Im very new to php and is hoping someone could help me. I know it someting small Im missing, but cant seem to find it. I want to do a file upload. Everything seems to be fine im my browser, but when I try to upload the file is says that the destination folder does not exits or dont have permission to see it. I have created and uploaded the "upload" folder using FTP and did set the permissions to 777. But I still get the same error. For safety i crossed the first part of the succes url out, but do have it correct in the original I want to do a file upload. here is the code Im using <?php // Folder to upload files to. Must end with slash / define('DESTINATION_FOLDER','upload/'); // Maximum allowed file size, Kb // Set to zero to allow any size define('MAX_FILE_SIZE', 0); // Upload success URL. User will be redirected to this page after upload. define('SUCCESS_URL','http://www.xxx.co.za/confirmation.php'); // Allowed file extensions. Will only allow these extensions if not empty. // Example: $exts = array('avi','mov','doc'); $exts = array(); // rename file after upload? false - leave original, true - rename to some unique filename define('RENAME_FILE', false); // put a string to append to the uploaded file name (after extension); // this will reduce the risk of being hacked by uploading potentially unsafe files; // sample strings: aaa, my, etc. define('APPEND_STRING', ''); // Need uploads log? Logs would be saved in the MySql database. define('DO_LOG', true); // MySql data (in case you want to save uploads log) define('DB_HOST','localhost'); // host, usually localhost define('DB_DATABASE','fantasyhouse'); // database name define('DB_USERNAME','surina'); // username define('DB_PASSWORD','Cancer'); // password /* NOTE: when using log, you have to create mysql table first for this script. Copy paste following into your mysql admin tool (like PhpMyAdmin) to create table If you are on cPanel, then prefix _uploads_log on line 205 with your username, so it would be like myusername_uploads_log CREATE TABLE _uploads_log ( log_id int(11) unsigned NOT NULL auto_increment, log_filename varchar(128) default '', log_size int(10) default 0, log_ip varchar(24) default '', log_date timestamp, PRIMARY KEY (log_id), KEY (log_filename) ); */ // Allow script to work long enough to upload big files (in seconds, 2 days by default) @set_time_limit(172800); // following may need to be uncommented in case of problems // ini_set("session.gc_maxlifetime","10800"); ?> with this <? function showUploadForm($message='') { $max_file_size_tag = ''; if (MAX_FILE_SIZE > 0) { // convert to bytes $max_file_size_tag = "<input name='MAX_FILE_SIZE' value='".(MAX_FILE_SIZE*1024)."' type='hidden' >\n"; } // Load form template include ('file-upload.html'); } // errors list $errors = array(); $message = ''; // we should not exceed php.ini max file size $ini_maxsize = ini_get('upload_max_filesize'); if (!is_numeric($ini_maxsize)) { if (strpos($ini_maxsize, 'M') !== false) $ini_maxsize = intval($ini_maxsize)*1024*1024; elseif (strpos($ini_maxsize, 'K') !== false) $ini_maxsize = intval($ini_maxsize)*1024; elseif (strpos($ini_maxsize, 'G') !== false) $ini_maxsize = intval($ini_maxsize)*1024*1024*1024; } if ($ini_maxsize < MAX_FILE_SIZE*1024) { $errors[] = "Alert! Maximum upload file size in php.ini (upload_max_filesize) is less than script's MAX_FILE_SIZE"; } // show upload form if (!isset($_POST['submit'])) { showUploadForm(join('',$errors)); } // process file upload else { while(true) { // make sure destination folder exists if (!@file_exists('DESTINATION_FOLDER')) { $errors[] = "Destination folder does not exist or no permissions to see it."; break; } // check for upload errors $error_code = $_FILES['filename']['error']; if ($error_code != UPLOAD_ERR_OK) { switch($error_code) { case UPLOAD_ERR_INI_SIZE: // uploaded file exceeds the upload_max_filesize directive in php.ini $errors[] = "File is too big (1)."; break; case UPLOAD_ERR_FORM_SIZE: // uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form $errors[] = "File is too big (2)."; break; case UPLOAD_ERR_PARTIAL: // uploaded file was only partially uploaded. $errors[] = "Could not upload file (1)."; break; case UPLOAD_ERR_NO_FILE: // No file was uploaded $errors[] = "Could not upload file (2)."; break; case UPLOAD_ERR_NO_TMP_DIR: // Missing a temporary folder $errors[] = "Could not upload file (3)."; break; case UPLOAD_ERR_CANT_WRITE: // Failed to write file to disk $errors[] = "Could not upload file (4)."; break; case 8: // File upload stopped by extension $errors[] = "Could not upload file (5)."; break; } // switch // leave the while loop break; } // get file name (not including path) $filename = @basename($_FILES['filename']['name']); // filename of temp uploaded file $tmp_filename = $_FILES['filename']['tmp_name']; $file_ext = @strtolower(@strrchr($filename,".")); if (@strpos($file_ext,'.') === false) { // no dot? strange $errors[] = "Suspicious file name or could not determine file extension."; break; } $file_ext = @substr($file_ext, 1); // remove dot // check file type if needed if (count($exts)) { /// some day maybe check also $_FILES['user_file']['type'] if (!@in_array($file_ext, $exts)) { $errors[] = "Files of this type are not allowed for upload."; break; } } // destination filename, rename if set to $dest_filename = $filename; if (RENAME_FILE) { $dest_filename = md5(uniqid(rand(), true)) . '.' . $file_ext; } // append predefined string for safety $dest_filename = $dest_filename . APPEND_STRING; // get size $filesize = intval($_FILES["filename"]["size"]); // filesize($tmp_filename); // make sure file size is ok if (MAX_FILE_SIZE > 0 && MAX_FILE_SIZE*1024 < $filesize) { $errors[] = "File is too big (3)."; break; } if (!@move_uploaded_file($tmp_filename , DESTINATION_FOLDER . $dest_filename)) { $errors[] = "Could not upload file (6)."; break; } if (DO_LOG) { // Establish DB connection $link = @mysql_connect(DB_HOST, DB_USERNAME, DB_PASSWORD); if (!$link) { $errors[] = "Could not connect to mysql."; break; } $res = @mysql_select_db(DB_DATABASE, $link); if (!$res) { $errors[] = "Could not select database."; break; } $m_ip = mysql_real_escape_string($_SERVER['REMOTE_ADDR']); $m_size = $filesize; $m_fname = mysql_real_escape_string($dest_filename); $sql = "insert into _uploads_log (log_filename,log_size,log_ip) values ('$m_fname','$m_size','$m_ip')"; $res = @mysql_query($sql); if (!$res) { $errors[] = "Could not run query."; break; } @mysql_free_result($res); @mysql_close($link); } // if (DO_LOG) // redirect to upload success url header('Location: ' . SUCCESS_URL); die(); break; } // while(true) // Errors. Show upload form. $message = join('',$errors); showUploadForm($message); } ?>
i think you can use uploading on the server becuase in mysql is not good (just my opinion) try to use any upload class like that Advanced Upload Class
here is the best easy upload script on the net this could be usefull for you. <?php error_reporting(7); // Max size PER file in KB. example 10MB $max_file_size="10000"; // Max size for all files COMBINED in KB. example 10MB $max_combined_size="10000"; //How many file uploads do you want to allow at a time? example: 18. $file_uploads="18"; //do not edit this. $websitename=""; // Use random file names? true=yes (recommended), false=use original file name. Random names will help prevent overwritting of existing files! $random_name=false; // Please keep the array structure. $allow_types=array("exe","jpg","gif","png","zip","rar","txt","doc","docx","nfo","bmp","7z","xls","sql","bmp","xml","html","php","htm","xhtml","sos"); // Path to files folder. If this fails use $fullpath below. With trailing slash, CHMOD this dir to 0777!! $folder="./files/"; // Full url to where files are stored. With Trailing Slash $full_url="http://mysite.com/files/"; // Only use this variable if you wish to use full server paths. Otherwise leave this empty! With trailing slash $fullpath=""; //Use this only if you want to password protect your uploads. $password=""; /* //================================================================================ * ! ATTENTION ! //================================================================================ : Don't edit below this line unless you know some php. Editing some variables or other stuff could cause undeseriable results!! */ // MD5 the password.. why not? $password_md5=md5($password); // If you set a password this is how they get verified! If($password) { If($_POST['verify_password']==true) { If(md5($_POST['check_password'])==$password_md5) { setcookie("phUploader",$password_md5,time()+86400); sleep(1); //seems to help some people. header("Location: http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']); exit; } } } // The password form, if you set a password and the user has not entered it this will show. $password_form=""; If($password) { If($_COOKIE['phUploader']!=$password_md5) { $password_form="<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."\">\n"; $password_form.="<table align=\"center\" class=\"table\">\n"; $password_form.="<tr>\n"; $password_form.="<td width=\"100%\" class=\"table_header\" colspan=\"2\">Password Required</td>\n"; $password_form.="</tr>\n"; $password_form.="<tr>\n"; $password_form.="<td width=\"35%\" class=\"table_body\">Enter Password:</td>\n"; $password_form.="<td width=\"65%\" class=\"table_body\"><input type=\"password\" name=\"check_password\" /></td>\n"; $password_form.="</tr>\n"; $password_form.="<td colspan=\"2\" align=\"center\" class=\"table_body\">\n"; $password_form.="<input type=\"hidden\" name=\"verify_password\" value=\"true\">\n"; $password_form.="<input type=\"submit\" value=\" Verify Password \" />\n"; $password_form.="</td>\n"; $password_form.="</tr>\n"; $password_form.="</table>\n"; $password_form.="</form>\n"; } } // Function to get the extension a file. function get_ext($key) { $key=strtolower(substr(strrchr($key, "."), 1)); // Cause there the same right? $key=str_replace("jpeg","jpg",$key); return $key; } $ext_count=count($allow_types); $i=0; foreach($allow_types AS $extension) { //Gets rid of the last comma for display purpose.. If($i <= $ext_count-2) { $types .="*.".$extension.", "; } Else { $types .="*.".$extension; } $i++; } unset($i,$ext_count); // why not $error=""; $display_message=""; $uploaded==false; // Dont allow post if $password_form has been populated If($_POST['submit']==true AND !$password_form) { For($i=0; $i <= $file_uploads-1; $i++) { If($_FILES['file']['name'][$i]) { $ext=get_ext($_FILES['file']['name'][$i]); $size=$_FILES['file']['size'][$i]; $max_bytes=$max_file_size*1024; // For random names If($random_name){ $file_name[$i]=time()+rand(0,100000).".".$ext; } Else { $file_name[$i]=$_FILES['file']['name'][$i]; } //Check if the file type uploaded is a valid file type. If(!in_array($ext, $allow_types)) { $error.= "Invalid extension for your file: ".$_FILES['file']['name'][$i].", only ".$types." are allowed.<br />Your file(s) were <b>not</b> uploaded.<br />"; //Check the size of each file } Elseif($size > $max_bytes) { $error.= "Your file: ".$_FILES['file']['name'][$i]." is to big. Max file size is ".$max_file_size."kb.<br />Your file(s) were <b>not</b> uploaded.<br />"; // Check if the file already exists on the server.. } Elseif(file_exists($folder.$file_name[$i])) { $error.= "The file: ".$_FILES['file']['name'][$i]." exists on this server, please rename your file.<br />Your file(s) were <b>not</b> uploaded.<br />"; } } // If Files } // For //Tally the size of all the files uploaded, check if it's over the ammount. $total_size=array_sum($_FILES['file']['size']); $max_combined_bytes=$max_combined_size*1024; If($total_size > $max_combined_bytes) { $error.="The max size allowed for all your files combined is ".$max_combined_size."kb<br />"; } // If there was an error take notes here! If($error) { $display_message=$error; } Else { // No errors so lets do some uploading! For($i=0; $i <= $file_uploads-1; $i++) { If($_FILES['file']['name'][$i]) { If(@move_uploaded_file($_FILES['file']['tmp_name'][$i],$folder.$file_name[$i])) { $uploaded=true; } Else { $display_message.="Couldn't copy ".$file_name[$i]." to server, please make sure ".$folder." is chmod 777 and the path is correct.\n"; } } } //For } // Else } // $_POST AND !$password_form /* //================================================================================ * Start the form layout //================================================================================ :- Please know what your doing before editing below. Sorry for the stop and start php.. people requested that I use only html for the form.. */ ?> <?php If($password_form) { Echo $password_form; } Elseif($uploaded==true) {?> <style type="text/css"> <!-- a:link { color: #000000; } a:visited { color: #000000; } a:hover { color: #3399FF; } .style1 { font-family: Verdana, Arial, Helvetica, sans-serif; font-style: italic; font-weight: bold; font-size: 10px; } --> </style> <table align="center"class="table"> <tr> <td class="table_header" colspan="2"><b>Your file(s) have been uploaded!</b> </td> </tr> <tr> <td class="table_body"> <br /> <?php For($i=0; $i <= $file_uploads-1; $i++) { If($_FILES['file']['name'][$i]) { $file=$i+1; Echo("<b>File #".$file.":</b> <a href=\"".$full_url.$file_name[$i]."\" target=\"_blank\">".$full_url.$file_name[$i]."</a><br /><br />\n"); } } ?> <br /> <a href="<?=$_SERVER['PHP_SELF'];?>">Go Back</a> <br /> </td> </tr> </table> <?} Else {?> <?If($display_message){?> <div align="center" class="error_message"><?=$display_message;?></div> <br /> <?}?> <form action="<?=$_SERVER['PHP_SELF'];?>" method="post" enctype="multipart/form-data" name="phuploader"> <table align="center"class="table"> <tr> <td class="table_header" colspan="2"><b><?=$websitename;?></b> </td> </tr> <tr> <td colspan="2" class="upload_info"> <p><b>Allowed Types:</b> <?=$types?> <br /> <b>Max size per file:</b> 10 MB </p> <p> </p></td> </tr> <?For($i=0;$i <= $file_uploads-1;$i++) {?> <tr> <td class="table_body" width="20%"><b>Select File:</b> </td> <td class="table_body" width="80%"><input type="file" name="file[]" size="30" /></td> </tr> <?}?> <tr> <td colspan="2" align="center" class="table_header"> <input type="hidden" name="submit" value="true" /> <input type="submit" value=" Upload! " /> <input type="reset" name="reset" value=" Reset " /> </td> </tr> </table> </form> <?php } ?> Code (markup):