1

Using this upload script and it was working ok a week ago but when i checked it today it fails. I have checked writ privileges on the folder and it is set to 777 so don't think that is the problem. Anyone have a idea of what the problem can be?

this is the error

Warning: move_uploaded_file() [function.move-uploaded-file]: 
Unable to access replays/1275389246.ruse in 
/usr/home/web/wno159003/systemio.net/ruse.systemio.net/scripts/upload.php on line 95

my script is

    <?php

   require($_SERVER['DOCUMENT_ROOT'].'/xxxx/xxxx');
   $connection = @mysql_connect($db_host, $db_user, $db_password) or die("error connecting");
   mysql_select_db($db_name, $connection);

   $name = basename($_FILES['uploaded']['name']);
   $comment = $_POST["comment"];
   $len = strlen($comment);
   $username = $_POST["username"];
   $typekamp = $_POST["typekamp"];
   $date = time();


   $target = "replays/";
   $target .= basename($_FILES['uploaded']['name']);
   $maxsize = 20971520; // 20mb Maximum size of the uploaded file in bytes

// File extension control
// Whilelisting takes preference over blacklisting, so if there is anything in the whilelist, the blacklist _will_ be ignored
// Fill either array as you see fit - eg. Array("zip", "exe", "php")
$fileextensionwhitelist = Array("ruse"); // Whilelist (allow only)
$fileextensionblacklist = Array("zip", "exe", "php", "asp", "txt"); // Blacklist (deny)
$ok = 1;

if ($_FILES['uploaded']['error'] == 4)

{
   echo "<html><head><title>php</title></head>";
   echo '<body bgcolor="#413839" text="#ffffff">
   <p><B>info</b></p>';
   die("No file was uploaded");
}

if ($_FILES['uploaded']['error'] !== 0)
{
   echo "<html><head><title>php</title></head>";
   echo '<body bgcolor="#413839" text="#ffffff">
   <p><B>info</b></p>';
   die("An unexpected upload error has occured.");
}

// This is our size condition
if ($_FILES['uploaded']['size'] > $maxsize)
{
   echo "<html><head><title>php</title></head>";
   echo '<body bgcolor="#413839" text="#ffffff">
   <p><B>info</b></p>';
   echo "Your file is too large.<br />\n";
   $ok = 0;
}

// This is our limit file type condition
if ((!empty($fileextensionwhitelist) && !in_array(substr(strrchr($_FILES['uploaded']['name'], "."), 1), $fileextensionwhitelist)) || (empty($fileextensionwhitelist) && !empty($fileextensionblacklist) && in_array(substr(strrchr($_FILES['uploaded']['name'], "."), 1), $fileextensionblacklist)))
{
   echo "<html><head><title>php</title></head>";
   echo '<body bgcolor="#413839" text="#ffffff">
   <p><B>info</b></p>';
   echo "This type of file has been disallowed.<br />\n";
   $ok = 0;
}

// Here we check that $ok was not set to 0 by an error
if ($ok == 0)
{
   echo "<html><head><title>php</title></head>";
   echo '<body bgcolor="#413839" text="#ffffff">
   <p><B>info</b></p>';
   echo "Sorry, your file was not uploaded. Refer to the errors above.";
}

// If everything is ok we try to upload it
else
{
   if($len > 0)
    {      
       $target = "replays/".time().'.'."ruse";
      $name = time().'.'."ruse";
      $query = "INSERT INTO RR_upload(ID, filename, username, comment, typekamp, date) VALUES (NULL, '$name', '$username','$comment', '$typekamp' ,'$date')";

      if (file_exists($target))
      {
         $target .= "_".time().'.'."ruse";
         echo "<html><head><title>php</title></head>";
         echo '<body bgcolor="#413839" text="#ffffff">
         <p><B>info</b></p>';
         echo "File already exists, will be uploaded as ".$target;
      }

      mysql_query($query, $connection) or die (mysql_error());

      echo "<html><head><title>php</title></head>";
      echo '<body bgcolor="#413839" text="#ffffff">
      <p><B>info</b></p>';
      echo (move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))

      ? "The file ".basename( $_FILES['uploaded']['name'])." has been uploaded. \n"
      : "Sorry, there was a problem uploading your file. <br>";
      echo "<br>Variable filename: ".$name;
      echo "<br>Variable name: ".$username;
      echo "<br>Variables comment: ".$comment;
      echo "<br>Variables date: ".$date;
      echo "<br>Var typekamp; ".$typekamp;
      echo "<br>Var target; ".$target;
      }
   else
   {
      echo "<html><head><title>php</title></head>";
      echo '<body bgcolor="#413839" text="#ffffff">
      <p><B>info</b></p>';
      echo"you have to put in comment/description";
   }

}
?>
Improve this question
2
  • Who is hosting it? Are you in total control of the environment? Or is it a web hosting company that could have disabled this function? Commented Jun 1, 2010 at 11:26
  • its on a webhotel so i dont have full control of the server settings, but i did som test scripts to upload small images files on the same server and i did get them to work just fine. Commented Jun 1, 2010 at 11:36

1 Answer 1

Reset to default
1

Assuming the "replays" directory is in the document root, does the warning persists if you replace this line : 

$target = "replays/";

by this one :

$target = $_SERVER['DOCUMENT_ROOT']."replays/";

?

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

you made my day :) added $_SERVER['DOCUMENT_ROOT']."/replays/"; and all is good
glad to help, it also highlights the fact that we have to pay attention to the trailing slash's presence in the $_SERVER['DOCUMENT_ROOT'] environement variable

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.