4WebHelp
 FAQ  •  Search  •  User Groups  •  Forum Admins  •  Smilies List  •  Statistics  •  Rules   •  Login   •  Register
Toggle Navigation Menu

 PHP: File Upload Error Msg
Post New TopicReply to Topic
View Previous Topic Print this topic View Next Topic
Author Message
precious
WebHelper
WebHelper


Joined: 06 Apr 2002
Posts: 65

PostPosted: Sun Oct 20, 2002 2:31 pm (15 years, 1 month ago) Reply with QuoteBack to Top

Greetings,

Anyone here able to provide the solution to my Qn posted at http://www.dtheatre.com/scripts/forums.php?action=displaythread&forum=help&id=38&forumstat=1&realm=default ?

I have read the document which addresses the "Warning: open_basedir restriction in effect. File is in wrong directory" issue at http://www.faqts.com/knowledge_base/view.phtml/aid/18472/fid/62
which states:
That is because the safe mode is turned on. Just use move_uploaded_file() instead of copy()

but I still not able to get the php script to work with move_uploaded_file(). After I have replaced copy() with move_uploaded_file() change, I get this error msg:

Warning: Unable to create '/usr/local/psa/home/vhosts/mydomainname/upload/pic01.jpg': No such file or directory in /usr/local/psa/home/vhosts/mydomainname/httpdocs/formmail.php on line 276

Warning: Unable to move '/tmp/phpnHlgla' to '/usr/local/psa/home/vhosts/mydomainname/upload/pic01.jpg' in /usr/local/psa/home/vhosts/mydomainname/httpdocs/formmail.php on line 276

Warning: Cannot add header information - headers already sent by (output started at /usr/local/psa/home/vhosts/mydomainname/httpdocs/formmail.php:276) in /usr/local/psa/home/vhosts/mydomainname/httpdocs/formmail.php on line 323


The original upload file portion code of the formmail.php in Qn is:

// prepare the content
$content = parse_form($HTTP_POST_VARS);

// check for a file if there is a file upload it
if ($file_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$file_name;
if (file_exists($path_to_file.$file_name))
$location .= ".new";
copy($file,$location);
unlink($file);
$content .= "Uploaded File: ".$location."\n";
}
}

// second file.
if ($file2_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$file2_name;
if (file_exists($path_to_file.$file2_name))
$location .= ".new";
copy($file2,$location);
unlink($file2);
$content .= "Uploaded File: ".$location."\n";
}
}


Pls advise on a solution. TIA.
OfflineView User's ProfileFind all posts by preciousSend Personal Message
Daniel
Team Member



Joined: 06 Jan 2002
Posts: 2564

PostPosted: Sun Oct 20, 2002 2:33 pm (15 years, 1 month ago) Reply with QuoteBack to Top

Have you created the upload folder? Is it chmoded to 777?

________________________________
Image
OfflineView User's ProfileFind all posts by DanielSend Personal Message
precious
WebHelper
WebHelper


Joined: 06 Apr 2002
Posts: 65

PostPosted: Sun Oct 20, 2002 2:38 pm (15 years, 1 month ago) Reply with QuoteBack to Top

Yes, I have created the upload folder in httpdocs and also chmoded to 777 from the original 644
OfflineView User's ProfileFind all posts by preciousSend Personal Message
Daniel
Team Member



Joined: 06 Jan 2002
Posts: 2564

PostPosted: Sun Oct 20, 2002 3:07 pm (15 years, 1 month ago) Reply with QuoteBack to Top

Could you post the new version, just to check?

________________________________
Image
OfflineView User's ProfileFind all posts by DanielSend Personal Message
precious
WebHelper
WebHelper


Joined: 06 Apr 2002
Posts: 65

PostPosted: Sun Oct 20, 2002 3:26 pm (15 years, 1 month ago) Reply with QuoteBack to Top

My script is hosted at 34SP, you may like to try the formmail.php if it works here.

OK, new version, replacing the original copy() with this move_uploaded_file():

// prepare the content
$content = parse_form($HTTP_POST_VARS);

// check for a file if there is a file upload it
if ($file_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$file_name;
if (file_exists($path_to_file.$file_name))
$location .= ".new";
move_uploaded_file($file,$location);
unlink($file);
$content .= "Uploaded File: ".$location."\n";
}
}

// second file.
if ($file2_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$file2_name;
if (file_exists($path_to_file.$file2_name))
$location .= ".new";
move_uploaded_file($file2,$location);
unlink($file2);
$content .= "Uploaded File: ".$location."\n";
}
}
OfflineView User's ProfileFind all posts by preciousSend Personal Message
Daniel
Team Member



Joined: 06 Jan 2002
Posts: 2564

PostPosted: Sun Oct 20, 2002 3:28 pm (15 years, 1 month ago) Reply with QuoteBack to Top

The problem is that this path:
Quote:

Warning: Unable to create '/usr/local/psa/home/vhosts/mydomainname/upload/pic01.jpg'
is missing the "httpdocs" bit before the upload folder. Add that on and it should work! Wink

________________________________
Image
OfflineView User's ProfileFind all posts by DanielSend Personal Message
precious
WebHelper
WebHelper


Joined: 06 Apr 2002
Posts: 65

PostPosted: Sun Oct 20, 2002 4:05 pm (15 years, 1 month ago) Reply with QuoteBack to Top

Did as you have suggested. This time error msg showed:

Warning: Unlink failed (No such file or directory) in /usr/local/psa/home/vhosts/mydomainname/httpdocs/formmail.php on line 277

Warning: Cannot add header information - headers already sent by (output started at /usr/local/psa/home/vhosts/mydomainname/httpdocs/formmail.php:277) in /usr/local/psa/home/vhosts/mydomainname/httpdocs/formmail.php on line 323

What's next?
OfflineView User's ProfileFind all posts by preciousSend Personal Message
Daniel
Team Member



Joined: 06 Jan 2002
Posts: 2564

PostPosted: Sun Oct 20, 2002 4:11 pm (15 years, 1 month ago) Reply with QuoteBack to Top

What is on line 277? And what is the value of $file1 and $file2?

________________________________
Image
OfflineView User's ProfileFind all posts by DanielSend Personal Message
precious
WebHelper
WebHelper


Joined: 06 Apr 2002
Posts: 65

PostPosted: Sun Oct 20, 2002 4:21 pm (15 years, 1 month ago) Reply with QuoteBack to Top

line 277:
$path_to_file = $path_to_file."/";

What is on line 277?

How do I check for value of $file1 and $file2?

I have extracted the relevant code (which include line 277) in my previous response.
OfflineView User's ProfileFind all posts by preciousSend Personal Message
Daniel
Team Member



Joined: 06 Jan 2002
Posts: 2564

PostPosted: Sun Oct 20, 2002 4:22 pm (15 years, 1 month ago) Reply with QuoteBack to Top

OK, this is going nowhere. What does the error log have to say? Or could you just post/PM me the whole script?

________________________________
Image
OfflineView User's ProfileFind all posts by DanielSend Personal Message
precious
WebHelper
WebHelper


Joined: 06 Apr 2002
Posts: 65

PostPosted: Sun Oct 20, 2002 4:51 pm (15 years, 1 month ago) Reply with QuoteBack to Top

Nothing of value is recorded on the server access_log and error_log for this script. Appended below is the original script. You may like to try it out and let me know if you can get it to work.

<?
/*
##############################################################################
# PLEASE DO NOT REMOVE THIS HEADER!!!
#
# COPYRIGHT NOTICE
#
# FormMail.php v4.1b
# Copyright 2000,2001 Ai Graphics and Joe Lumbroso (c) All rights reserved.
# Created 07/06/00 Last Modified 08/06/2001
# Joseph Lumbroso, http://www.aigraphics.com, http://www.dtheatre.com
# http://www.lumbroso.com/scripts/
##############################################################################
#
# This cannot and will not be inforced but I would appreciate a link back
# to any of these sites:
# http://www.dtheatre.com
# http://www.aigraphics.com
# http://www.lumbroso.com/scripts/
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
#
##############################################################################
*/

// formmail version (for debugging mostly)
$version = "4.1b";

// referers.. domains/ips that you will allow forms to
// reside on.
$referers = array ('yourdomain.com','www.yourdomain.com','216.64.145.194');

// banned emails, these will be email addresses of people
// who are blocked from using the script (requested)
$banlist = array ('*@somedomain.com', 'user@domain.com', 'etc@domains.com');

// our mighty error function..
function print_error($reason,$type = 0) {
global $version;
build_body($title, $bgcolor, $text_color, $link_color, $vlink_color, $alink_color, $style_sheet);
// for missing required data
if ($type == "missing") {
?>
The form was not submitted for the following reasons:<p>
<ul><?
echo $reason."\n";
?></ul>
Please use your browser's back button to return to the form and try again.<?
} else { // every other error
?>
The form was not submitted because of the following reasons:<p>
<?
}
echo "<br><br>\n";
echo "<small>This form is powered by <a href=\"http://www.lumbroso.com/scripts/\">Jack's Formmail.php $version!</a></small>\n\n";
exit;
}

// function to check the banlist
// suggested by a whole lot of people.. Thanks
function check_banlist($banlist, $email) {
if (count($banlist)) {
$allow = true;
foreach($banlist as $banned) {
$temp = explode("@", $banned);
if ($temp[0] == "*") {
$temp2 = explode("@", $email);
if (trim(strtolower($temp2[1])) == trim(strtolower($temp[1])))
$allow = false;
} else {
if (trim(strtolower($email)) == trim(strtolower($banned)))
$allow = false;
}
}
}
if (!$allow) {
print_error("You are using from a <b>banned email address.</b>");
}
}

// function to check the referer for security reasons.
// contributed by some one who's name got lost.. Thanks
// goes out to him any way.
function check_referer($referers) {
if (count($referers)) {
$found = false;
$temp = explode("/",getenv("HTTP_REFERER"));
$referer = $temp[2];
for ($x=0; $x < count($referers); $x++) {
if (eregi ($referers[$x], $referer)) {
$found = true;
}
}
if (!getenv("HTTP_REFERER"))
$found = false;
if (!$found){
print_error("You are coming from an <b>unauthorized domain.</b>");
error_log("[FormMail.php] Illegal Referer. (".getenv("HTTP_REFERER").")", 0);
}
return $found;
} else {
return true; // not a good idea, if empty, it will allow it.
}
}
if ($referers)
check_referer($referers);

if ($banlist)
check_banlist($banlist, $email);

// parse the form and create the content string which we will send
function parse_form($array) {
// build reserved keyword array
$reserved_keys[] = "MAX_FILE_SIZE";
$reserved_keys[] = "required";
$reserved_keys[] = "redirect";
$reserved_keys[] = "email";
$reserved_keys[] = "require";
$reserved_keys[] = "path_to_file";
$reserved_keys[] = "recipient";
$reserved_keys[] = "subject";
$reserved_keys[] = "bgcolor";
$reserved_keys[] = "text_color";
$reserved_keys[] = "link_color";
$reserved_keys[] = "vlink_color";
$reserved_keys[] = "alink_color";
$reserved_keys[] = "title";
$reserved_keys[] = "missing_fields_redirect";
$reserved_keys[] = "env_report";
if (count($array)) {
while (list($key, $val) = each($array)) {
// exclude reserved keywords
$reserved_violation = 0;
for ($ri=0; $ri<count($reserved_keys); $ri++) {
if ($key == $reserved_keys[$ri]) {
$reserved_violation = 1;
}
}
// prepare content
if ($reserved_violation != 1) {
if (is_array($val)) {
for ($z=0;$z<count($val);$z++) {
$content .= "$key: $val[$z]\n";
}
} else {
$content .= "$key: $val\n";
}
}
}
}
return $content;
}

// mail the content we figure out in the following steps
function mail_it($content, $subject, $email, $recipient) {
mail($recipient, $subject, $content, "From: $email\r\nReply-To: $email\r\nX-Mailer: DT_formmail");
}

// take in the body building arguments and build the body tag for page display
function build_body($title, $bgcolor, $text_color, $link_color, $vlink_color, $alink_color, $style_sheet) {
if ($style_sheet)
echo "<LINK rel=STYLESHEET href=\"$style_sheet\" Type=\"text/css\">\n";
if ($title)
echo "<title>$title</title>\n";
if (!$bgcolor)
$bgcolor = "#FFFFFF";
if (!$text_color)
$text_color = "#000000";
if (!$link_color)
$link_color = "#0000FF";
if (!$vlink_color)
$vlink_color = "#FF0000";
if (!$alink_color)
$alink_color = "#000088";
if ($background)
$background = "background=\"$background\"";
echo "<body bgcolor=\"$bgcolor\" text=\"$text_color\" link=\"$link_color\" vlink=\"$vlink_color\" alink=\"$alink_color\" $background>\n\n";
}

// check for a recipient email address and check the validity of it
// Thanks to Bradley miller (bradmiller@accesszone.com) for pointing
// out the need for multiple recipient checking and providing the code.
$recipient_in = split(',',$recipient);
for ($i=0;$i<count($recipient_in);$i++) {
$recipient_to_test = trim($recipient_in[$i]);
if (!eregi("^[_\\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\\.)+[a-z]{2,3}$", $recipient_to_test)) {
print_error("<b>I NEED VALID RECIPIENT EMAIL ADDRESS ($recipient_to_test) TO CONTINUE</b>");
}
}

// This is because I originally had it require but too many people
// were used to Matt's Formmail.pl which used required instead.
if ($required)
$require = $required;
// handle the required fields
if ($require) {
// seperate at the commas
$require = ereg_replace( " +", "", $require);
$required = split(",",$require);
for ($i=0;$i<count($required);$i++) {
$string = trim($required[$i]);
// check if they exsist
if((!(${$string})) || (!(${$string}))) {
// if the missing_fields_redirect option is on: redirect them
if ($missing_fields_redirect) {
header ("Location: $missing_fields_redirect");
exit;
}
$require;
$missing_field_list .= "<b>Missing: $required[$i]</b><br>\n";
}
}
// send error to our mighty error function
if ($missing_field_list)
print_error($missing_field_list,"missing");
}

// check the email fields for validity
if (($email) || ($EMAIL)) {
$email = trim($email);
if ($EMAIL)
$email = trim($EMAIL);
if (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $email)) {
print_error("your <b>email address</b> is invalid");
}
$EMAIL = $email;
}

// check zipcodes for validity
if (($ZIP_CODE) || ($zip_code)) {
$zip_code = trim($zip_code);
if ($ZIP_CODE)
$zip_code = trim($ZIP_CODE);
if (!ereg("(^[0-9]{5})-([0-9]{4}$)", trim($zip_code)) && (!ereg("^[a-zA-Z][0-9][a-zA-Z][[:space:]][0-9][a-zA-Z][0-9]$", trim($zip_code))) && (!ereg("(^[0-9]{5})", trim($zip_code)))) {
print_error("your <b>zip/postal code</b> is invalid");
}
}

// check phone for validity
if (($PHONE_NO) || ($phone_no)) {
$phone_no = trim($phone_no);
if ($PHONE_NO)
$phone_no = trim($PHONE_NO);
if (!ereg("(^(.*)[0-9]{3})(.*)([0-9]{3})(.*)([0-9]{4}$)", $phone_no)) {
print_error("your <b>phone number</b> is invalid");
}
}

// check phone for validity
if (($FAX_NO) || ($fax_no)) {
$fax_no = trim($fax_no);
if ($FAX_NO)
$fax_no = trim($FAX_NO);
if (!ereg("(^(.*)[0-9]{3})(.*)([0-9]{3})(.*)([0-9]{4}$)", $fax_no)) {
print_error("your <b>fax number</b> is invalid");
}
}

// prepare the content
$content = parse_form($HTTP_POST_VARS);

// check for a file if there is a file upload it
if ($file_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$file_name;
if (file_exists($path_to_file.$file_name))
$location .= ".new";
copy($file,$location);
unlink($file);
$content .= "Uploaded File: ".$location."\n";
}
}

// second file.
if ($file2_name) {
if ($file_size > 0) {
if (!ereg("/$", $path_to_file))
$path_to_file = $path_to_file."/";
$location = $path_to_file.$file2_name;
if (file_exists($path_to_file.$file2_name))
$location .= ".new";
copy($file2,$location);
unlink($file2);
$content .= "Uploaded File: ".$location."\n";
}
}

// if the env_report option is on: get eviromental variables
if ($env_report) {
$env_report = ereg_replace( " +", "", $env_report);
$env_reports = split(",",$env_report);
$content .= "\n------ eviromental variables ------\n";
for ($i=0;$i<count($env_reports);$i++) {
$string = trim($env_reports[$i]);
if ($env_reports[$i] == "REMOTE_HOST")
$content .= "REMOTE HOST: ".$REMOTE_HOST."\n";
else if ($env_reports[$i] == "REMOTE_USER")
$content .= "REMOTE USER: ". $REMOTE_USER."\n";
else if ($env_reports[$i] == "REMOTE_ADDR")
$content .= "REMOTE ADDR: ". $REMOTE_ADDR."\n";
else if ($env_reports[$i] == "HTTP_USER_AGENT")
$content .= "BROWSER: ". $HTTP_USER_AGENT."\n";
}
}

// if the subject option is not set: set the default
if (!$subject)
$subject = "Form submission";

// send it off
mail_it(stripslashes($content), stripslashes($subject), $email, $recipient);

// if the redirect option is set: redirect them
if ($redirect) {
header ("Location: $redirect");
exit;
} else {
print "Thank you for your submission\n";
echo "<br><br>\n";
echo "<small>This form is powered by <a href=\"http://www.lumbroso.com/scripts/\">Jack's Formmail.php $version!</a></small>\n\n";
exit;
}

// <---------- THE END ----------> //
OfflineView User's ProfileFind all posts by preciousSend Personal Message
Daniel
Team Member



Joined: 06 Jan 2002
Posts: 2564

PostPosted: Sun Oct 20, 2002 5:04 pm (15 years, 1 month ago) Reply with QuoteBack to Top

I still don't see where $path_to_file is coming from... It isn't defined anywhere in the posted script...

________________________________
Image
OfflineView User's ProfileFind all posts by DanielSend Personal Message
precious
WebHelper
WebHelper


Joined: 06 Apr 2002
Posts: 65

PostPosted: Sun Oct 20, 2002 5:15 pm (15 years, 1 month ago) Reply with QuoteBack to Top

The script can be downloaded at
http://www.dtheatre.com/scripts/formmail?PHPSESSID=6f2daec7d9c67d99985ce3a76dc3e611

Take a look at the above webpage.

Below is the extrected documentation on the file upload portion:

--------------------------------------------------------------------------------

Field: file


Description: Allows you to allow the user upload a file the sends you the file name.

REQUIRED

If you are using the file option it is crucial to include the ENCTYPE="multipart/form-data" in the form field.
Example Here

path_to_file - This is the path which the file will be uploaded to. Must be a direct path to your directory. ie: "/www/yourname/filedir/"

RECOMMENDED

MAX_FILE_SIZE - (case sensitive) hidden field must precede the file input field and it's value is the maximum filesize accepted. The value is in bytes.

Syntax: <input type="hidden" name="MAX_FILE_SIZE" value="1000000">

<input type="hidden" name="path_to_file" value="/www/dir_where_file_goes/">

<input type="file" name="file">


--------------------------------------------------------------------------------

Field: file2


Description: I received a lot of email asking how to handle additional file uploads, I added "file2" to show how easy it is:
Keep the same syntax as above, but append a "2" to the end of the file.

Advanced: to add addtional files copy the php functions (below) that handle the file upload for file2 and and change the "2"s to a "3" or anything else.

The PHP:


click here


--------------------------------------------------------------------------------
OfflineView User's ProfileFind all posts by preciousSend Personal Message
Daniel
Team Member



Joined: 06 Jan 2002
Posts: 2564

PostPosted: Sun Oct 20, 2002 5:23 pm (15 years, 1 month ago) Reply with QuoteBack to Top

So what exactly have you set path_to_file to in your web page?

________________________________
Image
OfflineView User's ProfileFind all posts by DanielSend Personal Message
precious
WebHelper
WebHelper


Joined: 06 Apr 2002
Posts: 65

PostPosted: Sun Oct 20, 2002 5:39 pm (15 years, 1 month ago) Reply with QuoteBack to Top

<input type="hidden" name="path_to_file" value="/usr/local/psa/home/vhosts/mydomainname/httpdocs/upload/">
OfflineView User's ProfileFind all posts by preciousSend Personal Message
Display posts from previous:      
Post New TopicReply to Topic
View Previous Topic Print this topic View Next Topic


 Jump to:   


Go to page 1, 2, 3  Next

You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot edit your posts in this forum.
You cannot delete your posts in this forum.
You cannot vote in polls in this forum.


Page generation time: 0.069111 seconds :: 17 queries executed :: All Times are GMT
Powered by phpBB 2.0 © 2001, 2002 phpBB Group :: Based on an FI Theme