Page 1 of 1
Php Image Upload
Posted: Sun Jan 02, 2005 4:59 pm
by cm_oj
Hi i have been trying to write a script to uplaod an image file into my server. But i have found out that i dont have permission to do this

i have been using the $_FILES method. Is there any other methods that wont be blocked? would i have to put it into a database? thanks!
Re: Php Image Upload
Posted: Sun Jan 02, 2005 6:01 pm
by rehfeld
cm_oj wrote: i have found out that i dont have permission to do this
specifically, what makes you think this?
consider posting your code, maybe your just making an error.
Posted: Sun Jan 02, 2005 6:50 pm
by feyd
there are several ways to go about it, if your script really doesn't have permission to copy/move a file:
- manually create a copy of the file. doubtful it'd work if your permissions deny the former..
- have your script FTP them to where you want. This takes a while to set up, but generally gets around the problem of not having permission. Hopefully ftp is enabled.
- store them in the database. Very much not recommended as it eats up a lot of database, and you can only do 1 query per image. Plus you'll need enough php memory to transfer over the data.
Posted: Mon Jan 03, 2005 3:34 am
by cm_oj
I have full access to my website, but i want to make an image upload feature for my forum members. The forum is all my own script. I know file upload is blocked as i tried it, it worked on my localhost but when i did it online it said this :
Warning: Unable to create '/web/sites/305/cellarmation/
www.cellarmation.f2s.com/newname.jpg': Permission denied in /web/sites/305/cellarmation/
www.cellarmation.f2s.com/image.php on line 14
Warning: Unable to move '/tmp/phpuKKy5b' to '/web/sites/305/cellarmation/
www.cellarmation.f2s.com/newname.jpg' in /web/sites/305/cellarmation/
www.cellarmation.f2s.com/image.php on line 14
Is there anyway i can still use php, but not using the $_FILES method? thanks
Posted: Mon Jan 03, 2005 3:45 am
by feyd
only route I see, if the others are truely exhausted, is sending them into the database... which is a giant pain.
so lets get this straight: you've tried [php_man]move_uploaded_file()[/php_man] which failed. you tried manually creating the copy ([php_man]fopen()[/php_man]) ? Did you try the FTP route? If yes to all those, then through the database it is.. Or, see about getting the script or php write access to some deeper level folder.
Posted: Mon Jan 03, 2005 3:55 am
by cm_oj
I am not sure if i have used those to methods, i think move_uploaded_file has been used in one part of the script. I was ripped of a tutorial, and modified, i know it works on y localhost :
Code: Select all
<?php
//Define some variables
$dir = $_SERVER['DOCUMENT_ROOT']; //Change this to the correct dir
//MIME types to allow, Gif, jpeg, zip ::Edit this to your liking
$types = array("image/gif","image/jpeg");
//Check to determine if the submit button has been pressed
if(isset($_POST['submit'])){
//Shorten Variables
$tmp_name = $_FILES['upload']['tmp_name'];
$new_name = $_FILES['upload']['name'];
//Check MIME Type
if (in_array($_FILES['upload']['type'], $types)){
//Move file from tmp dir to new location
move_uploaded_file($tmp_name,$dir . "/newname.jpg");
echo " was uploaded sucessfully!";
}else{
//Print Error Message
echo "<small>File <strong><em></em></strong> Was Not Uploaded!</small><br />";
//Debug
$name = $_FILES['upload']['name'];
$type = $_FILES['upload']['type'];
$size = $_FILES['upload']['size'];
$tmp = $_FILES['upload']['name'];
echo "Name: $name<br/ >Type: $typ<br />Size: $size<br />Tmp: $tmp";
}
}
else{
echo 'Could Not Upload Files';
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
<fieldset>
<legend>Upload Files</legend>
<input type="file" name="upload" />
</fieldset>
<input type="submit" name="submit" value="Upload Files" />
</form>
how does fopen() work? can that be used to upload a file to a remote server? thank you!
Posted: Mon Jan 03, 2005 4:05 am
by feyd
fopen is not able to write to a remote server. fopen can create and/or open a file on the local system. You may just get a blanket denial to write to the document root. Try a directory off the root. If you have access to the permissions of your own subfolders you may be able to get that folder writable. May want to talk to your provider if you don't know what to do that.
Posted: Mon Jan 03, 2005 4:12 am
by cm_oj
Nope, just tried it going to a subdirectory of my main one. Unfortunatly i have no lower access than the folder i tried it in first.do you think a database method, would be allowed by the server? or do you think its the time that i ask them 4 permisson for upload? (i dont think they will say yes

)
Posted: Mon Jan 03, 2005 4:37 am
by feyd
it can't hurt to ask them. Just designate a folder you'd like to toss the files in, so it's more secure for them to do it. I'd try the FTP method while I wait for their response. That should work without much problem provided you have ftp access..

Posted: Mon Jan 03, 2005 4:43 am
by cm_oj
I can upload with ftp easyly, its that i want my vistors to be able to upload an image, so it wouldnt be a one time thing. but i will try my host, see if they will help. Thank You for all your help!
Posted: Mon Jan 03, 2005 4:47 am
by feyd
I don't think you understand me. A user uploads to your server through php. You tell php to upload the file through your ftp access to the final resting place.
[php_man]ftp[/php_man]
Posted: Mon Jan 03, 2005 4:52 am
by cm_oj
But then surely my ftp password&username would be needed to be specified? could you show me how i could put that into my code? Would that mean i would have to have a lot more code? or would it be something completly differant like in the
http://www.php.net link you put in?
Posted: Mon Jan 03, 2005 8:13 am
by feyd
the username and password are passed in as part of the connection opening sequence. Look through the example they have on that page:
Code: Select all
<?php
// set up basic connection
$conn_id = ftp_connect($ftp_server);
// login with username and password
$login_result = ftp_login($conn_id, $ftp_user_name, $ftp_user_pass);
// check connection
if ((!$conn_id) || (!$login_result)) {
echo "FTP connection has failed!";
echo "Attempted to connect to $ftp_server for user $ftp_user_name";
exit;
} else {
echo "Connected to $ftp_server, for user $ftp_user_name";
}
// upload the file
$upload = ftp_put($conn_id, $destination_file, $source_file, FTP_BINARY);
// check upload status
if (!$upload) {
echo "FTP upload has failed!";
} else {
echo "Uploaded $source_file to $ftp_server as $destination_file";
}
// close the FTP stream
ftp_close($conn_id);
?>
Posted: Mon Jan 03, 2005 8:20 am
by n00b Saibot
I think that wud solve his prob

Posted: Mon Jan 03, 2005 8:30 am
by feyd
also, because of some of the dangers of allowing uploads, make absolutely sure what you transfer and accept are image files only. use [php_man]getimagesize()[/php_man] to determine if it's an image and what type.