Jump to content

Archived

This topic is now archived and is closed to further replies.

awdio

Question: PHP upload page help

Recommended Posts

I'm trying to develop a simple Flash video upload site for a client and I've run into something I haven't really dealt too much with: an automated user upload page.  I'm starting off at the simplest level by just trying to make a page that lets you upload a file up to a 100k, and its giving me back errors.  I'm guessing this may be because I need to activate some sort of permission on my web space to be able to write, but it also might be something with the code.

Here's what I have made so far with uploader.php:

[code]
<?php
// Where the file is going to be placed
$target_path = "uploads/";

/* Add the original filename to our target path. 
Result is "uploads/filename.extension" */
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
$_FILES['uploadedfile']['tmp_name']; 

$target_path = "uploads/";

$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['uploadedfile']['name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
?>
[/code]

By the way, the script was taken from: [url=http://www.tizag.com/phpT/fileupload.php?MAX_FILE_SIZE=100000] [url=http://www.tizag.com/phpT/fileupload.php?MAX_FILE_SIZE=100000]http://www.tizag.com/phpT/fileupload.php?MAX_FILE_SIZE=100000[/url] [/url]

I've tried modifying the $target_path to go to the exact path of the site and not go into the uploads folder, but the folder before that which is "fullScreen".

The result of choosing a file and uploading is "Warning: move_uploaded_file(uploads/Buzzy Beetle.gif): failed to open stream: Permission denied in /home/vectors/public_html/fullScreen/uploader.php on line 14"

and..

'Warning: move_uploaded_file(): Unable to move '/tmp/phpzjYA8l' to 'uploads/Buzzy Beetle.gif' in /home/vectors/public_html/fullScreen/uploader.php on line 14
There was an error uploading the file, please try again!"

If you want to see and try the upload page for yourself, it's right [url=http://www.vectorsector.net/fullScreen/upload2Test.html]here.[/url]

Thanks!

Share this post


Link to post
Share on other sites
You would need to alter the permissions on the uploads folder to allow writing.

Share this post


Link to post
Share on other sites
try
[code]
<?php
//where you want the files 2 go
$dir = "uploads/";
if( ($_FILES['file']['name'] != "" ) && ($_FILES['file']['size'] < 102400))
  {
    copy($_FILES['file']['tmp_name'], "$dir".$_FILES['file']['name'])  or die("Couldn't upload .swf");
} else { die("Error:  You either didn't specify a file, or the file is too large.  Please try again."); }
?>
[/code]

Share this post


Link to post
Share on other sites
I modified the code and tried uploading a 4k gif file and got the error back "Error: You either didn't specify a file, or the file is too large. Please try again."

All read and write permissions were all checked including world.

I also want to point out that I've tried a 4k swf and increased the file size of what it is aloud to upload.  For now, I want to create something that would successfully upload anything, then worry about altering the script so it would ignore everything except certain files.

Share this post


Link to post
Share on other sites
okay well this script here should upload any file.
[code]
<?php
//where you want the files 2 go
$dir = "uploads/";
if( $_FILES['file']['name'] != "" )
  {
    copy($_FILES['file']['tmp_name'], "$dir".$_FILES['file']['name'])  or die("Couldn't upload .swf");
} else { die("Error:  You either didn't specify a file."); }
?>
[/code]

Share this post


Link to post
Share on other sites
Definately not shibby

You should always use "is_uploaded_file($_FILES['userfile']['tmp_name'])" as a bare minimum security check. Also in the last comment The example used "Copy()"... Not a good idea. it again doesnt check if the file was uploaded via HTTP POST.


look at the following example:

<?php
// Where the file is going to be placed
$target_path = "uploads/";

/* Add the original filename to our target path. 
Result is "uploads/filename.extension" */
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
$_FILES['uploadedfile']['tmp_name']; 

$target_path = "uploads/";

$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);

if(is_uploaded_file($_FILES['uploadedfile']['tmp_name']))
{
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path))
{
echo "The file ".  basename( $_FILES['uploadedfile']['name'])." has been uploaded";
}
else
{
echo "There was an error uploading the file, please try again!";
}
}
?>

Share this post


Link to post
Share on other sites
I used the copy script anyways and I got this: "Error: You either didn't specify a file." 

Then I looked at Tobbydeh's example and even tried it.  Still out of luck.  Anyone want to test and try their php upload to see if it works for them?

Share this post


Link to post
Share on other sites
Well when I tried your script, I was still getting permission denied. You may have checked that the rights are correct, but what about the owner of the folder? The script will never work until you sort out your permissions/ownership...

Share this post


Link to post
Share on other sites
Strangely enough the uploads folder, the uploader.php and the folder that contains all of these all have 777 for their permissions.

Edit: I checked them all.  Set to 777.  Tried the form last night, didn't work. Today it worked!!! What?!  Does this mean it takes some amount of time for it to work after permissions are changed?  I just dont understand.  Thanks for all your help though.  I wouldn't of known to do this in the first place.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.