Page 1 of 1

Image upload not working, permission

Posted: Sat Oct 17, 2009 2:26 pm
by ninethousandfeet
Hi,

There is a similar post to this in phpdn, but I tried the eventual solution they came up with and it did not work. If I should just post this there in that open thread, my apologies, just lmk.

I am having a problem with an image upload script to allow users to update their profile pic. I have set the permission for the profile folder to 0777, so it should be fine there, but something is still off. What happens is the user registers and the profile image info is allowed to be NULL. Then the user can update their profile, which includes an option to add a pic. Below is the updatefile.php and the error messages that I am receiving. Any help or suggestions would be great, I'm really stuck on this one. Thank you!

The update script:

Code: Select all

 
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$error = array();
if (!empty($_FILES['image_data']['name'])) {
$uploadDIR = "/home/me/domains/mysite.com/public_html/profile";
$ext = substr(strrchr($_FILES['image_data']['name'], '.'), 1);
$filename = substr(sha1($_FILES['image_data']['name']), 0, 8);
$filename .= time() . '.' .$ext;
$fileTemp = $_FILES['image_data']['tmp_name'];
 
// convert the maximum size to KB and check file types
$max = number_format(MAX_FILE_SIZE/1024, 1).'KB';
 
$filetypes = array($_FILES["image_data"]["type"] == "image/gif",
  ($_FILES["image_data"]["type"] == "image/jpeg"),
  ($_FILES["image_data"]["type"] == "image/pjpeg"),
  ($_FILES["image_data"]["type"] == "image/png" ));
if(!in_array($_FILES['image_data']['type'], $filetypes)) {
$error[] = 'File must be either a gif, jpeg, pjpeg or png';
}
// Check the file size isn't more than the limit (6.2mb)
if($_FILES['image_type']['size'] > MAX_FILE_SIZE) {
    // Size too large, add an error
    $error[] = 'Files must be less than ' . MAX_FILE_SIZE . 'KB';
        }
}
 // Other things to update go here, not shown to save space in this post
  // update the record if there are no errors
 
if (!$error) {
$username = $_SESSION['MM_Username'];
ini_set('date.timezone','America/Los Angeles');
$now = date('Y-m-d-His');
$emptyOK = false;
 
if (!empty($filename)) {
$updateSQL = sprintf("UPDATE userTable SET image_data=%s, image_type=%s WHERE user_id=%s",
                       GetSQLValueString($filename, "text"),
                       GetSQLValueString($_FILES['image_data']['type'], "text"),
                       GetSQLValueString($_POST['user_id'], "int"));
 
  mysql_select_db($database_connUser, $connUser);
  $Result1 = mysql_query($updateSQL, $connUser);
 
if (!$Result1 && mysql_errno() == 1062) {
      $error['email'] = 'Duplicate email: ' . $_POST['email'] . ' is already a registered email account with MySite.';
  } elseif (mysql_error()) {
      $error['dbError'] = 'Sorry, there was a problem with the database.  Please try later on contact us so we can fix it.';
  } else {
 
  $updateGoTo = "/nextpage.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
 
//ERROR MESSAGES ARE REFERRING TO THIS AREA BELOW
 
if (!empty($_FILES['image_data']['name'])) {
if (!is_dir("$uploadDIR/$username")) {
    mkdir("$uploadDIR/$username", 0777, true);
    }
if (!file_exists("$uploadDIR/$username/$filename")) {
move_uploaded_file($fileTemp, "$uploadDIR/$username/$filename");
} else {
    mkdir("$uploadDIR/$username/$now");
    move_uploaded_file($fileTemp, "$uploadDIR/$username/$now/$filename");
  }
}
  header(sprintf("Location: %s", $updateGoTo));
  }
  } else {
    //run update sql if the image isn't updated and the user just updates some of their other info... 
}
}
 

The errors being returned:

Code: Select all

 
Warning: mkdir() [function.mkdir]: Permission denied in /vz/home/me/domains/mysite.com/public_html/updatefile.php on line 120
 
Warning: move_uploaded_file(/home/me/domains/mysite.com/public_html/profile/testuser/3e401dc41255806470.png) [function.move-uploaded-file]: failed to open stream: No such file or directory in /vz/home/me/domains/mysite.com/public_html/updatefile.php on line 123
 
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/phptwyRf9' to '/home/me/domains/mysite.com/public_html/profile/newuser1/3e401dc41255806470.png' in /vz/home/me/domains/mysite.com/public_html/updatefile.php on line 125
 
Warning: Cannot modify header information - headers already sent by (output started at /vz/home/me/domains/mysite.com/public_html/updatefile.php:120) in /vz/home/me/domains/mysite.com/public_html/updatefile.php on line 127
 

Re: Image upload not working, permission

Posted: Sat Oct 17, 2009 2:44 pm
by superdezign
The problem is that PHP isn't permitted to create the directory that you need, and thus cannot proceed any farther with the upload. On most shared servers, your only option is to create a folder with full permissions, then tell PHP to upload to that folder.

Re: Image upload not working, permission

Posted: Sat Oct 17, 2009 6:35 pm
by ninethousandfeet
okay, so i have this exact same update script for allowing users to upload images with a post and it works fine. this seems really weird to me that one works and the other does not. the only difference that i know of is the folder where the upload is going. in the case of my example here, it is going to /profile and i get these error messages whereas the working upload post image goes to /postupload and it works just fine... any ideas why one would work and not the other?

did i somehow create full permissions for the /postupload folder and not for the other? how can i find out what permissions they have?

not sure if this helps, but the actual permissions of both are set to 777. the folders that are created within the working /postupload folder have permissions set to 755, which must happen automatically because i don't have anything that i know of to set this. the folders in the non-working /profile folder are nonexistent at this point because it isn't working yet.

thank you!