move_upload_file, return false but still working and not moving correctlly

Question

I am sending image from android apps to server. The problem is image not moving to the correct path, but only at current directory (only in which that php script stored). I tested this codes on local server and webserver, getting same result. Any one can find out whats problems.

Local Server: XAMPP 1.7.7

My PHP Script :

<?php
    $base=$_REQUEST['image'];
    $Username=$_REQUEST['Username'];
    $binary=base64_decode($base);
    header('Content-Type: bitmap; charset=utf-8');

    $file = fopen($Username.'.png', 'w');
    fwrite($file, $binary);

    $uploadFilename = '/htdocs/android/ProfileImage/';

    $tr =move_uploaded_file($_FILES[$file]['tmp_name'], $uploadFilename);
    if($tr)
   echo 'true';
    else
   echo 'false';
 echo 'Successfully Uploaded';
   ?>

Showing Output and Error in Local Server

Strict Standards: Resource ID#3 used as offset, casting to integer (3) in C:\xampp\htdocs\android\uploadSimage.php on line 12

Notice: Undefined offset: 3 in C:\xampp\htdocs\android\uploadSimage.php on line 12

falseSuccessfully Uploaded

Showing Output and Error in Webserver

Notice: Undefined offset: 3 in C:...\uploadSimage.php on line 12

falseSuccessfully Uploaded

Answer 1

If you're using XAMPP:

sudo chmod 777 -R /opt/lampp/htdocs/

Answer 2

I accessed my server using file zilla and give write Group permissions to the target folder and then it worked.

Answer 3

per to this document http://php.net/manual/en/function.move-uploaded-file.php another reason for this problem is invalid File name if your file Name in move_uploaded_file ( string $filename , string $destination ) be invalid this function return false

Answer 4

move_uploaded_file() expects the second parameter to be a string representing the new path and filename of upload. Currently, you are passing only a path. I also question whether the path is correct. It must be a full path, or a relative path.

You are also using the $_FILES array incorrectly. Are you uploading the image by encoding it in base64 and passing it via the URL's query string? Or are you actually uploading it using a multipart/form-data file upload field?

If you uploaded a file belonging to the upload field called image then you would get access to the file like this:

$origname = $_FILES['image']['name']; // the name from the client device
$temppath = $_FILES['image']['tmp_name']; // the temp location on the PHP server
$error    = $_FILES['image']['error']; // > 0 if there was an error
$size     = $_FILES['image']['size']; // size of the file
$type     = $_FILES['image']['type']; // mime type, cannot be trusted though

You would then move it like this:

// Be careful using the original file name.
// If the user uploads a file with a .php extension, they may be
// able to run PHP code on your server if they can access the upload folder
// You should either generate a random file name or remove the extension
// IF THE DESTINATION FILE EXISTS, IT WILL BE OVERWRITTEN
$newPath = '/home/yoursite/htdocs/uploads/' . $origname;

$moved = move_uploaded_file($_FILES['image']['tmp_name'], $newPath);
if ($moved) {
    echo "File was moved successfully.";
} else {
    echo "Failed to move file.";
}

EDIT:
If you are in fact uploading the image by encoding it in base64 and sending it over the URL, then you don't need move_uploaded_file at all; in that case you can just write the decoded contents to a file anywhere you like. Keep in mind, the length of the URL may be limited so sending the image in the URL via base64 may not be a good idea.

EDIT 2:
To comment on the questions in your subsequent answer: The php function move_uploaded_file() should only be used when the file you are trying to move was uploaded to PHP using an HTTP POST method upload. It does an internal check to see if the file you are trying to move was uploaded to PHP. If it was not, then it won't move the file. Therefore you shouldn't be using move_uploaded_file() since you confirmed you were uploading the image through the URL.

Since your PHP script's path is C:\xampp\htdocs\android, this means the root path is C:\. The server root is different from your web root or document root which are both relative to your public directory. Any time you are dealing with reading/writing files in PHP, you use the full server path (relative to C:\ or /).

Given the new facts, try some code like this to "upload" the image:

<?php

$base     = (isset($_REQUEST['image'])) ? $_REQUEST['image'] : '';
$Username = (isset($_REQUEST['Username'])) ? trim($_REQUEST['Username']) : '';
$binary   = @base64_decode($base);

if (empty($Username)) {
    die('no username specified');
}

if (!$binary) {
    // data was not in base64 or resulted in an empty string
    die('invalid image uploaded');
}

$basePath = 'C:\\xampp\\htdocs\\android\\ProfileImage\\';
$imagePath = $basePath . $Username . '.png';

$file = @fopen($imagePath, 'w+');
if (!$file) {
    die('failed to open ' . $imagePath . ' for writing');
}

fwrite($file, $binary);
fclose($file);

echo 'Successfully Uploaded';

Make sure to take the necessary precautions so I can't upload an image for another user.