Jump to content

Warning: copy() [function.copy]: open_basedir restriction in effect


merely_existing
 Share

Recommended Posts

Ok I am designing a php upload that will take a image file from a form and change the name of the file to the productnumber also recieved from the form. I had it working the otherday now it says Warning: copy() [function.copy]: open_basedir restriction in effect File() is not within the allowed path(s): (/home:/tmp:/usr) addpro.php on line 51.

 

my files are attached.... note that $pnum is the product number gotten from my form and image is the image being uploaded gotten from the form also.  The thing is it worked the other day but now it don't is it a change to the server ( I dont run the server) or did I mess up my code since then?  I really need a code that will do this two time over once for a small image being put into a folder called small and once for a folder called large both images being uploaded and being changed to $pnum.ext so they will both be displayed when being called out by the product number. but I can work on that after I get this one working.

 

 

line 51 is $copied = copy($_FILES['image']['tmp_name'], $newname);

 

[attachment deleted by admin]

Link to comment
Share on other sites

Ok well I am a beginer at all this infact this was a code taken from a php cookbook help site I know that you want me to put this if (move_uploaded_file($_FILES['image']['tmp_name'], $newname)) where line 51 was but where you put { //code here} I have no clue what comes next I tryed it this way and now it says successful but it didn't put anyfiles in any folder on the site

 

if (move_uploaded_file($_FILES['image']['tmp_name'], $newname))

if (!move_uploaded_file)

{

echo '<h1>Copy unsuccessfull!</h1>';

$errors=1;

}}}}

//If no errors registred, print the success message

if(isset($_POST['Submit']) && !$errors)

{

echo "<h1>File Uploaded Successfully! Try again!</h1>";

}

?>

 

Link to comment
Share on other sites

Try:

 

<?php$pnum = $_POST['pnum'];//define a maxim size for the uploaded images in Kbdefine ("MAX_SIZE","100"); //This function reads the extension of the file. It is used to determine if the file is an image by checking the extension. function getExtension($str) {$i = strrpos($str,".");if (!$i) { return ""; }$l = strlen($str) - $i;$ext = substr($str,$i+1,$l);return $ext;}//This variable is used as a flag. The value is initialized with 0 (meaning no error found) and it will be changed to 1 if an errro occures. If the error occures the file will not be uploaded.$errors=0;//checks if the form has been submittedif(isset($_POST['Submit'])) {//reads the name of the file the user submitted for uploading$image=$_FILES['image']['name'];//if it is not emptyif ($image) {//get the original name of the file from the clients machine$filename = stripslashes($_FILES['image']['name']);//get the extension of the file in a lower case format$extension = getExtension($filename);$extension = strtolower($extension);//if it is not a known extension, we will suppose it is an error and will not upload the file, otherwize we will do more testsif (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) {//print error messageecho '<h1>Unknown extension!</h1>';$errors=1;}else{//get the size of the image in bytes//$_FILES['image']['tmp_name'] is the temporary filename of the file in which the uploaded file was stored on the server$size=filesize($_FILES['image']['tmp_name']);//compare the size with the maxim size we defined and print error if biggerif ($size > MAX_SIZE*1024){echo '<h1>You have exceeded the size limit!</h1>';$errors=1;}//we will give an unique name, for example the time in unix time format$image_name=$pnum.'.'.$extension;//the new name will be containing the full path where will be stored (images folder)$newname="../images/".$image_name;//we verify if the image has been uploaded, and print error instead$copied = move_uploaded_file($_FILES['image']['tmp_name'], $newname);if (!$copied) {echo '<h1>Copy unsuccessfull!</h1>';$errors=1;}}}}//If no errors registred, print the success messageif(isset($_POST['Submit']) && !$errors) {echo "<h1>File Uploaded Successfully! Try again!</h1>";}?>

 

 

For Debugging purposes:

 

// echo out image pathecho $copied;

 

Link to comment
Share on other sites

found a tutorial on this including MYSQL. hope this works instead of me trying to modify something  ;D

 

Upload.php

<?php
set_time_limit(0);
$link = mysql_connect(localhost, username, password) or die("Could not connect to host.");//put in your db connection details here
mysql_select_db(photos) or die("Could not find database."); // put your db name in here where the xxxx are
//define a maxim size for the uploaded images
define ("MAX_SIZE","500");
// define the width and height for the thumbnail
// note that theese dimmensions are considered the maximum dimmension and are not fixed,
// because we have to keep the image ratio intact or it will be deformed
define ("WIDTH","150"); //set here the width you want your thumbnail to be
define ("HEIGHT","150"); //set here the height you want your thumbnail to be.
define ("WIDTH2","299"); //set here the width you want your thumbnail to be
define ("HEIGHT2","299"); //set here the height you want your thumbnail to be.
// this is the function that will create the thumbnail image from the uploaded image
// the resize will be done considering the width and
height defined, but without deforming the image
function make_thumb($img_name,$filename,$new_w,$new_h){
//get image extension.
$ext=getExtension($img_name);
//creates the new image using the appropriate function from gd library
if(!strcmp("jpg",$ext) || !strcmp("jpeg",$ext))
$src_img=imagecreatefromjpeg($img_name);
if(!strcmp("png",$ext))
$src_img=imagecreatefrompng($img_name);
if(!strcmp("gif",$ext))
$src_img=imagecreatefromgif($img_name);
//gets the dimmensions of the image
$old_x=imageSX($src_img);
$old_y=imageSY($src_img);
// next we will calculate the new dimmensions for the thumbnail image
// the next steps will be taken:
// 1. calculate the ratio by dividing the old dimmensions with the new ones
// 2. if the ratio for the width is higher, the width will remain the one define in WIDTH variable
// and the height will be calculated so the image ratio will not change
// 3. otherwise we will use the height ratio for the image
// as a result, only one of the dimmensions will be from the fixed ones
$ratio1=$old_x/$new_w;
$ratio2=$old_y/$new_h;
if($ratio1>$ratio2) {
$thumb_w=$new_w;
$thumb_h=$old_y/$ratio1;
}else{
$thumb_h=$new_h;
$thumb_w=$old_x/$ratio2;
}
// we create a new image with the new dimmensions
$dst_img=ImageCreateTrueColor($thumb_w,$thumb_h);
// resize the big image to the new created one
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
// output the created image to the file. Now we will have the thumbnail into the file named by $filename
if(!strcmp("png",$ext))
imagepng($dst_img,$filename);
else
imagejpeg($dst_img,$filename);
if (!strcmp("gif",$ext))
imagegif($dst_img,$filename);
//destroys source and destination images.
imagedestroy($dst_img);
imagedestroy($src_img);
}
// This function reads the extension of the file.
// It is used to determine if the file is an image by checking the extension.
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
// This variable is used as a flag. The value is initialized with 0 (meaning no error found)
//and it will be changed to 1 if an error occures. If the error occures the file will not be uploaded.
$errors=0;
// checks if the form has been submitted
if(isset($_POST['Submit'])){
//reads the name of the file the user submitted for uploading
$image=$_FILES['cons_image']['name'];
// if it is not empty
if ($image)
{
// get the original name of the file from the clients machine
$filename = stripslashes($_FILES['cons_image']['name']);
// get the extension of the file in a lower case format
$extension = getExtension($filename);
$extension = strtolower($extension);
// if it is not a known extension, we will suppose it is an error, print an error message
//and will not upload the file, otherwise we continue
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) {
echo 'Unknown extension! Please use .gif, .jpg or .png files only.';
$errors=1;
}else{
// get the size of the image in bytes
// $_FILES[\'image\'][\'tmp_name\'] is the temporary filename of the file in which
//the uploaded file was stored on the server
$size=getimagesize($_FILES['cons_image']['tmp_name']);
$sizekb=filesize($_FILES['cons_image']['tmp_name']);
//compare the size with the maxim size we defined and print error if bigger
if ($sizekb > MAX_SIZE*1024)
{
echo 'You have exceeded the 1MB size limit!';
$errors=1;
}
$rand= rand(0, 1000);
//we will give an unique name, for example a random number
$image_name=$rand.'.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$consname="image/".$image_name; //change the image/ section to where you would like the original image to be stored
$consname2="image/thumb/".$image_name;
//change the image/thumb to where you would like to store the new created thumb nail of the image
$copied = copy($_FILES['cons_image']['tmp_name'], $consname);
$copied = copy($_FILES['cons_image']['tmp_name'], $consname2);
$sql="INSERT INTO users (photo_1, photo_2) VALUES ('$consname', '$consname2')" or die(mysql_error());
$query = mysql_query($sql)or die(mysql_error());
//$sql="UPDATE users SET photo_1= '$consname' WHERE id= '1'" or die(mysql_error()); //$query = mysql_query($sql)or die(mysql_error());
//$sql="UPDATE users SET photo_2= '$consname2' WHERE id= '1'" or die(mysql_error());
//$query = mysql_query($sql)or die(mysql_error());
//we verify if the image has been uploaded, and print error instead
if (!$copied) {
echo 'Copy unsuccessfull!';
$errors=1;
}else{
// the new thumbnail image will be placed in images/thumbs/ folder
$thumb_name=$consname2 ;
// call the function that will create the thumbnail. The function will get as parameters
//the image name, the thumbnail name and the width and height desired for the thumbnail
$thumb=make_thumb($consname,$thumb_name,WIDTH,HEIGHT);
$thumb=make_thumb($consname,$consname,WIDTH2,HEIGHT2);
}
}
}
}
//If no errors registred, print the success message and how the thumbnail image created
if(isset($_POST['Submit']) && !$errors) {
echo "Thumbnail created Successfully!";
echo '< img src="'.$thumb_name.'">';
echo $lastid;
}
echo "< form name=\"newad\" method=\"post\" enctype=\"multipart/form-data\" action=\"\">";
echo "< input type=\"file\" name=\"cons_image\" >";
echo "< input name=\"Submit\" type=\"submit\" id=\"image1\" value=\"Upload image\" />";
echo "< /form>";
?>

 

 

Link to comment
Share on other sites

Ok well I redid the one I originally had and changed copy to $copied = move_uploaded_file($_FILES['image']['tmp_name'], $newname); and it now parses but says unsucessful. :( I think something on the server must have gotten changed because this script was working fine before I left and I dont remember making any changes to it afterwards. :/ sad thing is this is on my friends server and I have just the permissions to upload and mess with my database I dont have anyway to get into cpannel and make sure my folder permissions are set properly or my access to any of my data is set properly. I will start with the script you sent after I get access into cpannel (got to talk my friend into more permissions) if nothing on there seems out of place then off to recoding. "Final Thought" I wish my PHP Instructor would have gotten more advanced all he had us do is a few easy book apps and then write a paper about cms's pissed me off cause this site would have been my final project if I would have had his help its a e commerce shop / which I'm now trying to create a gui backend and my shop is different because it has no urls in the database everything would be called out by product # if I could get this script to work

Link to comment
Share on other sites

try what i posted above if that still don't work you need to change your permissions to 777. you don't need cpanel to do so. just get a FTP program like WFTP or fireftp fore Firefox. then connect and upload the folder and then after right click on the file and then go to permissions then a thing should pop up and click the read write and execute boxes make sure there checked and hit submit tada your folder is now chmodded through FTP.

Link to comment
Share on other sites

Ok I am designing a php upload that will take a image file from a form and change the name of the file to the productnumber also recieved from the form. I had it working the otherday now it says Warning: copy() [function.copy]: open_basedir restriction in effect File() is not within the allowed path(s): (/home:/tmp:/usr) addpro.php on line 51.

 

my files are attached.... note that $pnum is the product number gotten from my form and image is the image being uploaded gotten from the form also.  The thing is it worked the other day but now it don't is it a change to the server ( I dont run the server) or did I mess up my code since then?  I really need a code that will do this two time over once for a small image being put into a folder called small and once for a folder called large both images being uploaded and being changed to $pnum.ext so they will both be displayed when being called out by the product number. but I can work on that after I get this one working.

 

 

line 51 is $copied = copy($_FILES['image']['tmp_name'], $newname);

 

So to go back to what you initially stated --- if the code worked previously and now it doesn't, then the reasonable assumption is that something on the server was changed.  What is this server and why are you using it?  Is it a development server? Production server? 

 

Open_basedir and the rest of the safe mode additions to php are deprecated as of php 5.3.

 

My guess is that somehow the file that is on the server does not match the file you've uploaded.  If you're ftping the files, double check that you uploaded the most recent version.  What is the server OS, vs your workstation OS.  What editor are you using?

 

Something does not add up here, but a key element is the actual warning you received.  While you should replace the copy() with the move_uploaded_file() function, you will still have an issue if the open_basedir configuration is the culprit here.

 

Either run a phpinfo() script from the same directory where you have your scripts, OR add this at the top of the addpro.php script:

 

echo "SCRIPT_FILENAME: {$_SERVER['SCRIPT_FILENAME']}";
die();

 

Report back the value of the SCRIPT_FILENAME variable.

Link to comment
Share on other sites

I agree that after trying move_uploaded_file function I now get Copy unsuccessfull! It has to be a server issue. Problem is its my friends server and he was letting me use it for free php hosting so I have no access to the server itself other then ftp or database management. :/ . I asked him if he changed anything on the server and he said no but hey this was days ago that this worked and he's on it constantly so maybe he did by accident. I will just have to get more access to the server when I talk to him next so I can check the permissions and other stuff I guess when I run the echo "SCRIPT_FILENAME: {$_SERVER['SCRIPT_FILENAME']}";die(); I get SCRIPT_FILENAME: /home/Hisservername/public_html/myweburl.com/CR/backend/addpro.php not sure if thats what supposed to be comming up

Link to comment
Share on other sites

btw I put in hisservername and myweburl just as references since I dont know how secure his server is and dont want people going there to find out lol. right now for me its free and its just a place to test my code just too bad he didn't give me a way into everything that I might need. oh and I am using dreamweaver to ftp and I have the site sync feature on so everything is the same on my machine as it is on the server.

Link to comment
Share on other sites

Ok, so what is the *real* path to the directory into which you want to upload the file?  When you use a relative file path like '../images/' it will run relative to the script that is executing.  So the directory in that case would need to be: /home/Hisservername/public_html/myweburl.com/CR/images/.  Also as darkfreaks suggested, it would be good if that directory had 777 permissions at least initially.  Depending on how the server is configured, what is really needed is probably that whatever user runs apache should have rwx on the directory for both user and group.  I'm assuming that it doesn't since it's your home directory, and for that reason you will want to use the 777 perm, so that "other" users will have full access to write files into it.  You should be able to change the perms through dreamweaver.

 

 

Link to comment
Share on other sites

I figured out the problem it was the files I was trying to upload they are too big it should have given me the file size error instead but maybe there is a smaller restriction set on the server. What I did was try a real simple upload script no names being changed nothing fancy still got an error. so just out of curiousity I tryed a few differnt files and they all worked. so it had to be something about size. not type cause I tryed both .jpg and gif they now work even with the copied= copy(.  sorry to waste everyones time if I would have just tryed a few different files it would have worked straight away. Now is just for realizing why it didn't tell me file size was too big

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.