PHP: Move file from domain to subdomain

Question

I have a site on a domain, let's call it " mydomain.com ", where people can log in. This domain has a subdomain sub.mydomain.com .

When the user uploads a file on the main domain, I want to move it to the uploads folder on sub.mydomain.com . The folder I want to move the file to has full write/read privileges.

My code that uploads te file:

$filename = 'background_' . $_SESSION['username'] . '.jpg';
if (is_uploaded_file($_FILES['background']['tmp_name'])) 
    {  
        move_uploaded_file($_FILES['background']['tmp_name'], 
        "/var/www/vhosts/mydomain.com/subdomains/sub/httpdocs/uploads/" . $filename);
    }

When running this code I get the following warning/error:

Warning: move_uploaded_file() [function.move-uploaded-file]: open_basedir restriction in effect. File(/var/www/vhosts/mydomain.com/subdomains/sub/httpdocs/uploads/background_User.jpg) is not within the allowed path(s): (/var/www/vhosts/mydomain.com/httpdocs:/tmp) in /var/www/vhosts/dezeactie.nl/httpdocs/opmaak.php  on line 152

Can anybody enlighten me with a solution for my problem?

One final note: I know I could do the login on the subdomain and upload the file there directly, however I would like to keep the login on the main domain for other purposes.

Thanks in advance.

Jurgen

Answer 1

Your hosting service does not allow your scripts to do stuff outside the httpdocs directory of each virtual host and a shared /tmp directory. That seriously restricts the possibilities for information exchange between sites.

Tricks I can think of:

1. Store a temporary file in the /tmp directory from the source site and trigger a process in the target site to fetch the file. You can use the curl functions to do so.

2. Store files in a common database. The storage does not need to be permanent if you think that will affect your site performance. Target site just needs to checke whether it has pending incoming files.

3. Add files to a queue (perhaps a special directory inside httpdocs ) and write a command line script to push them to the target site. Run this command with cron (lets say, once every minutes).

IMHO, #2 looks feasible and reliable.

Answer 2

As the error message suggests, file access is limited to certain directories with the open_basedir directive in php.ini .

If you have access to the server's configuration, you can change that.

Answer 3

为什么不为子域创建符号链接，然后通过sub.domain.com url访问图像？

Answer 4

Most solutions here seemed a tad excessive. I've written my own solution. Take it with a grain of salt; I don't use PHP often.

// MAIN DOMAIN - index.php

/**
 * @param String $target - file name under the image you are saving
 * @param String $subdomain - target subdomain, in which, you wish to save your image
 */
function saveImage($target, $subdomain) {
    $context = stream_context_create(array('http' =>
        array(
            'method' => 'POST',
            'header' => 'Content-type: application/x-www-form-urlencoded',
            'content' => http_build_query(
                array(
                    'target' => $target,
                    'contents' => file_get_contents($_FILES['image_upload']['tmp_name'])
                )
            )
        )
    ));
    
    return file_get_contents('http://' . $subdomain . '.' . $_SERVER['HTTP_HOST'] . '/save_image.php', false, $context);
}

saveImage("test.png", "cdn");


// SUBDOMAIN - save_image.php

file_put_contents($_POST['target'], $_POST['contents']);
    
echo 'http://' . $_SERVER['HTTP_HOST'] . '/' .$target;

I now realize that this would allow for any user to make a post request to save an image to the subdomain; however, being that PHP is back-end, the easy alternative would be to pass a key declared in PHP. ie

// MAIN DOMAIN - index.php

$key = "A4g8S8"; // pass this through the request body


// SUBDOMAIN - save_image.php

if ($_POST['key'] == "A4g8S8") {
    // code here
}