PHP - Open File In Protected Folder.

Hi everyone, I'm still learning, but getting intermediate in PHP now, but it is still challenge to learn. I'm trying to have php check to see if one file inside folder in server, seem I could not get it right, but I tested it on other site, it works, but not this script, I don't understand why it won't work...maybe logical is wrong?

here my code:

	if ($_POST['video']) {
	        $path1 = "UPLOADS/Home/";
        $path2 = "UPLOADS/Breakfast/";
        $path3 = "UPLOADS/Spider/";
	        $scan1 = scandir($path1);
        $scan2 = scandir($path2);
        $scan3 = scandir($path3);
	        $count1 = count($scan1) - 3;
        $count2 = count($scan2) - 3;
        $count3 = count($scan3) - 3;
	        if($count1 > 0) {
            header('location:exist.html');
        }elseif ($count2 > 0) {
            header('location:exist.html');
        }elseif ($count3 > 0) {
            header('location:exist.html');
        }
	

But other site, it works:

	$scan = scandir($path);
$count = count($scan) - 3;
	echo $count;
	if($count > 1){
    echo "Hello yourself!<br />";
}
	

Anyone will help will be appreciate! Thank you!

Gary

Edited April 3, 2019 by sigmahokies

if (!file_exists('../images/flags/imNum.txt')) {

$file1 = fopen('../images/flags/imNum.txt','c');

fclose($file1);
}

why won't that work =\

it makes no sense to me

When I use require('../config.php'); It does not works on my machine but it works on shared hosting

Can someone help me what must be the issue?

Thanks in advance

CSJakharia

The root directory: header.php stylesheet.css   In the following example I am trying to include the header.php file in a sub folder.   When I include the header.php like in the following example then the stylesheet.css file will not work anymo

<?php

include("../header.php");

?>

The stylesheet.css file is included in the head tags of the header.php file.   Is the above example the right way to do it? If yes, how can I do it so the stylesheet.css file will work too.  

I upload an image and put every information inside $_SESSION['tmp'] and $_SESSION['path']
then once user click on button then i use

move_uploaded_file($_SESSION['tmp'],$_SESSION['path'])

but file uploaded not appeared in my upload folder, and again i try to echo everything but all information still kept well in $_SESSION

is there something missing here?

thanks

I'm trying to extract the contents of a zip file to a folder.   I found the ZipArchive class and followed the examples to get it to work for the most part.  But I want to extract the files in the folder inside the zip file but leave the folder out.  So it should extract just the files to my given destination.  I found this on php.net.

Code: [Select]
If you want to copy one file at a time and remove the folder name that is stored in the ZIP file, so you don't have to create directories from the ZIP itself, then use this snippet (basically collapses the ZIP file into one Folder).

<?php

$path = 'zipfile.zip'

$zip = new ZipArchive;
if ($zip->open($path) === true) {
    for($i = 0; $i < $zip->numFiles; $i++) {
        $filename = $zip->getNameIndex($i);
        $fileinfo = pathinfo($filename);
        copy("zip://".$path."#".$filename, "/your/new/destination/".$fileinfo['basename']);
    }                  
    $zip->close();                  
}

?>
For some reason that 'copy' line is not working for me.  Obviosly I've changed the variables in the line to the correct variables.  Can someone help me out.
Thanks
Mike

Hi, I have a form where a user selects a file to attach to the email. At the moment when you select a file it uploads from the user device.

How do i change this so that a user can attach a file from a folder on the server. For example the folder name is uploadinvoice

so when the user selects the browse button to attach a file it opens up the uploadinvoice folder on the server so the user can select the file from there ?

 

Thanks 

 

coding i have at moment

function ValidateEmail($email)

{

   $pattern = '/^([0-9a-z]([-.\w]*[0-9a-z])*@(([0-9a-z])+([-\w]*[0-9a-z])*\.)+[a-z]{2,6})$/i';

   return preg_match($pattern, $email);

}

if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['formid']) && $_POST['formid'] == 'form1')

{

   $mailto = $_POST['youremail'];

   $mailfrom = isset($_POST['myemail']) ? $_POST['myemail'] : $mailto;

   $subject = 'Message';

   $message = 'Message';

   $success_url = './test.php';

   $error_url = '';

   $eol = "\n";

   $error = '';

   $internalfields = array ("submit", "reset", "send", "filesize", "formid", "captcha_code", "recaptcha_challenge_field", "recaptcha_response_field", "g-recaptcha-response");

   $boundary = md5(uniqid(time()));

   $header  = 'From: '.$mailfrom.$eol;

   $header .= 'Reply-To: '.$mailfrom.$eol;

   $header .= 'MIME-Version: 1.0'.$eol;

   $header .= 'Content-Type: multipart/mixed; boundary="'.$boundary.'"'.$eol;

   $header .= 'X-Mailer: PHP v'.phpversion().$eol;

   try

   {

      if (!ValidateEmail($mailfrom))

      {

         $error .= "The specified email address (" . $mailfrom . ") is invalid!\n<br>";

         throw new Exception($error);

      }

      $message .= $eol;

      foreach ($_POST as $key => $value)

      {

         if (!in_array(strtolower($key), $internalfields))

         {

            if (!is_array($value))

            {

               $message .= ucwords(str_replace("_", " ", $key)) . " : " . $value . $eol;

            }

            else

            {

               $message .= ucwords(str_replace("_", " ", $key)) . " : " . implode(",", $value) . $eol;

            }

         }

      }

      $body  = 'This is a multi-part message in MIME format.'.$eol.$eol;

      $body .= '--'.$boundary.$eol;

      $body .= 'Content-Type: text/plain; charset=ISO-8859-1'.$eol;

      $body .= 'Content-Transfer-Encoding: 8bit'.$eol;

      $body .= $eol.stripslashes($message).$eol;

      if (!empty($_FILES))

      {

         foreach ($_FILES as $key => $value)

         {

             if ($_FILES[$key]['error'] == 0)

             {

                $body .= '--'.$boundary.$eol;

                $body .= 'Content-Type: '.$_FILES[$key]['type'].'; name='.$_FILES[$key]['name'].$eol;

                $body .= 'Content-Transfer-Encoding: base64'.$eol;

                $body .= 'Content-Disposition: attachment; filename='.$_FILES[$key]['name'].$eol;

                $body .= $eol.chunk_split(base64_encode(file_get_contents($_FILES[$key]['tmp_name']))).$eol;

             }

         }

      }

      $body .= '--'.$boundary.'--'.$eol;

      if ($mailto != '')

      {

         mail($mailto, $subject, $body, $header);

      }

      header('Location: '.$success_url);

   }

   catch (Exception $e)

   {

      $errorcode = file_get_contents($error_url);

      $replace = "##error##";

      $errorcode = str_replace($replace, $e->getMessage(), $errorcode);

      echo $errorcode;

   }

   exit;

}
 

Hello,

I'm trying to have my index.php to open/run another test.php file.
I'm having my own server that I play with, that I run Ubuntu on.

So the index.php are located at /var/www/ directory, but I want to run a file that are located at /testing/test.php

The final test.php is file for showing pictures, and I don't want to out all the pictures under the /var/www/ location.  It's alot  of photos.
I don't know much about php but I have been trying this:

<?php
header("Location: /var/www/testing/test.php");
    //These below are desperat old tries.
//header("Location: ./testing/test.php");
//header("Location: ../testing/test.php");
//$handle = fopen("/privat/Web_pictures/test.php", "r");
//"/testing/test.php"
// header("Location: ./test.php");   //This one actually works, but I'm still in the wrong folder (/var/www/)
echo "test "; // NN4 requires that we output something...
exit();
?>

Thankful for help!   

I am working PHP project on localhost using wamp, for debug process we using error_log() function, every time error_log() stored details of the error in wamp/logs, how can I view my error in the same project folder like wamp/www/goodgoal/

eg: wamp/www/goodgoal/logs/error_log.log

Note : Pls recommend PHP Quick Debug Tricks

Edited July 5, 2019 by aveeva

Hi    I echo out images from a folder. The problem is that I have a html file in the same folder but I don't want to echo that out. How can I write my code to get rid of the html in the output?   Here my code:

<?php 
$filetype = '*.html';
$dirname = substr('$filetype');
$i=0;
if (isset($_POST['submit2']))
{
  //get the dir from POST
  $selected_dir = $_POST['myDirs'];
  //now get the files from within the selected dir and echo them to the screen
  foreach(glob($selected_dir . DIRECTORY_SEPARATOR . '*') as $dirname)
  {
    echo substr($dirname, 0, -4);
    echo '<img src="'.$dirname.'" />';
    echo "<label><div class=\"radiobt\"><input type='radio' name='radio1' value='$i'/></div></label>";
  }
}
?>

P.S. when I echo out : substr($dirname, 0, -4); I want to get ride of the html filename there too. How can I do so something like this?

Awhile ago I wrote a simple form to except image specific uploads from users and chmoded the directory to 777... worked great...

Till there was a hack and then I found that chmod 777 is bad

So changed the folder to 775, but now the upload script won't work.

Can somebody point me to a post or article on how to give a file ownership or group permissions so it can safely run its uploads to the folder?

I have tried google but keep getting Linux and Window OS results.. its a tough question to google.

Any help is very much appreciated.

Hi guys,

I hope you may be able to shed some light on a problem I am having. I am fairly new to PHP although do understand bits and peices such as login system.

Basically - I have a website with lets say 10 users (more like 500 but that will do for now!) - Each user has their own page wich is password protected.

Each month - I want to be able to upload PDF files to the server - which CAN ONLY BE ACCESSED BY THE RELEVANT user. They must not be able to see each others PDF files.

To do this I have been advised to have a non-web accessible folder on my server to put the PDF's in and then use PHP to handle the operation. Therefore my path would be:

1/ User logs into page

2/ User clicks the PDF link

3/ PF link goes to PHP page that checks they are logged in and then the PDF they want before delivering to the server.

I do actually understand the theory but my PHP is not at the stage where I can just write the code that will handle the operation. I am also very confused over how to access the non-web accessible files!

Could anyone please give me an example of the code I will need to use to a) check the user is logged in (I guess I can use the same code I used for the login) and then b) call the relevant PDF and display it? I have been given a path of c:\blahblahblah to access my PDF files but don't even know how to begin implimenting this!

Here is the code I use for my login system. Could anyone show me how to adapt it to get what I need?

Thank so much for anyone that can help - hopefully I will be in a position to give back one day!

--------------------------------------------
if(isset($_SESSION['loggedin']))
{
    header("Location:" . strtolower($username) . ".php");

if(isset($_POST['submit']))
{
   $username = mysql_real_escape_string($_POST['username']);
   $password = mysql_real_escape_string($_POST['password']);
   $mysql = mysql_query("SELECT * FROM mydb WHERE username = '{$username}' AND password = '{$password}'");
   if(mysql_num_rows($mysql) < 1)
   {
     die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again");
   }   $_SESSION['loggedin'] = "YES";
   $_SESSION['username'] = $username;
   header("Location:" . strtolower($username) . ".php");

AND THEN IN THE HEADER OF THE PAGES

<?php
session_start();
if(!isset($_SESSION['loggedin'])) {
  header('Location: /login.php');
} elseif ($_SESSION['username'] . '.php' != basename($_SERVER['SCRIPT_FILENAME']) ) {
  // Logged in user attempting to view someone else's page
  header("Location:" . strtolower($_SESSION['username']) . ".php");
  exit;
}
?>

Again - any help would be truly appreciated. I will say now that the last person I asked said "Use the open() function - that'll work!" ...... answers like that are a bit lost on me at the moment and leave me even more confused!

Cheers in advance
 

 

Hey, i need help storing an image in my database via the URL(image location) at the moment my php code is storing the image in a folder on the directory called upload. here is the code:
<?php
// Where the file is going to be placed
$target_path = "upload
/";

/* Add the original filename to our target path. 
Result is "uploads/filename.extension" */
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
$target_path = "upload/";

$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename $_FILES['uploadedfile']['name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
?>

Click <a href="products.php">HERE</a> to go back to form


if someone could help me i'd be very grateful

Hello first time poster here .

Soni have been in the proccess of designing a website that would give images to users . But only owner of an image will get thier own image .

And some people may not access thier image whom are invalid untill i make them valid users.

Si.my problem is i want to stop people from accessing these images by typing thier mysite.com/path and these files only be accessable via a php that is in my website .

How do i go about doing that .

Is it iam my new to this or there is not a convenient way to do this .

Thanks in advance

I am using apache web server on linux. I am using php for coding. My php code is not able to read the files from /var/tmp folder. If apache itself creates some files in /var/tmp folder then php code is able to read it. Why this permission denied issues are there though full access permissions are given to each file?