Cant upload image file using php

Question

What about this lines?

Warning: copy(): open_basedir restriction in effect. File() is not within the allowed path(s): (/xxx/xxx/xxx/xxx/php:/tmp) in /home/xxxxxxxxxx/public_html/newsp.php on line 85

Here is my code:

";
            echo $content . "
";
            echo $type . "
";
            echo $ID . "
";

            $sql = 'INSERT INTO News '.'(Title, Content, Type) '.'VALUES ( $title, $content, $type)';
            $result=mysqli_query($con,$sql);

//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","100"); 

//This function reads the extension of the file. It is used to determine if the file  is an image by checking the extension.
 function getExtension($str) {
         $i = strrpos($str,".");
         if (!$i) { return ""; }
         $l = strlen($str) - $i;
         $ext = substr($str,$i+1,$l);
         return $ext;
 }

//This variable is used as a flag. The value is initialized with 0 (meaning no error  found)
//and it will be changed to 1 if an errro occures.
//If the error occures the file will not be uploaded.
 $errors=0;
//checks if the form has been submitted
    //reads the name of the file the user submitted for uploading
    $image=$_FILES['file']['name'];
    //if it is not empty
    if ($image)
    {
    //get the original name of the file from the clients machine
        $filename = stripslashes($_FILES['file']['name']);
    //get the extension of the file in a lower case format
        $extension = getExtension($filename);
        $extension = strtolower($extension);
    //if it is not a known extension, we will suppose it is an error and will not  upload the file,
    //otherwise we will do more tests
        if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
            {
            //print error message
            echo 'Unknown extension!';
            $errors=1;
            }
        else
        {
    //get the size of the image in bytes
     //$_FILES['image']['tmp_name'] is the temporary filename of the file
     //in which the uploaded file was stored on the server
     $size=filesize($_FILES['image']['tmp_name']);

    //compare the size with the maxim size we defined and print error if bigger
        if ($size > MAX_SIZE*1024)
            {
            echo 'You have exceeded the size limit!';
            $errors=1;
            }

    //we will give an unique name, for example the time in unix time format
        $image_name= $ID.'.'.$extension;
    //the new name will be containing the full path where will be stored (images folder)
        $newname="NewsPic/".$image_name;
    //we verify if the image has been uploaded, and print error instead

        echo $image_name;
        $copied = copy($_FILES['image']['tmp_name'], $newname);
        if (!$copied)
            {
            echo 'Copy unsuccessfull!';
            $errors=1;
            }


        }
    }




    } else {
        header("location:login.php");
    }
?>

I want to upload an image to my folder.

Jhonathan H. · Accepted Answer

try to use move_uploaded_file(param1,param2); function

move_uploaded_file($_FILES['image']['tmp_name'],$newname)

note: your variable $newname must contain the path of the folder where you should save it + the filename

FOR YOUR INSERT QUERY

try to remove both '.' in declaring the fields where you should insert

resulting your query like this

$sql= "INSERT INTO News(Title, Content, Type)VALUES ( '$title', '$content', '$type')";

because '.' makes your sql failed.

Cant upload image file using php

Answers (1)

Related Questions