PHP upload script

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Darkmage on Stack Overflow See other posts from Stack Overflow or by Darkmage
Published on 2010-06-01T11:21:53Z Indexed on 2010/06/01 14:03 UTC
Read the original article Hit count: 404

Filed under:
|
|

Using this upload script and it was working ok a week ago but when i checked it today it fails. I have checked writ privileges on the folder and it is set to 777 so don't think that is the problem. Anyone have a idea of what the problem can be?

this is the error

Warning: move_uploaded_file() [function.move-uploaded-file]: 
Unable to access replays/1275389246.ruse in 
/usr/home/web/wno159003/systemio.net/ruse.systemio.net/scripts/upload.php on line 95

my script is

    <?php

   require($_SERVER['DOCUMENT_ROOT'].'/xxxx/xxxx');
   $connection = @mysql_connect($db_host, $db_user, $db_password) or die("error connecting");
   mysql_select_db($db_name, $connection);

   $name = basename($_FILES['uploaded']['name']);
   $comment = $_POST["comment"];
   $len = strlen($comment);
   $username = $_POST["username"];
   $typekamp = $_POST["typekamp"];
   $date = time();


   $target = "replays/";
   $target .= basename($_FILES['uploaded']['name']);
   $maxsize = 20971520; // 20mb Maximum size of the uploaded file in bytes

// File extension control
// Whilelisting takes preference over blacklisting, so if there is anything in the whilelist, the blacklist _will_ be ignored
// Fill either array as you see fit - eg. Array("zip", "exe", "php")
$fileextensionwhitelist = Array("ruse"); // Whilelist (allow only)
$fileextensionblacklist = Array("zip", "exe", "php", "asp", "txt"); // Blacklist (deny)
$ok = 1;

if ($_FILES['uploaded']['error'] == 4)

{
   echo "<html><head><title>php</title></head>";
   echo '<body bgcolor="#413839" text="#ffffff">
   <p><B>info</b></p>';
   die("No file was uploaded");
}

if ($_FILES['uploaded']['error'] !== 0)
{
   echo "<html><head><title>php</title></head>";
   echo '<body bgcolor="#413839" text="#ffffff">
   <p><B>info</b></p>';
   die("An unexpected upload error has occured.");
}

// This is our size condition
if ($_FILES['uploaded']['size'] > $maxsize)
{
   echo "<html><head><title>php</title></head>";
   echo '<body bgcolor="#413839" text="#ffffff">
   <p><B>info</b></p>';
   echo "Your file is too large.<br />\n";
   $ok = 0;
}

// This is our limit file type condition
if ((!empty($fileextensionwhitelist) && !in_array(substr(strrchr($_FILES['uploaded']['name'], "."), 1), $fileextensionwhitelist)) || (empty($fileextensionwhitelist) && !empty($fileextensionblacklist) && in_array(substr(strrchr($_FILES['uploaded']['name'], "."), 1), $fileextensionblacklist)))
{
   echo "<html><head><title>php</title></head>";
   echo '<body bgcolor="#413839" text="#ffffff">
   <p><B>info</b></p>';
   echo "This type of file has been disallowed.<br />\n";
   $ok = 0;
}

// Here we check that $ok was not set to 0 by an error
if ($ok == 0)
{
   echo "<html><head><title>php</title></head>";
   echo '<body bgcolor="#413839" text="#ffffff">
   <p><B>info</b></p>';
   echo "Sorry, your file was not uploaded. Refer to the errors above.";
}

// If everything is ok we try to upload it
else
{
   if($len > 0)
    {      
       $target = "replays/".time().'.'."ruse";
      $name = time().'.'."ruse";
      $query = "INSERT INTO RR_upload(ID, filename, username, comment, typekamp, date) VALUES (NULL, '$name', '$username','$comment', '$typekamp' ,'$date')";

      if (file_exists($target))
      {
         $target .= "_".time().'.'."ruse";
         echo "<html><head><title>php</title></head>";
         echo '<body bgcolor="#413839" text="#ffffff">
         <p><B>info</b></p>';
         echo "File already exists, will be uploaded as ".$target;
      }

      mysql_query($query, $connection) or die (mysql_error());

      echo "<html><head><title>php</title></head>";
      echo '<body bgcolor="#413839" text="#ffffff">
      <p><B>info</b></p>';
      echo (move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))

      ? "The file ".basename( $_FILES['uploaded']['name'])." has been uploaded. \n"
      : "Sorry, there was a problem uploading your file. <br>";
      echo "<br>Variable filename: ".$name;
      echo "<br>Variable name: ".$username;
      echo "<br>Variables comment: ".$comment;
      echo "<br>Variables date: ".$date;
      echo "<br>Var typekamp; ".$typekamp;
      echo "<br>Var target; ".$target;
      }
   else
   {
      echo "<html><head><title>php</title></head>";
      echo '<body bgcolor="#413839" text="#ffffff">
      <p><B>info</b></p>';
      echo"you have to put in comment/description";
   }

}
?>

© Stack Overflow or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about php

Related posts about upload

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle