hi,
I would like to upload a file (via a form), then read that (temporary)
file and write the contents into a database. The first problem is that
open_basedir=/home/CUSTOMER so I can't just read it from /tmp.
That's why I used move_uploaded_f ile() to move the file
to /home/CUSTOMER/DOMAIN/tmp/FILENAME:
=============== =============== =============== =========
<?php
error_reporting (E_ALL);
// move file to DOMAIN's tmpdir
$client_name = $_FILES['uploadfile']['name'];
$dest = "/home/CUSTOMER/DOMAIN/tmp/$client_name";
move_uploaded_f ile($_FILES['uploadfile']['tmp_name'], $dest);
// read uploaded file
$tempfile = fopen("$dest"," rb");
echo "contents of $client_name=" . fread ($tempfile,1024 );
?>
=============== =============== =============== =========
when I do the fopen I get an error:
Warning: SAFE MODE Restriction in effect. The script whose uid is 0 is not allowed to access /home/CUSTOMER/DOMAIN/tmp/README.html owned by uid 33
This error is because move_uploaded_f ile() has created README.html
with www-data:www-data (instead of CUSTOMER:CUSTOM ER):
-rw------- 1 www-data www-data 12733 Jul 9 14:17 README.html
Next I tried to login via ftp, and do a chmod on that file from there
(I found this trick on www.php.net and it helped with such safe_mode
problems in the past), right after the call to move_uploaded_f ile():
=============== =============== =============== =========
// do a chmod 777 via ftp to work around a safe_mode problem
// (file-uploads are created with user=www-data, but on our server
// safe_mode is enabled, and so php-scripts may not open any files
// that are not owned by CUSTOMER:CUSTOM ER)
// => we chmod 777 it via ftp so that we can read it
$path = "DOMAIN";
$conn = ftp_connect ("localhost" );
$result = ftp_login ($conn, "CUSTOMER", "PASSWORD") ;
if (!$conn or !$result) { exit ("Couldn't login to ftp!"); }
if (!ftp_site ($conn, "chmod 0777 /DOMAIN/tmp/$client_name")) \{
exit ("Couldn't do ftp_site!");
}
ftp_quit ($conn);
=============== =============== =============== =========
but then I get permission denied for the ftp-command:
Warning: ftp_site: /DOMAIN/tmp/README.html: Operation not permitted in [...]/testupload.php on line 20
Couldn't do ftp_site!
thanks a lot,
--
Felix Natter
I would like to upload a file (via a form), then read that (temporary)
file and write the contents into a database. The first problem is that
open_basedir=/home/CUSTOMER so I can't just read it from /tmp.
That's why I used move_uploaded_f ile() to move the file
to /home/CUSTOMER/DOMAIN/tmp/FILENAME:
=============== =============== =============== =========
<?php
error_reporting (E_ALL);
// move file to DOMAIN's tmpdir
$client_name = $_FILES['uploadfile']['name'];
$dest = "/home/CUSTOMER/DOMAIN/tmp/$client_name";
move_uploaded_f ile($_FILES['uploadfile']['tmp_name'], $dest);
// read uploaded file
$tempfile = fopen("$dest"," rb");
echo "contents of $client_name=" . fread ($tempfile,1024 );
?>
=============== =============== =============== =========
when I do the fopen I get an error:
Warning: SAFE MODE Restriction in effect. The script whose uid is 0 is not allowed to access /home/CUSTOMER/DOMAIN/tmp/README.html owned by uid 33
This error is because move_uploaded_f ile() has created README.html
with www-data:www-data (instead of CUSTOMER:CUSTOM ER):
-rw------- 1 www-data www-data 12733 Jul 9 14:17 README.html
Next I tried to login via ftp, and do a chmod on that file from there
(I found this trick on www.php.net and it helped with such safe_mode
problems in the past), right after the call to move_uploaded_f ile():
=============== =============== =============== =========
// do a chmod 777 via ftp to work around a safe_mode problem
// (file-uploads are created with user=www-data, but on our server
// safe_mode is enabled, and so php-scripts may not open any files
// that are not owned by CUSTOMER:CUSTOM ER)
// => we chmod 777 it via ftp so that we can read it
$path = "DOMAIN";
$conn = ftp_connect ("localhost" );
$result = ftp_login ($conn, "CUSTOMER", "PASSWORD") ;
if (!$conn or !$result) { exit ("Couldn't login to ftp!"); }
if (!ftp_site ($conn, "chmod 0777 /DOMAIN/tmp/$client_name")) \{
exit ("Couldn't do ftp_site!");
}
ftp_quit ($conn);
=============== =============== =============== =========
but then I get permission denied for the ftp-command:
Warning: ftp_site: /DOMAIN/tmp/README.html: Operation not permitted in [...]/testupload.php on line 20
Couldn't do ftp_site!
thanks a lot,
--
Felix Natter
Comment