[hlemon]

Hey all,

I've been working on this problem for a bit and have become stumped. I tested this before and found it working, now I keep getting and error message:

Warning: copy(uploadedImages/funny-pictures-cat-is-koala.jpg) [function.copy]: failed to open stream: Permission denied in D:\Hosting\2898250\html\cms\uploadImage.php on line 62
Error: 

I called the hosting company about it and they said it was an access error. I recreated the database to include access to the system and still get the same error. My code is below.

<?php
// This code will password protect the page
/*session_start();
if ($_SESSION['login'] <> TRUE) {
	header('Location: login.php');
}*/
include_once ("connect.php");
include_once ("functions.php");

$ID = $_GET['ID'];
$sSqlSelect = "SELECT * FROM productIndex WHERE ID='$ID';";
$qresult = mysql_query($sSqlSelect);
$row = mysql_fetch_array($qresult, MYSQL_ASSOC);

?>
<html>
<head>
<title>Image Form</title>
</head>
<body>
<h1>Form</h1>
<?php
// Maximum file size, in Kb, of the upload images
// Your server configuration may also limit the size
define("MAX_SIZE", "2024");

// Get the extension of the file (gif, jpg, etc)
function getFileType($fileName) {
	$i = strrpos($fileName, ".");
	if (!$i) { return ""; }
	$l = strlen($fileName) - $i;
	$fileExt = substr($fileName, $i+1, $l);
	return $fileExt;
}
//Set the default form error value
$error = false;

if(isset($_POST['Submit'])) {
	// The second key (image) should have the same name as the form's file field
	$productImage = $_FILES['productImage']['name'];
	// Form validation
	if ($productImage == "") {
		$error = "Image is a required field";
	} else {
		// Get the file extension and convert to lowercase
		$extension = getFileType($productImage);
		$extension = strtolower($extension);
		// Only web image extensions will be accepted
		if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) {
			$error = "The file is not an image";
		}
		// Reject large files
		$size = filesize($_FILES['productImage']['tmp_name']);
		if ($size > MAX_SIZE*2024) {
			$error = "The file is larger than " . MAX_SIZE . " kB";
		}
		//Finish processing if validation checks pass
		if ($error == false) {
			//upload to a directory with write permission
			$path = "uploadedImages/" . $productImage;
			
			$result = copy($_FILES['productImage']['tmp_name'], $path);
		
			if (!$result) {
				$error = "File upload failed";
				die('Error: ' . mysql_error());
			} else {
				
				//Update database with image name for file path.
				$sSql = "UPDATE productIndex SET productImage='$path' WHERE ID=$id;";
					if (!mysql_query($sSql,$connect)) {
						die('Error: ' . mysql_error());
					  }
				$successful = "File upload successful!";
				echo "<p>$successful</p>";
				echo "<p>File name = $image</p>";
				echo "<p>Server path = $path</p>";
				echo "<p><img src=\"$path\" /></p>";
				
				//Resize Image to 150px
				/*$sImageSize = getimagesize($_FILES['productImage']['tmp_name']);
				print $sImageSize;*/
			}
		}
	}
}
// Print the Error message if validation failed
if ($error <> false) {
	echo "<p><font color=\"red\"><strong>$error</strong></font></p>";
}
// Do not show the form again if the submission was successful
if ($successful <> true) {
	// The form action submits the form to this same page
	// The multipart encoding type must be used
	echo "<form action=\"uploadImage.php?ID=$ID\" method=\"post\" enctype=\"multipart/form-data\">";
echo <<<EOT
	<table>
		<tr><td><input type="file" name="productImage" /></td></tr>
		<tr><td><input name="Submit" type="submit" value="Upload image" /></td></tr>
	</table>
	</form>
EOT;
}
?>

</body>
</html>

Could I just be missing something small?

[Martyr2]

The problem is not the database. I think what they meant by access is accessing the file paths. You have the line...

$result = copy($_FILES['productImage']['tmp_name'], $path);

This opens the filename specified by $_FILES['productImage']['tmp_name'] and attempts to copy it to $path. If the filename or the destination you are trying to copy to doesn't grant you permission or doesn't exist, you will get an error about failing to open the stream. The trick here is "open the stream" which means it is trying to open a file and it can't.

I suggest you don't actually use the copy() function but instead use move_uploaded_file() function. This function is easier to use, is designed for the exact situation you are doing and can be easily thrown into an if statement to test if the move was successful (because it returns a bool).

Double check both that you have a valid value for your $_FILES array and that $path is a folder that exists and you have access to. Also make sure you include a filename in there too so that besides moving it, you can also choose to rename it.

move_uploaded_file() will be your ticket here. Trust me.

[hlemon]

Thanks so much for your help. What ended up being an error had to do with permissions from the hosting account. Thanks for your help though! I'm actually running into a similar error now with another site.

Below is what I have set up:

<?php
session_start();
if ($_SESSION['login'] <> TRUE) {
	header('Location: login.php');
}
// This code will password protect the page
/*session_start();
if ($_SESSION['login'] <> TRUE) {
	header('Location: login.php');
}*/
include_once ("connect.php");
include_once ("functions.php");

$ID = $_GET['ID'];
$sSqlSelect = "SELECT * FROM somerville WHERE ID='$ID';";
$qresult = mysql_query($sSqlSelect);
$row = mysql_fetch_array($qresult, MYSQL_ASSOC);

echo htmlHeader("Upload An Image");
?>
			<h1>Somerville.com Administrator Panel</h1>
			<div id="wrapCMSNav">
					<ul>
						<li><a href="index.php">Add A Property</a></li>
						<li><a href="list.php">List of Properties</a></li>
					</ul>
			</div>
			<div class="clear"></div>
			<h2>Upload A Property Image</h2>
<?php
// Maximum file size, in Kb, of the upload images
// Your server configuration may also limit the size
define("MAX_SIZE", "10000");

// Get the extension of the file (gif, jpg, etc)
function getFileType($fileName) {
	$i = strrpos($fileName, ".");
	if (!$i) { return ""; }
	$l = strlen($fileName) - $i;
	$fileExt = substr($fileName, $i+1, $l);
	return $fileExt;
}
//Set the default form error value
$error = false;

if(isset($_POST['Submit'])) {
	// The second key (image) should have the same name as the form's file field
	$propertyImage = $_FILES['propertyImage']['name'];
	// Form validation
	if ($propertyImage == "") {
		$error = "Image is a required field";
	} else {
		// Get the file extension and convert to lowercase
		$extension = getFileType($propertyImage);
		$extension = strtolower($extension);
		// Only web image extensions will be accepted
		if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) {
			$error = "The file is not an image";
		}
		// Reject large files
		$size = filesize($_FILES['propertyImage']['tmp_name']);
		if ($size > MAX_SIZE*10000) {
			$error = "The file is larger than " . MAX_SIZE . " kB";
		}
		//Finish processing if validation checks pass
		if ($error == false) {
			//upload to a directory with write permission
			$path = "uploadedImages/" . $propertyImage;
			$path2 = $propertyImage;
			$result = move_uploaded_file($_FILES['propertyImage']['tmp_name'], $path);
			if (!$result) {
				$error = "File upload failed";
				die('Error: ' . error_get_last());
			} else {
				
				//Update database with image name for file path.
				$sSql = "UPDATE somerville SET propertyImage='$path2' WHERE ID=$ID;";
					if (!mysql_query($sSql,$connect)) {
						die('Error: ' . mysql_error());
					  }
				$successful = "<form>File upload successful!";
				echo "<p style=\"font-size: 18px; text-align: center;\">$successful</p><br /><br />";
				echo "<p><img src=\"$path\" /></p><br />";
				echo "<p><a href=\"list.php\">Click here</a> to go back to the list of properties.</p></form>";
				
				//Resize Image to 150px
				/*$sImageSize = getimagesize($_FILES['propertyImage']['tmp_name']);
				print $sImageSize;*/
			}
		}
	}
}
// Print the Error message if validation failed
if ($error <> false) {
	echo "<p><font color=\"red\"><strong>$error</strong></font></p>";
}
// Do not show the form again if the submission was successful
if ($successful <> true) {
	// The form action submits the form to this same page
	// The multipart encoding type must be used
	echo "<form action=\"uploadImage.php?ID=$ID\" method=\"post\" enctype=\"multipart/form-data\">";
echo <<<EOT
		<br /><input type="file" name="propertyImage" /><br />
		<br /><input name="Submit" type="submit" value="Upload Image" />
	</form>
EOT;
}
?>

</body>
</html>

My original error message said copy() [function.copy]: Filename cannot be empty in...

I changed it over to move_upload_file and am now getting an error that says it has to do with the Array. I'm a bit confused as to what I'm missing.

Party of the problem is if I upload a file that is relatively small (under 1MB), it uploads successfully and has no problems. Its when I try and upload something over 2MB that I have the problem. I already changed my php.ini file to accommodate larger files to upload. I set the limit at 15MB.

[RudiVisser]

After you modified php.ini, did you restart the web server?? If not your change won't have effect.

Also remember that after changing upload_max_filesize, you should change post_max_size too.