Setting PHP tmp dir - PHP upload not working
The problem described here was solved by me quite a long time ago but I don't really remember what was the main reason that uploads weren't working. There were multiple things that needed fixing so the upload could work. I have created checklist that might help others having similar problems and I will edit it to make it as helpful as possible. As I said before on chat, I was working on embedded system, so some points may be skipped on non-embedded systems.
Check
upload_tmp_dir
in php.ini. This is directory where PHP stores temporary files while uploading.Check
open_basedir
in php.ini. If defined it limits PHP read/write rights to specified path and its subdirectories. Ensure thatupload_tmp_dir
is inside this path.Check
post_max_size
in php.ini. If you want to upload 20 Mbyte files, try something a little bigger, likepost_max_size = 21M
. This defines largest size of POST message which you are probably using during upload.Check
upload_max_filesize
in php.ini. This specifies biggest file that can be uploaded.Check
memory_limit
in php.ini. That's the maximum amount of memory a script may consume. It's quite obvious that it can't be lower than upload size (to be honest I'm not quite sure about it-PHP is probably buffering while copying temporary files).Ensure that you're checking the right php.ini file that is one used by PHP on your webserver. The best solution is to execute script with directive described here http://php.net/manual/en/function.php-ini-loaded-file.php (
php_ini_loaded_file
function)Check what user php runs as (See here how to do it: How to check what user php is running as? ). I have worked on different distros and servers. Sometimes it is
apache
, but sometimes it can beroot
. Anyway, check that this user has rights for reading and writing in the temporary directory and directory that you're uploading into. Check all directories in the path in case you're uploading into subdirectory (for example/dir1/dir2/
-check bothdir1
anddir2
.On embedded platforms you sometimes need to restrict writing to root filesystem because it is stored on flash card and this helps to extend life of this card. If you are using scripts to enable/disable file writes, ensure that you enable writing before uploading.
I had serious problems with PHP >5.4 upload monitoring based on sessions (as described here http://phpmaster.com/tracking-upload-progress-with-php-and-javascript/ ) on some platforms. Try something simple at first (like here: http://www.dzone.com/snippets/very-simple-php-file-upload ). If it works, you can try more sophisticated mechanisms.
If you make any changes in php.ini remember to restart server so the configuration will be reloaded.
php file not uploading to temp directory
In your final instructions, you have $_FILES['name']['tmp_name']
instead of $_FILES['file']['tmp_name']
.
By the way, you have a few errors in your script:
- Even if someone uploads an invalid file, you show them an error message, but you still move it to the final place.
$_FILES["file"]["type"]
is a value sent by the browser (ie: the client). A malicious attacker may sent you any kind of file and disguise it as aimage/png
, and you are trusting it. You cannot trust this value. Instead, you could usegetimagesize
, which returns you an array that has the mime type of the image (and is detected by the server (ie: by you). To detect the mime-type of non-images, you can useFileInfo
, concretelyfinfo_file
.
Also, the php script will not create your uploads
folder if it does not exist, and instead will show an error (and do nothing). You must create this folder first, and make sure that the user running your php script (usually the same that is running your http server) has write permissions on that directory.
edit: You don't see any uploaded file in your temp directory because (quoting http://www.php.net/manual/en/features.file-upload.post-method.php):
The file will be deleted from the temporary directory at the end of
the request if it has not been moved away or renamed.
Upload file returning “Missing a temporary folder”
Well, the problem has been solved and it is more strange than I imagined, I will leave the answer here to help you if someone has the same problem.
It was necessary to execute the command chmod 777 / tmp
, but this command could not be executed since it gave an error that the folder was read-only (Ready-Only file system). To resolve this, it was necessary to mount and remount it, but I couldn't do it either, as it wouldn't let me remount the /tmp
folder
For another reason I had to restart the server and magically the server let me change the permissions to 777 (from drwxrwxrwt.
to drwxrwxrwx.
). With that problem solved.
I thank everyone who tried to help.
No Temporary Folder ( can't upload files )
Try commenting out upload_tmp_dir
in your php.ini by putting a ;
in front of it so that it uses the default Windows Temp folder by default: C:\Windows\Temp
Also make sure your Application Pool Identity or group of Identity users has write permission to the temp folder.
PHP tmp upload directory for multlple domains
I've made something like that for my vhosts on my local machine. Note that everything is defined in my vhost because you can't change upload_tmp_dir
and sys_temp_dir
in runtime.
<VirtualHost *:80>
ServerName example.local
ServerAlias www.example.local
UseCanonicalName On
<Directory /mnt/storage/Server/example>
DirectoryIndex index.php
#Options +Indexes +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
php_admin_value upload_tmp_dir /mnt/storage/Server/example/temp/
php_admin_value sys_temp_dir /mnt/storage/Server/example/temp/
DocumentRoot "/mnt/storage/Server/example"
ErrorLog ${APACHE_LOG_DIR}/example.error.log
CustomLog ${APACHE_LOG_DIR}/example.access.log combined
</VirtualHost>
How to confirm that everything works:
Create simple file:
$dir = sys_get_temp_dir();
$file = tempnam($dir, rand());
var_dump(get_current_user());
var_dump($dir);
var_dump('is_writable: ' . (int)is_writable($dir));
var_dump('is_readable: ' . (int)is_readable($dir));
var_dump($file);
Upload script: create file named upload.php
<?php
if (isset($_POST['submit'])) {
var_dump($_FILES);
}
?>
<!DOCTYPE html>
<html>
<body>
<form action="upload.php" method="post" enctype="multipart/form-data">
Select image to upload:
<input type="file" name="upload" id="upload">
<input type="submit" value="Upload Image" name="submit">
</form>
</body>
</html>
Unable to set upload_tmp_dir on IIS
And it turned out the php.ini
config file had duplicate entries for upload_tmp_dir
, the last of which was the default folderc:\windows\temp
. I commented that setting out and everything is now fine.
This thread got me to check for that.
Related Topics
How to Re-Save the Entity as Another Row in Doctrine 2
Encrypt Files Using Pgp in PHP
Casperjs Passing Data Back to PHP
Checking If Your Code Is Running on 64-Bit PHP
Remove Xml Version Tag When a Xml Is Created in PHP
Why Is Mime_Content_Type() Deprecated in PHP
Extra Backslash Needed in PHP Regexp Pattern
Array_Key_Exists Is Not Working
How to Pass Jquery Variables to PHP Variable
How to Delete Object from Array Inside Foreach Loop
Laravel Catch Tokenmismatchexception
Why Does Tcpdf Ignore My Inline CSS
Curl Code in PHP Dumps Output to the Page
String Contains Any Items in an Array (Case Insensitive)
PHP Getting Unique Values of a Multidimensional Array
Curl and Ping - How to Check Whether a Website Is Either Up or Down