By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,987 Members | 971 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,987 IT Pros & Developers. It's quick & easy.

Problem with file upload

P: n/a
Hi,

I am getting:

Warning: move_uploaded_file(../images/aqua.jpg): failed to open stream:
Permission denied in /masterpiece/manage/manageImages.php on line 46

Warning: move_uploaded_file(): Unable to move '/tmp/phpBlAw9K' to
'../images/aqua.jpg' in /masterpiece/manage/manageImages.php on line 46

My images directory is set to 755, and is at the same level as the manage
directory, hence my use of ../images/

I am hosted on a cPanel box, so I am not sure where the /tmp folder is
actually located -- it doesn't appear to be in my account. There is a tmp
folder off my account root but I don't think this is the right folder as
there is no file called phpBlAw9K in it. Is it possible that I can't use
move_uploaded_file() because /tmp is located in an area of the server that
I'm not allowed to delete files from? Or is that ludicrous?

Any ideas?

--
"Come to think of it, there are already a million monkeys on a million
typewriters, and the Usenet is NOTHING like Shakespeare!" - Blair Houghton
-=-=-=-=-=-=-=-=-=-=-=-
http://www.nrkn.com/
-=-=-=-=-=-=-=-=-=-=-=-
Jul 17 '05 #1
Share this Question
Share on Google+
6 Replies


P: n/a
Nik Coughin wrote:
Hi,

I am getting:

Warning: move_uploaded_file(../images/aqua.jpg): failed to open
stream: Permission denied in /masterpiece/manage/manageImages.php on
line 46
Warning: move_uploaded_file(): Unable to move '/tmp/phpBlAw9K' to
'../images/aqua.jpg' in /masterpiece/manage/manageImages.php on line
46
My images directory is set to 755, and is at the same level as the
manage directory, hence my use of ../images/

I am hosted on a cPanel box, so I am not sure where the /tmp folder is
actually located -- it doesn't appear to be in my account. There is
a tmp folder off my account root but I don't think this is the right
folder as there is no file called phpBlAw9K in it. Is it possible
that I can't use move_uploaded_file() because /tmp is located in an
area of the server that I'm not allowed to delete files from? Or is
that ludicrous?
OK, the reason I can't see the file is because it gets deleted when the
script finishes executing. I'm still baffled as to why I can't do this
though. Is it something to do with using a relative path name, or a path
that is not below the level of the path of the script?
Any ideas?


Jul 17 '05 #2

P: n/a
HI,
I don't know why this is happening but if you set the permission to 777
then it should work, I had the same problem and I still don't know it
happens but as soon as I set the permission to 777 it starts working.
Cheers

Jul 17 '05 #3

P: n/a
sm***********@hotpop.com wrote:
HI,
I don't know why this is happening but if you set the permission to
777 then it should work, I had the same problem and I still don't
know it happens but as soon as I set the permission to 777 it starts
working. Cheers


Are there security issues with setting it to 777?
Jul 17 '05 #4

P: n/a
Nik Coughin <nr***********@woosh.co.nz> wrote:
I don't know why this is happening but if you set the permission to
777 then it should work, I had the same problem and I still don't
know it happens but as soon as I set the permission to 777 it starts
working. Cheers


Are there security issues with setting it to 777?


Yes, _every user on that system_ can write to the directory. A short
explanation:

Most common situation on webservers:
You are user A, the webserver runs as user B. If user A and B don't
share a common group, then the only way to control file is by setting
"other users" to write (and you prop. want to read them also). So you
propably will not have much choice anyway other than 777.

If user A and B share a group 770 would be enough, but that still all
scripts running as user B can write to that directory (that has about
the same impact as 777).

Ideally scripts would run under user A's permissions
Jul 17 '05 #5

P: n/a
Daniel Tryba wrote:
Nik Coughin <nr***********@woosh.co.nz> wrote:
I don't know why this is happening but if you set the permission to
777 then it should work, I had the same problem and I still don't
know it happens but as soon as I set the permission to 777 it starts
working. Cheers


Are there security issues with setting it to 777?


Yes, _every user on that system_ can write to the directory. A short
explanation:

Most common situation on webservers:
You are user A, the webserver runs as user B. If user A and B don't
share a common group, then the only way to control file is by setting
"other users" to write (and you prop. want to read them also). So you
propably will not have much choice anyway other than 777.

If user A and B share a group 770 would be enough, but that still all
scripts running as user B can write to that directory (that has about
the same impact as 777).

Ideally scripts would run under user A's permissions


OK. Setting the images folder's permissions to 777 does solve my problem.
But I would rather have them as 755, given what you say above.

However, without setting images to 777 it appears that I cannot access
masterpiece/images from a script running in masterpiece/manage.

Any advice?
Jul 17 '05 #6

P: n/a
Hi,
just wondering, what if we keep the image DIR out of the root
folder.... is a security thead even then.

Bye

Jul 17 '05 #7

This discussion thread is closed

Replies have been disabled for this discussion.