PHP upload file code works on Windows XAMPP but not on production Linux box

I’m using this PHP to upload CSV files:

$mimes = array('application/vnd.ms-excel','text/plain','text/csv','text/tsv');
if ( in_array($_FILES['file']['type'],$mimes)  && ($_FILES["file"]["size"] < 20000)  )
    {
        if ($_FILES["file"]["error"] > 0)
        {
           echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
        }
        else
        {
            echo "Upload: " . $_FILES["file"]["name"] . "<br>";
            echo "Type: " . $_FILES["file"]["type"] . "<br>";
            echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
            echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";
            move_uploaded_file($_FILES["file"]["tmp_name"],
            "csv/" . $_FILES["file"]["name"]);
            echo "Stored in: " . "csv/" . $_FILES["file"]["name"];

        }
    }
    else
    {
        echo "Invalid file";
    }

JavaScript
​x
 
$mimes = array('application/vnd.ms-excel','text/plain','text/csv','text/tsv');if ( in_array($_FILES['file']['type'],$mimes)  && ($_FILES["file"]["size"] < 20000)  )    {        if ($_FILES["file"]["error"] > 0)        {           echo "Return Code: " . $_FILES["file"]["error"] . "<br>";        }        else        {            echo "Upload: " . $_FILES["file"]["name"] . "<br>";            echo "Type: " . $_FILES["file"]["type"] . "<br>";            echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";            echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";            move_uploaded_file($_FILES["file"]["tmp_name"],            "csv/" . $_FILES["file"]["name"]);            echo "Stored in: " . "csv/" . $_FILES["file"]["name"];​        }    }    else    {        echo "Invalid file";    }​

and it works perfectly on my dev XAMPP setup.

When I deploy the site on the Linux box it behaves as if the file upload is successful but it isn’t in the desired folder or tmp folder.

My form is:

<form action="upload_file.php" method="post" enctype="multipart/form-data">
    <label for="file">Filename:</label>
    <input type="file" name="file" id="file"><br>
    <input type="submit" name="submit" value="Submit">
</form>

JavaScript
 
<form action="upload_file.php" method="post" enctype="multipart/form-data">    <label for="file">Filename:</label>    <input type="file" name="file" id="file"><br>    <input type="submit" name="submit" value="Submit"></form>​

My browser returns from the echos:

Upload: rere.csv
Type: application/vnd.ms-excel
Size: 2.34375 kB
Temp file: /tmp/php5XXT5v
Stored in: csv/rere.csv

JavaScript
 
Upload: rere.csvType: application/vnd.ms-excelSize: 2.34375 kBTemp file: /tmp/php5XXT5vStored in: csv/rere.csv​

I had a friend more familiar with Linux look at this and he has written a few upload scripts. We couldn’t figure out a solution.

Any hints?

Answer

If script does not return “Invalid file”, its probably the permissions. Do not do 777 chmod on production, but you have to be sure that the destination folder is writable and executable with www-data (apache2 user).

Commands for changing permissions are :

chown -R www-data:www-data path/to/writable/dir/

and for make the directory openable :

chmod -R 660 path/to/wrotable/dir/

chmod +x path/to/writable/dir/

JavaScript
 
chmod -R 660 path/to/wrotable/dir/​chmod +x path/to/writable/dir/​

EDIT

It depends of your needs. Basically, the users you want to have read/write access to this folder should be add to www-data group. Command : useradd -G www-data users

But you can have some troubles if you create directories or files with another user than www-data. Because the group won’t be set to www-data, but of the group of your user. In this case, you have to set acl permissions. If you are in this case, just tell me so, I would help you to set acl 🙂

Advertisement

Answer