PHP Can't upload anything

H

HSG

Verified User
Joined
Oct 7, 2015
Messages
31
Hi,
In my server php can't upload any file without any error and always $_FILES variable is empty.

My server configs:
CentOS 6.7
DirectAdmin 1.48.3
Apache + NginX + PHP-FPM

In php.ini Upload is active and i don't change php.ini variables, i only add some function to disable_functions and turn allow_url_fopen and allow_url_include to Off.

Please help me and sorry for my bad english.
 
Hello,

Aren't you trying to upload too big file? What about upload_tmp_dir in php.ini? Is suhosin enabled?
 
zEitEr said:
Hello,

Aren't you trying to upload too big file? What about upload_tmp_dir in php.ini? Is suhosin enabled?
Click to expand...

My file is a picture and only have 100KB size.
upload_tmp_dir is none and default but i change it to /tmp but still php upload not working.
/tmp directory permission is 1777.
suhosin is enabled but i don't know if suhosin upload scan is enabled or no.
also mod_security is enabled and i don't want to disable it.
Sorry for my bad english.
 
zEitEr said:
Disable mod_security temporary to see whether or not it solves your issue.
Click to expand...

I disabled mod_security before and tested it but still php upload not working.
Always $_FILES is empty in all scripts likes wordpress.
 
Hi HSG,

Can you send me the code of the HTML Form you are using?
If you are missing the following encoding type in your form, then PHP can't proces your form.
HTML: 
<form action="pathtofile.php" method="post" enctype="multipart/form-data">

Also can you enable PHP errors, to check you can add this to your script!
Code: 
error_reporting(E_ALL);
ini_set('display_errors', 'On');

With kind regards,

Robin
 
Last edited:
Aedero said:
Hi HSG,

Can you send me the code of the HTML Form you are using?
If you are missing the following encoding type in your form, then PHP can't proces your form.
HTML: 
<form action="pathtofile.php" method="post" enctype="multipart/form-data">

Also can you enable PHP errors, to check you can add this to your script!
Code: 
error_reporting(E_ALL);
ini_set('display_errors', 'On');

With kind regards,

Robin
Click to expand...

Hi,
Very thanks for reply but my code is correct.
I say php upload not working even in WordPress.
Anyway my code is:

HTML Form:
HTML: 
<!DOCTYPE html>
<html>
<body>

<form action="upload.php" method="post" enctype="multipart/form-data">
    Select image to upload:
    <input type="file" name="fileToUpload" id="fileToUpload">
    <input type="submit" value="Upload Image" name="submit">
</form>

</body>
</html>

PHP Code:
PHP: 
<?php
error_reporting(E_ALL);
echo $_FILES["fileToUpload"]["tmp_name"];
$target_dir = "images/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
    $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } else {
        echo "File is not an image.";
        $uploadOk = 0;
    }
}
// Check if file already exists
if (file_exists($target_file)) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
    echo "Sorry, your file is too large.";
    $uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
    $uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
    echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
    if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
        echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
    } else {
        echo "Sorry, there was an error uploading your file.";
    }
}
?>
 
Hi HSG,

I tested your script with lsphp and it worked.

Can you add:
Code: 
ini_set('display_errors', 'On');
Under:
Code: 
error_reporting(E_ALL);
To see if PHP is generating a error?

With kind regards,

Robin
 
Aedero said:
Hi HSG,

I tested your script with lsphp and it worked.

Can you add:
Code: 
ini_set('display_errors', 'On');
Under:
Code: 
error_reporting(E_ALL);
To see if PHP is generating a error?

With kind regards,

Robin
Click to expand...

display_errors in server php.ini is on and all errors are shown but php file upload not return any error and only $_Files is empty.
 
Problem is suhosin.
I disabled suhosin and problem has solved.
Why?
 
I've never seen suhosin breaking PHP uploads on CentOS 6.x. Did you install suhosin by custombuild or not? Did you customize suhosin or use default settings provided by custombuild?
 
zEitEr said:
I've never seen suhosin breaking PHP uploads on CentOS 6.x. Did you install suhosin by custombuild or not? Did you customize suhosin or use default settings provided by custombuild?
Click to expand...

Yes i install suhosin by custombuild 2.0 and default settings.
CentOS 6.7 is installed.
 
Try and enable suhosin back and provide results of:

Code: 
php -i | grep suhosin

you need to run it in a shell.
 
zEitEr said:
Try and enable suhosin back and provide results of:

Code: 
php -i | grep suhosin

you need to run it in a shell.
Click to expand...


My problem has solved.
I edit this file from ssh: /usr/local/php55/lib/php.conf.d/10-directadmin.ini and convert suhosin.upload.verification_script line to comment by adding a ; character.
 
It's not recommended to modify /usr/local/php55/lib/php.conf.d/10-directadmin.ini directly.

Run this:

Code: 
cd /usr/local/directadmin/custombuild/
./build set suhosin_php_uploadscan no
 
zEitEr said:
It's not recommended to modify /usr/local/php55/lib/php.conf.d/10-directadmin.ini directly.

Run this:

Code: 
cd /usr/local/directadmin/custombuild/
./build set suhosin_php_uploadscan no
Click to expand...


Very thanks.
 
You must log in or register to reply here.
Back
Top