copy or move file function doesn't work

[thenetmaker]

I've tried a number of variations on the copy and move file function but nothing seems to make my files move.

This is the simplest version of the code for just copying:
<?PHP
$folder = "../tempimages/";
$file = $GLOBALS['HTTP_GET_VARS']['jpeg_fname']; // filename.jpg
$filename = $folder.$file;

$targetfolder = "../jobs/";
$target = $targetfolder.$file;
copy ($filename, $target); //copy file
?>

The file has been uploaded by FTP.
I've checked with the server and there doesn't seem to be any restrictions on file moving. I've also tried around 10 different versions of this script from various websites but so far I haven't been able to get a file copied or moved.
Am I missing something obvious?
Any help would be great thanks.
Mike

[Raju Gautam]

What is the problem on using $_GET globals? Do you have lower version PHP like less than PHP 4? Otherwise i think you can do like that? And why are you passing your filename via URL? Do like this:

Code php:

$file = $_GET['jpeg_fname'];

I assume that you have the file in your path, your code should work.

[BluDragon]

As rajug said, you should be using $_GET unless you are using a version less than 4. You should also be filtering your data. Unfiltered GETS can lead to file injection (ie someone being able to view your passwd file).

[thenetmaker]

The $GLOBALS function was part of a larger file I downloaded for extracing data from a JPEG. It was designed to be compatible with any system.
After the data has been extracted and inserted into a MySQL db, I want to move the file to another folder so it doesn't get re-read.
Unfortunately, changing the GET function doesn't make the move or copy file function work.

I've output the variables to show their contents and they are correct.
Thanks,
Mike

[thenetmaker]

Thanks for the info, unfortunately it still won't budge.
I've checked all the basics, the file is in the right folder, the source and destination names are correct and the variables output the correct address.

The copy or move function simply don't respond so far.

[Hammer65]

Both functions are filesystem functions. In order for PHP to do anything with files or directories, proper permissions must be set.

PHP as an Apache module, runs as the same user as Apache does. That user is usually "apache" or "nobody", sometimes "www". That user would have to have proper permission either as the owner or through group permissions to do anything with a file or directory.

PHP can run in suexec mode as any user, such as the primary ftp account of a site. This configuration isn't very common however, and server setup for suexec, is not for the beginner.

[thenetmaker]

I've checked the PHP info on the server and it shows no restrictions on file movement except for a 2mb upload limit.
I've e-mailed their support to find out if there are other restrictions but so far nothing stands out. File and folder permissions are set to user can write files and the script is hosted on the server so there shouldn't be a problem.
I haven't added any security to the folders yet so there won't be any complications there.

In the mean time I've tried a new tactic of opening the file and writing it's contents to a new file:
<?PHP
$filename = '../tempimages/'.$_GET['jpeg_fname']; // filename.jpg;
$target = '../jobs/'. $_GET['jpeg_fname'];
$contents = file_get_contents ($filename); //read file contents into string
$newfile = fopen ($target,"wb"); //write binary (wb), creates new binary file in target location
fwrite ($newfile,$contents);
fclose ($newfile); // close target file
echo '<img src="'.$target.'"/>';
?>

I've checked each variable individually as follows:
$filename - outputs the correct url and filename
$target - outputs the correct url and filename
$contents - outputs a huge mass of characters so I'm assuming it's the jpg data
$newfile - this does NOT create a file. No new file appears on the server
fwrite - I can't tell if this works as no new file is created by fopen
fclose - as above
echo - this outputs the correct target url and file but no file has been created

Just like moving or copying the file, I am unable to create a new one using the fopen command which suggests to me a folder or function restriction of some kind.
The file I'm working with has been uploaded by FTP so move_uploaded_file will not work either.
Thank you for your continuing suggestions!
Mike

[thenetmaker]

Just received an email back from web hosts to say there are no restrictions on file movement.

[thenetmaker]

This may be related to my own issues, apparently there's a bug in file functions: http://bugs.php.net/bug.php?id=13852

Any help would be greatly appreciated as my project has come to a grinding halt until I can get the files moving.
Thanks!

[Hammer65]

I don't know that you're following me here. UNIX files have permissions for owner, group and everyone else.

PHP and Apache both run as a user on the system. If the user account that PHP runs under, is not the owner of a particular file or directory, or if that user is not part of the group for that file, or if the group doesn't have the proper permissions, it won't be able to copy or move files.

Search for UNIX file permissions with a search engine. It's something you should understand, if you are working with files in any way on the server.

[Immerse]

Try putting this at the top of your script:

PHP Code:

error_reporting(E_ALL);
ini_set('display_errors', true); 


It may show any error messages that currently aren't being displayed...

[thenetmaker]

Looks like you're both right:
Warning: copy(../jobs/ballycastle_beach.jpg): failed to open stream: Permission denied in /var/www/vhosts/mydomain.com/httpdocs/clients/exif/Example.php on line 86

I've been reading up on the UNIX permissions and while there's enough info to fill libraries that I don't understand, I have now seen that my php script does not have permission to execute a file function. How I get permission I've no idea, but now I know the problem, I can actively look for a solution.
Thank you very much for taking the time to reply!
Mike

[BluDragon]

If you can get to a command prompt (via SSH or whatever), try creating a temp dir and "chmod"ing it to "0755". That may work or you may have to "chown" the temp dir to Apache's owner and "chgroup" the group likewise.

RTM - see "man chmod","man chown", and "man chgroup".

[thenetmaker]

I've been able to create a directory via FTP and set the permissions to 777, anything less and it can't be copied to.
Is htaccess sufficient to secure that folder or does it need secured at all?
As it sits, the script works, but I do have a very open folder

The output address of the full size images will show the folder if anyone looks at the code but other than that, the folder name won't appear in the address bar.

[Hammer65]

Because you have made the directory world writable, anyone else on that server can put anything they want into it.

If all you have is FTP access, then you can't do much else. Just take a look at the contents once in a while, maybe even set up a cron (if they give you the ability to do that) to look through the directory for nasties.