Upload a photo PHP

Question

strangest thing happened... I created a webshop in PHP. Everything worked fine, but when we moved the website from our ftp to theirs, we ran into a problem. We aren't able to upload pictures anymore...

        if (file_exists("../productimages/" . $_FILES["picture"]["name"]))
    {
        $feedback = "<div class=\"voegproducttoefeedback\">Please change name of product<b><big> \"".$_FILES["picture"]["name"] . "\"
        </big></b>The name already occurs in the database</div> ";
    } else
        {

        $tmp_name = $_FILES["picture"]["tmp_name"];
        $name = $_FILES["picture"]["name"];
        move_uploaded_file($tmp_name, "../productimages/$name");


        if(file_exists("../productimages/$name")) {
         $feedback2 = "succeed";
        }
        else {
                $feedback2 = "failed";
        }

     if ($product->saveproduct($_DB)) {
        $feedback = "<div class=\"voegproducttoefeedback\">Product <b><big>\"".$product->naam."\"</big></b> created with succes</div>";
      } else {
        $feedback = "<div class=\"voegproducttoefeedback\">Not enough information to create product</div>";
      }
    }}}?>

Answer 1

尝试更改目标目录权限（../productimages/）

Answer 2

As Goo says, check permissions, but also ensure that PHP is configured to allow uploads and that the maximum upload size is set correctly.

Check file_uploads is set to 'on' and upload_max_filesize is set to a sensible limit.

Answer 3

If you have access to them, check your PHP error logs.

Your host most likely hasn't enabled write permissions for the account in charge of the PHP process. You'll need to see if they can enable that.

Answer 4

Ok, problem (partial) solved. I changed the permissions of productimages... But the success of the process required a 777 permission... Not very secure though. Here is my structure, maybe you can see the problem...

The above script is in products.php

http://img695.imageshack.us/i/schermafbeelding2011010kt.png/

Answer 5

In your own answer , you said:

Ok, problem (partial) solved. I changed the permissions of productimages... But the success of the process required a 777 permission... Not very secure though

The best way to resolve this is to change the ownership of the directory to the user the webserver runs as. However, this will require root access to the server (or the sudo command), which you most likely don't have. So here's a workaround:

1. Rewrite your script to check if productimages exists and, if not, create it:

   if(!is_dir('../productimages/')) mkdir('../productimages/', 0755);

2. Then, delete the productimages directory. You're going to let the script re-create it for you. When it does, the webserver's user will own the script.

3. In order to make this happen, chmod 777 *the parent directory. This is only temporary , and allows the script to create the directory.

4. Run the script. Make sure it created the productimages directory. If it did, chmod 755 back the parent directoy.

This should enable you to get the permissions you need as well as have control over the access of the directory.