Hello! I have been trying to figure out why an upload script doesn't seem to work like it should but I couldn't understand why so maybe somebody here can help me out a bit please. Here is the function:

function uploadFile($conn,$newsid,$table_name,$linkImg,$align) {

    global $msg,$maxSize;

    if  ( $_FILES['userfile']['size']!=0 && $_FILES['userfile']['size']<($maxSize*1000)
            && ($_FILES['userfile']['type'] == 'image/jpg'
            || $_FILES['userfile']['type'] == 'image/jpeg'
            || $_FILES['userfile']['type'] == 'image/pjpeg') ) {

        $uploadfile = 'images/' . $newsid . '.jpg';

        if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {

            @chmod($uploadfile, 0666);

            $msg.= ' Image successfully uploaded.';

            if (updateImg($conn, $newsid, $table_name, $newsid.'.jpg' , $linkImg , $align )) return true;
            else return false;

         else {

            $msg.= ' Error: possible file upload attack!';
            return false;
    else {

        if ($_FILES['userfile']['size']==0 && $_FILES['userfile']['name']=='') {

            $msg .= ' Image not submitted.';

            if (updateImg($conn, $newsid, $table_name, '' , $linkImg , $align )) return true;
            else return false;
        else $msg .= ' Image upload failed, wrong file.';

Recommended Answers

All 3 Replies

While developing remove the @ above the functions and you will see the error. At line 11 try to set an absolute path, at the moment this is relative to the script, not to the root: $uploadfile = 'images/' . $newsid . '.jpg';

So change it to:

$uploadfile = $_SERVER['DOCUMENT_ROOT'] .'/images/' . $newsid . '.jpg';

Hi and thanks for your help. I've tried your method and it still doesn't seem to work. It uploads the image but then doesn't use it like it should. If you have any other ideas that would be great.

Hi, check the updateImg() function, what should happen there?

As side note: if you can, change chmod to 644, the 666 gives write permission to any process on the server.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.