PHP upload file code works on Windows XAMPP but not on production Linux box

Question

I'm using this PHP to upload CSV files:

$mimes = array('application/vnd.ms-excel','text/plain','text/csv','text/tsv');
if ( in_array($_FILES['file']['type'],$mimes)  && ($_FILES["file"]["size"] < 20000)  )
    {
        if ($_FILES["file"]["error"] > 0)
        {
           echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
        }
        else
        {
            echo "Upload: " . $_FILES["file"]["name"] . "<br>";
            echo "Type: " . $_FILES["file"]["type"] . "<br>";
            echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
            echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";
            move_uploaded_file($_FILES["file"]["tmp_name"],
            "csv/" . $_FILES["file"]["name"]);
            echo "Stored in: " . "csv/" . $_FILES["file"]["name"];

        }
    }
    else
    {
        echo "Invalid file";
    }

and it works perfectly on my dev XAMPP setup.

When I deploy the site on the Linux box it behaves as if the file upload is successful but it isn't in the desired folder or tmp folder.

My form is:

<form action="upload_file.php" method="post" enctype="multipart/form-data">
    <label for="file">Filename:</label>
    <input type="file" name="file" id="file"><br>
    <input type="submit" name="submit" value="Submit">
</form>

My browser returns from the echos:

Upload: rere.csv
Type: application/vnd.ms-excel
Size: 2.34375 kB
Temp file: /tmp/php5XXT5v
Stored in: csv/rere.csv

I had a friend more familiar with Linux look at this and he has written a few upload scripts. We couldn't figure out a solution.

Any hints?

Answer 1

For Ubuntu 14.04 with XAMPP, I also have problem with upload but after I have fixed with sudo chmod -R 777 destination, it works well.

For example:

Temporary folder to upload in my Ubuntu 14.04 XAMPP is /opt/lampp/temp/. If I want my upload files to /opt/lampp/temp/testupload as destination folder, then I need config bellow.

1. Go to temp folder

   cd /opt/lampp/temp/

2. Create 'testupload' folder under /opt/lampp/temp/

   sudo mkdir testupload

3. Change permission 777

   sudo chmod -R 777 /opt/lampp/temp/testupload/

4. PHP code

   move_uploaded_file($_FILES["file"]["tmp_name"], "/opt/lampp/temp/testupload/" . $_FILES["file"]["name"])

Answer 2

If script does not return "Invalid file", its probably the permissions. Do not do 777 chmod on production, but you have to be sure that the destination folder is writable and executable with www-data (apache2 user).

Commands for changing permissions are :

chown -R www-data:www-data path/to/writable/dir/

and for make the directory openable :

chmod -R 660 path/to/wrotable/dir/

chmod +x path/to/writable/dir/

EDIT

It depends of your needs. Basically, the users you want to have read/write access to this folder should be add to www-data group. Command : useradd -G www-data users

But you can have some troubles if you create directories or files with another user than www-data. Because the group won't be set to www-data, but of the group of your user. In this case, you have to set acl permissions. If you are in this case, just tell me so, I would help you to set acl :)

Answer 3

You should check what return function move_uploaded_file();

 var_dump(move_uploaded_file($_FILES["file"]["tmp_name"]);
 // if return false it can be something with permission on location folder where
 // do you want to store file under linux

from manual php this function return:

 If filename is not a valid upload file, 
 then no action will occur, and  move_uploaded_file() will return FALSE.

 If filename is a valid upload file, but cannot be moved for some reason,
 no action will occur, and move_uploaded_file() will return FALSE. 
 Additionally, a warning will be issued.