Solved

UPLOAD SCRIPT (MKDIR)

Posted on 2004-08-16
6
512 Views
Last Modified: 2013-12-12
I have a script that i'm writing for an image upload website that will host images and give the user back a URL where they can be linked to at. The URL will be the Image ID in the Database. Here is my script:

<?php      
                  require("db_fns.php");
                  // 1. Get largest ID from DB.

                  db_connect();
                  $sql      =      "SELECT * FROM FILE_UPLOADS ORDER BY ID DESC LIMIT 1";
                  $result      =      mysql_query($sql);
                  $DirNum =      mysql_fetch_assoc($result);                  

                  // 2. Increment the ID returned by 1 and save into variable $DirID.
                  $CurrentID = $DirNum['ID'];
                  $DirID      =      $CurrentID + 1;
                  
                  // 3. On the file share, MkDir with the name contained in $DirID.
                  
                  $oldmask = umask(0);
                  mkdir ("/" . $DirID);
                  umask ($oldmask);
                  
                  // 4. Upload the file to the new $DirID directory.
                  
                  $filename = $HTTP_POST_FILES['userfile']['name'];
                  if ( $userfile == "none" )
                  {
                        echo "Problem: No file uploaded";
                        exit;
                  }
                  
                  if ( $userfile_size == 0 )
                  {
                        echo "Problem: Uploaded File is Zero Length";
                        exit;
                  }
                  
                  if ( $userfile_type != "image/gif" || $userfile_type != "image/jpg" )
                  {
                        echo "Problem: File is not a valid JPG or GIF file";
                        exit;
                  }
                  if ( !is_uploaded_file($userfile) )
                  {
                        echo "Problem: File already exists in this directory.";
                        exit;
                  }

                  $tempfile = $HTTP_POST_FILES['userfile']['tmp_name'];
                  $destination = $DirID . "/" . $HTTP_POST_FILES['userfile']['name'];
                  
                  if ( !copy($tempfile, $destination))
                  {
                        echo "Problem: Could not move file into this directory";
                        exit;
                  }
                  
                  
                  // 5. Save this new index.php file into the new $DirID directory.
                  $original      =      "/templates/index.php";
                  $new            =      "/" . $DirID . "/index.php";
                  copy ($original, $new);                  
                  
                  // 6. Create and write a new file named "index.php" in the $DirID folder that displays the uploaded file from userfile.
                  
                  $fp      =      "/" . $DirID . "/index.php";
                  $descriptor            =      fopen ($fp, "w+");
                  
                  $image                  =      $HTTP_POST_FILES['userfile']['name'];
                  
                  $content            =      do_index_output($DirID, $image);
                  fwrite($fp, $content);
                  
                  // 7. Build the URL and store the URL and ID # in the DB.
                  
                  $filename      =      $HTTP_POST_FILES['userfile']['name'];                  
                  $url            =      "http://www.diverse-networks.com/" . $DirID;
                  
                  $sql2            =      "INSERT into FILE_UPLOADS ('ID', 'url', 'filename') VALUES('$DirID', '$url', '$filename')";
                  $result            =      mysql_query($sql2);
                  
                  // 8. Return URL to screen for user to log.
                  
                  if(!result)
                  {
                        echo "Problem with storing new Image in the Database.";
                  }
                  else
                  {
                        echo "Your image was uploaded successfully and can be found at: " . $url;
                  }
?>


When I click the upload button on the form, I get this error message:

Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/diverse/public_html/friz/upload.php on line 8

Warning: mkdir(): open_basedir restriction in effect. File(/1) is not within the allowed path(s): (/home/diverse:/usr/lib/php:/usr/local/lib/php:/tmp) in /home/diverse/public_html/friz/upload.php on line 17
Problem: Uploaded File is Zero Length

WHAT IS IT THAT I'M DOING WRONG?

Thanks,

Lance
0
Comment
Question by:Lance_Frisbee
  • 3
  • 2
6 Comments
 
LVL 20

Expert Comment

by:Muhammad Wasif
ID: 11817879
what are the lines 8 and 17?
0
 
LVL 26

Expert Comment

by:ushastry
ID: 11818010
Hi,

First check whether the mysql is returning any values...

Change this line
    mkdir ("/" . $DirID);
with
mkdir("/".$DirID,0755); // try with this also mkdir("/" . $DirID,0777);

Hope this helps!
0
 
LVL 2

Author Comment

by:Lance_Frisbee
ID: 11824550
$DirNum =     mysql_fetch_assoc($result); // THAT IS LINE 8
mkdir ("/" . $DirID); // THAT IS LINE 17


ushastry: I originally coded this script using mkdir("/" . $DirID, 0777);

Same result though. I'll give 0755 a try.

Thanks.
0
Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

 
LVL 26

Accepted Solution

by:
ushastry earned 50 total points
ID: 11827324
Hi Lance_Frisbee,


Before creatign direcory check the current working directory..& prefix that path to the

Try this ..

$currDir = getcwd();
mkdir("$curDir/$DirID", 0777);

Also please check this link..

http://www.lania.mx/biblioteca/manuales/phpes/features.safe-mode.html
0
 
LVL 2

Author Comment

by:Lance_Frisbee
ID: 11917685
My apologies on the delay... I haven't had time to get to this. I'm posting just to keep the question active. I'll reply soon.

Thanks

Lance
0
 
LVL 2

Author Comment

by:Lance_Frisbee
ID: 11969095
Alright... during my absence, a solution has been found. I didn't CHMOD my folders and I also was trying to create these folders in the root directory. I just re-coded where i was creating these ID folders to an "upload" folder and it works.

Because of the long delay, I will award the points anyways to Ushastry... Thank you for your patience, and I again apologize for the delay.

Lance
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now