Need some PHP help ...
(10 posts, started )
Need some PHP help ...
I've been using apachefriends on my computer to work on a PHP script using a mySQL database to store the content etc for my website. All ran fine until I uploaded it to my webspace. One of my scripts isn't working and failing on:


<?php 
copy
($photos_uploaded['tmp_name'][$counter], $images_dir."/".$filename);
?>

with error:
Quote :Warning: copy(): open_basedir restriction in effect. File(/tmp/phpTadaPt) is not within the allowed path(s): (/home/crazycottauk/public_html) in /home/crazycottauk/public_html/test/upload.php on line 51

Since I'm still fairly new to php I've ran out of ideas. I've tried moving it rather than copying it but it still failed.

Is this to do with my PHP setup on my webspace ? Or has anyone else got any other ideas on how to solve this ?

Cheers
Keiran
-
(thisnameistaken) DELETED by thisnameistaken
Use the move_uploaded_file method instead (this function allows you to read outside of the restricted dir's; it does still care about the destination though). The open_basedir restriction is there for security reasons and your host should not change the config (it should also not be override-able by ini_set, unless someones has patched php to change this behaviour).

Edit: The php manual is one of the best around, use it wisely Theres also a few good examples of how to use this method in the comments.
Thanks for the help

Still having problems though even using the move_uploaded_file() method. Will have a better look into it and make sure it's not some silly mistake

These are the errors now:
Quote :
Warning: move_uploaded_file(images/products/8.jpg): failed to open stream: Permission denied in /home/crazycottauk/public_html/test/upload.php on line 51

Warning: move_uploaded_file(): Unable to move '/tmp/phpFhOrOG' to 'images/products/8.jpg' in /home/crazycottauk/public_html/test/upload.php on line 51

Keiran
make sure the folder you are writing to is allowed to be written to by 'everyone'

you probably can see the 'access mask' of all files and folders in your ftp client and you should be able to change them as well. If not you'll probably need a better client. Or maybe you have shell (ssh) access? That'd be even better.
Silly me, thanks Victor Forgot to set the folder attributes
Quote from the_angry_angel :Use the move_uploaded_file method instead (this function allows you to read outside of the restricted dir's; it does still care about the destination though). The open_basedir restriction is there for security reasons and your host should not change the config (it should also not be override-able by ini_set, unless someones has patched php to change this behaviour).

Edit: The php manual is one of the best around, use it wisely Theres also a few good examples of how to use this method in the comments.

just out of curiosity - I personally don't like straight copying into my webspace, so i normally ftp files into there. That way i don't have to set the write access to 777 for some web folder. But with that mentioned folder restriction, would one be able to move a file from /tmp to somewhere else with ftp?
Just curious It's not a problem here or so.
From /tmp to somewhere else using ftp? I guess you could do it, if you had access to the directories, sorta like virtual directories mapped to your FTP account. I'm not sure I'm following though. You could definately do it with SCP though, assuming you were connecting through an account which had privileges to rw where you wanted to move the files to and from, and that the user account wasn't in a jail of some form.

In terms of using 777 theres 2 ways to avoid doing it; if you use the groups hack, where by you effectively chain a set of group's together so that you don't have to give rw access to everyone else. The other method would be to use a filesystem supporting ACL. I'm not sure if *BSD has this facility in its kernel or not, but under linux setfacl and getfacl (apt-get install acl, for Debian ) gives you a very finely grained acl (access control list), much like windows permissions.

Throughout I assume apache runs under its own locked down user account, rather than just daemon.
Me again with a new problem, been re-working the code for the website now I've learnt a bit more in the last couple of years.

All worked fine and dandy on my setup but now I've started migrating it to my webspace I've encounted a problem.

It's is related to uploading files, I've done $_FILES['...']['error'] to get the error number and got `6`. According to the PHP manual that means `Value: 6; Missing a temporary folder. Introduced in PHP 4.3.10 and PHP 5.0.3`.

How can I sort this? Can I define a temporary folder or has this to do with the PHP setup ?

Cheers
Keiran
should be a php.ini config -

;upload_tmp_dir =

This is commented out by default so that php uses the system default temporary folder. On linux's it's /tmp. Dunno how it's done on windows.

Dunno if your webhost is missing a temporary folder or if it's disabled on purpose. The first would seem weird to me, the second you'd have to ask your webhost.
Ah, they must have changed the CP on my web host recently.

Seems you can enable and disable some of the PHP features to suit yourself, guess by deafult it's disabled. Enabled it and will see what the result is, unfortuantley it says to allow 12 hours for the settings to take effect.

Keiran

Need some PHP help ...
(10 posts, started )
FGED GREDG RDFGDR GSFDG