Image upload not working, permission
Posted: Sat Oct 17, 2009 2:26 pm
Hi,
There is a similar post to this in phpdn, but I tried the eventual solution they came up with and it did not work. If I should just post this there in that open thread, my apologies, just lmk.
I am having a problem with an image upload script to allow users to update their profile pic. I have set the permission for the profile folder to 0777, so it should be fine there, but something is still off. What happens is the user registers and the profile image info is allowed to be NULL. Then the user can update their profile, which includes an option to add a pic. Below is the updatefile.php and the error messages that I am receiving. Any help or suggestions would be great, I'm really stuck on this one. Thank you!
The update script:
The errors being returned:
There is a similar post to this in phpdn, but I tried the eventual solution they came up with and it did not work. If I should just post this there in that open thread, my apologies, just lmk.
I am having a problem with an image upload script to allow users to update their profile pic. I have set the permission for the profile folder to 0777, so it should be fine there, but something is still off. What happens is the user registers and the profile image info is allowed to be NULL. Then the user can update their profile, which includes an option to add a pic. Below is the updatefile.php and the error messages that I am receiving. Any help or suggestions would be great, I'm really stuck on this one. Thank you!
The update script:
Code: Select all
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$error = array();
if (!empty($_FILES['image_data']['name'])) {
$uploadDIR = "/home/me/domains/mysite.com/public_html/profile";
$ext = substr(strrchr($_FILES['image_data']['name'], '.'), 1);
$filename = substr(sha1($_FILES['image_data']['name']), 0, 8);
$filename .= time() . '.' .$ext;
$fileTemp = $_FILES['image_data']['tmp_name'];
// convert the maximum size to KB and check file types
$max = number_format(MAX_FILE_SIZE/1024, 1).'KB';
$filetypes = array($_FILES["image_data"]["type"] == "image/gif",
($_FILES["image_data"]["type"] == "image/jpeg"),
($_FILES["image_data"]["type"] == "image/pjpeg"),
($_FILES["image_data"]["type"] == "image/png" ));
if(!in_array($_FILES['image_data']['type'], $filetypes)) {
$error[] = 'File must be either a gif, jpeg, pjpeg or png';
}
// Check the file size isn't more than the limit (6.2mb)
if($_FILES['image_type']['size'] > MAX_FILE_SIZE) {
// Size too large, add an error
$error[] = 'Files must be less than ' . MAX_FILE_SIZE . 'KB';
}
}
// Other things to update go here, not shown to save space in this post
// update the record if there are no errors
if (!$error) {
$username = $_SESSION['MM_Username'];
ini_set('date.timezone','America/Los Angeles');
$now = date('Y-m-d-His');
$emptyOK = false;
if (!empty($filename)) {
$updateSQL = sprintf("UPDATE userTable SET image_data=%s, image_type=%s WHERE user_id=%s",
GetSQLValueString($filename, "text"),
GetSQLValueString($_FILES['image_data']['type'], "text"),
GetSQLValueString($_POST['user_id'], "int"));
mysql_select_db($database_connUser, $connUser);
$Result1 = mysql_query($updateSQL, $connUser);
if (!$Result1 && mysql_errno() == 1062) {
$error['email'] = 'Duplicate email: ' . $_POST['email'] . ' is already a registered email account with MySite.';
} elseif (mysql_error()) {
$error['dbError'] = 'Sorry, there was a problem with the database. Please try later on contact us so we can fix it.';
} else {
$updateGoTo = "/nextpage.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
//ERROR MESSAGES ARE REFERRING TO THIS AREA BELOW
if (!empty($_FILES['image_data']['name'])) {
if (!is_dir("$uploadDIR/$username")) {
mkdir("$uploadDIR/$username", 0777, true);
}
if (!file_exists("$uploadDIR/$username/$filename")) {
move_uploaded_file($fileTemp, "$uploadDIR/$username/$filename");
} else {
mkdir("$uploadDIR/$username/$now");
move_uploaded_file($fileTemp, "$uploadDIR/$username/$now/$filename");
}
}
header(sprintf("Location: %s", $updateGoTo));
}
} else {
//run update sql if the image isn't updated and the user just updates some of their other info...
}
}
The errors being returned:
Code: Select all
Warning: mkdir() [function.mkdir]: Permission denied in /vz/home/me/domains/mysite.com/public_html/updatefile.php on line 120
Warning: move_uploaded_file(/home/me/domains/mysite.com/public_html/profile/testuser/3e401dc41255806470.png) [function.move-uploaded-file]: failed to open stream: No such file or directory in /vz/home/me/domains/mysite.com/public_html/updatefile.php on line 123
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/phptwyRf9' to '/home/me/domains/mysite.com/public_html/profile/newuser1/3e401dc41255806470.png' in /vz/home/me/domains/mysite.com/public_html/updatefile.php on line 125
Warning: Cannot modify header information - headers already sent by (output started at /vz/home/me/domains/mysite.com/public_html/updatefile.php:120) in /vz/home/me/domains/mysite.com/public_html/updatefile.php on line 127