如何使用php将图像上传到服务器上的文件夹目录中

I am trying to upload images onto server.

On the Server the folder name:{photo}

I check the permissions on the folder and it currently on 0755.

When I run my php code, I get this error code:

"Error uploading file - check destination is writeable."

The post that was similar to my issues is this: How to upload photo to my hosting server folder directory

but I already have these functions in my code:

Here my php code:

<?php

$filetmp = $_FILES["file_img"]["tmp_name"];
$filename = $_FILES["file_img"]["name"];
$filetype = $_FILES["file_img"]["type"];
$filesize = $_FILES["file_img"]["size"];
$fileinfo = getimagesize($_FILES["file_img"]["tmp_name"]);
$filewidth = $fileinfo[0];
$fileheight = $fileinfo[1];
$filepath = "../photo/".$filename;
$filepath_thumb = "../photo/thumb/".$filename;




if($_POST['btn_upload'])
{
    $sPhotoFileName = $filename;
    $nPhotoSize = $filesize;
    $sTempFileName = $filetmp;
    chmod($filepath_thumb,0755);
    chmod($filepath,0755);

if(file_exists('photo/' . $_FILES['file_img']['name'])){
    die('File with that name already exists.');
}else{

if ($sPhotoFileName) // file uploaded
{   $aFileNameParts = explode(".", $sPhotoFileName);
    $sFileExtension = end($aFileNameParts); // part behind last dot
    if ($sFileExtension != "jpg"
        && $sFileExtension != "png"
        && $sFileExtension != "gif")
    {   die ("Choose a JPG for the photo");
    }
}

if($_FILES['file_img']['error'] > 0){
    die('An error ocurred when uploading.');
}

    if ($nPhotoSize == 0)
    {   die ("Sorry. The upload of $sPhotoFileName has failed.
Search a photo smaller than 300K, using the button.");
    }
    if ($nPhotoSize > 30240000000)
    {   die ("Sorry.
The file $sPhotoFileName is larger than 300K.
Advice: reduce the photo using a drawing tool.");
    }
    // read photo

    $oTempFile = fopen($sTempFileName, "r");
    $sBinaryPhoto = fread($oTempFile, fileSize($sTempFileName));
    // Try to read image
    $nOldErrorReporting = error_reporting(E_ALL & ~(E_WARNING)); // ingore warnings
    $oSourceImage = imagecreatefromstring($sBinaryPhoto); // try to create image
    error_reporting($nOldErrorReporting);
    if (!$oSourceImage) // error, image is not a valid jpg
    { die ("Sorry.
It was not possible to read photo $sPhotoFileName.
Choose another photo in JPG format.");
    }
}
 $nWidth = imagesx($oSourceImage); // get original source image width
        $nHeight = imagesy($oSourceImage); // and height
        // create small thumbnail
        $nDestinationWidth = 80;
        $nDestinationHeight = 60;
    //$oDestinationImage = imagecreatetruecolor($nDestinationWidth, $nDestinationHeight);
        $oDestinationImage = imagecreate($nDestinationWidth, $nDestinationHeight);
    /*$oResult = imagecopyresampled(
        $oDestinationImage, $oSourceImage,
        0, 0, 0, 0,
        $nDestinationWidth, $nDestinationHeight,
        $nWidth, $nHeight); // resize the image
    */
        imagecopyresized($oDestinationImage, $oSourceImage,0, 0, 0, 0,$nDestinationWidth, $nDestinationHeight,$nWidth, $nHeight); // resize the image
        ob_start(); // Start capturing stdout.
        imageJPEG($oDestinationImage); // As though output to browser.
        $sBinaryThumbnail = ob_get_contents(); // the raw jpeg image data.
        ob_end_clean(); // Dump the stdout so it does not screw other output.

    // attempt insert query execution
    $sql = "INSERT INTO UploadImg (img_name, img_path, img_type) VALUES ('$sPhotoFileName', '$filepath', '$filetype')";
        if(mysqli_query($link, $sql)){
                    echo "Records added successfully.";
                } else{
                    echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
                }


    if(!move_uploaded_file($_FILES["file_img"]["tmp_name"],"../photo/".$_FILES["file_img"]["name"])){
           die('Error uploading file - check destination is writeable.');
       echo "Error Code: " .$_FILES["file_img"]["name"] . "<br>";
    }else{



    $sBinaryThumbnail = addslashes($sBinaryThumbnail);
    $oDatabase = $link;
    mysqli_select_db("upload", $oDatabase);
    $sQuery = "insert into Uploadimg (thumbnail) VALUES ('$sBinaryThumbnail')";
    echo $sQuery;
    mysqli_query($sQuery, $oDatabase);
    die('File uploaded successfully.');
    mysqli_close($link);

    }
}
    ?>

Now I read an article say that even if your folder permission setup up to do all three read, write, and executed on all three level. the code still will not be able to read it depending on the settings on the server.

So I am confused and looking for clarification. Please assist me?

php
doushangxianq07480
doushangxianq07480 我也试过了。那没起效
4 年多之前 回复
douma5954
douma5954 我猜,但尝试$filepath=“photo/".$filename;
4 年多之前 回复

4个回答



您可以通过编码的二进制数据上传图像,并将图像格式的文件保存在服务器上。</ p>
< / DIV>

展开原文

原文

You can upload the image by binary data encoded and save the file with the image format on the server.



755表示它不是世界可写的。 您可以使用777将其设置为可写和可执行文件。</ p>

这仍然容易受到攻击,因为任何有权访问您的服务器操作系统的人都可以写入该文件夹,因此您可能只需要让Web服务器用户 文件夹的所有者并保留现在的权限。 如果你正在运行apache,那么用户通常是www-data或apache。 </ p>
</ div>

展开原文

原文

755 means it is not world writable. You can set it writable and executable with 777.

This is still vulnerable as anyone with access to your server os can write to the folder, so you should probably just make the web server user the owner of the folder and keep the permissions as they are now. If you're running apache, the user is usually www-data or apache.

dongxing4805
dongxing4805 它是我大学的服务器,我使用FTP应用程序WinScp登录服务器来托管我的网页
4 年多之前 回复



我想通了你必须设置GID和UID权限 filepermission </ p>

设置组标识GID允许所有者执行所有应用程序的读取,写入和拉取到该文件夹​​。 / p>

用户标识UID也是如此。 问题是你的文件夹将大开,陌生人可以操作它,但它可以工作。</ p>

我的图像正在上传到文件夹中。 告诉我你的想法是什么? </ p>
</ div>

展开原文

原文

I figure it out you gotta set the GID and UID permissionsfilepermission

The set group identification GID allows the owner to execute all applications to read, write and pull to the folder.

Same thing with the User identification UID. the problem is the your folder will be wide open for strangers to manipulate it but it works.

My images are uploading into the folder. Tell me what yall think?

First in your php.ini put

file_uploads = On 

Next, create an HTML form that allow users to choose the image file they want to upload:

<form action="upload.php" method="post" enctype="multipart/form-data">
Select image to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" value="Upload Image" name="submit">

Make sure that the form uses method="post" Then use the php code below to upload image

<?php
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
    $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } else {
        echo "File is not an image.";
        $uploadOk = 0;
    }
}
?>

</div>
Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问