Asked  7 Months ago    Answers:  5   Viewed   65 times

I keep getting this error when trying to configure the upload directory with Apache 2.2 and PHP 5.3 on CentOS.

In php.ini:

upload_tmp_dir = /var/www/html/mysite/tmp_file_upload/

In httpd.conf:

Directory /var/www/html/mysite/tmp_file_upload/>
    Options  -Indexes
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
<Directory /var/www/html/mysite/images/>
                Options -Indexes
</Directory>

CentOS directory permissions:

drwxrwxr-x 2 root root 4096 Nov 11 10:01 images
drwxr-xr-x 2 root root 4096 Nov 12 04:54 tmp_file_upload

No matter what I do, I keep getting this error from PHP when I upload the file:

Warning: move_uploaded_file(images/robot.jpg): failed to open stream: Permission denied in /var/www/html/mysite/process.php on line 78

Warning: move_uploaded_file(): Unable to move '/tmp/phpsKD2Qm' to 'images/robot.jpg' in /var/www/html/mysite/process.php on line 78

As you can see, it never did take the configuration from the php.ini file regarding the upload file.

What am I doing wrong here?

 Answers

99

This is because images and tmp_file_upload are only writable by root user. For upload to work we need to make the owner of those folders same as httpd process owner OR make them globally writable (bad practice).

  1. Check apache process owner: $ps aux | grep httpd. The first column will be the owner typically it will be nobody
  2. Change the owner of images and tmp_file_upload to be become nobody or whatever the owner you found in step 1.

    $sudo chown nobody /var/www/html/mysite/images/
    
    $sudo chown nobody /var/www/html/mysite/tmp_file_upload/
    
  3. Chmod images and tmp_file_upload now to be writable by the owner, if needed [Seems you already have this in place]. Mentioned in @Dmitry Teplyakov answer.

    $ sudo chmod -R 0755 /var/www/html/mysite/images/
    
    $ sudo chmod -R 0755 /var/www/html/mysite/tmp_file_upload/
    
  4. For more details why this behavior happend, check the manual http://php.net/manual/en/ini.core.php#ini.upload-tmp-dir , note that it also talking about open_basedir directive.

Wednesday, March 31, 2021
 
Parfait
answered 7 Months ago
52

Typically, we use ftp in these situations. /public_html permissions may remain to 750 and run this code.

$server = 'localhost';
$ftp_user_name = 'username';
$ftp_user_pass = 'passw';
$dest = 'public_html/new.file';
$source = '/home/username/public_html/path/to/existing.file';

$connection = ftp_connect($server);
$login = ftp_login($connection, $ftp_user_name, $ftp_user_pass);
if (!$connection || !$login) { die('Ftp not connected.'); }
$copied = ftp_put($connection, $dest, $source, FTP_BINARY);
if ($copied) { 
    echo 'File copied';
} else {
    echo 'Copy failed!'; 
}
ftp_close($connection);

The page with final destination in public_html can be created in the other directory and then this script will copy it in public_html. The old file will remain and if a file exists with the same destination name will be overwritten.
The $dest is relative path to user home directory. The $source is absolute path.
The connection will fail if the ftp is concurrently used by filezilla or something. A solution to that is to create a second ftp user account in cPanel.

Wednesday, March 31, 2021
 
nhunston
answered 7 Months ago
71

in MAC OS X's terminal ,use this commande :

  CHMOD 775 yourFilesPath

775:Standard file sharing mode for a group.

Saturday, May 29, 2021
 
Noob_Programmer
answered 5 Months ago
59

Yes, quite easily. But first off, you need some extra bits:

// never assume the upload succeeded
if ($_FILES['file']['error'] !== UPLOAD_ERR_OK) {
   die("Upload failed with error code " . $_FILES['file']['error']);
}

$info = getimagesize($_FILES['file']['tmp_name']);
if ($info === FALSE) {
   die("Unable to determine image type of uploaded file");
}

if (($info[2] !== IMAGETYPE_GIF) && ($info[2] !== IMAGETYPE_JPEG) && ($info[2] !== IMAGETYPE_PNG)) {
   die("Not a gif/jpeg/png");
}

Relevant docs: file upload errors, getimagesize and image constants.

Thursday, July 22, 2021
 
Null
answered 3 Months ago
89

Follow this: Source - 2

“Setting Directory Permissions with Windows Hosting Accounts”

http://support.godaddy.com/help/article/6481

You should ask your hosting provider for access permissions if it doesn't solve your problem.

Ref: Removing Web Access to Directories on a Windows Hosting Account

Removing the "Anonymous Access" IIS Setting for that directory. The result of removing this permission is that you can only access that directory from with your hosting account or via FTP. You will not be able to access the directory through any Web browser, regardless of whether you are knowledgeable of the hosting account user name and password.

Monday, August 16, 2021
 
keisar
answered 2 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :