[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] RE: PHP uploading problem on RaQ3 fopen
- Subject: Re: [cobalt-users] RE: PHP uploading problem on RaQ3 fopen
- From: "Steve Werby" <steve-lists@xxxxxxxxxxxx>
- Date: Sat Jun 15 09:02:01 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
"chae" <chae@xxxxxxxxxxxx> wrote:
> The folder to which the script moves to image to:
>
> Unable to move file from tmp.
> ./db_images/bouquets/test_heliconia.jpg/tmp/php0p0CsQ test_heliconia.jpg
> File open failed
>
> Has had it's permissions changed to 666 and also 777, I've also changed
> ownership from the user allseaso to httpd to see if that made any
> difference.
If the PHP script is the Apache PHP module then the destination directory
needs to be writable by httpd. I would set ownership of the destination
directory to chown <siteadmin>:<sitegroup>
> In the script I've also had the customer change the
> ./db_images/bouquets/test_heliconia.jpg to the full
> /home/sites/site99/db_images/bouquets/filename.jpg and still no joy.
>
> The tmp folder on the server is root:root & chmod 777
That is fine.
> I tried till the early hours of this morning playing with ownerships &
> chmoding but no joy - either I'm missing the obvious (which I probably am)
> or it could be the script but saying that it worked on another Redhat box.
>
> Currently the set-up is:
> The /web folder is owned by nobody 755
> The db_images is owned by allseaso & 755
> The bouquets folder is owned by allseaso & 777
> All belong to the same group site99
>
>
> Now the script being called from another folder
> ./maintain/bouquets/updateAction.php3
> The script is owned by allseaso site99 & 777
The script doesn't need to be chmod 777. I think anything above 604 as it
just needs to be readable by httpd (world) and obviously it would be nice if
the site admin could write to it. <g>
<snip>
> if
>
(move_uploaded_file($userfile,"/home/sites/site99/web/db_images/bouquets/".$
userfile_name))
> { }
> else { echo "Unable to move file
> from tmp.\n"."/home/sites/site99/web/db_images/bouquets/".$userfile_name;
> }
> $sfile = fopen($userfile,r);
</snip>
I'm not sure why the code is so bloated. If everything is setup properly I
can't think of a reason why moving the uploaded file will fail and therefore
falling back to FTPing the file somewhere seems unnecessary. Here's some
lines from a class function I wrote which runs on a RaQ4 to upload images.
Maybe you can use it as a reference and test it to see if it helps.
if ( is_uploaded_file( $_FILES["uploaded_file"]["tmp_name"] ) )
{
## Make sure it's an image.
if ( in_array( $_FILES["uploaded_file"]["type"], array( 'image/gif',
'image/png', 'image/jpg', 'image/pjpeg' ) ) )
{
## Make sure file size is less than set limit.
if ( $_FILES["uploaded_file"]["size"] <= $this->image_size_max )
{
## INSERT query was here, left out for brevity.
$this->image_id = mysql_insert_id();
## Set destination file.
$destination_file = $DOCUMENT_ROOT . "/" .
$this->gallery_directory . "/" . $this->image_id;
## Move from temp upload location to desired destination
location.
move_uploaded_file( $_FILES["uploaded_file"]["tmp_name"],
$destination_file );
}
}
}
Uploaded files are chmod 600, chown httpd:<siteN>. If for some reason I
didn't want the files owned by httpd, I would run a cron job periodically to
set the ownership and permissions on any files in that directory that have
the above ownership and permissions to whichever I desire. If that's not an
acceptable solution, I'd install PHP as a CGI and set the ownership on the
PHP CGI script to the owner of the site and the uploaded files will be owned
by that user automatically.
--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/