andre1990

Hey, practicing my PHP for the first time, starting with a simple upload script with Xampp. Script: $target = '/Uploads'; $uploadedfile = $target . basename($_FILES['file']['name']); if(move_uploaded_file($_FILES['file']['tmp_name'], $target)){ echo "The file ". basename($_FILES['file']['name'])." has been uploaded."; } else { echo 'Failed'; } error_reporting(E_ALL); It echos out a successful, but the file is nowhere? Uploads is inside htdocs. Checked my php.ini file: file_uploads = On upload_tmp_dir = "C:\xampp\tmp" upload_max_filesize = 128M Just wondering if there are any permission i may have missed?

Thank you very much, did the trick wonderfully!

Can this be done easily enough with php? I've attached my current code below, but don't see how i could add this in. $name = $_FILES['file']['name']; $temp = $_FILES['file']['tmp_name']; $size = $_FILES['file']['size']; $random = md5(uniqid(rand(), true)); $random = substr($random, 0, 20); if (!$name || !$temp || !$size) { echo "Go back and select a file."; exit(); } foreach ($_FILES as $file) { if ($file['tmp_name'] != null) { $thisext1=explode(".", strtolower($file['name'])); $thisext=$thisext1[count($thisext1)-1]; if (!in_array($thisext, $extensions)) { echo "That file type is not allowed."; exit(); } } }

so files are uploaded to a non web accessible directory on my server, but i want to provide a URL or some for of download access to these files. Below is my attempt, but it isn't working. $destination = $_SERVER["DOCUMENT_ROOT"] . "/../Uploads/" . $random; mkdir($destination); move_uploaded_file($temp, $destination."/".$name); // OLD LINE $final = $server."/".$destination."/".$name; $yourfile = readfile('var/www/vhosts/site.com/'.$destination.'/'.$name'); and i then echo our $yourfile: <?php echo $yourfile; ?> elsewhere. I either get a failed to open stream, or a huge long string. Or it just doesnt work. Is there any solution to just download the file on request via URL? I want to keep the directory non web accessible.

Yes, i have a question! So i have files in: /var/www/vhosts/site.com/Uploads (One step above root) How do i serve these files to people so they can download them? I'd like to provide a url or something? $yourfile = ("/var/www/vhosts/site.com/Uploads/ . $random . $name. ") Where $random and $name are defined elsewhere, then just echo yourfile out? Will that auto download the file when you click a link? I think i need to symlink?

How do you mean? I've tried to make some progress (below): BEFORE <?php ob_start(); session_start(); $extensions = array("jpg", "png","jpeg", "gif", "zip", "rar", "swf", "tiff", "bmp", "txt", "fla", "7z", "tar", "gz", "iso", "dmg", "mp3", "wav", "m4a", "aac", "doc", "docx", "xls", "rtf", "ppt", "bsd", "exe", "psd", "c4d", "pdf", "dwg", "max", "ipa", "vtf", "iam", "ipt", "flv", "cap", "scr"); $maxsize = 104288000; $server = "http://www.andredomain.com"; $name = $_FILES['file']['name']; $temp = $_FILES['file']['tmp_name']; $size = $_FILES['file']['size']; $random = md5(uniqid(rand(), true)); $random = substr($random, 0, 20); if (!$name || !$temp || !$size) { echo "Go back and select a file."; exit(); } foreach ($_FILES as $file) { if ($file['tmp_name'] != null) { $thisext1=explode(".", strtolower($file['name'])); $thisext=$thisext1[count($thisext1)-1]; if (!in_array($thisext, $extensions)) { echo "That file type is not allowed."; exit(); } } } if ($size > $maxsize) { echo "File size too big."; exit(); } $destination = 'Uploads/' . $random ; mkdir($destination); move_uploaded_file($temp, $destination."/".$name); $final = $server."/".$destination."/".$name; $contents = file_get_contents("http://is.gd/create.php?format=simple&url=$final"); ?> AFTER <?php ob_start(); session_start(); $extensions = array("jpg", "png","jpeg", "gif", "zip", "rar", "swf", "tiff", "bmp", "txt", "fla", "7z", "tar", "gz", "iso", "dmg", "mp3", "wav", "m4a", "aac", "doc", "docx", "xls", "rtf", "ppt", "bsd", "exe", "psd", "c4d", "pdf", "dwg", "max", "ipa", "vtf", "iam", "ipt", "flv", "cap", "scr"); $maxsize = 104288000; $server = "/var/www/vhosts/andredomain.com/Uploads"; $name = $_FILES['file']['name']; $temp = $_FILES['file']['tmp_name']; $size = $_FILES['file']['size']; $random = md5(uniqid(rand(), true)); $random = substr($random, 0, 20); if (!$name || !$temp || !$size) { echo "Go back and select a file."; exit(); } foreach ($_FILES as $file) { if ($file['tmp_name'] != null) { $thisext1=explode(".", strtolower($file['name'])); $thisext=$thisext1[count($thisext1)-1]; if (!in_array($thisext, $extensions)) { echo "That file type is not allowed."; exit(); } } } if ($size > $maxsize) { echo "File size too big."; exit(); } $destination = '../uploads/' . $random ; mkdir($destination); move_uploaded_file($temp, $destination."/".$name); $final = $server."/".$destination."/".$name; $contents = file_get_contents("http://is.gd/create.php?format=simple&url=$final"); $filesource = '/var/www/vhosts/andredomain.com/Uploads'; $myfile = file_get_contents('$filesource."/".$destination."/".$name'); ?> <?php ob_start(); ?> <!DOCTYPE html> <html> <head> <title>File Uploaded!</title> <link rel="stylesheet" href="style.css" type="text/css"> <link REL="SHORTCUT ICON" HREF="images/favicon.ico"> </head> <body> <div id="topbar"> <div class="content"> <div class="logo"><img src="images/logo.png" height="90"/></div> </div> </div> <div id="navbar"> <ul> <li><a href="http://www.uploadvillage.com" id="active">Uploaded! Back Home?</a></li> <li><a href="http://www.uploadvillage.com/tos.php">TOS</a></li> <li><a href="http://www.uploadvillage.com/faq.php">FAQ</a></li> <li><a href="http://www.uploadvillage.com/contact.php">Contact Us</a></li> <li><a href="http://www.uploadvillage.com/donate.php">Donate</a></li> </ul> </span> </center> <div id="main"><center> <div id="side1"><br><BR><BR> <br /><strong>Uploaded!</strong><br /> <span class="small"> <br /> Bypass Filter (SHORT URL):<br /> <input type="text" size="10" onClick=select() value="<?php echo $contents;?>" READONLY><p /> Direct download :<br /> <input type="text" size="28" onClick=select() value="<?php echo $final; ?>" READONLY><p /> Forum Code download/view:<br /> <input type="text" size="38" onClick=select() value="[url]<?php echo $final; ?>[/url]" READONLY><p /> <a href="<?php echo $server; ?>/delete.php?filename=<?php echo $name; ?>&folder=<?php echo $destination; ?>">Delete your file? </a> </span> <div class="clear"></div></center> </div></CENTER> <br><center><span class="small">© Upload Village 2010.</span></center> <center><a href="http://www.facebook.com/pages/UploadVillagecom/186225441417890"><img src="images/facebook.ico"></a></center> </div> </div> <div class="clear"></div> </div> </body> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-17632658-8']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </html>

When i put the line of code in with ../uploads ... The url goes to: http://www.mydomain.com/uploads/randomstring/fine.txt and it says the file doesn't exist. Uploads has 777 permissions at the mo.

$random = md5(uniqid(rand(), true)); $random = substr($random, 0, 20); It is defined!

So i have a file uploader that allows people to upload files to the server and then download them via a URL. I want to store uploaded files outside of the Root. (One level up from the root in a folder called Uploads) Code snippet $server = "http://www.mysite.com"; $name = $_FILES['file']['name']; $temp = $_FILES['file']['tmp_name']; $size = $_FILES['file']['size']; $destination = '../uploads/'. $random; mkdir($destination); move_uploaded_file($temp, $destination."/".$name); $final = $server."/".$destination."/".$name; This... $destination = '../uploads/' . $random ; Didn't work, any tips?

The issue is that i am not going to stop 100% of them being uploaded, and the few that are uploaded are causing my site to be flagged. So you have on one hand sites that have viruses on them and arent flagged, and mine on the other hand that has few that are dealt with as quickly as possible that are being flagged.

Appreciate the help KP, but the question still remains as to why sites like fileave.com do not get flagged whatsoever; and i know for a fact that people host their viruses on there. Could it be the way im uploading the files, is it too 'raw'?

So my site gets flagged by AV's because once in a while a virus will be uploaded. Now this doesnt affect sites like fileave.com which actually have viruses on their system, so how come it affects us? My site is currently just a php upload site, would maybe have mysql store the files help? I don't know, im just asking for tips/methods. Thanks.

Struggling with the google shortnener. Cant make use of any api info given.

Being a complete newbie, i was wondering if the said would be possible through PHP? If so, could anyone help out. I would be willing to pay for such work...only because my levels of knowledge are far too low.

Hi, thanks for the help, still blank though. I currently have: $final = $server."/".$destination."/".$name; $contents = file_get_contents("http://api.bit.ly/v3/shorten?login=andre1990 &apiKey=R_56a95c84d089129012516e24806c3649 &longUrl=".urlencode($final)."&format=txt") ?> Echoed out: <input type="text" size="28" onClick=select() value="<?php echo $contents;?>" READONLY><p /> Struggling to see the issue.