Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New to the CF scene
    Join Date
    Feb 2008
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Problems with Image Upload & Chmod

    Hi all,

    I've been having problems with uploading images and setting the correct permissions.

    The code will follow shortly.

    The image uploads ok, i can download the image via ftp and view it so I know that it hasn't been corrupted. I go to check the permissions of the newly uploaded image but the permissions are set to:

    Owner Group Others
    X - -
    X - -
    - - -


    The permissions for the images folder is 777.

    The location of the upload image file is within a restricted access directory as only members of staff will have permission to upload new images.

    http://www.mysite.com/folder1(restri...ploadimage.php

    I'm not sure the location of the imageupload file makes that much of a difference???

    Any who the code:

    Code:
    if($_POST["action"] == "Upload Image")
    {
    unset($imagename);
    
    if(!isset($_FILES) && isset($HTTP_POST_FILES))
    $_FILES = $HTTP_POST_FILES;
    
    if(!isset($_FILES['image_file']))
    $error["image_file"] = "An image was not found.";
    
    
    $imagename = basename($_FILES['image_file']['name']);
    
    
    if(empty($imagename))
    $error["imagename"] = "The name of the image was not found.";
    
    if(empty($error))
    {
    $newimage = "../../images/" . $imagename;
    $partid = $_POST['partid'];
    mysql_select_db($database_vwpconn00, $vwpconn00);
    $dbfilename = $imagename;
    $sq0 = mysql_query("UPDATE parts SET imageurl = '$dbfilename' WHERE partid = '$partid'") or die (mysql_error()); 
    chmod("../../images/".$imagename, `0777`);
    
    $result = @move_uploaded_file($_FILES['image_file']['tmp_name'], $newimage);
    if(empty($result))
    $error["result"] = "There was an error moving the uploaded file.";
    }
    
    }
    
    ?>
    
    
    <form method="POST" enctype="multipart/form-data" name="image_upload_form" action="<?$_SERVER["PHP_SELF"];?>">
    <p><input type="file" name="image_file" size="20"></p>
    <p><input type="submit" value="Upload Image" name="action">
      <input name="partid" type="hidden" id="partid" value="<?php echo $_GET['partid'];?>">
    </p>
    </form>
    
    <?
    if(is_array($error))
    {
    while(list($key, $val) = each($error))
    {
    echo $val;
    echo "<br>\n";
    }
    }
    ?>

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Likely the problem is with the chmod. The function requires a string for the filename and an int for the permissions. You appear to be giving it string,string:
    PHP Code:
    chmod("../../images/".$imagename'0777'); 
    Try changing the permissions to:
    PHP Code:
    chmod('../../images/' $imagename0777); // Make sure the 0 is in the front! 
    If this is a public directory, I'd actually recommend using the permissions 0644 or 0666. Remember, just because PHP claims it to be an image does not mean that it is not an executable script!

    As for the directory location, I would move it somewhere above your html root: ie:
    ~/public_html is the location of the html root, i'd put uploaded images in:
    ~/uploaded_images
    This will stop (most) users from accessing the directory of those images and explicitly executing scripts. Then use a PHP script to retrieve those images from above the html root. Just make sure that Apache (assumably is the user) is given read + write permissions in the directory.

    Does this help you?
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 
    Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

  • #3
    New to the CF scene
    Join Date
    Feb 2008
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thank for your reply Fou-Lu.

    I have tried the methods you have said but unfortunately I am still coming back with the same problems?

    The image uploads correctly but still the permissions are only set at:
    Owner Group Others
    X - -
    X - -
    - - -

  • #4
    New to the CF scene
    Join Date
    Feb 2008
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Ok I have figured it out!

    I knew it would be something very simple but from the stress and aggrevation this caused me I couldnt pin a tail on a donkey!

    I mis-placed the chmod command! DOH!!!!!!!!!!

    Old Code:
    Code:
    ...
    $dbfilename = $imagename;
    $sq0 = mysql_query("UPDATE parts SET imageurl = '$dbfilename' WHERE partid = '$partid'") or die (mysql_error()); 
    chmod("../../images/".$imagename, `0777`);
    
    $result = @move_uploaded_file($_FILES['image_file']['tmp_name'], $newimage);
    if(empty($result))
    $error["result"] = "There was an error moving the uploaded file.";
    }
    ...
    New Code:
    Code:
    ...
    $dbfilename = $imagename;
    $sq0 = mysql_query("UPDATE parts SET imageurl = '$dbfilename' WHERE partid = '$partid'") or die (mysql_error()); 
    
    
    $result = @move_uploaded_file($_FILES['image_file']['tmp_name'], $newimage);
    chmod("../../images/".$imagename, `0777`);
    if(empty($result))
    $error["result"] = "There was an error moving the uploaded file.";
    }
    ...
    What a wombat I was!! That's why you shouldn't do 20 hour days! lol! I was nearly pulling out my eyes!



  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •