Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

file upload woes

Status
Not open for further replies.
Bastien

Bastien

Programmer
May 29, 2000
1,683
CA
trying to upload a file to the server in secure area...its just not working for me...what am I doing wrong? destination folder has 0777 permissions


Code: 
    $uploaddir = "/services3/i/n/xxxxxxxx.com/secure/app/data/";
    $uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

    echo '<pre>';
    if (move_uploaded_file(basename($_FILES['userfile']['tmp_name']), $uploadfile)) {
        echo "File is valid, and was successfully uploaded.\n";
    } else {
        echo "Possible file upload attack!\n";
    }

    echo 'Here is some more debugging info:';
    print_r($_FILES);

    print "</pre>";

Bastien

I wish my computer would do what I want it to do,
instead of what I tell it to do...
 
Sort by date Sort by votes
when you say it is not working, what is the error message? is the file uploaded to the temp directory properly? is there anything in the $_FILES[error] element?

double check the permissions in the uploaddir.

Code: 
if (!is_writable($uploaddir)) {echo "directory not writable";}else{echo "directory writable";}
 
Upvote 0 Downvote
no error, 777 permissions on both script and destination folder...file seems to be uploaded to the tmp dir.

Could it be something to do with the moving from perhaps a temp dir that is not ssl secured, to a ssl secured folder?

Bastien

I wish my computer would do what I want it to do,
instead of what I tell it to do...
 
Upvote 0 Downvote
ssl should only bite on the webserver, not on the fileserver (unless you are expressly using ssl as a vpn for file transfers).

if the script I posted above returns directory is writable on the destination directory then all is fine.

but your move_uploaded_file is wrong. the first parameter must be the full filename (including the path)
Code: 
if (move_uploaded_file($_FILES['userfile']['tmp_name'), $uploadfile)) {
        echo "File is valid, and was successfully uploaded.\n";
    } else {
        echo "Possible file upload attack!\n";
    }
i suspect that this is the problem as move_uploaded_file will have been looking for a source in the current working directory which is unlikely (not not impossible) to be the upload directory.
 
Upvote 0 Downvote
The issue turned out to be how the server defined the uploaded file. It required the full path, not the basename of the tmp-name

Bastien

I wish my computer would do what I want it to do,
instead of what I tell it to do...
 
Upvote 0 Downvote
that's what I said...
jpadie said:
but your move_uploaded_file is wrong. the first parameter must be the full filename (including the path)
Click to expand...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
398
SashaBuilder3
SashaBuilder3
Gerrit Broekhuis
  • Locked
  • Question
PHP form with captcha and file upload
Replies
4
Views
209
Gerrit Broekhuis
Gerrit Broekhuis
chrisjchrisj
  • Locked
  • Question
Can you tell me if this file outputs a subcategory page?
Replies
3
Views
201
spamjim
spamjim
Brianfree
  • Locked
  • Question
split file name into different values
Replies
1
Views
169
spamjim
spamjim
Brianfree
  • Locked
  • Question
PHP - &gt; Upload process and create a new csv file
Replies
1
Views
140
feherke
feherke

Part and Inventory Search

Sponsor

Back
Top