earunder Posted February 28, 2008 Share Posted February 28, 2008 Hi All, I have set my perms for images folder to 777. The script runs ok without error. It uploads the image and adds the necessary filename to the database. When I go to the website to view the image, it comes back as unviewable/broken link. The image is there as I've checked and downloaded it from the images folder. When I check the permissions for the new file, they are only: Owner Group Others X - - X - - - - - I'm scratching my head as this has been annoying me for some time now! ??? Here is the code: //print_r($_POST); if($_POST["action"] == "Upload Image") { unset($imagename); if(!isset($_FILES) && isset($HTTP_POST_FILES)) $_FILES = $HTTP_POST_FILES; if(!isset($_FILES['image_file'])) $error["image_file"] = "An image was not found."; $imagename = basename($_FILES['image_file']['name']); //echo $imagename; if(empty($imagename)) $error["imagename"] = "The name of the image was not found."; if(empty($error)) { $newimage = "../../images/" . $imagename; //echo $newimage; $result = @move_uploaded_file($_FILES['image_file']['tmp_name'], $newimage); $partid = $_POST['partid']; mysql_select_db($database_vwpconn00, $vwpconn00); $dbfilename = $imagename; $sq0 = mysql_query("UPDATE parts SET imageurl = '$dbfilename' WHERE partid = '$partid'") or die (mysql_error()); if(empty($result)) $error["result"] = "There was an error moving the uploaded file."; } } ?> <form method="POST" enctype="multipart/form-data" name="image_upload_form" action="<?$_SERVER["PHP_SELF"];?>"> <p><input type="file" name="image_file" size="20"></p> <p><input type="submit" value="Upload Image" name="action"> <input name="partid" type="hidden" id="partid" value="<?php echo $_GET['partid'];?>"> </p> </form> <? if(is_array($error)) { while(list($key, $val) = each($error)) { echo $val; echo "<br>\n"; } } Any help will be greatly appreciated Quote Link to comment Share on other sites More sharing options...
aschk Posted February 28, 2008 Share Posted February 28, 2008 Is the image actually in the directory on your server? Is the image folder a "web viewable" directory? i.e. htdocs/images What happens if you write a page which has <img src="http://yoursite.com/images/somefilename.jpg"></img> (substitute yoursite and somefilename for the real values stored on your server). Quote Link to comment Share on other sites More sharing options...
earunder Posted February 28, 2008 Author Share Posted February 28, 2008 Hi, Direct image linky: http://www.vauxhallworldparts.com/images/fs9128e.JPG All other images within the folder are viewable, although they were not uploaded via this script. ??? Quote Link to comment Share on other sites More sharing options...
uniflare Posted February 28, 2008 Share Posted February 28, 2008 have you tried chmodding your uploaded image? Quote Link to comment Share on other sites More sharing options...
aschk Posted February 28, 2008 Share Posted February 28, 2008 Had a deeper look at the code and found your problem. It's not putting the information in the DB properly: UPDATE parts SET imageurl = '$dbfilename' WHERE partid = '$partid' You're trying to update. This will ONLY work if a record exists already (where partid = '$partid'). It won't insert a record if 1 doesn't exist. So assuming that the link you have provided actually shows an image it means the uploaded file is being moved correctly, and i suspect the information it not being submitted to your database. Quote Link to comment Share on other sites More sharing options...
aschk Posted February 28, 2008 Share Posted February 28, 2008 Mmm, indeed as uniflare suggests. Check the permissions on the image itself. You need x and r permissions (i.e. execute and read). Try chmod'ing the file to 644 after you have moved it. Quote Link to comment Share on other sites More sharing options...
earunder Posted February 28, 2008 Author Share Posted February 28, 2008 Hi, Well I can manually change the permissions of the uploaded file to allow it to be read by Group Other but I shouldnt have to do this everytime I upload a file should I? Quote Link to comment Share on other sites More sharing options...
aschk Posted February 28, 2008 Share Posted February 28, 2008 I imagine you probably will have to yes. The owner of the file is not the same as the folder owner (i.e. apache owns image, joe_bloggs owns folder). So depending on your setup this might affect read permissions for a web user. Also when writing files they get a default permissions set (obviously not user read/execute). Quote Link to comment Share on other sites More sharing options...
uniflare Posted February 28, 2008 Share Posted February 28, 2008 u can chmod files using php, you should always do this when uploading files anyway to set the correct permission for specific filetypes. see http://uk3.php.net/manual/en/function.chmod.php hope this helps, Quote Link to comment Share on other sites More sharing options...
earunder Posted February 28, 2008 Author Share Posted February 28, 2008 Thanks for your help guys. Yes a record does exist in the database. This upload is an editable option for parts without a photo at current. We can chmod them manually but isn't there a way to ensure they are uploaded with the correct permissions? This is because there are 100's of thousands of parts = 100's of thousand of images, so chmod'ing them manually would be far to time consuming Quote Link to comment Share on other sites More sharing options...
earunder Posted February 28, 2008 Author Share Posted February 28, 2008 Just re-checked the ownerships and the owner of the file is the same as the owner of the folder and directory etc. I'm really puzzled as there are lots of Photo upload scripts where people have downloaded and all are running fine, but for some reason ours are uploading with incorrect permissions :S Quote Link to comment Share on other sites More sharing options...
earunder Posted February 29, 2008 Author Share Posted February 29, 2008 Still no luck. I've re-written the code, deleted and re-created the folder, checked, rechecked and triple checked permissions, but everytime the script uploads the new image it uploads it correctly but with no viewable permissions to the Groups or Others. The image isn't corrupt either as I can download the image and view it. ??? ??? Quote Link to comment Share on other sites More sharing options...
aschk Posted February 29, 2008 Share Posted February 29, 2008 Again, what are the permissions that are being given to it when it's uploaded to your system. You should be able to view them (in ftp client or linux cmd shell). Also, CHMOD'ing lots of files is easy (at cmd line): #> chmod -R 777 * That'll do everything in the current directory and lower. Or alternatively get your PHP script to use the chmod() function to apply the correct settings after you've uploaded/moved the file. Quote Link to comment Share on other sites More sharing options...
earunder Posted February 29, 2008 Author Share Posted February 29, 2008 The permissions for the uploaded image are: Owner Group Others X - - X - - - - - They should (well i want them to be) The permissions for the uploaded image are: Owner Group Others X X X X - - - - - Or alternatively get your PHP script to use the chmod() function to apply the correct settings after you've uploaded/moved the file. I was thinking of doing this but wouldn't this pose a security issue? I've not got great knowledge in using a function to chmod the image after it has been uploaded so... The only people I want to be able to do this are members of our Staff, to where they login to an admin panel. Quote Link to comment Share on other sites More sharing options...
aschk Posted February 29, 2008 Share Posted February 29, 2008 You wouldn't be allowing the user to specify the chmod value. It'd be hard coded into your application... so not really a security threat. Quote Link to comment Share on other sites More sharing options...
earunder Posted February 29, 2008 Author Share Posted February 29, 2008 Ok, i'll do some reading Thanks for your help, much appreciated Quote Link to comment Share on other sites More sharing options...
earunder Posted February 29, 2008 Author Share Posted February 29, 2008 Oh deary!!! I'm still puzzled as the chmod isn't working! I think my head is going to explode! It's probably something really simple but I'm just struggling now and getting stressed :'( if($_POST["action"] == "Upload Image") { unset($imagename); if(!isset($_FILES) && isset($HTTP_POST_FILES)) $_FILES = $HTTP_POST_FILES; if(!isset($_FILES['image_file'])) $error["image_file"] = "An image was not found."; $imagename = basename($_FILES['image_file']['name']); //echo $imagename; if(empty($imagename)) $error["imagename"] = "The name of the image was not found."; if(empty($error)) { $newimage = "../../images/" . $imagename; $partid = $_POST['partid']; mysql_select_db($database_vwpconn00, $vwpconn00); $dbfilename = $imagename; $sq0 = mysql_query("UPDATE parts SET imageurl = '$dbfilename' WHERE partid = '$partid'") or die (mysql_error()); chmod($newimage, `0777`);///new line to chmod the new file. I tried 755 too with no avail //echo $newimage; $result = @move_uploaded_file($_FILES['image_file']['tmp_name'], $newimage); if(empty($result)) $error["result"] = "There was an error moving the uploaded file."; } } ?> <form method="POST" enctype="multipart/form-data" name="image_upload_form" action="<?$_SERVER["PHP_SELF"];?>"> <p><input type="file" name="image_file" size="20"></p> <p><input type="submit" value="Upload Image" name="action"> <input name="partid" type="hidden" id="partid" value="<?php echo $_GET['partid'];?>"> </p> </form> <? if(is_array($error)) { while(list($key, $val) = each($error)) { echo $val; echo "<br>\n"; } } ?> Any ideas or help will be greatly appreciated Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.