Solved

UPLOAD SCRIPT (MKDIR)

Posted on 2004-08-16
6
511 Views
Last Modified: 2013-12-12
I have a script that i'm writing for an image upload website that will host images and give the user back a URL where they can be linked to at. The URL will be the Image ID in the Database. Here is my script:

<?php      
                  require("db_fns.php");
                  // 1. Get largest ID from DB.

                  db_connect();
                  $sql      =      "SELECT * FROM FILE_UPLOADS ORDER BY ID DESC LIMIT 1";
                  $result      =      mysql_query($sql);
                  $DirNum =      mysql_fetch_assoc($result);                  

                  // 2. Increment the ID returned by 1 and save into variable $DirID.
                  $CurrentID = $DirNum['ID'];
                  $DirID      =      $CurrentID + 1;
                  
                  // 3. On the file share, MkDir with the name contained in $DirID.
                  
                  $oldmask = umask(0);
                  mkdir ("/" . $DirID);
                  umask ($oldmask);
                  
                  // 4. Upload the file to the new $DirID directory.
                  
                  $filename = $HTTP_POST_FILES['userfile']['name'];
                  if ( $userfile == "none" )
                  {
                        echo "Problem: No file uploaded";
                        exit;
                  }
                  
                  if ( $userfile_size == 0 )
                  {
                        echo "Problem: Uploaded File is Zero Length";
                        exit;
                  }
                  
                  if ( $userfile_type != "image/gif" || $userfile_type != "image/jpg" )
                  {
                        echo "Problem: File is not a valid JPG or GIF file";
                        exit;
                  }
                  if ( !is_uploaded_file($userfile) )
                  {
                        echo "Problem: File already exists in this directory.";
                        exit;
                  }

                  $tempfile = $HTTP_POST_FILES['userfile']['tmp_name'];
                  $destination = $DirID . "/" . $HTTP_POST_FILES['userfile']['name'];
                  
                  if ( !copy($tempfile, $destination))
                  {
                        echo "Problem: Could not move file into this directory";
                        exit;
                  }
                  
                  
                  // 5. Save this new index.php file into the new $DirID directory.
                  $original      =      "/templates/index.php";
                  $new            =      "/" . $DirID . "/index.php";
                  copy ($original, $new);                  
                  
                  // 6. Create and write a new file named "index.php" in the $DirID folder that displays the uploaded file from userfile.
                  
                  $fp      =      "/" . $DirID . "/index.php";
                  $descriptor            =      fopen ($fp, "w+");
                  
                  $image                  =      $HTTP_POST_FILES['userfile']['name'];
                  
                  $content            =      do_index_output($DirID, $image);
                  fwrite($fp, $content);
                  
                  // 7. Build the URL and store the URL and ID # in the DB.
                  
                  $filename      =      $HTTP_POST_FILES['userfile']['name'];                  
                  $url            =      "http://www.diverse-networks.com/" . $DirID;
                  
                  $sql2            =      "INSERT into FILE_UPLOADS ('ID', 'url', 'filename') VALUES('$DirID', '$url', '$filename')";
                  $result            =      mysql_query($sql2);
                  
                  // 8. Return URL to screen for user to log.
                  
                  if(!result)
                  {
                        echo "Problem with storing new Image in the Database.";
                  }
                  else
                  {
                        echo "Your image was uploaded successfully and can be found at: " . $url;
                  }
?>


When I click the upload button on the form, I get this error message:

Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/diverse/public_html/friz/upload.php on line 8

Warning: mkdir(): open_basedir restriction in effect. File(/1) is not within the allowed path(s): (/home/diverse:/usr/lib/php:/usr/local/lib/php:/tmp) in /home/diverse/public_html/friz/upload.php on line 17
Problem: Uploaded File is Zero Length

WHAT IS IT THAT I'M DOING WRONG?

Thanks,

Lance
0
Comment
Question by:Lance_Frisbee
  • 3
  • 2
6 Comments
 
LVL 20

Expert Comment

by:Muhammad Wasif
ID: 11817879
what are the lines 8 and 17?
0
 
LVL 26

Expert Comment

by:ushastry
ID: 11818010
Hi,

First check whether the mysql is returning any values...

Change this line
    mkdir ("/" . $DirID);
with
mkdir("/".$DirID,0755); // try with this also mkdir("/" . $DirID,0777);

Hope this helps!
0
 
LVL 2

Author Comment

by:Lance_Frisbee
ID: 11824550
$DirNum =     mysql_fetch_assoc($result); // THAT IS LINE 8
mkdir ("/" . $DirID); // THAT IS LINE 17


ushastry: I originally coded this script using mkdir("/" . $DirID, 0777);

Same result though. I'll give 0755 a try.

Thanks.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 26

Accepted Solution

by:
ushastry earned 50 total points
ID: 11827324
Hi Lance_Frisbee,


Before creatign direcory check the current working directory..& prefix that path to the

Try this ..

$currDir = getcwd();
mkdir("$curDir/$DirID", 0777);

Also please check this link..

http://www.lania.mx/biblioteca/manuales/phpes/features.safe-mode.html
0
 
LVL 2

Author Comment

by:Lance_Frisbee
ID: 11917685
My apologies on the delay... I haven't had time to get to this. I'm posting just to keep the question active. I'll reply soon.

Thanks

Lance
0
 
LVL 2

Author Comment

by:Lance_Frisbee
ID: 11969095
Alright... during my absence, a solution has been found. I didn't CHMOD my folders and I also was trying to create these folders in the root directory. I just re-coded where i was creating these ID folders to an "upload" folder and it works.

Because of the long delay, I will award the points anyways to Ushastry... Thank you for your patience, and I again apologize for the delay.

Lance
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Both Easy and Powerful How easy is PHP? http://lmgtfy.com?q=how+easy+is+php (http://lmgtfy.com?q=how+easy+is+php)  Very easy.  It has been described as "a programming language even my grandmother can use." How powerful is PHP?  http://en.wikiped…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now