I used this code now:
if (is_uploaded_file($_FILES['ufile1']['tmp_name'])) {
move_uploaded_file($_FILES['ufile1']['tmp_name'],'./' .
$_FILES['ufile1']['name']);
This is the reply I got:
Warning: move_uploaded_file(./ayservenet.jpg): failed to open stream:
Permission denied in
For the message:
Warning: move_uploaded_file(./ayservenet.jpg): failed to open stream:
Permission denied in /home/ayserve/public_html/fu/fuprocess.php on line 6
you have to change the permissions of the file folder where you are copying
the file.
If you created it via FTP then you can't use
I made a mistake in my last message:
The lines that say:
ftp_chdir( $site , $folder );
ftp_site( $site , chmod $mode $folder );
should say:
ftp_chdir( $site , $folderbase );// this is the one that
was wrong
ftp_site( $site ,
Have in mind that some permissions can be changed only via FTP but some
other can only be changed useing chmod().
If you want more security you should set the permission in the moment of the
upload and change it again after it.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe,
You can also pass the variable via POST to the script where the function is.
It remains a local variable.
Or you can set it as global like Chris says.
And another way is puting it in a cookie.
Adam Symonds [EMAIL PROTECTED] escribió en el mensaje
news:[EMAIL PROTECTED]
Hi,
I am starting to us
In your code, where you have:
if (is_uploaded_file($_FILES['ufile1']['name'])) {
copy($_FILES['ufile1']['name'], .);
...
you should check the extension of the file been uploaded
you should'n accept files with php, cgi, asp, etc., extensions neither an
index file
if you do, some user
On Thu, 2003-10-16 at 07:14, John W. Holmes wrote:
Bunmi Akinmboni wrote:
Warning: move_uploaded_file(./ayservenet.jpg): failed to open stream:
Permission denied in /home/ayserve/public_html/fu/fuprocess.php on line 6
PHP runs as the web server and it does not have permission to write
The message About security is for Help with file upload.
I placed the message outside.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I just changed the permission on fu folder to 777 but it gives me the
same problem. I'm writing this script so that I can use it to upload to
jpeg files. The code is hereby attached.
Gabriel Peugnet wrote:
For the message:
Warning: move_uploaded_file(./ayservenet.jpg): failed to open stream:
I just changed the permission on fu folder to 777 but it gives me the
same problem. I'm writing this script so that I can use it to upload to
jpeg files. The code is hereby attached.
Bunmi
Gabriel Peugnet wrote:
For the message:
Warning: move_uploaded_file(./ayservenet.jpg): failed to open
Bunmi, you need to understand Unix file permissions.
Because you are running as the web server 'user / group' that user needs
permission to write to the directory you are specifying. In this case you
are trying to circumvent filesystem access controls by writing directly to
the root directory
Thanks Neil. My ultimate aim to update my database with the details of
the upload after it uploads successfully, but I need to solve this
problem first.
The folder already has permission 777.
Bunmi
Neil Smth wrote:
Bunmi, you need to understand Unix file permissions.
Because you are running
Neil,
The folder fu is not the root. I just created it for testing and it has
777 permission. My ultimate aim is to update a database upon successful
uploading.
Bunmi
Neil Smth wrote:
Bunmi, you need to understand Unix file permissions.
Because you are running as the web server 'user /
permission is ok but it's got to be inside the home directory of web server,
which is /var/www by default for apache
Nitin
- Original Message -
From: Bunmi Akinmboni [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, October 16, 2003 1:28 PM
Subject: Re: [PHP-DB] Help with file
HI Nitin,
Is that not dangerous as it will affect the entire server structure?
Bunmi
Nitin wrote:
permission is ok but it's got to be inside the home directory of web server,
which is /var/www by default for apache
Nitin
- Original Message -
From: Bunmi Akinmboni [EMAIL PROTECTED]
To:
i dont understand, what are you saying dangerous to...
i just gave an example, at your machine home directory of web server could
be entirely different.
anyway read my last mail
Nitin
- Original Message -
From: Bunmi Akinmboni [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday,
==
function LoginSystem()
{
global $username;
echo div align=right;
if ( !isset( $_SESSION['login'] ) ) {
Adam Symonds wrote:
Hi,
I am starting to us functions with my work but I am having troubles
With the variables in the functions..
If I have
Not sure if this is a MySQL Q. or a PHP one, but here goes...
I'm just learning sessions...
And I'm trying to add a session variable to a MySQL database.
I've done this page that takes the results from a previous form...
But I get this error:
Parse error: parse error, expecting `T_STRING' or
From: [EMAIL PROTECTED]
And I'm trying to add a session variable to a MySQL database.
I've done this page that takes the results from a previous form...
But I get this error:
Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or
`T_NUM_STRING'
On line 83
Which is the
might seem a bit long winded but this is how I would code it
$sql = INSERT INTO $table ( salutation, name, city} VALUES {
$sql .= '.$_SESSION{'salutation'].',
$sql .= '.$_SESSION{'name'].',
$sql .= '.$_SESSION{'city'].' )
mysql_query($sql);
regards
pete
mysql_query(INSERT INTO $table (
In addition to what John suggested, I see you have switched from parens to
curly braces when you close your list of columns and list of values. AFAIK,
you need to use parens to contain those lists.
-Original Message-
From: CPT John W. Holmes [mailto:[EMAIL PROTECTED]
Sent: Thursday,
I'm not sure that this code will work.
Try to use $_SESSION['..'] and (..). [Don't use the {, } for this purposes.
vio-
- Original Message -
From: pete M [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, October 16, 2003 4:02 PM
Subject: [PHP-DB] Re: Sessions and MySQL?
might
Try this instead:
mysql_query(INSERT INTO $table (
salutation,
name,
city
} VALUES {
\.$_SESSION['salutation'].\,
\.$_SESSION['name'].\,
\.$_SESSION['city'].\
}
-Original
Eeek, didn't notice your brackets. They're a bit messed up as well.
mysql_query(INSERT INTO $table (salutation, name, city)
VALUES (\.$_SESSION['salutation'].\, \.$_SESSION['name'].\,
\.$_SESSION['city'].\););
This MIGHT work :-)
-Original Message-
From: [EMAIL PROTECTED]
On Thu, 2003-10-16 at 09:58, Bunmi Akinmboni wrote:
Thanks Neil. My ultimate aim to update my database with the details of
the upload after it uploads successfully, but I need to solve this
problem first.
The folder already has permission 777.
Dateiname:
On Thu, 16 Oct 2003 13:33:28 +0100
[EMAIL PROTECTED] wrote:
Not sure if this is a MySQL Q. or a PHP one, but here goes...
I'm just learning sessions...
And I'm trying to add a session variable to a MySQL database.
I've done this page that takes the results from a previous form...
But I get
Cheers to everyone...
the curly brackets was me not thinking after a boozy lunch, and trying to
recreate code, on an E-mail..
anyhoo...
I thought the best idea, and the simplest for me, was to remove the ' from
the session recall
Turning $_SESSION['salutation'] -- INTO -- $_SESSION[salutation]
My Comment bellow:
On Wednesday 15 October 2003 14:38, Kirk Babb wrote:
Hi,
I'm having trouble with a query inside a function. I thought I'd written
this so that the function would fail if email and zipcode supplied were not
in the same row (trying to use those two things to identify the
From: Luis M Morales C [EMAIL PROTECTED]
My Comment bellow:
On Wednesday 15 October 2003 14:38, Kirk Babb wrote:
Hi,
I'm having trouble with a query inside a function. I thought I'd
written
this so that the function would fail if email and zipcode supplied were
not
in the same row
You guys might have valid points, but I think Kirk solved this problem to
his satisfaction sometime yesterday. I can't speak for Kirk though.
See:
[PHP-DB] [CLARIFICATION on SOLUTION] Re: problem - query inside a function
-Original Message-
From: CPT John W. Holmes [mailto:[EMAIL
Hi,
I use a query with multiple tables:
SELECT * FROM cases,status,prio where cases.statusid=status.id .
I retreive the data into my variable $line like this.
while ($line = mysql_fetch_array($result)) {.
How can I retreive data from $line without using the index value as
integers for
Erik Bjrling wrote:
Hi,
I use a query with multiple tables:
SELECT * FROM cases,status,prio where cases.statusid=status.id .
I retreive the data into my variable $line like this.
while ($line = mysql_fetch_array($result)) {.
How can I retreive data from $line without using the index
Hi Erik,
I think you can use ** $line['cases.id'] ** if you individually identify each column
selected, rather than using the * symbol.
David
Erik Björling [EMAIL PROTECTED]
10/16/2003 10:57 AM
To:
[EMAIL PROTECTED]
cc:
Subject:
[PHP-DB] Retreive data from multiple columns
Dear friends:
I have a problem of installation of php.
I'm using Linux 7.3. I have installed
openldap2.1.22 successfully.
Now I'm compiling php with the following
command:
./configure --with-apache2=/usr/local/apache2 \
--with-mysql=/usr/local/mysql \
At 18:44 16/10/2003 +, you wrote:
From: Ruprecht Helms [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: Bunmi Akinmboni [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Content-Type: text/plain
Message-Id: [EMAIL PROTECTED]
Mime-Version: 1.0
Date: 16 Oct 2003 15:12:38 +0200
Content-Transfer-Encoding:
I concur, assign the superglobal array to a variable ...
$Name = strip_slashes($_POST['elementName']);
$sql=INSERT INTO $table SET Name='$Name'];
... and then use that opportunity to run additional checks on the content.
--
Jon Kriek
http://phpfreaks.com
--
PHP Database Mailing List
Actually, I meant to suggest addslashes() and mysql_espace_string()
--
Jon Kriek
http://phpfreaks.com
Jon Kriek [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I concur, assign the superglobal array to a variable ...
$Name = strip_slashes($_POST['elementName']);
$sql=INSERT INTO
On Thu, 16 Oct 2003, Jon Kriek wrote:
I concur, assign the superglobal array to a variable ...
$Name = strip_slashes($_POST['elementName']);
$sql=INSERT INTO $table SET Name='$Name'];
... and then use that opportunity to run additional checks on the content.
Again, waste of variable
Greetings to all. I am trying for the life of me to place a $_POST[]
variable in my MySQL query. I am running the latest stable versions of
PHP, MySQL and Apache 2 on my Win2kPro machine. My register_globals are
set to off in my php.ini. My code I am attempting create is basically
as
Adam Reiswig wrote:
$table=elements;
$sql=insert into $table set Name = '$elementName';
This works with register_globals set to on. But, I want to be able to
turn that off. My code then, I am guessing, be something as follows:
$table=elements;
$sql=insert into $table set Name =
$sql=insert into $table set Name = '.$_POST[elementName].';
or even better:
$sql=insert into .$table. set Name = '.$_POST[elementName].';
But the method both Jake and Bao suggested will also work (temporary var)...
--
// DvDmanDT
MSN: [EMAIL PROTECTED]
Mail: [EMAIL PROTECTED]
Adam Reiswig [EMAIL
On Thu, 16 Oct 2003, Adam Reiswig wrote:
$sql=insert into $table set Name = '$_POST[elementName]';
Unfortunately this and every other combination I can think of,
combinations of quotes that is, does not work. I believe the source of
the problem is the quotes within quotes within quotes. I
On Fri, 17 Oct 2003, BAO RuiXian wrote:
I see you can achieve this by two ways:
1. Take out all the inside quotes (single or double) like the following:
$sql=insert into $table set Name = $_POST[elementName];
This is bad. Using no quotes MAY work, but it is considered a BARE
$sql=insert into $table set Name = '$_POST[elementName]';
The problem with this is that you need to use curly braces around the
variable being substituted in the string. Also use single quotes around the
array index.
$sql=insert into $table set Name = '{$_POST['elementName']}';
See the
44 matches
Mail list logo
