0

Hello! I have been trying to figure out why an upload script doesn't seem to work like it should but I couldn't understand why so maybe somebody here can help me out a bit please. Here is the function:

function uploadFile($conn,$newsid,$table_name,$linkImg,$align) {

    global $msg,$maxSize;

    if  ( $_FILES['userfile']['size']!=0 && $_FILES['userfile']['size']<($maxSize*1000)
            && ($_FILES['userfile']['type'] == 'image/jpg'
            || $_FILES['userfile']['type'] == 'image/jpeg'
            || $_FILES['userfile']['type'] == 'image/pjpeg') ) {


        $uploadfile = 'images/' . $newsid . '.jpg';

        if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {

            @chmod($uploadfile, 0666);

            $msg.= ' Image successfully uploaded.';

            if (updateImg($conn, $newsid, $table_name, $newsid.'.jpg' , $linkImg , $align )) return true;
            else return false;

        }
         else {

            $msg.= ' Error: possible file upload attack!';
            return false;
        } 
    }
    else {


        if ($_FILES['userfile']['size']==0 && $_FILES['userfile']['name']=='') {

            $msg .= ' Image not submitted.';

            if (updateImg($conn, $newsid, $table_name, '' , $linkImg , $align )) return true;
            else return false;
        }
        else $msg .= ' Image upload failed, wrong file.';
    }
}
2
Contributors
3
Replies
4
Views
5 Years
Discussion Span
Last Post by cereal
0

While developing remove the @ above the functions and you will see the error. At line 11 try to set an absolute path, at the moment this is relative to the script, not to the root: $uploadfile = 'images/' . $newsid . '.jpg';

So change it to:

$uploadfile = $_SERVER['DOCUMENT_ROOT'] .'/images/' . $newsid . '.jpg';
0

Hi and thanks for your help. I've tried your method and it still doesn't seem to work. It uploads the image but then doesn't use it like it should. If you have any other ideas that would be great.

0

Hi, check the updateImg() function, what should happen there?

As side note: if you can, change chmod to 644, the 666 gives write permission to any process on the server.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.