PHP Image Upload Error

[hlemon]

Hey all,

 

I've been working on this problem for a bit and have become stumped. I tested this before and found it working, now I keep getting and error message:

 

Warning: copy(uploadedImages/funny-pictures-cat-is-koala.jpg) [function.copy]: failed to open stream: Permission denied in D:\Hosting\2898250\html\cms\uploadImage.php on line 62

Error:

 

I called the hosting company about it and they said it was an access error. I recreated the database to include access to the system and still get the same error. My code is below.

 

<?php
// This code will password protect the page
/*session_start();
if ($_SESSION['login'] <> TRUE) {
        header('Location: login.php');
}*/
include_once ("connect.php");
include_once ("functions.php");

$ID = $_GET['ID'];
$sSqlSelect = "SELECT * FROM productIndex WHERE ID='$ID';";
$qresult = mysql_query($sSqlSelect);
$row = mysql_fetch_array($qresult, MYSQL_ASSOC);

?>
<html>
<head>
<title>Image Form</title>
</head>
<body>
<h1>Form</h1>
<?php
// Maximum file size, in Kb, of the upload images
// Your server configuration may also limit the size
define("MAX_SIZE", "2024");

// Get the extension of the file (gif, jpg, etc)
function getFileType($fileName) {
        $i = strrpos($fileName, ".");
        if (!$i) { return ""; }
        $l = strlen($fileName) - $i;
        $fileExt = substr($fileName, $i+1, $l);
        return $fileExt;
}
//Set the default form error value
$error = false;

if(isset($_POST['Submit'])) {
        // The second key (image) should have the same name as the form's file field
        $productImage = $_FILES['productImage']['name'];
        // Form validation
        if ($productImage == "") {
                $error = "Image is a required field";
        } else {
                // Get the file extension and convert to lowercase
                $extension = getFileType($productImage);
                $extension = strtolower($extension);
                // Only web image extensions will be accepted
                if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) {
                        $error = "The file is not an image";
                }
                // Reject large files
                $size = filesize($_FILES['productImage']['tmp_name']);
                if ($size > MAX_SIZE*2024) {
                        $error = "The file is larger than " . MAX_SIZE . " kB";
                }
                //Finish processing if validation checks pass
                if ($error == false) {
                        //upload to a directory with write permission
                        $path = "uploadedImages/" . $productImage;
                        
                        $result = copy($_FILES['productImage']['tmp_name'], $path);
                
                        if (!$result) {
                                $error = "File upload failed";
                                die('Error: ' . mysql_error());
                        } else {
                                
                                //Update database with image name for file path.
                                $sSql = "UPDATE productIndex SET productImage='$path' WHERE ID=$id;";
                                        if (!mysql_query($sSql,$connect)) {
                                                die('Error: ' . mysql_error());
                                          }
                                $successful = "File upload successful!";
                                echo "<p>$successful</p>";
                                echo "<p>File name = $image</p>";
                                echo "<p>Server path = $path</p>";
                                echo "<p><img src=\"$path\" /></p>";
                                
                                //Resize Image to 150px
                                /*$sImageSize = getimagesize($_FILES['productImage']['tmp_name']);
                                print $sImageSize;*/
                        }
                }
        }
}
// Print the Error message if validation failed
if ($error <> false) {
        echo "<p><font color=\"red\"><strong>$error</strong></font></p>";
}
// Do not show the form again if the submission was successful
if ($successful <> true) {
        // The form action submits the form to this same page
        // The multipart encoding type must be used
        echo "<form action=\"uploadImage.php?ID=$ID\" method=\"post\" enctype=\"multipart/form-data\">";
echo <<<EOT
        <table>
                <tr><td><input type="file" name="productImage" /></td></tr>
                <tr><td><input name="Submit" type="submit" value="Upload image" /></td></tr>
        </table>
        </form>
EOT;
}
?>

</body>
</html>

 

 

[otuatail]

Not sure if anything is missing here. Normaly You have a web page with a submit button that would take you to a code page

 

$ID = $_GET['ID'];

 

What is this? is this from it is only php no form html