Bootstrap FreeKB - PHP - Upload image files to a shared folder on Linux
PHP - Upload image files to a shared folder on Linux
Updated:   |  PHP articles

Ensure that you have file_uploads = On in your php.ini file.

file_uploads = On

 

The following command can also be used to ensure the file_uploads is On.

~]$ php -i | grep -i file_uploads
file_uploads => On => On

 

Temporary Uploads Directory

Determine if open_basedir has a value in your php.ini file or using the php -i command.

~]$ php -i | grep -i open_basedir
open_basedir => /var/www => /var/www

 

If open_basedir has a value, such as /var/www, upload_tmp_dir must be somewhere below the open_basedir.

~]$ php -i | grep -i upload_tmp
upload_tmp_dir => /var/www/tmp => /var/www/tmp

 

If upload_tmp_dir is not somewhere below your web servers document root, the PHP log file will throw an error.

[john.doe@server1 ~]# cat /var/log/php-fpm/error.log
[28-May-2017 15:33:21 US/Central] PHP Warning: move_uploaded_file(): open_basedir restriction in effect. File (/tmp/phpNENCQM) is not within the allowed path(s): (/var/www) in /var/www/html/Stage2.php on line 9.

 

Ensure the temporary uploads directory exists.

~]# mkdir /var/www/tmp

 

Ensure the temporary uploads directory permission is 755.

~]# chmod 755 /var/www/tmp

 

Use the following PHP to determine what user PHP uses to upload the file.

<?php
    echo exec('whoami'); 
?>

 

If the output of the above is apache, then apache is the user. In this scenario, set the owner of the temporary uploads directory to apache.

~]# chown apache:root /var/www/tmp

 

Set the SELinux context of the temporary and permanent uploads directory to httpd_sys_rw_content_t.

~]# chcon --type httpd_sys_rw_content_t /var/www/tmp

 

HTML

Use the following HTML to create a form that will post the file to file_upload.php.

<form action="file_upload.php" method="post" enctype="multipart/form-data">
    <input type="file" name="upload">
    <input type="submit">
</form>

 

In this example, an image of Goofy is selected.

 

PHP

In this example, upload_tmp_dir in the php.ini file is /var/www/tmp/. This tells PHP to create a temporary copy of the file being upload in the /var/www/tmp/ directory on the web server. The temporary name of the file can be viewed with the following PHP.

<?php
  $original_name  = $_FILES["upload"]["name"];
  $temporary_name = $_FILES["upload"]["tmp_name"];
  $target         = "/var/www/tmp/" . $original_name;
?>

 

In this example, in the HTML, the name of the file input type is upload. In PHP, the FILES  variable will also need to contain upload.

 

For the sake of this tutorial, let's say the original name of the file is goofy.png, temporary name of the uploaded file is /tmp/php8AAD.tmp. The php8AAD.tmp file is what will be uploaded, not the original file name.

example.jpg
/tmp/php8AAD.tmp
/var/www/site1/images/example.jpg

 

The PHP move_uploaded_file function can be used to move a file from one directory to another. In this example, the temporary file will be moved from /tmp/php8AAD.tmp to /var/www/tmp, and the name of the file will be goofy.png.

<?php
    $original_name = $_FILES["upload"]["name"];
    $temporary_name = $_FILES["upload"]["tmp_name"];
    $target = "/var/www/html/images/" . $original_name;

    if(move_uploaded_file($temporary_name, $target)) {echo "Success";}
    else{echo "Failed";}
?>

 

Check if file already exists

Use the following PHP to check to see if the file being upload already exists, and then only proceed with the upload if the file does not already exists in the uploads directory.

<?php
  $original_name  = $_FILES["upload"]["name"];
  $temporary_name = $_FILES["upload"]["tmp_name"];
  $target         = "/var/www/html/images/" . $original_name;

  if (file_exists($target)) {
    echo "Already exists";
  }
  else {
    if (move_uploaded_file($temporary_name, $target)) {
      echo "Success";
    }
    else {
      echo "Failed";
    }
  }
?>

 

Check file extension

Use the following PHP to check to see if the file being upload has extension .jpg, .jpeg, .png, or .gif, and then only proceed with the upload if the file has one of these extension.

<?php
  $original_name  = $_FILES["upload"]["name"];
  $temporary_name = $_FILES["upload"]["tmp_name"];
  $target         = "/var/www/html/images/" . $original_name;
  $FileExtension  = pathinfo($target,PATHINFO_EXTENSION);

  if (file_exists($target)) {
    echo "Already exists";
    exit();
  }
  elseif ($FileExtension !='jpg' && $FileExtension !='jpeg' && $FileExtension !='png' && $FileExtension !='gif') {
    echo "Invalid extension";
    exit();
  }
  else {
    if (move_uploaded_file($temporary_name, $target)) {
      echo "Success";
    }
    else {
      echo "Failed";
    }
  }
?>

 

Debugging

If there is a problem, add the following PHP, and then reference the PHP Manual.

$_FILES["upload"]["error"];

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter d946d7 in the box below so that we can be sure you are a human.