Page 1 of 1

Cross domain web application.

Posted: Thu Aug 24, 2006 11:15 am
by Jough
I have two domains located on the same server which I am trying to copy files from one to the other through an uploading feature on one domain.

The web application is located here: /usr/home/myuser/myfirstsite.com/htdocs/directory/program.php or http://www.myfirstsite.com/directory/program.php

The other domain is located here: /usr/home/myuser/mysecondsite.com/htdocs/ or http://www.mysecondsite.com

This works fine:

Code: Select all

copy($_FILES['image_file']['tmp_name'], "images/".$filename);
... and will copy the uploaded file to /user/home/myuser/myfirstsite.com/htdocs/directory/images/filename.jpg or http://www.myfirstsite.com/directory/im ... lename.jpg

This does not work (and I would like to know why):

Code: Select all

copy($_FILES['image_file']['tmp_name'], "/usr/home/myuser/mysecondsite.com/htdocs/images/".$filename);
Keep in mind that the value of $_FILES['image_file']['tmp_name'] is /var/tmp/RanDomCHaRs

Thanks for the help! 8)

Posted: Thu Aug 24, 2006 11:18 am
by feyd
Your first site likely doesn't have permission to write to the directories of the second site. This is a good thing, don't fight it. You could set up an FTP uploading account for the second site that uses php's ftp functionality to transfer the file across.

Thanks!

Posted: Thu Aug 24, 2006 11:24 am
by Jough
That makes obvious sense (why didn't I think of that! :D )

The FTP account already exists and I will give this a shot and let you know how it turns out. Thanks!

Posted: Thu Aug 24, 2006 11:28 am
by feyd
What I'm suggesting is a special account that only has access to the folder into which you want to drop the files, nothing more. This way, even if your first site becomes compromised, the root level password for site2 isn't available for abuse.