473,224 Members | 1,588 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,224 software developers and data experts.

Problem with file upload

Hi,

I am getting:

Warning: move_uploaded_file(../images/aqua.jpg): failed to open stream:
Permission denied in /masterpiece/manage/manageImages.php on line 46

Warning: move_uploaded_file(): Unable to move '/tmp/phpBlAw9K' to
'../images/aqua.jpg' in /masterpiece/manage/manageImages.php on line 46

My images directory is set to 755, and is at the same level as the manage
directory, hence my use of ../images/

I am hosted on a cPanel box, so I am not sure where the /tmp folder is
actually located -- it doesn't appear to be in my account. There is a tmp
folder off my account root but I don't think this is the right folder as
there is no file called phpBlAw9K in it. Is it possible that I can't use
move_uploaded_file() because /tmp is located in an area of the server that
I'm not allowed to delete files from? Or is that ludicrous?

Any ideas?

--
"Come to think of it, there are already a million monkeys on a million
typewriters, and the Usenet is NOTHING like Shakespeare!" - Blair Houghton
-=-=-=-=-=-=-=-=-=-=-=-
http://www.nrkn.com/
-=-=-=-=-=-=-=-=-=-=-=-
Jul 17 '05 #1
6 1827
Nik Coughin wrote:
Hi,

I am getting:

Warning: move_uploaded_file(../images/aqua.jpg): failed to open
stream: Permission denied in /masterpiece/manage/manageImages.php on
line 46
Warning: move_uploaded_file(): Unable to move '/tmp/phpBlAw9K' to
'../images/aqua.jpg' in /masterpiece/manage/manageImages.php on line
46
My images directory is set to 755, and is at the same level as the
manage directory, hence my use of ../images/

I am hosted on a cPanel box, so I am not sure where the /tmp folder is
actually located -- it doesn't appear to be in my account. There is
a tmp folder off my account root but I don't think this is the right
folder as there is no file called phpBlAw9K in it. Is it possible
that I can't use move_uploaded_file() because /tmp is located in an
area of the server that I'm not allowed to delete files from? Or is
that ludicrous?
OK, the reason I can't see the file is because it gets deleted when the
script finishes executing. I'm still baffled as to why I can't do this
though. Is it something to do with using a relative path name, or a path
that is not below the level of the path of the script?
Any ideas?


Jul 17 '05 #2
HI,
I don't know why this is happening but if you set the permission to 777
then it should work, I had the same problem and I still don't know it
happens but as soon as I set the permission to 777 it starts working.
Cheers

Jul 17 '05 #3
sm***********@hotpop.com wrote:
HI,
I don't know why this is happening but if you set the permission to
777 then it should work, I had the same problem and I still don't
know it happens but as soon as I set the permission to 777 it starts
working. Cheers


Are there security issues with setting it to 777?
Jul 17 '05 #4
Nik Coughin <nr***********@woosh.co.nz> wrote:
I don't know why this is happening but if you set the permission to
777 then it should work, I had the same problem and I still don't
know it happens but as soon as I set the permission to 777 it starts
working. Cheers


Are there security issues with setting it to 777?


Yes, _every user on that system_ can write to the directory. A short
explanation:

Most common situation on webservers:
You are user A, the webserver runs as user B. If user A and B don't
share a common group, then the only way to control file is by setting
"other users" to write (and you prop. want to read them also). So you
propably will not have much choice anyway other than 777.

If user A and B share a group 770 would be enough, but that still all
scripts running as user B can write to that directory (that has about
the same impact as 777).

Ideally scripts would run under user A's permissions
Jul 17 '05 #5
Daniel Tryba wrote:
Nik Coughin <nr***********@woosh.co.nz> wrote:
I don't know why this is happening but if you set the permission to
777 then it should work, I had the same problem and I still don't
know it happens but as soon as I set the permission to 777 it starts
working. Cheers


Are there security issues with setting it to 777?


Yes, _every user on that system_ can write to the directory. A short
explanation:

Most common situation on webservers:
You are user A, the webserver runs as user B. If user A and B don't
share a common group, then the only way to control file is by setting
"other users" to write (and you prop. want to read them also). So you
propably will not have much choice anyway other than 777.

If user A and B share a group 770 would be enough, but that still all
scripts running as user B can write to that directory (that has about
the same impact as 777).

Ideally scripts would run under user A's permissions


OK. Setting the images folder's permissions to 777 does solve my problem.
But I would rather have them as 755, given what you say above.

However, without setting images to 777 it appears that I cannot access
masterpiece/images from a script running in masterpiece/manage.

Any advice?
Jul 17 '05 #6
Hi,
just wondering, what if we keep the image DIR out of the root
folder.... is a security thead even then.

Bye

Jul 17 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
by: NohaKhalifa | last post by:
Dear All; I'm developing a web site and i need to make adminisration for this site it's a site for Real Estates . But I don't need the administration to be online .. I want them to fill data...
1
by: Jonathan | last post by:
Hi everyone, I have a problem with the file uploading in Asp.Net and I have read a lot on forums on this but never found an answer. Here is the problem: I know Asp.Net maximum Length for...
3
by: Pitcairnia | last post by:
The basic purpose of the site is for authenticated users to post event listings, which often include photographs. The user is faced with a page where they can insert all of the information about...
2
by: prakharv | last post by:
Hi All, Below is the code which I am using to upload a jpeg file to the server. But the problem I am facing is that it is not copying the entire contents of the image file to the webserver and it...
3
by: kujtim | last post by:
i got html code file name html <html> <head> <title></title> </head> <body>
4
by: Muddasir | last post by:
Hi.. i am having a strange problem.......the problem is i am trying to upload a file and to store it in db....when the file got stored in db...it got converted into black and white image and...
11
by: agarwalsrushti | last post by:
Hi, Ive created a registration page in which at the last it asks the user to upload the resume file. When the user clicks on the upload button to upload the file it automativcally submits all the...
43
by: bonneylake | last post by:
Hey Everyone, Well this is my first time asking a question on here so please forgive me if i post my question in the wrong section. What i am trying to do is upload multiple files like gmail...
12
by: K. | last post by:
Hello! I have a problem with SWFupload class1. I have the page with uses SWFUpload class. Everything worked fine until (I suppose my admin) implemented some changes into the server. Now uploading...
1
isladogs
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...
3
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 3 Jan 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). For other local times, please check World Time Buddy In...
0
by: mar23 | last post by:
Here's the situation. I have a form called frmDiceInventory with subform called subfrmDice. The subform's control source is linked to a query called qryDiceInventory. I've been trying to pick up the...
2
by: jimatqsi | last post by:
The boss wants the word "CONFIDENTIAL" overlaying certain reports. He wants it large, slanted across the page, on every page, very light gray, outlined letters, not block letters. I thought Word Art...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: fareedcanada | last post by:
Hello I am trying to split number on their count. suppose i have 121314151617 (12cnt) then number should be split like 12,13,14,15,16,17 and if 11314151617 (11cnt) then should be split like...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.