In PHP, move_uploaded_file uploads files to one directory, but fails to upload for a different directory?

Question

I am relatively new to PHP, and am working on a website which should accept functionality for when user's upload pdf, doc, or docx files. I was able to look up code online and see what the html form looks like (not my code, as I am simply trying to see if bare functionality for uploading works right now) and also the code for processing the upload. I will put the codes below, and I don't think there's anything wrong with the code itself, but maybe something to do with permissions for the directory I'm uploading the files to. Note: question might be too long, skip to end for clear question and to see what I've tried so far)

Here is the HTML (sample.php) for the form:

<!DOCTYPE html>
<html>
    <body>

    <form action="docs.php" method="post" enctype="multipart/form-data">
        Select document to upload:
        <input type="file" name="fileToUpload" id="fileToUpload">
        <input type="submit" value="Upload Document" name="submit">
    </form>

    </body>
</html>

Here is the PHP code (docs.php) that is used to upload the file to the specified directory:

<?php
$target_dir = "../../UPLOADS/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$documentFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
    $check = filesize($_FILES["fileToUpload"]["tmp_name"]);
    if($check > 0) {
        echo "File is a document";
        $uploadOk = 1;
    } else {
        echo "File is not a document.";
        $uploadOk = 0;
    }
}
// Check if file already exists
if (file_exists($target_file)) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 100000000) {
    echo "Sorry, your file is too large.";
    $uploadOk = 0;
}
// Allow certain file formats
if($documentFileType != "pdf" && $documentFileType != "doc" && 
$documentFileType != "docx") {
        echo "Sorry, only PDF, DOC, & DOCX files are allowed.";
        $uploadOk = 0;
    }
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
    echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
    if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) 
{
        echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has 
been uploaded.";
    } else {
        echo "Sorry, there was an error uploading your file.";
    }
}
?>

So, with the code above, I am successfully able to upload a file to the path specified in the PHP code ("../../UPLOADS/"). However, if I try to change this path, all I get as output on the webpage is "File is a documentSorry, there was an error uploading your file."

Now, the path I am giving instead of "../../UPLOADS/" is just "test/". I created another folder in the directory where my webpages are, and named it "test"

I am a university student, and so I am using my Linux account under my school's AFS servers. After I ssh into my account, I have to cd into my public_html directory. Once I am there, it contains:

UPLOADS/   
resport/
download/

The directory "resport" contains subdirectories for where my webpages are in, so if I cd into resport, I see:

login/
student/

The directory "student" contains the subdirectory "UPLOADS" and also other webpages, so if I cd into student, I see:

sample.php
docs.php
test/

The problem (clear and simple): I'd like it to be so that I can upload files into test in the "resport" directory and not UPLOADS in the "public_html" directory. I am able to upload files into "public_html/UPLOADS" (the path relative to where sample.php and docs.php is "../../UPLOADS/") but I need to upload the files into "public_html/resport/student/test" (the path relative to where sample.php and docs.php is "test/")

What I've tried: I have checked permissions for the UPLOADS directory and it is drwxrwxrwx so I also set the same permissions for the test directory, and gave it a go, but nothing changed. I was still seeing "File is a documentSorry, there was an error uploading your file." I have also tried renaming "test" to "UPLOADS" and changing permissions again, but still nothing. I'm not sure what the issue could be. I'd greatly appreciate any help, thanks!

UPDATE Put a full path to test/ instead of a relative one. Something like this:

/afs/univ/u/c/r/ucid/public_html/resport/student/test/

but still no luck Instead of echoing

echo "Sorry, there was an error uploading your file.";

I tried changing it to:

echo " Not uploaded because of error #".$_FILES["file"]["error"];

but all I get now is:

"File is a document Not uploaded because of error #"

There is no number after

.$_FILES["file"]["error"]

anything (else) from http://php.net/manual/en/function.error-reporting.php ? — Funk Forty Niner, Nov 19 '17 at 16:31
*"but I need to upload the files into "public_html/resport/student/test""* - That isn't what you used as the uploading folder `$target_dir = "../../UPLOADS/";`. — Funk Forty Niner, Nov 19 '17 at 16:32
Apologies, I should've been more specific. "../../UPLOADS/" is the relative path from the directory which contains the webpages to the UPLOADS folder which is in public_html/ — Cid, Nov 19 '17 at 16:37
Tried that as well, still no luck. The absolute path to the test directory is: /afs/univ/u/c/r/ucid/public_html/resport/student/test/ but it still doesn't work — Cid, Nov 19 '17 at 16:53

Tobias Schäfer · Answer 1 · 2017-11-19T17:18:58.970

0

Change: $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);

To: $target_file = $target_dir . $_FILES["fileToUpload"]["name"];

The basename() command changes the directory to put the file.

Make sure the / after the directory name is set.

edited Nov 19 '17 at 17:18

answered Nov 19 '17 at 16:31

Tobias Schäfer

1,330
2
17
35

I tried ./test/ as the path, still not working :/ Still getting "File is a documentSorry, there was an error uploading your file." – Cid Nov 19 '17 at 16:36
Activate [error reporting](http://php.net/manual/en/function.error-reporting.php) and show us the error you get. – Tobias Schäfer Nov 19 '17 at 16:53
Or add `echo "Not uploaded because of error #".$_FILES["file"]["error"];` to your negative if clause – Tobias Schäfer Nov 19 '17 at 16:55
Added an update to the question, but there's nothing after the # – Cid Nov 19 '17 at 17:02
1

Could it be because files uploaded by php are owned by www-data ? https://stackoverflow.com/questions/8457683/php-move-uploaded-file-fails-and-i-dont-know-why . But even that doesn't quite make sense to me, since why was the UPLOADS folder storing the uploaded files. The user and group in the UPLOADS folder is the same as the user and group in the test folder – Cid Nov 19 '17 at 17:06
Which command did you use to create "test"? And I'm right assuming you are on some sort of Linux Distro? – Tobias Schäfer Nov 19 '17 at 17:08
"mkdir test" was the command, sorry not familiar with Linux Distro. I'm looking it up as to what it is right now – Cid Nov 19 '17 at 17:10
Distributed? Yeah I believe so, since we use AFS (Andrew File System) which is a distributed file system – Cid Nov 19 '17 at 17:11
No a meant some sort of Linux, Debian, CentOS, Ubuntu etc. but the command gives me everything I wanted to know. Because PHP says "test" is a document, I wanted to make sure you didn't use the wrong command. – Tobias Schäfer Nov 19 '17 at 17:13
Updated my answer. – Tobias Schäfer Nov 19 '17 at 17:19
Trying it, still not working. Getting same message as before. I tried making the path to "./test/" and also changed it to the absolute path, but neither worked. I also put it to "test/" but still nothing – Cid Nov 19 '17 at 17:24
Also, not sure if this helps or not, but I thought about using shell_exec() to move using "mv" command from the UPLOADS folder to the test folder, but that doesn't work either. Its not a path problem, because I used absolute paths and for some reason it doesn't work in PHP, but running the exact same command from command line works. I'm so confused – Cid Nov 19 '17 at 20:29
It's a permissions issue. Still don't know how to fix it, but I'm more than positive it is, since I echoed out the result of shell_exec("mv path_to_UPLOADS/* .") and I get permission denied. The . after the /* is for moving everything in UPLOADS to the current directory – Cid Nov 19 '17 at 20:48
Then check ALL permissions, owners of all folders from root to the two folders and you will find at least one difference. – Tobias Schäfer Nov 19 '17 at 20:53

In PHP, move_uploaded_file uploads files to one directory, but fails to upload for a different directory?

1 Answers1