hard nuts .... i guess its too difficult for me to crack..:(
anywz do you know of any other scripting languages which support file upload.
carobee
0
Posting Whiz in Training
nav33n
472
Purple hazed!
Team Colleague
Featured Poster
Nope :( I dont.
carobee
0
Posting Whiz in Training
Another query unresilved i guess:(
nav33n
472
Purple hazed!
Team Colleague
Featured Poster
Can you post (one last time) what is the output of phpinfo ?
carobee
0
Posting Whiz in Training
PHP Version 4.4.4
System Linux via 2.4.24 #3 Thu Dec 9 11:27:40 KST 2004 i686
Build Date Feb 1 2008 09:34:26
Configure Command './configure' '--prefix=/usr/local/apache' '--exec-prefix=/usr/local/apache' '--with-apache=/home/karabi/backup/apache_1.3.37' '--with-mysql' '--enable-sysvmsg' '--enable-ftp'
Server API Apache
Virtual Directory Support disabled
Configuration File (php.ini) Path /usr/local/apache/lib
PHP API 20020918
PHP Extension 20020429
Zend Extension 20050606
Debug Build no
Zend Memory Manager enabled
Thread Safety disabled
Registered PHP Streams php, http, ftp
This program makes use of the Zend Scripting Language Engine:
Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies
--------------------------------------------------------------------------------
PHP Credits
--------------------------------------------------------------------------------
Configuration
PHP Core
Directive Local Value Master Value
allow_call_time_pass_reference On On
allow_url_fopen On On
always_populate_raw_post_data Off Off
arg_separator.input & &
arg_separator.output & &
asp_tags Off Off
auto_append_file no value no value
auto_prepend_file no value no value
browscap no value no value
default_charset no value no value
default_mimetype text/html text/html
define_syslog_variables Off Off
disable_classes no value no value
disable_functions no value no value
display_errors On On
display_startup_errors Off Off
doc_root no value no value
docref_ext no value no value
docref_root no value no value
enable_dl On On
error_append_string no value no value
error_log no value no value
error_prepend_string no value no value
error_reporting no value no value
expose_php On On
extension_dir /usr/local/apache/lib/php/extensions/no-debug-non-zts-20020429 /usr/local/apache/lib/php/extensions/no-debug-non-zts-20020429
file_uploads On On
gpc_order GPC GPC
highlight.bg #FFFFFF #FFFFFF
highlight.comment #FF8000 #FF8000
highlight.default #0000BB #0000BB
highlight.html #000000 #000000
highlight.keyword #007700 #007700
highlight.string #DD0000 #DD0000
html_errors On On
ignore_repeated_errors Off Off
ignore_repeated_source Off Off
ignore_user_abort Off Off
implicit_flush Off Off
include_path .:/usr/local/apache/lib/php .:/usr/local/apache/lib/php
log_errors Off Off
log_errors_max_len 1024 1024
magic_quotes_gpc On On
magic_quotes_runtime Off Off
magic_quotes_sybase Off Off
max_execution_time 30 30
max_input_time -1 -1
open_basedir no value no value
output_buffering 0 0
output_handler no value no value
post_max_size 8M 8M
precision 14 14
register_argc_argv On On
register_globals Off Off
report_memleaks On On
safe_mode Off Off
safe_mode_exec_dir /usr/local/php/bin /usr/local/php/bin
safe_mode_gid Off Off
safe_mode_include_dir no value no value
sendmail_from no value no value
sendmail_path /usr/sbin/sendmail -t -i /usr/sbin/sendmail -t -i
serialize_precision 100 100
short_open_tag On On
SMTP localhost localhost
smtp_port 25 25
sql.safe_mode Off Off
track_errors Off Off
unserialize_callback_func no value no value
upload_max_filesize 2M 2M
upload_tmp_dir no value no value
user_dir no value no value
variables_order no value no value
xmlrpc_error_number 0 0
xmlrpc_errors Off Off
y2k_compliance On On
apache
APACHE_INCLUDE no value
APACHE_TARGET no value
Apache Version Apache/1.3.37 (Unix) PHP/4.4.4
Apache Release 10337100
Apache API Version 19990320
Hostname:Port 127.0.0.1:80
User/Group nobody(65534)/65534
Max Requests Per Child: 0 - Keep Alive: on - Max Per Connection: 100
Timeouts Connection: 300 - Keep-Alive: 15
Server Root /usr/local/apache
Loaded Modules mod_php4, mod_setenvif, mod_auth, mod_access, mod_alias, mod_userdir, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_status, mod_negotiation, mod_mime, mod_log_config, mod_env, http_core
Directive Local Value Master Value
child_terminate 0 0
engine 1 1
last_modified 0 0
xbithack 0 0
Apache Environment
Variable Value
DOCUMENT_ROOT /usr/local/apache/htdocs
HTTP_ACCEPT */*
HTTP_ACCEPT_ENCODING gzip, deflate
HTTP_ACCEPT_LANGUAGE en-us
HTTP_CACHE_CONTROL max-age=259200
HTTP_CONNECTION keep-alive
HTTP_HOST 172.24.3.226
HTTP_PRAGMA no-cache
HTTP_UA_CPU x86
HTTP_USER_AGENT Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; .NET CLR 1.1.4322)
HTTP_VIA 1.1 localhost.localdomain:8080 (squid/2.5.STABLE3)
HTTP_X_FORWARDED_FOR 172.24.3.90
PATH /root/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin
REMOTE_ADDR 172.24.1.17
REMOTE_PORT 40770
SCRIPT_FILENAME /usr/local/apache/htdocs/info.php
SERVER_ADDR 172.24.3.226
SERVER_ADMIN [email]karabi@localhost.loca[/email]ldomain
SERVER_NAME 127.0.0.1
SERVER_PORT 80
SERVER_SIGNATURE <ADDRESS>Apache/1.3.37 Server at 127.0.0.1 Port 80</ADDRESS>
SERVER_SOFTWARE Apache/1.3.37 (Unix) PHP/4.4.4
GATEWAY_INTERFACE CGI/1.1
SERVER_PROTOCOL HTTP/1.0
REQUEST_METHOD GET
QUERY_STRING no value
REQUEST_URI /info.php
SCRIPT_NAME /info.php
HTTP Headers Information
HTTP Request Headers
HTTP Request GET /info.php HTTP/1.0
Accept */*
Accept-Encoding gzip, deflate
Accept-Language en-us
Cache-Control max-age=259200
Connection keep-alive
Host 172.24.3.226
Pragma no-cache
UA-CPU x86
User-Agent Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; .NET CLR 1.1.4322)
Via 1.1 localhost.localdomain:8080 (squid/2.5.STABLE3)
X-Forwarded-For 172.24.3.90
HTTP Response Headers
X-Powered-By PHP/4.4.4
Connection close
Content-Type text/html
ctype
ctype functions enabled
ftp
FTP support enabled
mysql
MySQL Support enabled
Active Persistent Links 0
Active Links 0
Client API version 3.23.49
MYSQL_MODULE_TYPE builtin
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_INCLUDE no value
MYSQL_LIBS no value
Directive Local Value Master Value
mysql.allow_persistent On On
mysql.connect_timeout 60 60
mysql.default_host no value no value
mysql.default_password no value no value
mysql.default_port no value no value
mysql.default_socket no value no value
mysql.default_user no value no value
mysql.max_links Unlimited Unlimited
mysql.max_persistent Unlimited Unlimited
mysql.trace_mode Off Off
overload
User-Space Object Overloading Support enabled
pcre
PCRE (Perl Compatible Regular Expressions) Support enabled
PCRE Library Version 6.6 06-Feb-2006
posix
Revision $Revision: 1.51.2.4.2.1 $
session
Session Support enabled
Registered save handlers files user
Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /tmp /tmp
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid Off Off
standard
Regex Library Bundled library enabled
Dynamic Library Support enabled
Path to sendmail /usr/sbin/sendmail -t -i
Directive Local Value Master Value
assert.active 1 1
assert.bail 0 0
assert.callback no value no value
assert.quiet_eval 0 0
assert.warning 1 1
auto_detect_line_endings 0 0
default_socket_timeout 60 60
safe_mode_allowed_env_vars PHP_ PHP_
safe_mode_protected_env_vars LD_LIBRARY_PATH LD_LIBRARY_PATH
url_rewriter.tags a=href,area=href,frame=src,form=,fieldset= a=href,area=href,frame=src,form=,fieldset=
user_agent no value no value
sysvmsg
sysvmsg support enabled
Revision $Revision: 1.4.2.5.2.3 $
tokenizer
Tokenizer Support enabled
xml
XML Support active
XML Namespace Support active
EXPAT Version 1.95.6
Additional Modules
Module Name
Environment
Variable Value
LOGNAME root
REMOTEHOST 172.24.3.90
MAIL /var/spool/mail/root
TERM xterm
HOSTTYPE i386
PATH /root/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin
HOME /root
SHELL /bin/sh
PS1 #
USER root
DISPLAY 172.24.3.90:0.0
OSTYPE Linux
SHLVL 1
_ ./httpd
PHP Variables
Variable Value
_SERVER["DOCUMENT_ROOT"] /usr/local/apache/htdocs
_SERVER["HTTP_ACCEPT"] */*
_SERVER["HTTP_ACCEPT_ENCODING"] gzip, deflate
_SERVER["HTTP_ACCEPT_LANGUAGE"] en-us
_SERVER["HTTP_CACHE_CONTROL"] max-age=259200
_SERVER["HTTP_CONNECTION"] keep-alive
_SERVER["HTTP_HOST"] 172.24.3.226
_SERVER["HTTP_PRAGMA"] no-cache
_SERVER["HTTP_UA_CPU"] x86
_SERVER["HTTP_USER_AGENT"] Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; .NET CLR 1.1.4322)
_SERVER["HTTP_VIA"] 1.1 localhost.localdomain:8080 (squid/2.5.STABLE3)
_SERVER["HTTP_X_FORWARDED_FOR"] 172.24.3.90
_SERVER["PATH"] /root/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin
_SERVER["REMOTE_ADDR"] 172.24.1.17
_SERVER["REMOTE_PORT"] 40770
_SERVER["SCRIPT_FILENAME"] /usr/local/apache/htdocs/info.php
_SERVER["SERVER_ADDR"] 172.24.3.226
_SERVER["SERVER_ADMIN"] [email]karabi@localhost.loca[/email]ldomain
_SERVER["SERVER_NAME"] 127.0.0.1
_SERVER["SERVER_PORT"] 80
_SERVER["SERVER_SIGNATURE"] <ADDRESS>Apache/1.3.37 Server at 127.0.0.1 Port 80</ADDRESS>
_SERVER["SERVER_SOFTWARE"] Apache/1.3.37 (Unix) PHP/4.4.4
_SERVER["GATEWAY_INTERFACE"] CGI/1.1
_SERVER["SERVER_PROTOCOL"] HTTP/1.0
_SERVER["REQUEST_METHOD"] GET
_SERVER["QUERY_STRING"] no value
_SERVER["REQUEST_URI"] /info.php
_SERVER["SCRIPT_NAME"] /info.php
_SERVER["PATH_TRANSLATED"] /usr/local/apache/htdocs/info.php
_SERVER["PHP_SELF"] /info.php
_SERVER["argv"] Array
(
)
_SERVER["argc"] 0
_ENV["LOGNAME"] root
_ENV["REMOTEHOST"] 172.24.3.90
_ENV["MAIL"] /var/spool/mail/root
_ENV["TERM"] xterm
_ENV["HOSTTYPE"] i386
_ENV["PATH"] /root/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin
_ENV["HOME"] /root
_ENV["SHELL"] /bin/sh
_ENV["PS1"] #
_ENV["USER"] root
_ENV["DISPLAY"] 172.24.3.90:0.0
_ENV["OSTYPE"] Linux
_ENV["SHLVL"] 1
_ENV["_"] ./httpd
PHP License
This program is free software; you can redistribute it and/or modify it under the terms of the PHP License as published by the PHP Group and included in the distribution in the file: LICENSE
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
If you did not receive a copy of the PHP license, or have any questions about PHP licensing, please contact [email]license@php.net[/email].
nav33n
472
Purple hazed!
Team Colleague
Featured Poster
hmm.. Well, I ll show you what I have in my phpinfo. Notice the changes.
upload_tmp_dir c:/wamp/tmp c:/wamp/tmp
....
.....
......
session.save_path c:/wamp/tmp c:/wamp/tmp
....
.....Your phpinfo says, session.save_path /tmp /tmp . So, there exists a tmp directory and its not configured correctly in your loaded php.ini file :) Thats the conclusion !
carobee
0
Posting Whiz in Training
hmm.. Well, I ll show you what I have in my phpinfo. Notice the changes.
upload_tmp_dir c:/wamp/tmp c:/wamp/tmp .... ..... ...... session.save_path c:/wamp/tmp c:/wamp/tmp .... .....Your phpinfo says, session.save_path /tmp /tmp . So, there exists a tmp directory and its not configured correctly in your loaded php.ini file :) Thats the conclusion !
ur working in windows n i am in linux. wht i am trying to say, that even if i try to set the tmp dir by changing the upload_tmp_dir in php.ini, it is not done. the php.ini that i m using is located in /usr/local/lib. also the host system shows that there is a tmp folder. But running the uploading script, the upload_err_no_tmp_dir is shown. the o/p of the php script is
Sorry, there was a problem uploading your file.
the error is 6
Possible file upload attack: filename ''.
Array ( [uploaded] => Array ( [name] => cd-key.txt [type] => [tmp_name] => [error] => 6 [size] => 0 ) )
nav33n
472
Purple hazed!
Team Colleague
Featured Poster
ur working in windows n i am in linux.
That was not my point. What I was trying to say was, session.save_path is taking the tmp value, but not upload_tmp_dir. But anyway, Could you post your code that you are using to upload ? Maybe theres a problem with your code ?
carobee
0
Posting Whiz in Training
upload.php
<?php
$target_path="/home/install/trial";
$target_path=$target_path.basename($_FILES['uploaded']['name']);
$ok=1;
if($uploaded_size>750000)
{
echo "Your File is too large.<br>";
$ok=0;
}
if($ok==0)
{
echo "Sorry your file was not uploaded";
}
else
{
if(move_uploaded_file($_FILES['uploaded']['tmp_name'],$target_path))
{
echo "The file".basename($_FILES['uploadedfile']['name'])." has been uploaded";
}
else
{
echo "Sorry, there was a problem uploading your file."."</br>";
echo "the error is ".$_FILES['uploaded']['error']."</br>";
}
}
?>
nav33n
472
Purple hazed!
Team Colleague
Featured Poster
$target_path="/home/install/trial";
$target_path=$target_path.basename($_FILES['uploaded']['name']);target_path is not correct. You need to have a "/" after trial. Else, target_path will be like this.
home/install/trialfilename.(in short, it will upload (if it does) it in install directory.)
Strangely, It still uploads even if I dont give anything in upload_tmp_dir. I am sorry ! I give up.
carobee
0
Posting Whiz in Training
$target_path="/home/install/trial"; $target_path=$target_path.basename($_FILES['uploaded']['name']);target_path is not correct. You need to have a "/" after trial. Else, target_path will be like this.
home/install/trialfilename.(in short, it will upload (if it does) it in install directory.)
Strangely, It still uploads even if I dont give anything in upload_tmp_dir. I am sorry ! I give up.
anywayz thanks
carobee
0
Posting Whiz in Training
can anybody help to resolve this problem?
carobee
0
Posting Whiz in Training
i found the solution... the tmp directory was the main evil here.. i gave 0777 permissions to the tmp ... n whoa everything is solved..
nav33n
472
Purple hazed!
Team Colleague
Featured Poster
i found the solution... the tmp directory was the main evil here.. i gave 0777 permissions to the tmp ... n whoa everything is solved..
Wow! Congrats ! :)
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.