Bigfunkychief

Hello, New to file upload boxes, working in PHP. My code seems to work great in IE, but not in Firefox or Chrome. This form shows the input box for the filename in IE and Firefox (with a Browse button), but Chrome only shows the Browse button, no filename box. <form enctype="multipart/form-data" method="post" action="profile.php"> <input type="file" size="32" name="image_field_photo" value=""> <br><input type="submit" name="Submit" value="Upload"> IE will upload the file to the specified directory, then update the DB based on the filename. Firefox will not upload the file, nor will Chrome. Using SSL for all pages. Using an upload class I got off PHPClasses.org - what's weird is I have used this same class on another project, and can upload files via Chrome. Any ideas? Thanks! [attachment deleted by admin]

Thanks for the help. Good advice on both posts - what I did specifically for this GoDaddy Shared hosting was to: 1. Enable SSH access 2. Setup SFTP (good practice anyways) 3. That gave me access to the subfolders in my FTP client, and then I could put my db connect strings in a subfolder out of the HTML folder. Thanks!

Hello - I have usually run my own servers, and always drop my .php files with MYSQL connection strings in a directory like /var, with webroot being /var/www/mysite. I now find myself in a shared hosting environment for a client and wondering the safety of my connection string .php files. Unfortunately they are sitting in a folder in the root of my hosting directory right now, and they feel vulnerable. It seems the only thing I could do would be to put the root of my hosting into a subdirectory, point the site there, and then put my connection strings on directory back. But seems the problem is they are still in my shared hosting. What's the best way to secure this type of sensitive info in a shared environment? I'm also getting ready to explore credit card processing via an API, and wondering if shared hosting is even worth it. Thanks!!

Thanks for the tip to turn on the error message. Much easier to tshoot!! After researching the error about invalid chars in the session id, I found someone recommending this fix: session_name("sess_SomethingSecure"); session_start(); Adding the session_name before the start has seemed to fix my problem. I'm happy to leave it like this, but does anyone know if doing this is any type of security issue or sloppy code? Thanks again for the help.

Ah ha. Here's what I get on the first page (home.php): ----{snip} Warning: session_start() [function.session-start]: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /var/www/proposals/home.php on line 5 Notice: Undefined variable: firstname in /var/www/proposals/home.php on line 14 Notice: Undefined variable: lastname in /var/www/proposals/home.php on line 15 Notice: Undefined variable: emailaddr in /var/www/proposals/home.php on line 16 User login session var is srace Click here to see what happens Warning: Unknown: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0 Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0 ----{snip} Second page (page1.php): ----{snip} Warning: session_start() [function.session-start]: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /var/www/proposals/page1.php on line 5 Session is: Notice: Undefined index: userlogin in /var/www/proposals/page1.php on line 9 Warning: Unknown: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0 Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0 ----{snip}

This is starting to drive me crazy...tried scouring the Internet and forums but can't figure it out. I have an existing website on this Apache webserver that is passing Session Variables just fine... I am creating a new site, and copied the basic framework from the existing site but for some reason session variables aren't being passed. My code for home.php (where it registers the vars) is this: -----{snip} <?php session_start(); header("Cache-control: private"); $userlogin = $_GET['userlogin']; // REGISTER SESSION VARIABLES FOR USER // ------------------------------------------------ $_SESSION['userlogin'] = $userlogin; $_SESSION['firstname'] = $firstname; $_SESSION['lastname'] = $lastname; $_SESSION['emailaddr'] = $emailaddr; echo 'User login session var is ' . $_SESSION['userlogin']; echo '<br><a href="page1.php">Click here to see what happens</a>'; exit(); -----{snip} And, my page1.php code is this: -----{snip} <?php session_start(); header("Cache-control: private"); echo "Session is: "; echo $_SESSION['userlogin']; exit; ?> -----{snip} Home.php shows the following output: User login session var is srace Click here to see what happens Page1.php shows the following output: Session is: Any help is appreciated! I'm 2 days into trying to figure this out and driving me nuts! Thanks!!