Solved

File upload problem (PHP/Apache/Linux)

Posted on 2004-10-01
8
388 Views
Last Modified: 2012-06-21
I know this is a common problem, but the solutions I've found so far do not work. I'm having a error like this: Warning: move_uploaded_file(/home/aixa/www/Phoenix/products/lite-table_main.jpg): failed to open stream: Permission denied in /home/aixa/www/Phoenix/cpanel/cpanel_functions.inc on line 249

The folder where I want to put the file into has the correct permissions. So does its parent folder, and the same is true for the temp folder. The code I have is as follows:

function file_upload($dest){
   if($dest=="products"){  
      $up_filename = $_FILES['nu_img']['name'];
      $up_dir = "/home/aixa/www/Phoenix/products/";
      $up_tmpname = $_FILES['nu_img']['tmp_name'];
   }
   if($dest=="restore"){
      $up_filename = $_FILES['nu_bk']['name'];
      $up_dir = "/home/aixa/www/Phoenix/cpanel";
      $up_tmpname = $_FILES['nu_bk']['tmp_name'];
   }
   $up_file = $up_dir . $up_filename;
   if (move_uploaded_file($up_tmpname, $up_file)) { # If uploading successful
      if ($dest == "products"){
         if ($_FILES['db_back']['type'] == "image/jpeg"){ # If correct file type
            $salida = $up_filename;
         }
         else { # Error handling for wrong filetype
            echo "javascript:alert('Wrong or Invalid File');";
         }
      }
      if ($dest == "restore"){
         if ($_FILES['db_back']['type'] == "text/plain"){ # If correct file type
            $salida = $up_filename;
         }
         else { # Error handling for wrong filetype
            echo "javascript:alert('Wrong or Invalid File');";
         }
      }
   }
   else { # Error handling for unsuccessful upload
      $salida = "Error!";
   }
   return $salida;
}

# and I call this function like this:

 $uploaded_file=file_upload("products");

after I sent a form that includes the part:

<form ...>
<input name="MAX_FILE_SIZE" value="1300000" type="hidden"> Upload new image: <input name="nu_img" class="text" type="file">
</form>

Any comments? what am I missing?
0
Comment
Question by:aixarat
  • 2
  • 2
8 Comments
 
LVL 48

Accepted Solution

by:
hernst42 earned 94 total points
Comment Utility
I only get this error-message if that directory exits, but is not writeable by the webserver user. So how are the permisisons on the directory /home/aixa/www/Phoenix/products/ and under which user is the webserver running? If that directory is writeable by the webserver user It will overwrite any file in that directory regardingless of the permission of that file.

So far I can't locate any errors in that script which might cause that error.

So recheck the permissions again
0
 
LVL 27

Assisted Solution

by:Diablo84
Diablo84 earned 93 total points
Comment Utility
Usually the permission is set to 666 so the directory has write access but commonly it must be 777 for the upload to work.

As long as your script and server is secure 777 permission will not be a problem.
0
 
LVL 12

Assisted Solution

by:minichicken
minichicken earned 93 total points
Comment Utility
Hi aixarat

Are you using CPanel to manage your site?

Don't know if you already know this.

When you login to Cpanel, you can goto to the "File Manager"
In the file manager, browse down to the actual folder that you would like to upload the file to.
Click on the name of the folder and not the image of the folder. On the right of the window (Maybe different on different Cpanel versions) select "Change Permissions" and then check all the checkboxes and then click "change". The folder now should have "777" as the permission.

Note: you have to set "777" to the actual folder and not its parent folder.

Hope this helps

j311y:)
0
 
LVL 12

Expert Comment

by:minichicken
Comment Utility
We all provided suggested solutions, but no reply from author :(
0
 
LVL 27

Expert Comment

by:Diablo84
Comment Utility
I recommend split between the three participants.

Its fairly likely that the problem was as i said above, the permission was set as 666 not 777 and thats what everyone was touching on.

side note: Venabili, thanks for your efforts cleaning up the PHP TA, its appreciated.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to dynamically set the form action using jQuery.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now