Error in file upload

Question

This is my script:

$today = mktime(0, 0, 0, date("m"), date("d"), date("y"));
$b= date("m/d/y", $today);     

if ($_FILES["file$i"]["error"] > 0)
        {
        echo "Return Code: " . $_FILES["file$i"]["error"] . "<br />";
        }
      else
        {
        // echo "Upload: " . $_FILES["file"]["name"] . "<br />";
        // echo "Type: " . $_FILES["file"]["type"] . "<br />";
        // echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
        // echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
            $upload=$_FILES["file$i"]["name"];
            $fileName = preg_replace('/[^\w\._]+/', '', $upload);
            $filup=$b.$fileName;
            echo $filup;
        if (file_exists("upload/" . $filup))
          {
          echo $_FILES["file$i"]["name"] . " already exists. ";
          }
        else
          {
          move_uploaded_file($_FILES["file$i"]["tmp_name"],
          "upload/" . $filup);
          $path="upload/" . $filup;
          $temp="Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
          $sql="insert into album(uid,path,cid,title) values('$uid','$path','$cid','$text[$i]') ";
          mysql_query($sql) or die(mysql_error());
          }
        }

It is showing me this error:

Warning: move_uploaded_file(upload/06/20/113.jpg) [function.move-uploaded-file]: failed to open stream: No such file or directory in C:\wamp\www\demo\editedfileupload\pr1\upload_file.php on line 31

Line 31 is:

echo $_FILES["file$i"]["name"] . " already exists. ";

Answer 1

I think your issue is that $filup isn't what you may think it is. When you are doing $filup=$b.$fileName;, you might be inadvertently changing the complete path for the file. For example, assume:

$b = "06/20/11"
$fileName = "testfile"

Then after doing $filup=$b.$fileName;, $filup will become:

$filup = "06/20/11testfile"

So, when you use $filup in file_exists() or move_uploaded_file(), what might be happening is that the slashes in $fileup are taken for directory separators instead of the filename.

So the check (file_exists('upload/06/20/11testfile') always fail and when it goes to move_uploaded_file, it says "no such file or directory".

Please consider removing the forward slashes from $b or using "-" instead. I think even escaping the "/" should work but I'd suggest to keep it simple if there are no specific reasons to keep slashes.

On another note, I'd suggest using absolute paths for file-system operations.

Hope this helps.

Answer 2

I don't know why you think line 31 is the one you selected, but the error for sure is caused by this code:

move_uploaded_file($_FILES["file$i"]["tmp_name"], "upload/" . $filup);

Now, typically, I would say this is a CHMOD issue, but there are some weird things happening, which I am not all too familiar with (since you are working from a Windows system). Check the CHMOD and if that fixes it, good for you, but otherwise, please explain how it's possible that variable $b contains forward slashes? Windows works with backward slashes (and this probably holds true within PHP as well). See if changing the slashes will make a difference.

EDIT: based on your comment to your own post, I'm fairly sure that this issue is caused by the forward slashes. You can still use the $fileName variable, but make sure the $b variable doesn't contain forward slashes. Also, in the lines if (file_exists("upload/" . $filup)) and move_uploaded_file($_FILES["file$i"]["tmp_name"], "upload/" . $filup);, change the forward slashes to backward slashes.