Solved

File upload problem (PHP/Apache/Linux)

Posted on 2004-10-01
8
390 Views
Last Modified: 2012-06-21
I know this is a common problem, but the solutions I've found so far do not work. I'm having a error like this: Warning: move_uploaded_file(/home/aixa/www/Phoenix/products/lite-table_main.jpg): failed to open stream: Permission denied in /home/aixa/www/Phoenix/cpanel/cpanel_functions.inc on line 249

The folder where I want to put the file into has the correct permissions. So does its parent folder, and the same is true for the temp folder. The code I have is as follows:

function file_upload($dest){
   if($dest=="products"){  
      $up_filename = $_FILES['nu_img']['name'];
      $up_dir = "/home/aixa/www/Phoenix/products/";
      $up_tmpname = $_FILES['nu_img']['tmp_name'];
   }
   if($dest=="restore"){
      $up_filename = $_FILES['nu_bk']['name'];
      $up_dir = "/home/aixa/www/Phoenix/cpanel";
      $up_tmpname = $_FILES['nu_bk']['tmp_name'];
   }
   $up_file = $up_dir . $up_filename;
   if (move_uploaded_file($up_tmpname, $up_file)) { # If uploading successful
      if ($dest == "products"){
         if ($_FILES['db_back']['type'] == "image/jpeg"){ # If correct file type
            $salida = $up_filename;
         }
         else { # Error handling for wrong filetype
            echo "javascript:alert('Wrong or Invalid File');";
         }
      }
      if ($dest == "restore"){
         if ($_FILES['db_back']['type'] == "text/plain"){ # If correct file type
            $salida = $up_filename;
         }
         else { # Error handling for wrong filetype
            echo "javascript:alert('Wrong or Invalid File');";
         }
      }
   }
   else { # Error handling for unsuccessful upload
      $salida = "Error!";
   }
   return $salida;
}

# and I call this function like this:

 $uploaded_file=file_upload("products");

after I sent a form that includes the part:

<form ...>
<input name="MAX_FILE_SIZE" value="1300000" type="hidden"> Upload new image: <input name="nu_img" class="text" type="file">
</form>

Any comments? what am I missing?
0
Comment
Question by:aixarat
  • 2
  • 2
8 Comments
 
LVL 48

Accepted Solution

by:
hernst42 earned 94 total points
ID: 12204219
I only get this error-message if that directory exits, but is not writeable by the webserver user. So how are the permisisons on the directory /home/aixa/www/Phoenix/products/ and under which user is the webserver running? If that directory is writeable by the webserver user It will overwrite any file in that directory regardingless of the permission of that file.

So far I can't locate any errors in that script which might cause that error.

So recheck the permissions again
0
 
LVL 27

Assisted Solution

by:Diablo84
Diablo84 earned 93 total points
ID: 12204881
Usually the permission is set to 666 so the directory has write access but commonly it must be 777 for the upload to work.

As long as your script and server is secure 777 permission will not be a problem.
0
 
LVL 12

Assisted Solution

by:minichicken
minichicken earned 93 total points
ID: 12206668
Hi aixarat

Are you using CPanel to manage your site?

Don't know if you already know this.

When you login to Cpanel, you can goto to the "File Manager"
In the file manager, browse down to the actual folder that you would like to upload the file to.
Click on the name of the folder and not the image of the folder. On the right of the window (Maybe different on different Cpanel versions) select "Change Permissions" and then check all the checkboxes and then click "change". The folder now should have "777" as the permission.

Note: you have to set "777" to the actual folder and not its parent folder.

Hope this helps

j311y:)
0
 
LVL 12

Expert Comment

by:minichicken
ID: 12483840
We all provided suggested solutions, but no reply from author :(
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12483858
I recommend split between the three participants.

Its fairly likely that the problem was as i said above, the permission was set as 666 not 777 and thats what everyone was touching on.

side note: Venabili, thanks for your efforts cleaning up the PHP TA, its appreciated.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now