Trying to create a simple file depository on a LAMP stack, but whenever I upload files they won’t move from /tmp to target dir.
I can’t workout where I’m going wrong, I’m using the example code from the PHP docs:
<?php
$uploaddir='/var/www/example.com/public_html/uploads/';
$uploadfile=$uploaddir.basename($_FILES['userfile']['name']);
echo'<pre>';
if(move_uploaded_file($_FILES['userfile']['tmp_name'],$uploadfile))
{
echo"File is valid, and was successfully uploaded.n";
}
else
{
echo "Possible file upload attack!n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
?>
<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="index.php" method="POST">
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
<!-- Name of input element determines name in $_FILES array -->
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
Browser output is:
Possible file upload attack!
Here is some more debugging info:Array
(
[userfile] => Array
(
[name] => Test_File.txt
[full_path] => Test_File.txt
[type] => text/plain
[tmp_name] => /tmp/php1hAD8G
[error] => 0
[size] => 19
)
)
and the apache error log gives the following warning:
PHP Warning: move_uploaded_file(/var/www/example.com/public_html/uploads/Test_File.txt): Failed to open stream: Permission denied
Which I assume means that the system doesn’t believe it has permission to create the file in teh target dir. when I set up the site I used:
sudo chown -R $USER:$USER /var/www/example.com/public_html/uploads
sudo chmod -R 755 /var/www/
and I can see that the files are owned by whatever account I’m logged into on the SSH as.
I’m pretty new to this, but I assume I’ve done everything right here but I’ve made a mistakes with the permissions?