16,767 posts
  • LocationColorado, U.S.A.

Posted 25 January 2013 - 08:19 AM

@White_Lily,

The destination is an (optional) path and the filename.

Programming is an exact science, Please don't post replies unless you absolutely know what the answer is.
Signature: (not a comment about anything you posted unless specifically indicated)
Debugging step #1: To get past the garbage-out equals garbage-in stage in your code, you must check that the inputs to your code are what you expect.

Programming is just problem solving, but it is done in another language. You must learn enough of the programming language you are using to be able to read and write code.

#10 subhomoy

subhomoy

    Advanced Member

  • Members
  • PipPipPip
  • 115 posts
  • LocationIndia, Kolkata
  • Age:21

Posted 25 January 2013 - 11:21 AM

"Still", after you changed to using move_uploaded_file()? Did you do anything else?

So what to do... i'm failing in every case... Any help...

#11 mikosiko

mikosiko

    this mat is so comfy!!

  • Members
  • PipPipPip
  • 1,260 posts

Posted 25 January 2013 - 11:42 AM

requinix told you what to do several post ago... did you follow his advice?

Make sure your upload/ folder has world-writable permissions: 0777.


Edited by mikosiko, 25 January 2013 - 11:42 AM.

 
ini_set("display_errors", 1);
error_reporting(-1);




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Cheap Linux VPS from $5
SSD Storage, 30 day Guarantee
1 TB of BW, 100% Network Uptime

AlphaBit.com