Page 1 of 1
File Uploading error
Posted: Tue Apr 22, 2003 5:50 am
by DuffMAn
I have this error when I upload files
Warning: open_basedir restriction in effect. File is in wrong directory in /home/webcindario/php-test/uploadprueba.php on line 27
here is the code
<HTML>
<TITLE>
File upload
</title>
<body>
<B>File upload</b>
<form enctype="multipart/form-data" action="<?PHP echo $PHP_SELF ?>" method="post">
<!-- "MAX_FILE_SIZE" determines the biggest size an uploaded file can occupy -->
<input type="hidden" name="MAX_FILE_SIZE" value="500000">
Send this file:
<input name="userfile" type="file">
<input type="submit" name="submit" value="Send File">
</form>
</body>
<?php
/*
$userfile - The temporary filename in which the uploaded file was stored on the server machine.
$userfile_name - The original name or path of the file on the sender's system.
$userfile_size - The size of the uploaded file in bytes.
$userfile_type - The mime type of the file if the browser provided this information. An example would be "image/gif".
*/
// copy to this directory
$dir="./home/webcindario/php-test/";
if ($submit){
copy($userfile,$dir.$userfile_name);
if (!is_uploaded_file ($userfile)){
echo "<b>$userfile_name</b> couldn't be copied !!";
}
}
// check whether it has been uploaded
if (is_uploaded_file ($userfile)){
echo "
<b>$userfile_name</b> copied succesfully !!";
}
?>
</html>
I´m using a free web hosting if it help.
Posted: Tue Apr 22, 2003 6:03 am
by mchaggis
for starters you have a dot in the destination dir which I don't think you want:
Code: Select all
// copy to this directory
$dir="./home/webcindario/php-test/";
The second thing to check is that permissions are correct, ie you may find you need to create subdir and chmod a+rw it
Also,
Code: Select all
copy($userfile,$dir.$userfile_name);
is dagerous, as it looks like your uploading into same dir as the scripts without renaming the file, so what will happen if someone uploads a file called index.php?
The finall thing to be aware of is, the
is_uploaded_file function should be used for sanity checking and to to check if the file has been successfully dealt with. So rather than:
Code: Select all
if ($submit){
copy($userfile,$dir.$userfile_name);
if (!is_uploaded_file ($userfile)){
echo "<b>$userfile_name</b> couldn't be copied !!";
}
you want:
Code: Select all
if (is_uploaded_file){
copy($userfile,$dir.$userfile_name);
if (!is_uploaded_file ($userfile)){
echo "<b>$userfile_name</b> couldn't be copied !!";
} else {
echo "No Upload happened";
}
Posted: Tue Apr 22, 2003 6:52 am
by DuffMAn
well I remove the dot in the $dir var, but the same error appear.
Second, is a free web hosting, so how I check the permision?, (Using Windows 98)
Third, I guess the path /home/webcindario/php-test/ is correct, because I have index.php.
Posted: Tue Apr 22, 2003 6:58 am
by mchaggis
use ftp client to change perms... but I would suggest creating a sub dir cos otherwise people can destroy your site
Posted: Tue Apr 22, 2003 7:02 am
by DuffMAn
Yo have rigth, this is just a test, in my real page I put directories plus check file type to upload files.
Now I gonna test the permision with the CuteFtp PRo
Posted: Tue Apr 22, 2003 7:19 am
by DuffMAn
F**c, I created a directory name prueba, and then put all the permisions, but the disgusting message is here again.
Warning: open_basedir restriction in effect. File is in wrong directory in /home/webcindario/php-test/uploadprueba.php on line 27
Posted: Tue Apr 22, 2003 7:30 am
by McGruff
phpinfo() to see what you have for open_basedir
Php manual:
"The restriction specified with open_basedir is actually a prefix, not a directory name. This means that "open_basedir = /dir/incl" also allows access to "/dir/include" and "/dir/incls" if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: "open_basedir = /dir/incl/"
Posted: Tue Apr 22, 2003 7:49 am
by DuffMAn
McGruff wrote:phpinfo() to see what you have for open_basedir
Php manual:
"The restriction specified with open_basedir is actually a prefix, not a directory name. This means that "open_basedir = /dir/incl" also allows access to "/dir/include" and "/dir/incls" if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: "open_basedir = /dir/incl/"
well this is what phpinfo say.
open_basedir /home/webcindario/php-test
How I change the permision on this path, (is the root), because the FTP program only let me change the permisions of the files and subdirectories.
Posted: Tue Apr 22, 2003 8:04 am
by McGruff
I always write pathnames with no leading forward slash relative to the site root. So if, as you say, "home/webcindario/php-test" IS your site root leave it out.
Posted: Tue Apr 22, 2003 8:20 am
by DuffMAn
I remove the backslash but still doesn´t work.

Posted: Tue Apr 22, 2003 1:53 pm
by McGruff
Sorry that was a little garbled was working all night.
What I meant to say was try leaving out $dir altogether if that's your site root folder: could it be you're aiming copy() at:
home/webcindario/php-test/home/webcindario/php-test
..which obviously doesn't exist.
Posted: Wed Apr 23, 2003 2:51 pm
by DuffMAn
Well I solve half problem, this is what I made.
1 - Switch the copy function by move_uploaded_file, because this work with safe mode. Doing this the file was transfer.
2- the only problem is that a warning message is showed.
Warning: SAFE MODE Restriction in effect. The script whose uid is 48 is not allowed to access /tmp owned by uid 0 in /home/webcindario/php-test/myupload.php on line 7
Is there some way to remove this warning?
Posted: Wed Apr 23, 2003 7:51 pm
by McGruff
I think move_uploaded_file() is affected by safe mode I'm afraid.
Not sure what you should do.
Posted: Thu Apr 24, 2003 2:55 am
by twigletmac
You can't get around safe-mode restrictions without some help from your host. Have a read of:
http://www.php.net/manual/en/features.safe-mode.php
Mac