toolman Posted January 26, 2010 Share Posted January 26, 2010 Hi there, I have a script that uploads files into a directory (777), but when I try to access the files, I get a Forbiddon error. Any ideas what would be causing this? This is the PHP code I am using: $MaxFileSize = "2048000"; // max file size in bytes $HDDSpace = "1048576"; // max total size of all files in directory $HDDTotal = "445"; $OffExt = ""; // add characters to strip out of filenames $ThisFileName = basename(__FILE__); // get the file name $abspath = str_replace($ThisFileName,"",__FILE__); // get the directory path // full path $path=$abspath; $pathext="upload/"; $snr = array("%","'","+","\\","/","#","..","!",'"',',','?','*','~'); $temp=$HTTP_POST_FILES['uploadedfile']['name']; $Name=$_REQUEST["Name"]; $Email=$_REQUEST["Email"]; $Phone=$_REQUEST["Phone"]; $Comments=$_REQUEST["comments"]; if($HTTP_POST_FILES['uploadedfile']['name']) { $HTTP_POST_FILES['uploadedfile']['name'] = strip_tags($HTTP_POST_FILES['uploadedfile']['name']); $HTTP_POST_FILES['uploadedfile']['name'] = str_replace($snr,"",$HTTP_POST_FILES['uploadedfile']['name']); // remove any % signs from the file name $HTTP_POST_FILES['uploadedfile']['name'] = trim($HTTP_POST_FILES['uploadedfile']['name']); /* if the file size is within allowed limits */ if($HTTP_POST_FILES['uploadedfile']['size'] > 0 && $HTTP_POST_FILES['uploadedfile']['size'] < $MaxFileSize) { /* if adding the file will not exceed the maximum allowed total */ if(($HDDTotal + $HTTP_POST_FILES['uploadedfile']['size']) < $HDDSpace) { /* put the file in the directory */ move_uploaded_file($HTTP_POST_FILES['uploadedfile']['tmp_name'], $path.$pathext.$HTTP_POST_FILES['uploadedfile']['name'].$OffExt); $msg = "The file ".$HTTP_POST_FILES['uploadedfile']['name']." is Successfully uploaded "; $myfrom = $Email; $myemail = "[email protected]"; $todayis = date("l, F j, Y, g:i a") ; $filename="http://www.mywebsite.com/writabledirectory/".$pathext.$HTTP_POST_FILES['uploadedfile']['name'].$OffExt; $filename=str_replace("","%20",$filename); $Email= stripcslashes($Email); $Name= stripcslashes($Name); $Phone= stripcslashes($Phone); $comments= stripcslashes($comments); $Fax= stripcslashes($Fax); $Speciality= stripcslashes($Speciality); $Clinic= stripcslashes($Clinic); $subject= "New CV Uploaded"; $message = " uploadedfile : $filename Name : $Name Email : $Email Phone : $Phone Comments : $Comments "; $from = "From: $myfrom\r\n"; mail($myemail, $subject, $message, $from); } else { $msg = "The Filename: ".$HTTP_POST_FILES['uploadedfile']['name']." is BLOCKED from being uploaded here."; } } else { $MaxKB = $MaxFileSize/1024; // show the max file size in Kb $msg = "The file was greater than the maximum allowed, file size of $MaxKB and could not be uploaded."; } } print $msg; Thanks Link to comment https://forums.phpfreaks.com/topic/189890-forbiddon-error-accessing-files/ Share on other sites More sharing options...
teamatomic Posted January 26, 2010 Share Posted January 26, 2010 As far as the server is concerned, you and php are not the same user. When you upload the file set the perms a bit more open or better yet look at: chown and chgrp if you dont know your owner and group names then use a ftp client and dirinfo -rwxr-x--- 1 owner group 154 Nov 28 22:03 index.php HTH Teamatomic Link to comment https://forums.phpfreaks.com/topic/189890-forbiddon-error-accessing-files/#findComment-1002070 Share on other sites More sharing options...
toolman Posted January 27, 2010 Author Share Posted January 27, 2010 Thanks for the reply. I am still a bit confused. Do I set the permissions in the actual script or the file and folder? I tried setting my php file and /upload folder to 644, but it still doesn't work. Link to comment https://forums.phpfreaks.com/topic/189890-forbiddon-error-accessing-files/#findComment-1002428 Share on other sites More sharing options...
teamatomic Posted January 27, 2010 Share Posted January 27, 2010 It is probably the file itself. Use the script to chmod() it to 777 and see what happens. Again, look at the file the script uploads, determine the owner/group and change it to match the owner/group of a file you have upload via ftp client. HTH Teamatomic Link to comment https://forums.phpfreaks.com/topic/189890-forbiddon-error-accessing-files/#findComment-1002433 Share on other sites More sharing options...
toolman Posted January 27, 2010 Author Share Posted January 27, 2010 Hi, I now have my form in a different file with the acation in a file called cv.php I have given cv.php a permission of 777 via FTP and my form page a permission of 644. Howver, after submitting the form, I still get the forbiddon error Am I doing this correctly? Link to comment https://forums.phpfreaks.com/topic/189890-forbiddon-error-accessing-files/#findComment-1002470 Share on other sites More sharing options...
teamatomic Posted January 27, 2010 Share Posted January 27, 2010 You are not understanding. It is not the form, it is not your processing file. It is PHP making a file. PHP is the owner of the file, not you. Do what I said. Use a ftp client and look at the file uploaded by the script and compare it to a file ~you~ have uploaded via the ftp client. Note the differences as I said earlier. Maybe it will be clearer then, if not read this, maybe it will help. http://www.justskins.com/forums/chown-chgrp-of-a-http-owned-file-after-upload-70664.html Link to comment https://forums.phpfreaks.com/topic/189890-forbiddon-error-accessing-files/#findComment-1002477 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.