Uploading files

mildge · November 27th, 2003, 06:56 AM

Hello i use the following script to upload a file. It works on my local machine (WinXP) but when i try to use it on my web host (Apache web server so i think its a linux host) i get an error
Code for local Machine (form not included)
                 <?
                if(!empty($_FILES["userfile"])) {
                    $uploaddir = "images\\";
                    if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $uploaddir . $_FILES["userfile"]["name"])) {
                        echo("This image has been uploaded");
                    } else {
                        echo ("An error has occored while trying to upload this image. If this problem persists please contact admin.");
                    }
                }
                ?>
I change the $uploaddir from "images\\"; on my local machine to "images/"; on the web host also tried a few other slashes but get the following error

Warning: move_uploaded_file(images/pic1.jpg): failed to open stream: Permission denied in /home/colin/public_html/chris/upload2.php on line 54

Warning: move_uploaded_file(): Unable to move '/tmp/phps9vt2V' to 'images/pic1.jpg' in /home/colin/public_html/chris/upload2.php on line 54

Any suggestions

Chris

Moharo · November 27th, 2003, 04:33 PM

why don't you try using copy() function instead...

$uploadto = "../books/"; //directory where you want to upload a file
$myfilename = $HTTP_POST_FILES["newfile"]["name"]; //file name, 'newfile' is the name of the <input type="file">...

copy($HTTP_POST_FILES["newfile"]["tmp_name"],$uploadto . $myfilename);

the genuine genius

richard.york · November 27th, 2003, 07:51 PM

Quote:

quote:
why don't you try using copy() function instead...

Well that doesn't have anything to do with the problem. The permissions error that you're getting is coming up because you haven't set the proper permissions for the destination directory. This can be done by either logging into the server via telnet to the command prompt and issuing the chmod command there or by using PHP to pass the chmod command. With most server configurations the PHP option doesn't work because the Unix user for PHP e.g. 'nobody' doesn't match that of the owner of the directory, which is typically your system access user name.

To do this via telnet, log into the server via telnet and navigate to the directory.. typically you'll start out at the root directory for your website then you can navigate into the directory hierarchy via the 'cd' command.

cd some_directory

Then when you've reached the directory you'll need to plug in the chmod command..

chmod 664

664, grants read and write to the owner and the owner's group and read only to the world.
777, grants read, write and execute to every group.

4 represents read permission
1 represents execute permission
2 represents write permission

Nik gave me a fantastic tutorial on the chmod setting.. and that's buried somewhere in the old p2p forums.. with a little searching you could probably locate it. I'm in a bit of a rush or I would locate it for you. Basically something like 444 is read only for all three groups... The first number represents the owner, the second number represents the owner's group and the third number represents the world at large.

In my experience with certain ISP's I've only been able to get upload scripts working by issuing a chmod 777, which gives read, write and execute priviledges to all three groups. I haven't really dug too deeply to find a way around it. In order to restict access to your PHP script only you would need to change the owner to 'nobody' via the chown command, which many ISP's block.

I'm no expert on this stuff... and I could very well be wrong about one or more of the details. I do know that chmod 777 will get the script working. But be warned it does create a security hole.

Here's the PHP page on the chmod function which does provide a little insight into the chmod command:

http://www.php.net/chmod

Also some FTP programs support changing the chmod command natively eliminating the need for telnet. One that comes to mind is WS FTP. Which last I checked was shareware that could be downloaded for unlimited free use.

Time to get on with Turkey Day, good luck!

: )
Rich

:::::::::::::::::::::::::::::::::
Smiling Souls
http://www.smilingsouls.net
:::::::::::::::::::::::::::::::::

mildge · December 1st, 2003, 04:18 AM

Thanks for the help guys, the problem was in the permissions on the directory

Chris

jben.net · December 1st, 2003, 08:29 AM

I have a similar problem, but I don't think it is a permission problem (if only, that wold be simple!).

I have written a resizing method for a class I'm working on, and it always fails on the imageJpeg() at the end of the method. Tis is the error I get...

imagejpeg(): Unable to open '/Library/WebServer/Documents/wrox_site/_lib/_products/2_big_storeBigImage_me.jpg' for writing in /Library/WebServer/Documents/wrox_site/_lib/_classes/class.products.php on line 132

Now, here's the strange bit, if I call my method and just use move_uploaded_file() then the image is saved correctly, so I know it's not the permissions, could someone have a little look at my method and let me know if there's anything wrong with it please

Code:

// $ID is an integer used for naming purposes
// $aImage is an array, it's basically a copy of $_FILES["image"]
// BASE_DIR is a constant var and holds, yep you guessed it, the base dir of the site!
// IMGMAXHEIGHT & IMGMAXWIDTH are also constants used for resizing purposes

function storeBigImage($ID, $aImage){

        // create filenames
        fopen($aImage['name'], 'r');
        $aNewImage['real_name'] = $aImage['name'];
        $aNewImage['new_name'] = $ID . '_' . 'big' . '_storeBigImage_' . $aNewImage['real_name'];
        $aNewImage['image_loc'] = BASE_DIR . '_lib/_products/' .  $aNewImage['new_name'];

        // copy original image
        $aNewImage['original_image'] = ImageCreateFromJpeg($aImage['tmp_name']);
        $aNewImage['sizes'] = getimagesize($aImage['tmp_name']);
        $aNewImage['width'] = $aNewImage['sizes'][0];
        $aNewImage['height'] = $aNewImage['sizes'][0];

        if($aNewImage['width'] >= IMGMAXWIDTH || $aNewImage['height'] >= IMGMAXHEIGHT){

            // calculate ratios
            $iRatio_w = IMGMAXWIDTH / $aNewImage['width'];
            $iRatio_h = IMGMAXHEIGHT / $aNewImage['height'];
            $iRatio = $iRatio_w < $iRatio_h ? $iRatio_w:$iRatio_h;

            // calculate new dimensions
            $aNewImage['new_width'] = $aNewImage['width'] * $iRatio;
            $aNewImage['new_height'] = $aNewImage['height'] * $iRatio;

            // save resized image
            $aNewImage['new_image'] = ImageCreateTrueColor($aNewImage['new_width'], $aNewImage['new_height']);
            ImageCopyResized($aNewImage['new_image'], ImageCreateFromJpeg($aImage['tmp_name']), 0, 0, 0, 0, $aNewImage['new_width'], $aNewImage['new_height'], $aNewImage['width'], $aNewImage['height']);
            //ImageJpeg($aNewImage['new_image'], $aNewImage['image_loc']);
            ImageJpeg($aNewImage['original_image'], $aNewImage['image_loc']);

        } else {

            // save original image
            //ImageJpeg($aImage['tmp_name'], $aNewImage['image_loc']);
            ImageJpeg($aNewImage['original_image'], $aNewImage['image_loc']);
            //ImageJpeg($this->aArgs['Image']['tmp_name'], $aNewImage['image_loc']);
        }
    }

I have ftp'd into my local server and the folder in question is set at 777, and like I said it works fine if I don't use this class

Any ideas ??

Thanks,

Jon

jben.net · December 1st, 2003, 11:08 AM

Ok, I've got it sorted now, but I'm buggered as to why this didn't work the way I hoped. It seems that if I use an indexed or associative array to store the location and new image file name, imagejpeg never works, but if I use a normal var it does !! what's with that!

// doesn't work
$aNewImage['image_loc'] = $aNewImage['image_dir'] . $aNewImage['new_name'];

// does work!!
$sImageLoc = '/Library/Webserver/Documents/wrox_site/_img/_products/' . $aNewImage['new_name'];

Why oh why is that the case ??? Would love to know.

Thanks,

Jon

nikolai · December 1st, 2003, 12:42 PM

It shouldn't matter as long as $aNewImage['image_loc'] evaluates to the right thing. See, when you pass variables as parameters to functions, the values of those variables are evaluated and copied into local variables within that function's scope. The local function variables' names are the names of your parameters.

For example:

$some_digit = 5;

function negify($n)
{
   return (0 - $n);
}

negify($some_digit); // <-- $some_digit evaluates to 5,
                      // which is copied into a local variable, $n
                      // that only exists within the scope of negify()

My guess is that you're missing a trailing slash in your $aNewImage['image_dir'], so that the 'image_loc' you're creating is invalid.

Throw in some debug stmts until you figure it out:

if($aNewImage['image_loc'] !== $sImageLoc)
{
   echo "location strings don't match!!\n";
   echo "\$aNewImage['image_loc'] is: {$aNewImage['image_loc']}\n";
   echo "\$sImageLoc is: {$sImageLoc}\n";
}

Take care,

Nik
http://www.bigaction.org/