devastator82
New Member
What about this lines? \[quote\] Warning: copy(): open_basedir restriction in effect. File() is not within the allowed path(s): (/xxx/xxx/xxx/xxx/php:/tmp) in /home/xxxxxxxxxx/public_html/newsp.php on line 85 \[/quote\]Here is my code:\[code\]<?php session_start(); if (isset($_SESSION['password'])) { $con=mysqli_connect("xxxxx","xxxxx","xxxxx","xxxxx"); // Check connection if (mysqli_connect_errno($con)) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } $result = mysqli_query($con,"SELECT * FROM News ORDER BY ID DESC LIMIT 1"); while($row = mysqli_fetch_array($result)) { $ID = $row['ID'] + 1; } $title = $_POST['title']; $content = $_POST['content']; $type=$_POST['type']; echo $title . "<br>"; echo $content . "<br>"; echo $type . "<br>"; echo $ID . "<br>"; $sql = 'INSERT INTO News '.'(Title, Content, Type) '.'VALUES ( $title, $content, $type)'; $result=mysqli_query($con,$sql);//define a maxim size for the uploaded images in Kb define ("MAX_SIZE","100"); //This function reads the extension of the file. It is used to determine if the file is an image by checking the extension. function getExtension($str) { $i = strrpos($str,"."); if (!$i) { return ""; } $l = strlen($str) - $i; $ext = substr($str,$i+1,$l); return $ext; }//This variable is used as a flag. The value is initialized with 0 (meaning no error found)//and it will be changed to 1 if an errro occures.//If the error occures the file will not be uploaded. $errors=0;//checks if the form has been submitted //reads the name of the file the user submitted for uploading $image=$_FILES['file']['name']; //if it is not empty if ($image) { //get the original name of the file from the clients machine $filename = stripslashes($_FILES['file']['name']); //get the extension of the file in a lower case format $extension = getExtension($filename); $extension = strtolower($extension); //if it is not a known extension, we will suppose it is an error and will not upload the file, //otherwise we will do more tests if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) { //print error message echo '<h1>Unknown extension!</h1>'; $errors=1; } else { //get the size of the image in bytes //$_FILES['image']['tmp_name'] is the temporary filename of the file //in which the uploaded file was stored on the server $size=filesize($_FILES['image']['tmp_name']); //compare the size with the maxim size we defined and print error if bigger if ($size > MAX_SIZE*1024) { echo '<h1>You have exceeded the size limit!</h1>'; $errors=1; } //we will give an unique name, for example the time in unix time format $image_name= $ID.'.'.$extension; //the new name will be containing the full path where will be stored (images folder) $newname="NewsPic/".$image_name; //we verify if the image has been uploaded, and print error instead echo $image_name; $copied = copy($_FILES['image']['tmp_name'], $newname); if (!$copied) { echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; } } } } else { header("location:login.php"); }?>\[/code\]I want to upload an image to my folder.