Uploading A Photo...

[alexviii 0]

hi everyones I'm trying to have a photo gallery. I want to have the possibility to upload a photo. Looking on the web I tryed out to do so with php. But it is not working. I get this error... Warning: move_uploaded_file(): open_basedir restriction in effect. File (/images/gallery/cba1545a7fb7fe212106c9d945d261df.jpg) is not within the allowed path(s): (/usr/local/psa/home/vhosts/saytee.biz/httpdoc/ http://forums.xisto.com/no_longer_exists/)in /usr/local/psa/home/vhosts/saytee.biz/httpdocs/dev/blake/image-gallery/library/functions.php on line 21 Error uploading file Now, I have looked at line 21 ($result = move_uploaded_file($image['tmp_name'], $uploadDir . $imagePath) of the functions.php code and can not find anything wrong. The whole code is listed below... Basially, I lost. Does anyone know what the problem is? Is it to do with permissions on the folder? Code of the functions.php page...

<?php /* Upload an image and create the thumbnail. The thumbnail is stored under the thumbnail sub-directory of $uploadDir. Return the uploaded image name and the thumbnail also. */ function uploadImage($inputName, $uploadDir) { $image = $_FILES[$inputName]; $imagePath = 'images/gallery/'; $thumbnailPath = 'thumbnail/'; // if a file is given if (trim($image['tmp_name']) != '') { $ext = substr(strrchr($image['name'], "."), 1); // generate a random new file name to avoid name conflict // then save the image under the new file name $imagePath = md5(rand() * time()) . ".$ext"; $result = move_uploaded_file($image['tmp_name'], $uploadDir . $imagePath); if ($result) { // create thumbnail $thumbnailPath = md5(rand() * time()) . ".$ext"; $result = createThumbnail($uploadDir . $imagePath, $uploadDir . 'thumbnail/' . $thumbnailPath, THUMBNAIL_WIDTH); // create thumbnail failed, delete the image if (!$result) { unlink($uploadDir . $imagePath); $imagePath = $thumbnailPath = ''; } else { $thumbnailPath = $result; } } else { // the image cannot be uploaded $imagePath = $thumbnailPath = ''; } } return array('image' => $imagePath, 'thumbnail' => $thumbnailPath); } /* Create a thumbnail of $srcFile and save it to $destFile. The thumbnail will be $width pixels. */ function createThumbnail($srcFile, $destFile, $width, $quality = 75) { $thumbnail = ''; if (file_exists($srcFile) && isset($destFile)) { $size = getimagesize($srcFile); $w = number_format($width, 0, ',', ''); $h = number_format(($size[1] / $size[0]) * $width, 0, ',', ''); $thumbnail = copyImage($srcFile, $destFile, $w, $h, $quality); } // return the thumbnail file name on sucess or blank on fail return basename($thumbnail); } /* Copy an image to a destination file. The destination image size will be $w X $h pixels */ function copyImage($srcFile, $destFile, $w, $h, $quality = 75) { $tmpSrc = pathinfo(strtolower($srcFile)); $tmpDest = pathinfo(strtolower($destFile)); $size = getimagesize($srcFile); if ($tmpDest['extension'] == "gif" || $tmpDest['extension'] == "jpg") { $destFile = substr_replace($destFile, 'jpg', -3); $dest = imagecreatetruecolor($w, $h); //imageantialias($dest, TRUE); } elseif ($tmpDest['extension'] == "png") { $dest = imagecreatetruecolor($w, $h); //imageantialias($dest, TRUE); } else { return false; } switch($size[2]) { case 1: //GIF $src = imagecreatefromgif($srcFile); break; case 2: //JPEG $src = imagecreatefromjpeg($srcFile); break; case 3: //PNG $src = imagecreatefrompng($srcFile); break; default: return false; break; } imagecopyresampled($dest, $src, 0, 0, 0, 0, $w, $h, $size[0], $size[1]); switch($size[2]) { case 1: case 2: imagejpeg($dest,$destFile, $quality); break; case 3: imagepng($dest,$destFile); } return $destFile; } /* Check if the user is logged in or not */ function checkLogin() { if (!isset($_SESSION['isLogin']) || $_SESSION['isLogin'] == false) { header('Location: login.php'); exit; } } /* Create the link for moving from one page to another */ function getPagingLink($totalResults, $pageNumber, $itemPerPage = 10, $strGet = '') { $pagingLink = ''; $totalPages = ceil($totalResults / $itemPerPage); // how many link pages to show $numLinks = 10; // create the paging links only if we have more than one page of results if ($totalPages > 1) { $self = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; // print 'previous' link only if we're not // on page one if ($pageNumber > 1) { $page = $pageNumber - 1; if ($page > 1) { $prev = " <a href=\"$self?pageNum=$page&$strGet\">[Prev]</a> "; } else { $prev = " <a href=\"$self?$strGet\">[Prev]</a> "; } $first = " <a href=\"$self?$strGet\">[First]</a> "; } else { $prev = ''; // we're on page one, don't show 'previous' link $first = ''; // nor 'first page' link } // print 'next' link only if we're not // on the last page if ($pageNumber < $totalPages) { $page = $pageNumber + 1; $next = " <a href=\"$self?pageNum=$page&$strGet\">[Next]</a> "; $last = " <a href=\"$self?pageNum=$totalPages&$strGet\">[Last]</a> "; } else { $next = ''; // we're on the last page, don't show 'next' link $last = ''; // nor 'last page' link } $start = $pageNumber - ($pageNumber % $numLinks) + 1; $end = $start + $numLinks - 1; $end = min($totalPages, $end); $pagingLink = array(); for($page = $start; $page <= $end; $page++) { if ($page == $pageNumber) { $pagingLink[] = " $page "; // no need to create a link to current page } else { if ($page == 1) { $pagingLink[] = " <a href=\"$self?$strGet\">$page</a> "; } else { $pagingLink[] = " <a href=\"$self?pageNum=$page&$strGet\">$page</a> "; } } } $pagingLink = implode(' | ', $pagingLink); // return the page navigation link $pagingLink = $first . $prev . $pagingLink . $next . $last; } return $pagingLink; } /* Display the breadcrumb navigation on top of the gallery page */ function showBreadcrumb() { if (isset($_GET['album'])) { $album = $_GET['album']; $sql = "SELECT al_name FROM tbl_album WHERE al_id = $album"; $result = mysql_query($sql) or die('Error, get album name failed. ' . mysql_error()); $row = mysql_fetch_assoc($result); echo ' > <a href="index.php?page=list-image&album=' . $album . '">' . $row['al_name'] . '</a>'; if (isset($_GET['image'])) { $image = $_GET['image']; $sql = "SELECT im_title FROM tbl_image WHERE im_id = $image"; $result = mysql_query($sql) or die('Error, get image name failed. ' . mysql_error()); $row = mysql_fetch_assoc($result); echo ' > <a href="index.php?page=image-detail&album=' . $album . 'ℑ=' . $image . '">' . $row['im_title'] . '</a>'; } } } ?>

Can anyone help? 10x

[hts 0]

well, the move_uploaded_file() function might be restricted...I don`t know for sure, it`s just my guess, can anyone confirm please?

but anyway, why bother creating an image gallery by yourself? install one of the free solutions out there on the web, and you`re done (I recommend http://www.plogger.org/ )

[farsiscript 0]

Dear alexviii i agree hts , use free image gallery but i have some code for save images in database i share here and i hope you can use it

Database Tabels

CREATE TABLE `images` (  `id` int(4) NOT NULL auto_increment,  `image` longblob NOT NULL,  PRIMARY KEY  (`id`)) ENGINE=MyISAM DEFAULT CHARSET=latin1;

SQL.php

<? // check wether the user pressed the upload button if(isset($_POST['upload'])){ // below two lines connect to mysql and the mysql database // change it according to your information mysql_connect("localhost", "root", ""); mysql_select_db("img"); // below line opens the file chosen in the form for reading only $file = fopen($_FILES['image']['tmp_name'], "r"); // then we read the file and add slashes to prevent errors when submitting to mysql $image = addslashes(fread($file, filesize($_FILES['image']['tmp_name']))); // inserts the null value as id, and our defined var $image to their corresponding cols. // we use die(mysql_error()) as a error report if something screws up mysql_query("insert into images values('null', '$image')") or die(mysql_error()); // if all goes well, echo the below line. echo "image uploaded successfully"; } ?>

view.php

<? // changes our url id to the var $id $id = $_GET['id']; // connects to the database //change info accordingly mysql_connect("localhost", "root", ""); mysql_select_db("img"); // selects the binary data blob according to the id specified // by our url $result = mysql_query("select image from images where id = '$id'"); // tells php that contents of this page will be an image header("(anti-spam-content-type:) image/jpeg"); // echoes our mysql query (echoes out the blob data) echo mysql_result($result, 0); ?>

upload form.php

<form action="sql.php" enctype="multipart/form-data" method="post">   <input type="file" name="image" /><br />   <input type="submit" name="upload" value="Upload" /> </form>

I hope you can use this code
thanks

[electron 0]

Well from what i can understand you have not checkmoded the directory to 777 or the temp directory permissions have been changed.Just check mod the directory to which you are moving the file to 777 to give it wrie access.Also the main problem is in the code it is actually removing the directory structure of the place where the file is and putting its own address in images/gallery/temfilename.jpg and thus the move_uploaded_path does not work.Hope this helps.