Setting PHP Tmp Dir - PHP Upload Not Working

Setting PHP tmp dir - PHP upload not working

The problem described here was solved by me quite a long time ago but I don't really remember what was the main reason that uploads weren't working. There were multiple things that needed fixing so the upload could work. I have created checklist that might help others having similar problems and I will edit it to make it as helpful as possible. As I said before on chat, I was working on embedded system, so some points may be skipped on non-embedded systems.

  • Check upload_tmp_dir in php.ini. This is directory where PHP stores temporary files while uploading.

  • Check open_basedir in php.ini. If defined it limits PHP read/write rights to specified path and its subdirectories. Ensure that upload_tmp_dir is inside this path.

  • Check post_max_size in php.ini. If you want to upload 20 Mbyte files, try something a little bigger, like post_max_size = 21M. This defines largest size of POST message which you are probably using during upload.

  • Check upload_max_filesize in php.ini. This specifies biggest file that can be uploaded.

  • Check memory_limit in php.ini. That's the maximum amount of memory a script may consume. It's quite obvious that it can't be lower than upload size (to be honest I'm not quite sure about it-PHP is probably buffering while copying temporary files).

  • Ensure that you're checking the right php.ini file that is one used by PHP on your webserver. The best solution is to execute script with directive described here http://php.net/manual/en/function.php-ini-loaded-file.php (php_ini_loaded_file function)

  • Check what user php runs as (See here how to do it: How to check what user php is running as? ). I have worked on different distros and servers. Sometimes it is apache, but sometimes it can be root. Anyway, check that this user has rights for reading and writing in the temporary directory and directory that you're uploading into. Check all directories in the path in case you're uploading into subdirectory (for example /dir1/dir2/-check both dir1 and dir2.

  • On embedded platforms you sometimes need to restrict writing to root filesystem because it is stored on flash card and this helps to extend life of this card. If you are using scripts to enable/disable file writes, ensure that you enable writing before uploading.

  • I had serious problems with PHP >5.4 upload monitoring based on sessions (as described here http://phpmaster.com/tracking-upload-progress-with-php-and-javascript/ ) on some platforms. Try something simple at first (like here: http://www.dzone.com/snippets/very-simple-php-file-upload ). If it works, you can try more sophisticated mechanisms.

  • If you make any changes in php.ini remember to restart server so the configuration will be reloaded.

php file not uploading to temp directory

In your final instructions, you have $_FILES['name']['tmp_name'] instead of $_FILES['file']['tmp_name'].

By the way, you have a few errors in your script:

  1. Even if someone uploads an invalid file, you show them an error message, but you still move it to the final place.
  2. $_FILES["file"]["type"] is a value sent by the browser (ie: the client). A malicious attacker may sent you any kind of file and disguise it as a image/png, and you are trusting it. You cannot trust this value. Instead, you could use getimagesize, which returns you an array that has the mime type of the image (and is detected by the server (ie: by you). To detect the mime-type of non-images, you can use FileInfo, concretely finfo_file.

Also, the php script will not create your uploads folder if it does not exist, and instead will show an error (and do nothing). You must create this folder first, and make sure that the user running your php script (usually the same that is running your http server) has write permissions on that directory.

edit: You don't see any uploaded file in your temp directory because (quoting http://www.php.net/manual/en/features.file-upload.post-method.php):

The file will be deleted from the temporary directory at the end of
the request if it has not been moved away or renamed.

Upload file returning “Missing a temporary folder”

Well, the problem has been solved and it is more strange than I imagined, I will leave the answer here to help you if someone has the same problem.

It was necessary to execute the command chmod 777 / tmp, but this command could not be executed since it gave an error that the folder was read-only (Ready-Only file system). To resolve this, it was necessary to mount and remount it, but I couldn't do it either, as it wouldn't let me remount the /tmp folder

For another reason I had to restart the server and magically the server let me change the permissions to 777 (from drwxrwxrwt. to drwxrwxrwx.). With that problem solved.

I thank everyone who tried to help.

No Temporary Folder ( can't upload files )

Try commenting out upload_tmp_dir in your php.ini by putting a ; in front of it so that it uses the default Windows Temp folder by default: C:\Windows\Temp

Also make sure your Application Pool Identity or group of Identity users has write permission to the temp folder.

PHP tmp upload directory for multlple domains

I've made something like that for my vhosts on my local machine. Note that everything is defined in my vhost because you can't change upload_tmp_dir and sys_temp_dir in runtime.

<VirtualHost *:80>
    ServerName example.local
    ServerAlias www.example.local
    
    UseCanonicalName On
    
    <Directory /mnt/storage/Server/example>
        DirectoryIndex index.php
        #Options +Indexes +FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
    
    php_admin_value upload_tmp_dir /mnt/storage/Server/example/temp/
    php_admin_value sys_temp_dir /mnt/storage/Server/example/temp/
    
    DocumentRoot "/mnt/storage/Server/example"
    
    ErrorLog ${APACHE_LOG_DIR}/example.error.log
    CustomLog ${APACHE_LOG_DIR}/example.access.log combined
</VirtualHost>

How to confirm that everything works:

Create simple file:

$dir = sys_get_temp_dir();
$file = tempnam($dir, rand());
var_dump(get_current_user());
var_dump($dir);
var_dump('is_writable: ' . (int)is_writable($dir));
var_dump('is_readable: ' . (int)is_readable($dir));
var_dump($file);

Upload script: create file named upload.php

<?php
if (isset($_POST['submit'])) {
    var_dump($_FILES);
}
?>
<!DOCTYPE html>
<html>
    <body>
    <form action="upload.php" method="post" enctype="multipart/form-data">
        Select image to upload:
        <input type="file" name="upload" id="upload">
        <input type="submit" value="Upload Image" name="submit">
    </form>
    </body>
</html>

Unable to set upload_tmp_dir on IIS

And it turned out the php.ini config file had duplicate entries for upload_tmp_dir, the last of which was the default folderc:\windows\temp. I commented that setting out and everything is now fine.

This thread got me to check for that.


Related Topics

Subtract Time in PHP

When Setting Environment Variables in Apache Rewriterule Directives, What Causes the Variable Name to Be Prefixed with "Redirect_"

How to Re-Save the Entity as Another Row in Doctrine 2

Encrypt Files Using Pgp in PHP

Casperjs Passing Data Back to PHP

Checking If Your Code Is Running on 64-Bit PHP

Remove Xml Version Tag When a Xml Is Created in PHP

Why Is Mime_Content_Type() Deprecated in PHP

Extra Backslash Needed in PHP Regexp Pattern

Array_Key_Exists Is Not Working

How to Pass Jquery Variables to PHP Variable

How to Delete Object from Array Inside Foreach Loop

Laravel Catch Tokenmismatchexception

Why Does Tcpdf Ignore My Inline CSS

Curl Code in PHP Dumps Output to the Page

String Contains Any Items in an Array (Case Insensitive)

PHP Getting Unique Values of a Multidimensional Array

Curl and Ping - How to Check Whether a Website Is Either Up or Down


Leave a reply



Submit