Solved

Uploading With PHP

Posted on 2015-01-30
11
101 Views
Last Modified: 2015-02-01
Hello Experts,

I am trying to do an excersise for file upload from a text book, but when trying to upload with the started code, and even without changing anything I got:

Warning: getimagesize(C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images\leaf.gif): failed to open stream: No such file or directory in C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\image_util.php on line 34
File must be a JPEG, GIF, or PNG image.

To try to troubleshoot, I added  a few echo statements, and the output is:

src =
target = C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images\leaf.gif
dir = C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images
dir = C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images\
img = C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images\leaf.gif

So, I think that the issue is because src ($source), is an empty string.  I'm posting my code, and the src = $source is coming from Li.25 of index.php.

Please advise.
ch23-ex1.zip
0
Comment
Question by:APD_Toronto
  • 6
  • 5
11 Comments
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 40580884
PHP getimagesize() has nothing to do with file uploading, so I think we might want to deconstruct the problem into manageable bite-sized pieces.  Let's start with the image upload.  Here is a teaching example that I know works correctly.  Once you've got that part working you might want to move on to the part about resizing an image.

<?php // demo/upload_single_example.php

/**
 * Demonstrate how to upload a single file in PHP
 *
 * REQUIRED: Man Page References
 * http://php.net/manual/en/reserved.variables.files.php
 * http://php.net/manual/en/features.file-upload.php
 * http://php.net/manual/en/features.file-upload.common-pitfalls.php
 * http://php.net/manual/en/function.move-uploaded-file.php
 *
 * IMPORTANT: If dealing with large files
 * http://php.net/manual/en/ini.core.php#ini.upload-max-filesize
 * http://php.net/manual/en/ini.core.php#ini.post-max-size
 * http://php.net/manual/en/info.configuration.php#ini.max-input-time
 */
error_reporting(E_ALL);

// PHP 5.1+  SEE http://php.net/manual/en/function.date-default-timezone-set.php
date_default_timezone_set('America/Chicago');

// ESTABLISH THE BIGGEST FILE SIZE WE CAN ACCEPT - ABOUT 8 MB
$max_file_size = '8000000';

// ESTABLISH THE KINDS OF FILE EXTENSIONS WE WANT (USE UPPERCASE ONLY)
$file_exts = array
( 'XLS'
, 'XLSX'
, 'PDF'
, 'JPG'
)
;
$f_exts = implode(', ', $file_exts);

// ESTABLISH THE NAME OF THE DESTINATION FOLDER
$my_dir = getcwd();

// OR USE THIS TO PUT UPLOADS IN A SEPARATE FOLDER
$my_dir = 'storage';
if (!is_dir($my_dir))
{
    mkdir($my_dir);
}

// LIST OF THE ERRORS THAT MAY BE REPORTED IN $_FILES[]["error"] (THERE IS NO #5)
$errors = array
( 0 => "Success!"
, 1 => "The uploaded file exceeds the upload_max_filesize directive in php.ini"
, 2 => "The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form"
, 3 => "The uploaded file was only partially uploaded"
, 4 => "No file was uploaded"
, 5 => "UNDEFINED ERROR"
, 6 => "Missing a temporary folder"
, 7 => "Cannot write file to disk"
)
;


// IF THERE IS INFORMATION POSTED
if (!empty($_POST))
{
    // IF THERE ARE ERRORS
    $error_code    = $_FILES["userfile"]["error"];
    if ($error_code)
    {
        trigger_error($errors[$error_code], E_USER_ERROR);
    }

    // GET THE FILE SIZE
    $fsize = number_format($_FILES["userfile"]["size"]);

    // SYNTHESIZE THE NEW FILE NAME FOR TEMPORARY STORAGE
    $fname = basename($_FILES['userfile']['name']);

    // FAIL IF THIS IS NOT AN ALLOWABLE EXTENSION
    $f_ext = explode('.', $fname);
    $f_ext = end($f_ext);
    $f_ext = strtoupper(trim($f_ext));
    if (!in_array($f_ext, $file_exts)) trigger_error("$f_ext NOT ALLOWED.  CHOOSE FROM $f_exts", E_USER_ERROR);

    // THE SERVER PATH TO THE FILE
    $my_path
    = getcwd()
    . DIRECTORY_SEPARATOR
    . $my_dir
    . DIRECTORY_SEPARATOR
    . $fname
    ;

    // THE URL PATH TO THE FILE
    $my_url
    = $my_dir
    . DIRECTORY_SEPARATOR
    . $fname
    ;

    // MESSAGES ABOUT THE UPLOAD STATUS, IF ANY
    $msg = NULL;

    // IF THE FILE IS NEW (DOES NOT EXIST)
    if (!file_exists($my_path))
    {
        // IF THE MOVE FUNCTION WORKED CORRECTLY
        if (move_uploaded_file($_FILES['userfile']['tmp_name'], $my_path))
        {
            $upload_success = 1;
        }
        // IF THE MOVE FUNCTION FAILED IT PROBABLY THREW A MESSAGE
        else
        {
            $upload_success = -1;
            trigger_error("MOVE TO $my_path FAILED", E_USER_ERROR);
        }
    }

    // IF THE FILE ALREADY EXISTS
    else
    {
        $msg .= "<br/><b><i>$my_url</i></b> already exists" . PHP_EOL;

        // SHOULD WE OVERWRITE THE FILE? IF NOT
        if (empty($_POST["overwrite"]))
        {
            $upload_success = 0;
        }

        // IF WE SHOULD OVERWRITE THE FILE, TRY TO MAKE A BACKUP
        else
        {
            $now    = date('Y-m-d-His');
            $my_bak = $my_path . '.' . $now . '.bak';
            if (!copy($my_path, $my_bak))
            {
                $msg .= "<br/><strong>Attempted Backup Failed!</strong>" . PHP_EOL;
            }
            if (move_uploaded_file($_FILES['userfile']['tmp_name'], $my_path))
            {
                $upload_success = 2;
            }
            else
            {
                $upload_success = -1;
                trigger_error("MOVE TO $my_path FAILED", E_USER_ERROR);
            }
        }
    }

    // PREPARE A REPORT OF THE SCRIPT'S SUCCESS OR FAILURE
    if ($upload_success == 2) { $msg .= "<br/>A backup was made and the file was overwritten" . PHP_EOL; }
    if ($upload_success == 1) { $msg .= "<br/><strong>$my_url</strong> has been saved" . PHP_EOL; }
    if ($upload_success == 0) { $msg .= "<br/><strong>It was NOT overwritten.</strong>" . PHP_EOL; }
    if ($upload_success < 0)  { $msg .= "<br/><strong>ERROR: $my_url NOT SAVED - SEE WARNING FROM move_uploaded_file()</strong>" . PHP_EOL; }

    // ADD FILE SIZE AND PERMISSION INFORMATION
    if ($upload_success > 0)
    {
        $msg .= "<br/>$fsize bytes uploaded" . PHP_EOL;
        if (!chmod ($my_path, 0755))
        {
            $msg .= "<br/>chmod(0755) FAILED: fileperms() = ";
            $msg .= substr(sprintf('%o', fileperms($my_path)), -4);
        }
    }

    // SHOW THE SUCCESS OR FAILURE
    echo $msg;

    // SHOW A LINK TO THE FILE
    echo '<br/>'
    . '<a href="'
    . $my_url
    . '" target="_blank">'
    . "See: $my_url"
    . '</a>'
    ;
}


// CREATE THE FORM FOR INPUT (USING HEREDOC SYNTAX)
$form = <<<EOF
<h2>Upload a File</h2>
<p>
<form enctype="multipart/form-data" method="post">
<!--
    SOME IMPORTANT THINGS TO NOTE ABOUT THIS FORM...
    ENCTYPE= ATTRIBUTE IN THE HTML <FORM> TAG
    MAX_FILE_SIZE HIDDEN CONTROL MUST PRECEDE THE FILE INPUT CONTROLS
    INPUT NAME= IN TYPE=FILE DETERMINES THE NAME YOU FIND IN _FILES ARRAY
    ABSENCE OF ACTION= ATTRIBUTE IN <FORM> TAG CAUSES POST TO SAME URL
-->
<input type="hidden" name="MAX_FILE_SIZE" value="$max_file_size" />
Find a file to Upload ($f_exts): <input name="userfile" type="file" />
<br/>Check this box
<input autocomplete="off" type="checkbox" name="overwrite" /> to <strong>overwrite</strong> existing files
</br><input type="submit" value="Upload" />
</form>
</p>
EOF;

echo $form;

Open in new window

0
 

Author Comment

by:APD_Toronto
ID: 40580947
Hi Ray,
 
Running your code directly, no changes,  I get:

Fatal error: Missing a temporary folder in C:\inetpub\wwwroot\upload.php on line 68
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 40580951
Line 68 is a blank line in my script, so I'm fairly sure the error is not caused by that line.  Any other hints you can give us about what your script is doing?
0
 

Author Comment

by:APD_Toronto
ID: 40581588
Sorry had 2 empty lines, the error is at Li.66
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 40581609
This means the upload failed because the server does not have a temporary folder to stash the uploaded files until your script can get control of them and move them to permanent storage.  Some useful references:
http://php.net/manual/en/features.file-upload.post-method.php
http://php.net/manual/en/features.file-upload.errors.php
Files will, by default be stored in the server's default temporary directory, unless another location has been given with the upload_tmp_dir directive in php.ini. The server's default directory can be changed by setting the environment variable TMPDIR in the environment in which PHP runs. Setting it using putenv() from within a PHP script will not work. This environment variable can also be used to make sure that other operations are working on uploaded files, as well.
To see your settings for the temporary directory, you might try running phpinfo() and looking in the output for upload_tmp_dir.  This path needs to be universally writable.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:APD_Toronto
ID: 40581638
OK, that fixed my upload directory, and your code works.

Now, to my original issue, I still get some errors, and my output is below.  You'll see that Li.1 is no longer an empty string (thanks to you), but i still error out on getimagesize().

src = C:\php\upload_tmp_dir\php21E5.tmp
target = C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images\leaf.gif
dir = C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images
dir = C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images\
img = C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images\leaf.gif

Warning: getimagesize(): open_basedir restriction in effect. File('C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images\leaf.gif') is not within the allowed path(s): (c:\inetpub\wwwroot;c:\php) in C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\image_util.php on line 34

Warning: getimagesize('C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\images\leaf.gif'): failed to open stream: Operation not permitted in C:\inetpub\wwwroot\phpBook\ex_starts\ch23_ex1\image_util.php on line 34
File must be a JPEG, GIF, or PNG image.

Open in new window

0
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 40581796
Well, I don't know how to help you any more except to point you to the documentation.  I've never seen anyone run PHP with open_basedir restrictions in place.  You might want to remove those restrictive settings.
http://php.net/manual/en/ini.core.php#ini.open-basedir
0
 

Author Comment

by:APD_Toronto
ID: 40581806
Thanks Ray, I'll have a look

Any feedback on my PEAR question
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 40581810
I saw it, but I've never used Pear so I didn't feel competent to offer a response.  Just curious - why use Pear?  Most of the people I know stay away from it since there are newer and better technologies for most of the things it does.
0
 

Author Closing Comment

by:APD_Toronto
ID: 40582663
Thanks Ray, another  solved question.

PEAR because it is part of the curriculum, and I feel most hosts are comfortable with it.
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 40582670
because it is part of the curriculum,...
Ha!  Yep, I understand.  If there were one thing I would recommend today it would be the Laravel framework.  If you truly understand the power of well-constructed PHP frameworks, you'll be over the moon when you see how this one works.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article will explain how to display the first page of your Microsoft Word documents (e.g. .doc, .docx, etc...) as images in a web page programatically. I have scoured the web on a way to do this unsuccessfully. The goal is to produce something …
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now