PHP Move_Uploaded_File() Fails Without Reason

PHP move_uploaded_file() FAILS and i don't know why

Are you sure that the target directory has write permissions for world?ie,the third number in permission representation?
The files uploaded by php are owned by and comes under the group www-data

You can change the ownership by

[sudo] chown -R www-data folder // change owner
[sudo] chown -R www-data:www-data folder // change group and owner

PHP move_uploaded_file() FAILS without reason

The problem was not solved.
No folder under /home was able to receive uploaded files. Neither permissions/ownership changes helped.
Anyway, found workaround. Not ideal and not secure, but works and that's good enough until I'll find out the reason for that strange behavior.
I created a folder in root dir (/files_of_forum) and the permissions (michael:michael 777) and changed in forum the dir of the attachments (what was original "files" to "../../../../files_of_forum". Moved all files from original folder to the new one.
Now everything works.
Thank all what tried to help.

PHP move_uploaded_file() error?

Check that the web server has permissions to write to the "images/" directory

move_uploaded_file doesn't work, no error

Just to verify is the post_max_filesize set to a high level? Because according to php.net:

If the size of post data is greater than post_max_size, the $_POST and $_FILES superglobals are empty. This can be tracked in various ways, e.g. by passing the $_GET variable to the script processing the data, i.e. <form action="edit.php?processed=1">, and then checking if $_GET['processed'] is set.

Something to consider.

for more info see this link and scroll down to the post_max_filesize section

UPDATE

In my experience if you're getting a WSOD it's usually do to error_reporting and display_errors being turned off OR the memory_limit being reached. In the script at the top I usually set the memory_limit to 1024M to verify that isn't the problem and the turn on error_reporting and display_errors... so put this before the file upload:

error_reporting(E_ALL); // or E_STRICT
ini_set("display_errors",1);
ini_set("memory_limit","1024M");

That normally gets rid of the WSOD and gives you and error to work with.

UPDATE

Have you tried taking off the @ error suppression in front of all your functions to see they are producing a specific error? Also what are you execution and input timeouts? and Can you verify what headers are being sent? (make sure it is Content-Type=text/html;)

How to determine why PHP's move_uploaded_file fails

There is only probable reason I know that move_uploaded_file fail is the destination of your file. It can be either no permission to the dir or it doesn't exist (aside from syntax error).

To address the issue you have to edit the permission of the destination directory. The principle of least privilege applies. Only give users the rights they need and no more.

In this case, if Apache is only serving up pages, give the user acct no rights to edit. Possible risks include: changing file content or uploading new one; adding executable code to files, etc. These risks exists regardless of whether it is a single site up multiples. If the application has a need to edit a specific file, restrict permissions changes to that file.

Here's how to change it:

[me@linuxbox me]$ chmod 600 some_file

Ideally, you need a permission code

766 - The file's owner may read, write, and execute the file. But others can only read and write.

but to be safe, you can use:

755 - The file's owner may read, write, and execute the file. All others may read and execute the file. This setting is common for programs that are used by all users..

UPDATE

You can change the permission of the whole directory using this command:

find /opt/lampp/htdocs -type d -exec chmod 755 {} \;

assuming that the location is /opt/lampp/htdocs

As Barmar quoted, you can check the size of the file if it is uploaded. The fix I mentioned is when you are moving the files itself.

move_uploaded_file not working but no error

Here's the last chunk of the code, slightly rewritten. move_uploaded_file returns a boolean, so we can test if it's true or false by setting up a variable $result:

        if (empty($errors)) {
$image_up = 'images/'.$file_name;
$result = move_uploaded_file($file_tmp, $image_up);

if($result){
//this line had a typo usename -> username
//Also, you should change this over to using parameters and binding values ASAP. This leaves you open to hacking.
$check = mysqli_query($connect, "SELECT * FROM users WHERE username='".@$_SESSION['username']."'");
$rows = mysqli_num_rows($check);

while($row = mysqli_fetch_assoc($check)) {
$db_image = $row['profile_pic'];
}
$q = "UPDATE users SET profile_pic = '".$image_up."' WHERE username='".$_SESSION['username']."'";
if($query = mysqli_query($connect, $q)){
echo "You have successfuly changed your profile picture!";
}
} else {
echo "Upload failed.";
}
} else {
foreach($errors as $error) {
echo $error, '<br />';
}
}
}
}


Related Topics



Leave a reply



Submit