I've read about php upload, and I think I can do this on my own, but I do have to ask two questions: (1) Where is the server's default temp directory, and (2) How do I go about moving a file from there after it's uploaded, like to my own temp directory? I read that if it's not moved or something as soon as it's uploaded, it's deleted. Good idea, butI don't know where it will be placed or how to move it.

I do like that it will also delete it if it's over the size limit that I can place on it, so if I limit it to 200 k, then I don't have to worry too much.

Justin

------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

The servers default Temp directory:
/tmp

Temp files are deleted daily using an aging algorithm, as part of my nightly maintenance routines...

After the upload, just move it from the /tmp directory to one of your directories, then delete it...

--
Terra
sysAdmin
FutureQuest

Ok, I can easily upload a file, I can display the temp filename, but I can't figure out one thing. How do I add a literal string to a string? For example, say I want the file moved or copied to /big/dom/xvdj/www/test. How do I append $file to the end of this path? I've tried:

"path/" $file
'path/' $file
path/$file (divide by zero - makes sense)
path//$file

and a few hundred other ways. I'm lost on this one. I program in Visual Basic and in VB it would be

"path/" & $file

but of course that doesn't work either. (path being /big/dom....)

That's the only part I haven't figured out yet. Also, can I just unlink($file); or do I need the path there as well?

I must say that the "Manual" is not written as well as it should be - then again, they assume that you have a working knowledge of C.

BTW, here's a qoute from www.php.net:
you may have mis-spelt the function name
I found that amusing http://www.aota.net/ubb/smile.gif

One other thing - do I need to buy a bigger monitor, or does anyone else have a problem distinguishing a "(" from a "{"? I can't be the only one. (I do know their different usage, it's just hard to tell which one I typed)

Thanks for the help.

Justin

------------------
Justin Nelson, SFE Inc.
www.vdj.net (http://www.vdj.net)

Oh, sure, the braces look way different in this font!

[This message has been edited by Justin (edited 01-12-99).]

Ok. I always post just a little too early. I tried it with NO path, for the temp file. It is in a variable, $userfile. I got a Warning: SAFE MODE Access restriction...

Is there something else I need to do?

Also, I still need some form of path for my test dir.

Justin

------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

1) To concatenate strings - it is the same as in Perl, which uses a single period '.'...

$a = "/big/dom"
$path = $a . "/blah/blah/blah";

2) I have created a tmp directory as /big/dom/tmp
This should work with SAFE mode on...

Hope this helps...

--
Terra
--bada bing--
FutureQuest

I've tried this:

<?
if ($userfile_size < 100000) {
copy ($userfile, "/big/dom/xvdj/www/test/".$userfile_name);
}
unlink ($userfile);
print "Thank you for uploading ".$userfile_name.". We appreciate blah blah.";
?>

And I got this:

Warning: SAFE MODE Restriction in effect. The script whose uid is 39526 is not allowed to access /tmp/php19089aaa owned by uid 0 in /big/dom/xvdj/www/test/upload.php3 on line 3

Warning: SAFE MODE Restriction in effect. The script whose uid is 39526 is not allowed to access /tmp/php19089aaa owned by uid 0 in /big/dom/xvdj/www/test/upload.php3 on line 5
Thank you for uploading x.ico. We appreciate blah blah

I've also tried this:

$a = basename($userfile)
copy("/big/dom/tmp/".$a, "/big/dom/xvdj/www/test/".$a);
etc..

and I still get the SAFE mode thing. I know the file exists after the upload, because if I

echo $userfile

I get

/tmp/php15152aaa.ico

or similar. The file by default goes into /tmp, and I just need to copy it over and then unlink it. Could there be som permissions thing? I'm learning this stuff slowly, and I'm getting the hang of it, but I keep getting stumped on little things that the "Manual" doesn't get into - I need a "Php for dummies" book http://www.aota.net/ubb/smile.gif

Anyway, thanks for the help so far - I'm most of the way there now. I can see over the hill...

Oh, yeah, there's probably a bunch of icons in the /tmp directory - sorry. It was a small file that I found, so I used it to test this thing out.



------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

Ok, first of all, thanks for all of the help. I am almost there. When I echo($userfile);, it shows:

/tmp/file123

which I assume means /big/dom/tmp/file123. That's all fine. But is still doesn't give me permission to read or write to this file. I even tried chmod($userfile, 0755);, and no access. I can't copy, rename, chmod, or unlink the file. I have the file's location down, I know exactly where I want to put it, I just can't do anything to it.

What is the UID? User ID? It says that the file is owned by UID 0, the script whose UID is blah is not allowed to access the file owned by UID 0. Can I change the scripts UID? Or the file's UID upon upload?

Again, thanks for all of the help on this. I almost have this thing licked. Once I get the whole upload thing knocked out, I want it to send me and the submitter an email (I'll try my best to do that part on my own).

You know, for someone who hates asking for help, I've been here an awful lot tha last couple of days! http://www.aota.net/ubb/smile.gif

Thanks.

--
Justin
--chaotic structure--
vdj.net

I made an uid/gid ownership change to /big/dom/tmp

Try this again... http://www.aota.net/ubb/wink.gif

--
Terra
--Guilty of throwing monkey wrenchs--
FutureQuest

[This message has been edited by ccTech (edited 01-13-99).]

Terra
--Guilty of throwing monkey wrenchs--

And paper, and documentation, and cables, and looks, and well... you get the idea http://www.aota.net/ubb/wink.gif

Deb

(ppsssttt he's not the hostile type.. I just couldn't resist)

I've thrown a mouse or two myself trying to get this php thing to work http://www.aota.net/ubb/smile.gif

Still no access, though.

http://www.vdj.net/testing.html

php source:

http://www.vdj.net/test/upload.phps

Justin
--needs a new mouse--

There has to be something very small that I'm doing wrong. I just added a lot of code to this php3 file, and everything works great except for the copy / unlink part. I don't think it's a coding error on my part, it must be something that I misunderstood, or something.

It now emails the user with the file details along with one of two messages, depending on whether or not the upload was successful. This all works great. I even have two different snippets of HTML, one good and one bad.

By the way, on the telephone you were telling me that php3 was not a whole lot different than Visual Basic. I think all programming languages are very similar. They all have the same purpose - take some input, do something with it, and give us some sort of results. And the syntax is very similar.

<?
if ($programmer == $moron) {
$php_work = 0;
print "Warning: Safe Mode.\n";
} else {
$php_work = 1;
print "Good work. Let's Upload!\n";
}
?>

But that's beside the point. Please have a look at the code if you get a chance (URL's above) and help me figure out what I'm doing wrong http://www.aota.net/ubb/smile.gif

Thanks for all of the help - I'm learning new things every day, and loving it!

Justin

I will need more time to investigate all this...

SAFE_MODE is pretty restrictive, and I just instigated it the other day...

I am slowly working all the kinks out of this, and due to time pressures - it was released a little bit premature...

The Core PHP3 functionality worked when it was running wide open, but now as I have been implementing security requirements - some other adjustments are having to be made...

I am taking PHP3 safe mode a step-at-a-time, and hopefully soon should have this as a full robust offering...

As it stands now, developer's beware that there may be some glitches along the way in it's schema...

--
Terra
--momentarily clueless--
FutureQuest.net

PS: Right now my efforts and focus is on resolving some core server issues with disk access performance... Once I get those issues taken care of, I will be able to train my consciouness back on the PHP3 problems... (Believe me, Deb is ***all*** over me with the PHP3 issues!!!) So you have a very powerful advocate working on your side...

PSS: can I go hide now???

[This message has been edited by ccTech (edited 01-13-99).]

Hide? From me?!?!?!


ROFL!!!!!

Sure, you can hide. I know that what you are doing is a lot more important to the whole community than my little upload script http://www.aota.net/ubb/smile.gif

I was getting impatient with myself, wondering why in the heck I couldn't figure out such a simple language (it is quite simple, BTW). I now realize that it's a security thing, and security is very important. I like that you guys take security seriously and consider it a priority.

I did put in my script to reject a file if it's bigger than 100k, and will soon figure out how to make it able to tell a valid email address as well. I like security too, and I don't want to risk comprimising the server or anyone else just so I can play with php.

Anyway, thanks for the replies, and I don't exactly need the uploading capabilities. In fact, it's more for the learning experience than anything. I will find other uses for php as well. It seems to me like a more powerful version of JavaScript, with the added benefit of not needing to know what browser the user has.

All of these errors gave me a chance to read a good portion of the php online manual, and that helped me a lot with the other stuff, like mail() and such.

And I promise that once this thing copies the file properly, I will learn everything else the hard way - the right way. The same way I learned VB. A crash-course of trial and error. Maybe I should go download a C compiler, just for fun...

Again, no rush on this. I was just bored, and decided to try something new. I'll resume when I hear that it's been fixed or when I find out what I did wrong, or whatever the problem is.

Thanks for all the help.

Justin

For the 'Safe Mode', I have a PHP doc_root in effect - which is '/big/dom'...

I think what will fix your problem is changing '/big/dom/xvdj/' to '/xvdj'...

The doc_root is *automatically* pre-pended to any path specifier...

So PHP internally converts:
path = doc_root . customer_specified
or
path = '/big/dom' . '/xvdj/www'
which in turn is: '/big/dom/xvdj/www'

Hope this makes sense... http://www.aota.net/ubb/smile.gif

--
Terra
--structured chaos--
FutureQuest.net

I made a few changes to the PHP module and it's configuration...

The default upload path for PHP3 is '/big/dom/tmp'...

It should hopefully work now, as it is within the PHP3 safe settings...

--
Terra
--Security is almost always never convenient--
FutureQuest.net

[This message has been edited by ccTech (edited 01-24-99).]