I've been trying to create my own
custom php script for uploading files;
Right now I'm on a webserver that has
PHPsuexec; so I'm guessing this would matter alot.
I'm looking to learn the basics of the
various parts I'd need to do file uploading;
This is so, if in the future I want to,
I could add an upload option to a email form, etc.
But for now, just going for a upload page.
Now, I cannot CHMOD my folders 777, I believe,
due to the PHPsuexec.
So what would I need to CHMOD it instead?
666? (rw-rw-rw)you have to have it chmodded to 777 in order to upload to it.since i didn't know about PHPsuexec, i google a bit and found
<!-- m --><a class="postlink" href="http://www.cablan.net/cablan/What_is_PHPSuexec_.449.0.html">http://www.cablan.net/cablan/What_is_PH ... 449.0.html</a><!-- m -->
However, in order to access a directory, it must be world-executable, which is safe to do.
As such, directories containing PHP files should have permissions 0755 or 0555.if you have ftp access, you can use the php ftp functions to connect and upload files. that doesnt require any chmodding to 777I have full FTP access, yes; including annoymass.
So basicly just look up the ftp functions
on PHP.net and it'll tell?have you tried chmod 755?? or are you sure you need to chmod since it have phpsuexec that execute php as your user, so it must have the right to create a file in your folder...
because moving a file from the temp folder to the upload folder is simplier than opening a ftp and transfering (againg) the file to the good place.I don't even have an upload script so far...
I'm going to try the ftp upload function later 2night/2morrowI tried to make a script, based on what
I could comprehind on PHP.net's manual:
<html>
<head>
<title>File Upload</title>
</head>
<body>
<?php
// This is the opening of the PHP script
$uploaddir = '/uploads/';
// This tells the script to upload it to defconrpg.com/uploads'
$uploadfile = $uploaddir . $_FILES['userfile']['name']['image/jpg']['250000']
// This is telling it to take the file from the computer
// and upload it to the director stated in uploaddir
print "<pre>"
if (move_uploaded_file($_FILES['userfile']['tmp_name'],
$uploadfile)) {
print "File is valid, and was successfully uploaded. ";
print_r($_FILES);
} else {
print "File could not be uploaded. ";
print_r($_FILES);
}
print "</pre>";
?>
<form enctype="multipart/form-data" action="_URL_" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
</body></html>
Obviously its very err crappy, because I got a
error 'on line 10' (where I put "<pre">); fixed it,
but then got an error 'on line 13' and I can't figure it out.
Anyways ~ if u guys could try & help me out here
$uploadfile = $uploaddir . $_FILES['userfile']['name']['image/jpg']['250000']
should be
$uploadfile = $uploaddir . $_FILES['userfile']['name'];Okay ~ I re-did so its in two-files;
The php one, named 'process.php' is this:
<?php
// This is the opening of the PHP script
$uploaddir = '/uploads/';
// This tells the script to upload it to defconrpg.com/uploads'
$uploadfile = $uploaddir . $_FILES['userfile']['name'];
// This is telling it to take the file from the computer
// and upload it to the director stated in uploaddir
print "<pre>"
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
print "File is valid, and was successfully uploaded. ";
print_r($_FILES);
} else {
print "File could not be uploaded. ";
print_r($_FILES);
}
print "</pre>";
?>
The upload form, named upload.php is this:
<html>
<head>
<title>File Upload</title>
</head>
<body>
<form enctype="multipart/form-data" action="process.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
</body></html>
Now, the form works good, I select a 23KB .JPG file,
click 'Send File' and it says the following:
Parse error: parse error in /home/defcon/public_html/process.php on line 9
Hmm ~ so whats wrong now with it?
print "<pre>"
needs a ; at the endNow when I try uploading, it says:
Warning: move_uploaded_file(/uploads/Russia5.jpg): failed to open stream: No such file or directory in /home/defcon/public_html/process.php on line 9
Warning: move_uploaded_file(): Unable to move '/tmp/phpLIfH3e' to '/uploads/Russia5.jpg' in /home/defcon/public_html/process.php on line 9
File could not be uploaded. Array
(
[userfile] => Array
(
[name] => Russia5.jpg
[type] => image/pjpeg
[tmp_name] => /tmp/phpLIfH3e
[error] => 0
[size] => 19095
)
)try this
<?php
// This is the opening of the PHP script
$uploaddir = '/home/defcon/public_html/uploads/';
// This tells the script to upload it to defconrpg.com/uploads'
$uploadfile = $uploaddir . $_FILES['userfile']['name'];
// This is telling it to take the file from the computer
// and upload it to the director stated in uploaddir
print "<pre>"
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
print "File is valid, and was successfully uploaded. ";
print_r($_FILES);
} else {
print "File could not be uploaded. ";
print_r($_FILES);
}
print "</pre>";
?>
and make sure you have a folder called "uploads", if you get a permission error next you need to chmod it to 777.here is an example script from the comments
Friends,
If you wanna upload files from your harddisk by a form to a specified ftp this sample can help you...
First of all create the form:
<html>
<body marginwidth=4 marginheight=4 topmargin=4 leftmargin=4 bgcolor=white vlink="#0000ff" link="#0000ff">
<form name="Attachments" method=POST action="sendimage.php" enctype="multipart/form-data">
<input type=hidden name=box value="">
<tr>
<td nowrap width="1%"> <b>Image:</b></td>
<td colspan=2>
<input type=file name=source_file size=20> <br>
</td>
</tr>
<input type=submit name=btnSubmit value=Submit size=20 style="border: 1px solid #0000FF"></form>
</body>
</html>
The critical point in this form is the usage of enctype="multipart/form-data"
If you don't use this part your upload operations won't work.
Then u must create sendimage.php as follows:
<?php
$ftp_server='190.148.20.201';//serverip
$conn_id = ftp_connect($ftp_server);
// login with username and password
$user="username";
$passwd="*****";
$login_result = ftp_login($conn_id, $user, $passwd);
// check connection
if ((!$conn_id) || (!$login_result)) {
echo "FTP connection has failed!";
echo "Attempted to connect to $ftp_server for user $ftp_user_name";
die;
} else {
echo "<br>Connected to $ftp_server, for user $user<br>";
}
//directorylike /www.velibaba.com/images
ftp_chdir($conn_id, "www.velibab.com");
ftp_chdir($conn_id, "compimages");
//$destination_file=ftp_pwd($conn_id);
$destination_file="x.jpg";
echo ("<br>");
print $destination_file;
echo ("<br>");
// upload the file
$upload = ftp_put($conn_id, $destination_file, $source_file, FTP_BINARY);
// check upload status
if (!$upload) {
echo "FTP upload has failed!";
} else {
echo "Uploaded $source_file to $ftp_server as $destination_file";
}
// close the FTP stream
ftp_close($conn_id);
?>
In this example code $source_file is the path of the file in your disk, and destination file is the name of the uploaded file in ftpserver.
In this code I use ftp_chdir to give the path of the
uploaded file within ftpserver..
For your questions about all categories of PHP my email:[email protected]
c u...scoutt, did as you suggested; I CHMOD'd the folder
to 777 before testing it; funny thing though....
I went to upload the file, and it said it was successful;
Yet I refreshed FTP, and went to the /uploads folder
and no file! 
Yet I entered the URL, in this case DefconRPG.com/uploads/Russia5.jpg and it worked.
I closed FTP and opened again, and this time the
file was there; why didn't it show the first time
after I clicked Refresh? why did it only show after
I closed & re-opened WS FTP LE?thats just an issue with WS_FTP, not your script.not sure, but when that happens to me I hit refresh on the server side and it shows for me. something to do with the cache thing it does.from what i understant of phpsuexec is that you must not chmod 777
chmod 777 is a way to let everyone write to that dir but phpsuexec run php code as your own user so you don't need to open up that folder to be able to write in it.
but i could be wrong since i did not try phpsuexec...
custom php script for uploading files;
Right now I'm on a webserver that has
PHPsuexec; so I'm guessing this would matter alot.
I'm looking to learn the basics of the
various parts I'd need to do file uploading;
This is so, if in the future I want to,
I could add an upload option to a email form, etc.
But for now, just going for a upload page.
Now, I cannot CHMOD my folders 777, I believe,
due to the PHPsuexec.
So what would I need to CHMOD it instead?
666? (rw-rw-rw)you have to have it chmodded to 777 in order to upload to it.since i didn't know about PHPsuexec, i google a bit and found
<!-- m --><a class="postlink" href="http://www.cablan.net/cablan/What_is_PHPSuexec_.449.0.html">http://www.cablan.net/cablan/What_is_PH ... 449.0.html</a><!-- m -->
However, in order to access a directory, it must be world-executable, which is safe to do.
As such, directories containing PHP files should have permissions 0755 or 0555.if you have ftp access, you can use the php ftp functions to connect and upload files. that doesnt require any chmodding to 777I have full FTP access, yes; including annoymass.
So basicly just look up the ftp functions
on PHP.net and it'll tell?have you tried chmod 755?? or are you sure you need to chmod since it have phpsuexec that execute php as your user, so it must have the right to create a file in your folder...
because moving a file from the temp folder to the upload folder is simplier than opening a ftp and transfering (againg) the file to the good place.I don't even have an upload script so far...
I'm going to try the ftp upload function later 2night/2morrowI tried to make a script, based on what
I could comprehind on PHP.net's manual:
<html>
<head>
<title>File Upload</title>
</head>
<body>
<?php
// This is the opening of the PHP script
$uploaddir = '/uploads/';
// This tells the script to upload it to defconrpg.com/uploads'
$uploadfile = $uploaddir . $_FILES['userfile']['name']['image/jpg']['250000']
// This is telling it to take the file from the computer
// and upload it to the director stated in uploaddir
print "<pre>"
if (move_uploaded_file($_FILES['userfile']['tmp_name'],
$uploadfile)) {
print "File is valid, and was successfully uploaded. ";
print_r($_FILES);
} else {
print "File could not be uploaded. ";
print_r($_FILES);
}
print "</pre>";
?>
<form enctype="multipart/form-data" action="_URL_" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
</body></html>
Obviously its very err crappy, because I got a
error 'on line 10' (where I put "<pre">); fixed it,
but then got an error 'on line 13' and I can't figure it out.
Anyways ~ if u guys could try & help me out here
$uploadfile = $uploaddir . $_FILES['userfile']['name']['image/jpg']['250000']should be
$uploadfile = $uploaddir . $_FILES['userfile']['name'];Okay ~ I re-did so its in two-files;
The php one, named 'process.php' is this:
<?php
// This is the opening of the PHP script
$uploaddir = '/uploads/';
// This tells the script to upload it to defconrpg.com/uploads'
$uploadfile = $uploaddir . $_FILES['userfile']['name'];
// This is telling it to take the file from the computer
// and upload it to the director stated in uploaddir
print "<pre>"
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
print "File is valid, and was successfully uploaded. ";
print_r($_FILES);
} else {
print "File could not be uploaded. ";
print_r($_FILES);
}
print "</pre>";
?>
The upload form, named upload.php is this:
<html>
<head>
<title>File Upload</title>
</head>
<body>
<form enctype="multipart/form-data" action="process.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
</body></html>
Now, the form works good, I select a 23KB .JPG file,
click 'Send File' and it says the following:
Parse error: parse error in /home/defcon/public_html/process.php on line 9
Hmm ~ so whats wrong now with it?
print "<pre>"needs a ; at the endNow when I try uploading, it says:
Warning: move_uploaded_file(/uploads/Russia5.jpg): failed to open stream: No such file or directory in /home/defcon/public_html/process.php on line 9
Warning: move_uploaded_file(): Unable to move '/tmp/phpLIfH3e' to '/uploads/Russia5.jpg' in /home/defcon/public_html/process.php on line 9
File could not be uploaded. Array
(
[userfile] => Array
(
[name] => Russia5.jpg
[type] => image/pjpeg
[tmp_name] => /tmp/phpLIfH3e
[error] => 0
[size] => 19095
)
)try this
<?php
// This is the opening of the PHP script
$uploaddir = '/home/defcon/public_html/uploads/';
// This tells the script to upload it to defconrpg.com/uploads'
$uploadfile = $uploaddir . $_FILES['userfile']['name'];
// This is telling it to take the file from the computer
// and upload it to the director stated in uploaddir
print "<pre>"
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
print "File is valid, and was successfully uploaded. ";
print_r($_FILES);
} else {
print "File could not be uploaded. ";
print_r($_FILES);
}
print "</pre>";
?>
and make sure you have a folder called "uploads", if you get a permission error next you need to chmod it to 777.here is an example script from the comments
Friends,
If you wanna upload files from your harddisk by a form to a specified ftp this sample can help you...
First of all create the form:
<html>
<body marginwidth=4 marginheight=4 topmargin=4 leftmargin=4 bgcolor=white vlink="#0000ff" link="#0000ff">
<form name="Attachments" method=POST action="sendimage.php" enctype="multipart/form-data">
<input type=hidden name=box value="">
<tr>
<td nowrap width="1%"> <b>Image:</b></td>
<td colspan=2>
<input type=file name=source_file size=20> <br>
</td>
</tr>
<input type=submit name=btnSubmit value=Submit size=20 style="border: 1px solid #0000FF"></form>
</body>
</html>
The critical point in this form is the usage of enctype="multipart/form-data"
If you don't use this part your upload operations won't work.
Then u must create sendimage.php as follows:
<?php
$ftp_server='190.148.20.201';//serverip
$conn_id = ftp_connect($ftp_server);
// login with username and password
$user="username";
$passwd="*****";
$login_result = ftp_login($conn_id, $user, $passwd);
// check connection
if ((!$conn_id) || (!$login_result)) {
echo "FTP connection has failed!";
echo "Attempted to connect to $ftp_server for user $ftp_user_name";
die;
} else {
echo "<br>Connected to $ftp_server, for user $user<br>";
}
//directorylike /www.velibaba.com/images
ftp_chdir($conn_id, "www.velibab.com");
ftp_chdir($conn_id, "compimages");
//$destination_file=ftp_pwd($conn_id);
$destination_file="x.jpg";
echo ("<br>");
print $destination_file;
echo ("<br>");
// upload the file
$upload = ftp_put($conn_id, $destination_file, $source_file, FTP_BINARY);
// check upload status
if (!$upload) {
echo "FTP upload has failed!";
} else {
echo "Uploaded $source_file to $ftp_server as $destination_file";
}
// close the FTP stream
ftp_close($conn_id);
?>
In this example code $source_file is the path of the file in your disk, and destination file is the name of the uploaded file in ftpserver.
In this code I use ftp_chdir to give the path of the
uploaded file within ftpserver..
For your questions about all categories of PHP my email:[email protected]
c u...scoutt, did as you suggested; I CHMOD'd the folder
to 777 before testing it; funny thing though....
I went to upload the file, and it said it was successful;
Yet I refreshed FTP, and went to the /uploads folder
and no file!
Yet I entered the URL, in this case DefconRPG.com/uploads/Russia5.jpg and it worked.
I closed FTP and opened again, and this time the
file was there; why didn't it show the first time
after I clicked Refresh? why did it only show after
I closed & re-opened WS FTP LE?thats just an issue with WS_FTP, not your script.not sure, but when that happens to me I hit refresh on the server side and it shows for me. something to do with the cache thing it does.from what i understant of phpsuexec is that you must not chmod 777
chmod 777 is a way to let everyone write to that dir but phpsuexec run php code as your own user so you don't need to open up that folder to be able to write in it.
but i could be wrong since i did not try phpsuexec...