News:

CPG Release 1.6.28
added submissions from {406man}
cleaned up a few PHP (8.4) deprecations
fixed PHP deprecation in calendar
removed security vulnerability
(please upgrade when possible)

Main Menu

Error with uploading pics..

Started by jeroen, November 13, 2003, 10:58:24 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

jeroen

November 13, 2003, 10:58:24 AM
Hi,

I have a problem when users try to upload pics in an album.

My directory is added to the openbasedir.

The owner of the newly created folder is set to apache. I think thats te problem so I tried to add the line chown($dest_dir, "myusername"); right after the line that set the chmod to 777 (In the file db_input.php) doesnt help.

The error I get is that the file cannot be copied to the new directory.

who can help me?

DJMaze

#1
November 13, 2003, 12:28:52 PM
remove chmod();
change mkdir(file) to mkdir(file, chmod)

example: mkdir(mydirectory, 0777);
There are 2 kinds of users in this world: satisfied and complainers.
Why do we never hear something from the satisfied users?
http://coppermine-gallery.net/forum/index.php?topic=24315.0

jeroen

#2
November 13, 2003, 03:21:36 PM
I think it is already the way you say it..

this is a part of db_input.php

Code Select

// Pictures are moved in a directory named 10000 + USER_ID
        if (USER_ID && !defined('SILLY_SAFE_MODE')) {
                $filepath = $CONFIG['userpics'].(USER_ID+FIRST_USER_CAT);
            $dest_dir = $CONFIG['fullpath'].$filepath;
                if (!is_dir($dest_dir)) {
                    mkdir($dest_dir, octdec($CONFIG['default_dir_mode']));
                        if (!is_dir($dest_dir)) cpg_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_mkdir'], $dest_dir), __FILE__, __LINE__, true);
                    chmod($dest_dir, octdec($CONFIG['default_dir_mode']));
                        $fp = fopen($dest_dir.'/index.html', 'w');
                        fwrite($fp, ' ');
                        fclose($fp);
                }
                $dest_dir .= '/';
                $filepath .= '/';
        } else {
                $filepath = $CONFIG['userpics'];
            $dest_dir = $CONFIG['fullpath'].$filepath;
        }

        // Check that target dir is writable
        if (!is_writable($dest_dir)) cpg_die(CRITICAL_ERROR, sprintf($lang_db_input_php['dest_dir_ro'], $dest_dir), __FILE__, __LINE__, true);

        // Replace forbidden chars with underscores
        $matches = array();
        $forbidden_chars = strtr($CONFIG['forbiden_fname_char'], array('&amp;' => '&', '&quot;' => '"', '&lt;' => '<', '&gt;' => '>'));

        // Check that the file uploaded has a valid extension
        if (get_magic_quotes_gpc()) $HTTP_POST_FILES['userpicture']['name'] = stripslashes($HTTP_POST_FILES['userpicture']['name']);
        $picture_name = strtr($HTTP_POST_FILES['userpicture']['name'], $forbidden_chars, str_repeat('_', strlen($CONFIG['forbiden_fname_char'])));
        if (!preg_match("/(.+)\.(.*?)\Z/", $picture_name, $matches)){
                $matches[1] = 'invalid_fname';
                $matches[2] = 'xxx';
        }
        if ($matches[2]=='' || !stristr($CONFIG['allowed_file_extensions'], $matches[2])) {
            cpg_die(ERROR, sprintf($lang_db_input_php['err_invalid_fext'], $CONFIG['allowed_file_extensions']), __FILE__, __LINE__);
        }

DJMaze

#3
November 13, 2003, 08:00:38 PM
In the coppermine config page is the default dir mode set to 777 ?
There are 2 kinds of users in this world: satisfied and complainers.
Why do we never hear something from the satisfied users?
http://coppermine-gallery.net/forum/index.php?topic=24315.0

jeroen

#4
November 13, 2003, 10:47:08 PM
yes, it is..

but i think it has something to do with the owner of te files.. that is set to apache, so the script hasnt got rights to move it... or something??
Print
Go Up Pages1
User actions