-1

I've been struggling with this for more than 8h now, so I hope someone can help me. I think I went through all the posts regarding this issue, but wasn't able to find a solution.

There are no errors, both /tmp and /var/www/test are owned by apache (www-data) and have 775 permission set.

This is the PHP code:

$target_dir = $_SERVER["DOCUMENT_ROOT"] . "test/uploads/";
$target_file = $target_dir . basename($_FILES["pic"]["name"]);
$uploadOK = 1;
$image_file_type = pathinfo($target_file, PATHINFO_EXTENSION);

if(isset($_POST['submit'])) {
if($uploadOK === 0) {
    echo "Upload failed!";
} else {
    // This is where it stops...
    // There is definitely something wrong with $target_file
    if(move_uploaded_file($_FILES["pic"]["tmp_name"], $target_file)) {
        echo "Success";
    } else {
        echo "Not uploaded...<br>";
        echo move_uploaded_file($_FILES["pic"]["tmp_name"], $target_file) . "<br>";
        echo $target_file . "<br>";
        print_r($_FILES) . "<br>";
        error_reporting(E_ALL);
    }
}

These are the results I get:

Not uploaded...

/var/www/test/uploads/test.jpg

Array (
    [pic] => Array (
        [name] => test.jpg
        [type] => image/jpeg
        [tmp_name] => /tmp/phpKlzCxc
        [error] => 0
        [size] => 721090
    )
)

So, what am I doing wrong?

Ok, here are the updates:

  • The checking of the upload was done at the beginning of the script and it worked which is why I didn't include it in the question.
  • This is the code from www.w3schools.com, and I will be checking out the other source (thanks for pointing that out)
  • After fixing the position of the error_reporting (good call :)), finally got a whole bunch of "Permission denied" warnings as I suspected would be the problem, and here they are:

Warning: move_uploaded_file(/var/www/test/uploads/test.jpg): failed to open stream: Permission denied in /var/www/test/upload.php on line 47

Warning: move_uploaded_file(): Unable to move '/tmp/phpHzvhOA' to '/var/www/test/uploads/test.jpg' in /var/www/test/upload.php on line 47

Line 47:

if(move_uploaded_file($_FILES["pic"]["tmp_name"], $target_file)) {

Permission set for /var/www/test/upload.php:

-rwxrwxr-x 1 www-data www-data 2174 Sep  9 00:07 /var/www/test/upload.php
ikrnjajic
  • 37
  • 1
  • 1
  • 7
  • is full error checking and display on? –  Sep 08 '16 at 20:56
  • What does your `form` look like? Has `enctyp`? – chris85 Sep 08 '16 at 20:57
  • A file probably already exists with the same name. One of various reasons you shouldn't use user provided file names. – Jonnix Sep 08 '16 at 20:59
  • you dont actually check the file uploaded at all –  Sep 08 '16 at 20:59
  • I can tell that you are using w3schools.com's tutorial on file uploads. I suggest you don't, because I myself had spent hours trying to figure out what the heck was wrong with it. w3schools.com isn't bad, just that one tutorial is a little messed up. I suggest that try this tutorial for http://www.phpeasystep.com/phptu/1.html beginning. Then maybe once you have a better understanding try w3schools.com tutorial again. (accedentially made it an answer, fixed now.) –  Sep 08 '16 at 21:09
  • Why are you calling `move_uploaded_file()` again in the `else` block? It doesn't return anything that's useful to echo. – Barmar Sep 08 '16 at 21:26
  • Put `error_reporting(E_ALL)` at the **beginning** of the script. You have to enable error reporting **before** the errors happen, it won't report errors that already happened. – Barmar Sep 08 '16 at 21:27
  • Ok. Good point with `error_reporting`, it is at the beginning of the script now and got a whole bunch of 'Permission denied' warnings. I will edit my post now with the warnings and the permissions that are set for those directories. Thank you all for your support! – ikrnjajic Sep 08 '16 at 21:58
  • what about the permission for the uploads folder?? Have you already set permission for that too.. – FullStack Sep 09 '16 at 02:02

2 Answers2

0

  • I would first check if file_exists($_FILES["pic"]["tmp_name"]).

  • Then check if the path $target_file is valid (just print_r() and check the path is right).

  • Make sure you have the rights to write on $target_file path.

JorgeObregon
  • 3,020
  • 1
  • 12
  • 12
  • this is a comment not an answer –  Sep 08 '16 at 21:06
  • `file_exists` returns true, so that's good. As for the other two suggestions, as mentioned above $target_file is /var/www/test/uploads/test.jpg, and I have set the permission to 775 for /tmp and /var/www/test. The /uploads folder is in the /test folder – ikrnjajic Sep 08 '16 at 21:15
  • why not then use **rename($_FILES["pic"]["tmp_name"], $target_file);** – JorgeObregon Sep 08 '16 at 21:20
  • `move_uploaded_file` is essentially the same as `rename`, but it checks that the argument is really an uploaded file for extra safety. See http://stackoverflow.com/questions/3924016/php-differences-between-copy-rename-and-move-uploaded-file – Barmar Sep 08 '16 at 21:24
  • @Jorge - Tried with `rename()` as well, unfortunately same result – ikrnjajic Sep 08 '16 at 21:36
0

The problem was definitely with permissions as we thought. So, I ran the

sudo chown -R www-data.www-data and sudo chmod -R 775 for all three directories as I did 20x before already. Only now, for some reason it worked.

I used the -R method which, if I understood correctly, should have changed permissions to all subfolders and files in /var/www/test directory, where the /uploads folder is located as well...

So just for clarification, if someone also has issues with this, in order to grant permission to apache, this is what I did:

  1. sudo chown -R www-data.www-data /var/www/test

  2. sudo chmod -R 775 /var/www/test

did this also for /tmp and /var/www/test/uploads directories.

ikrnjajic
  • 37
  • 1
  • 1
  • 7