Hi all,
I just upgraded my server into PHP 5. I run the same script which is
working in 4.2.2.
But In PHP 5 has followings msg:
Warning: move_uploaded_file(upload_files/Gnatt.htm)
[function.move-uploaded-file]: failed to open stream: Permission
denied in /var/www/html/simple_upload.php on line 60
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to
move '/tmp/phpZ29DAN' to 'upload_files/Gnatt.htm' in
/var/www/html/simple_upload.php on line 60
I am 100% sure , I have changed the upload_files dir into 0777 mod.
Any one can help?
yours,
Michael Leung
===========================================
My testing Code
$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
$upload_dir = 'upload_files/';
$upload_url = $url_dir."upload/";
$message ="";
if (is_dir('upload_files')) {
echo ('upload_files is valid a directory');
} else {
echo ('upload_files is NOT a directory');
}
if (is_writeable('upload_files')) {
echo ('I am able to write to upload_files');
} else {
echo ('I am NOT able to write to upload_files');
}
if ($_FILES['userfile']) {
$message = do_upload($upload_dir, $upload_url);
}
else {
$message = "Invalid File Specified.";
}
print $message;
function do_upload($upload_dir, $upload_url) {
$temp_name = $_FILES['userfile']['tmp_name'];
$file_name = $_FILES['userfile']['name'];
$file_type = $_FILES['userfile']['type'];
$file_size = $_FILES['userfile']['size'];
$result = $_FILES['userfile']['error'];
$file_url = $upload_url.$file_name;
$file_path = $upload_dir.$file_name;
//File Name Check
if ( $file_name =="") {
$message = "Invalid File Name Specified";
return $message;
}
//File Size Check
else if ( $file_size > 500000) {
$message = "The file size is over 500K.";
return $message;
}
//File Type Check
else if ( $file_type == "text/plain" ) {
$message = "Sorry, You cannot upload any script file" ;
return $message;
}
$result = move_uploaded_file($temp_name, $file_path);
$message = ($result)?"File url <a href=http://www.phpbuilder.com/board/archive/index.php/$file_url>$file_url</a>" :
"Somthing is wrong with uploading a file.";
return $message;
}
?>
<form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">
Upload Image<input type="file" id="userfile" name="userfile">
<input type="submit" name="upload" value="Upload">
</form>permission denied is not always due to file permissions
it could be due to the file/directory owners clashing w/ the owner of php
safemode could cause this, maybe you now have safemode enabled, where in php4 you didnt.if you have the 777 permission on the folder and its not working it would have to do with the path for the file upload, at the moment you are trying to upload from what i can tell a directory below the current one (sub directory).
If this is the case and for anything else in that matter you should really use the absolute path.
e.g.
/home/username/public_html/upload_files/
Please in future post PHP with the php tagsHi I am having the same problem.
the exact same sript that i was using in php4 no longer works in php5.
i have changed almost every file permission i can think of.
i have changed/checked file permissions via windows (security setting) and the web user has full access to the write folder.
all the settings are set to write.read/bla.bla in IIS
but i still seem to get the following error:
Warning:
move_uploaded_file(C:/Inetpub/wwwroot/Teaching/Bank/0000000038.jpg)
[function.move-uploaded-file]: failed to open stream: Permission denied in c:\Inetpub\wwwroot\Teaching\Staff\Upload\FileXfer.php on line 16
Warning:
move_uploaded_file() [function.move-uploaded-file]: Unable to move
'C:\WINDOWS\TEMP\php4C.tmp' to
'C:/Inetpub/wwwroot/Teaching/Bank/0000000038.jpg' in
c:\Inetpub\wwwroot\Teaching\Staff\Upload\FileXfer.php on line 16
Could Not Move File To Destination
as you can see i have even tried changing the directories to the full pathways, but still to no avail.
i have no user problems clashing, safe made is off and all the permissions are correct, is there anything else that i have not done.
please please help
synyxI had this same issue from an upgrade from php 4 to php 5 and adding the absolute path corrected the issue.
It seems that php5 is just way way way more strict on closing the lazy loopholes we all got away with in php4?Continuing.. firstly: can you recommend some up-to-date PHP tutorial ..:glare: ...perhaps some "not-from-book" like interactive tutorial
These two should work easily but don't (the last one, upload_file.php I think)
submit_file.html
<html>
<head>
<title>File upload</title>
</head>
<body>
<h2>Upload</h2>
<form enctype="multipart/form-data" ACTION="upload_file.php" METHOD="POST">
<input type="hidden" name="max_file_size" value="200000">
Filename:
<input name="userfile" type="file">
<br />
<br />
<input type="submit" value="send">
</form>
</body>
</html>
upload_file.php
<?php
if ($_POST['userfile']=="none") {
echo "No file specified";
exit;
}
if (move_uploaded_file($_POST['userfile'], "\\uploads\\".$_POST['userfile_name'])) {
echo "Your file has been uploaded.";
} else {
echo "Could not upload file.";
}
?>
From the original tutorial there is no $_POST. Instead, the author uses $userfile. Is this from PHP4?
I've also checked the PHP5 Changelog (<!-- m --><a class="postlink" href="http://www.php.net/ChangeLog-5.php">http://www.php.net/ChangeLog-5.php</a><!-- m -->) (because even with $_POST it won't work) and found that move_uploaded_file() no longer working (safe mode related). So, what to use instead of move_uploaded_file()
Also I've sought and found that $_FILES is being used now as some sort of an associative array (from simple file upload tutorial (<!-- m --><a class="postlink" href="http://php.about.com/od/advancedphp/ss/php_file_upload.htm">http://php.about.com/od/advancedphp/ss/ ... upload.htm</a><!-- m -->) if anyone should be interested). To use $_POST or $_FILES?hello
PHP has got a chapter about file uploading:
Chapter 38. Handling file uploads
<!-- m --><a class="postlink" href="http://php.net/manual/en/features.file-upload.php">http://php.net/manual/en/features.file-upload.php</a><!-- m -->
In the php manual example we can see following.
Notice that for some reason is used:
basename( $_FILES['userfile']['name'] )
There are also some filesize and timeout issues, when uploading large files.
<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used
// instead of $_FILES.
$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
?> If submitted file input is
name="userfile"
i would use something like this<?php
if( !isset( $_FILES['userfile'] ) ){
exit( 'goto upload form' );
}
if ( move_uploaded_file( $_FILES['userfile']['tmp_name'],
"c:/path/path/path/upload_files". "/" .$_FILES['userfile']['name'] )) {
echo "Your file has been uploaded.";
} else {
echo "Could not upload file.";
}
?>.
failed to open stream: Permission denied
Warning:
move_uploaded_file() [function.move-uploaded-file]:
Unable to move
'C:\WINDOWS\TEMP\php4C.tmp' to
'C:/Inetpub/wwwroot/Teaching/Bank/0000000038.jpg'
Could Not Move File To Destination
I cant understand this other then that this directory is writeprotected:
C:/Inetpub/wwwroot/Teaching/Bank/
If submitted file input is
name="userfile"
i would use something like this<?php
if( !isset( $_FILES['userfile'] ) ){
exit( 'goto upload form' );
}
if ( move_uploaded_file( $_FILES['userfile']['tmp_name'],
"c:/path/path/path/upload_files". "/" .$_FILES['userfile']['name'] )) {
echo "Your file has been uploaded.";
} else {
echo "Could not upload file.";
}
?>
I've been using the following code:
<?php
if (move_uploaded_file($_FILES['userfile']['tmp_name'], "f:/uploads/" {
echo "Your file has been uploaded.";
} else {
echo "Could not upload file.";
}
?>
and got this error message:
Warning: move_uploaded_file(f:/uploads/) [function.move-uploaded-file]: failed to open stream: No such file or directory in F:\wamp\www\upload_file.php on line 9
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move 'F:\wamp\tmp\php45.tmp' to 'f:/uploads/' in F:\wamp\www\upload_file.php on line 9
Could not upload file.
But then I've followed your advice and added this piece:
. "/" .$_FILES['userfile']['name']))
so it's now like this:
<?php
if ($_FILES['userfile']=="none") {
echo "No file specified";
exit;
}
if (move_uploaded_file($_FILES['userfile']['tmp_name'], "f:/uploads/". "/" .$_FILES['userfile']['name'])) {
echo "Your file has been uploaded.";
} else {
echo "Could not upload file.";
}
?>
and now it's working.
But, why it doesn't work just with "f:/uploads/" and why use concatenation for / (slash sign), couldn't you just use like this:
"c:/path/path/path/upload_files/" .$_FILES['userfile']['name'] ))
BTW, it would be nice to see if nothing has been uploaded. What would make this if statement work?
if ($_FILES['userfile']=="none") {
echo "No file specified";
exit;
}
I just upgraded my server into PHP 5. I run the same script which is
working in 4.2.2.
But In PHP 5 has followings msg:
Warning: move_uploaded_file(upload_files/Gnatt.htm)
[function.move-uploaded-file]: failed to open stream: Permission
denied in /var/www/html/simple_upload.php on line 60
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to
move '/tmp/phpZ29DAN' to 'upload_files/Gnatt.htm' in
/var/www/html/simple_upload.php on line 60
I am 100% sure , I have changed the upload_files dir into 0777 mod.
Any one can help?
yours,
Michael Leung
===========================================
My testing Code
$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
$upload_dir = 'upload_files/';
$upload_url = $url_dir."upload/";
$message ="";
if (is_dir('upload_files')) {
echo ('upload_files is valid a directory');
} else {
echo ('upload_files is NOT a directory');
}
if (is_writeable('upload_files')) {
echo ('I am able to write to upload_files');
} else {
echo ('I am NOT able to write to upload_files');
}
if ($_FILES['userfile']) {
$message = do_upload($upload_dir, $upload_url);
}
else {
$message = "Invalid File Specified.";
}
print $message;
function do_upload($upload_dir, $upload_url) {
$temp_name = $_FILES['userfile']['tmp_name'];
$file_name = $_FILES['userfile']['name'];
$file_type = $_FILES['userfile']['type'];
$file_size = $_FILES['userfile']['size'];
$result = $_FILES['userfile']['error'];
$file_url = $upload_url.$file_name;
$file_path = $upload_dir.$file_name;
//File Name Check
if ( $file_name =="") {
$message = "Invalid File Name Specified";
return $message;
}
//File Size Check
else if ( $file_size > 500000) {
$message = "The file size is over 500K.";
return $message;
}
//File Type Check
else if ( $file_type == "text/plain" ) {
$message = "Sorry, You cannot upload any script file" ;
return $message;
}
$result = move_uploaded_file($temp_name, $file_path);
$message = ($result)?"File url <a href=http://www.phpbuilder.com/board/archive/index.php/$file_url>$file_url</a>" :
"Somthing is wrong with uploading a file.";
return $message;
}
?>
<form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">
Upload Image<input type="file" id="userfile" name="userfile">
<input type="submit" name="upload" value="Upload">
</form>permission denied is not always due to file permissions
it could be due to the file/directory owners clashing w/ the owner of php
safemode could cause this, maybe you now have safemode enabled, where in php4 you didnt.if you have the 777 permission on the folder and its not working it would have to do with the path for the file upload, at the moment you are trying to upload from what i can tell a directory below the current one (sub directory).
If this is the case and for anything else in that matter you should really use the absolute path.
e.g.
/home/username/public_html/upload_files/
Please in future post PHP with the php tagsHi I am having the same problem.
the exact same sript that i was using in php4 no longer works in php5.
i have changed almost every file permission i can think of.
i have changed/checked file permissions via windows (security setting) and the web user has full access to the write folder.
all the settings are set to write.read/bla.bla in IIS
but i still seem to get the following error:
Warning:
move_uploaded_file(C:/Inetpub/wwwroot/Teaching/Bank/0000000038.jpg)
[function.move-uploaded-file]: failed to open stream: Permission denied in c:\Inetpub\wwwroot\Teaching\Staff\Upload\FileXfer.php on line 16
Warning:
move_uploaded_file() [function.move-uploaded-file]: Unable to move
'C:\WINDOWS\TEMP\php4C.tmp' to
'C:/Inetpub/wwwroot/Teaching/Bank/0000000038.jpg' in
c:\Inetpub\wwwroot\Teaching\Staff\Upload\FileXfer.php on line 16
Could Not Move File To Destination
as you can see i have even tried changing the directories to the full pathways, but still to no avail.
i have no user problems clashing, safe made is off and all the permissions are correct, is there anything else that i have not done.
please please help
synyxI had this same issue from an upgrade from php 4 to php 5 and adding the absolute path corrected the issue.
It seems that php5 is just way way way more strict on closing the lazy loopholes we all got away with in php4?Continuing.. firstly: can you recommend some up-to-date PHP tutorial ..:glare: ...perhaps some "not-from-book" like interactive tutorial
These two should work easily but don't (the last one, upload_file.php I think)
submit_file.html
<html>
<head>
<title>File upload</title>
</head>
<body>
<h2>Upload</h2>
<form enctype="multipart/form-data" ACTION="upload_file.php" METHOD="POST">
<input type="hidden" name="max_file_size" value="200000">
Filename:
<input name="userfile" type="file">
<br />
<br />
<input type="submit" value="send">
</form>
</body>
</html>
upload_file.php
<?php
if ($_POST['userfile']=="none") {
echo "No file specified";
exit;
}
if (move_uploaded_file($_POST['userfile'], "\\uploads\\".$_POST['userfile_name'])) {
echo "Your file has been uploaded.";
} else {
echo "Could not upload file.";
}
?>
From the original tutorial there is no $_POST. Instead, the author uses $userfile. Is this from PHP4?
I've also checked the PHP5 Changelog (<!-- m --><a class="postlink" href="http://www.php.net/ChangeLog-5.php">http://www.php.net/ChangeLog-5.php</a><!-- m -->) (because even with $_POST it won't work) and found that move_uploaded_file() no longer working (safe mode related). So, what to use instead of move_uploaded_file()
Also I've sought and found that $_FILES is being used now as some sort of an associative array (from simple file upload tutorial (<!-- m --><a class="postlink" href="http://php.about.com/od/advancedphp/ss/php_file_upload.htm">http://php.about.com/od/advancedphp/ss/ ... upload.htm</a><!-- m -->) if anyone should be interested). To use $_POST or $_FILES?hello
PHP has got a chapter about file uploading:
Chapter 38. Handling file uploads
<!-- m --><a class="postlink" href="http://php.net/manual/en/features.file-upload.php">http://php.net/manual/en/features.file-upload.php</a><!-- m -->
In the php manual example we can see following.
Notice that for some reason is used:
basename( $_FILES['userfile']['name'] )
There are also some filesize and timeout issues, when uploading large files.
<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used
// instead of $_FILES.
$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
?> If submitted file input is
name="userfile"
i would use something like this<?php
if( !isset( $_FILES['userfile'] ) ){
exit( 'goto upload form' );
}
if ( move_uploaded_file( $_FILES['userfile']['tmp_name'],
"c:/path/path/path/upload_files". "/" .$_FILES['userfile']['name'] )) {
echo "Your file has been uploaded.";
} else {
echo "Could not upload file.";
}
?>.
failed to open stream: Permission denied
Warning:
move_uploaded_file() [function.move-uploaded-file]:
Unable to move
'C:\WINDOWS\TEMP\php4C.tmp' to
'C:/Inetpub/wwwroot/Teaching/Bank/0000000038.jpg'
Could Not Move File To Destination
I cant understand this other then that this directory is writeprotected:
C:/Inetpub/wwwroot/Teaching/Bank/
If submitted file input is name="userfile"
i would use something like this<?php
if( !isset( $_FILES['userfile'] ) ){
exit( 'goto upload form' );
}
if ( move_uploaded_file( $_FILES['userfile']['tmp_name'],
"c:/path/path/path/upload_files". "/" .$_FILES['userfile']['name'] )) {
echo "Your file has been uploaded.";
} else {
echo "Could not upload file.";
}
?>
I've been using the following code:
<?php
if (move_uploaded_file($_FILES['userfile']['tmp_name'], "f:/uploads/" {
echo "Your file has been uploaded.";
} else {
echo "Could not upload file.";
}
?>
and got this error message:
Warning: move_uploaded_file(f:/uploads/) [function.move-uploaded-file]: failed to open stream: No such file or directory in F:\wamp\www\upload_file.php on line 9
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move 'F:\wamp\tmp\php45.tmp' to 'f:/uploads/' in F:\wamp\www\upload_file.php on line 9
Could not upload file.
But then I've followed your advice and added this piece:
. "/" .$_FILES['userfile']['name']))
so it's now like this:
<?php
if ($_FILES['userfile']=="none") {
echo "No file specified";
exit;
}
if (move_uploaded_file($_FILES['userfile']['tmp_name'], "f:/uploads/". "/" .$_FILES['userfile']['name'])) {
echo "Your file has been uploaded.";
} else {
echo "Could not upload file.";
}
?>
and now it's working.
But, why it doesn't work just with "f:/uploads/" and why use concatenation for / (slash sign), couldn't you just use like this:
"c:/path/path/path/upload_files/" .$_FILES['userfile']['name'] ))
BTW, it would be nice to see if nothing has been uploaded. What would make this if statement work?
if ($_FILES['userfile']=="none") {
echo "No file specified";
exit;
}