move_upload_file not working and permissions are all there

Question

I am trying to add pictures to my form but I can't seem to get it working. I have looked through every resource I can find but I haven't been able to solve this issue. My folder is writable, exists. The syntax of move_uploaded_file(tmpfileName, fileDestination) is right too. Here is my code:

if($_FILES['thread_image']['name']!=""){
    $fileExtBreak = explode('.', $_FILES['thread_image']['name']);
    $fileExt = strtolower(end($fileExtBreak));
    $allowed = array('jpg','jpeg','png','pdf');
    if(in_array($fileExt, $allowed)){
        $_SESSION['errors'] = $errors;
        if($_FILES['thread_image']['error'] > 0){
            $errors[] = 'Something went wrong when trying to upload your image.';
            $_SESSION['errors'] = $errors;
            header("Location:topic.php?id=". $_GET['id'] ."");
        }else{
            if($_FILES['thread_image']['size']>=10000000){
                $errors[] = 'The file you are trying to upload is too big';
                $_SESSION['errors'] = $errors;
                header("Location:topic.php?id=". $_GET['id'] ."");
            }else{
                if(!is_dir('images')){
                   $errors[]='This shit doesn\'t exist'; 
                }else if(!is_writable('images')){
                    $errors[]='This shit isn\'t writable';
                }else{
                    $errors[]='It exists and should work!!!!';
                }
                $fileName = $date.'.'.$fileExt;
                $filePath = 'images/'.$fileName;
                $errors[]=$_FILES['thread_image']['tmp_name'];
                $errors[]=$fileName;
                $errors[]=$filePath;
                if(move_uploaded_file($_FILES['thread_image']['tmp_name'], $filePath)){
                    $errors[]="success";
                }else{
                    $errors[]="didn't work, sorry";
                }
                $errors[]=mysqli_error($link);
                $_SESSION['errors'] = $errors;
                $stmt = $link->prepare("UPDATE threads set thread_has_image='1' WHERE thread_date=?");
                $stmt->bind_param("s",$date);
                $result=$stmt->execute();
            }
        }
    }else{
        $errors[] = "You cannot upload files with that type";
        $_SESSION['errors'] = $errors;
        header("Location:topic.php?id=". $_GET['id'] ."");
    }
}

And here is what it spits out:

1)checks whether the folder exists, 2)spits out the temporary file name 3)spits out my file name I created, 4)spits out the file Destination I created 5)checks whether move_uploaded_file worked

Here is my form:

<form class="makerContainer" method="post" enctype="multipart/form-data" action=<?php echo '"threadMaker_handler.php?id=' . $_GET[ 'id'] . '"'; ?>>
                    <fieldset class="good">
                        <div class="makerForm">
                            Thread Title:
                            <input type="text" class="title" title="ThreadTitle" name="thread_title" <?php echo 'value="' . $name . '"'; ?>>
                        </div>
                        <div class="makerForm">
                            Thread Description:
                            <textarea class="description" rows="8" cols="100" name="thread"><?php echo '' . $thread . ''; ?></textarea>
                            <div class="submitPanel">
                                    <input type="file" name="thread_image"/>
                                <input type="submit" class="button buttonModal buttonColor" value="+ Create Thread">
                            </div>
                        </div>
                    </fieldset>
                </form>

use php's error reporting and make sure that your server does support the naming convention you're using — Funk Forty Niner, May 04 '18 at 20:10
@FunkFortyNiner Do you mean mysqli_error($link)? Because I am using that. It spits out nothing. What do you mean by 'your server does support the naming convention you're using?' — Talha Ahmed, May 04 '18 at 20:13
@TalhaAhmed He means https://stackoverflow.com/questions/845021/how-to-get-useful-error-messages-in-php — Barmar, May 04 '18 at 20:15
by that I meant the colons for the file name. and what does the form look like? — Funk Forty Niner, May 04 '18 at 20:16
You have `$errors[]=mysqli_error($link);` before you perform the MySQL query. — Barmar, May 04 '18 at 20:18
I added error_reporting(E_ALL) to the top of my file and the output I got to the page was the exact same. — Talha Ahmed, May 04 '18 at 20:22
@Barmar I just realized that I shouldn't have used mysqli_error because my error doesn't come from sql lol. My sql runs perfectly well. I've checked my database and it does update the appropriate row and column. I'm taking that out lol — Talha Ahmed, May 04 '18 at 20:24
@FunkFortyNiner I just put in my form. I changed the enctype if that was what you wondering. — Talha Ahmed, May 04 '18 at 20:28
@FunkFortyNiner How do I check if my servers accept colon's in the filename? I didn't configure any regular expression for this. Is it something that's configured by default? — Talha Ahmed, May 04 '18 at 20:31
@FunkFortyNiner What modern operating system would have a problem with that filename? The only ones I know of are ancient history, like Mac OS 9 and earlier (colon was the directory separator). — Barmar, May 04 '18 at 20:34
@Barmar yes I'm aware of that, but you beat me to asking the OP about which OS is used? The colons could be an issue here. — Funk Forty Niner, May 04 '18 at 20:36
@FunkFortyNiner You were right about the colons, I changed my filename to uniqid('',true) from $date and now it works. Is there a way for me to make it so my servers accept the date naming convention? I am using windows 10. — Talha Ahmed, May 04 '18 at 20:38
@TalhaAhmed I had a feeling about that from the start, which is why I posted an answer for you below. — Funk Forty Niner, May 04 '18 at 20:42
@TalhaAhmed you are using MySQL, right? if not, which one is it? — Funk Forty Niner, May 04 '18 at 20:50

Funk Forty Niner · Answer 1 · 2018-05-04T21:04:02.960

Seeing this comment by the OP:

@FunkFortyNiner You were right about the colons, I changed my filename to uniqid('',true) from $date and now it works.

was something I had a feeling about, being the colons in the filenames being used.

Windows does not support that naming convention. At best, you will need to replace those with another character. However, that will cause havoc for your mysql dating method as I noticed in the query.

Is there a way for me to make it so my servers accept the date naming convention? I am using windows 10.

You could just use another character for the filename, but don't use $date for the query. You could simply use NOW() in its place if you're looking to use today's date.

You would need to change the column type's to DATETIME since you appear to be storing those as VARCHAR, which isn't a good idea.

It is best to use MySQL's built-in date/datetime functions and it will make querying much easier later on, should this be the RDBMS used.

https://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html

Or keep what you're using for it now for the query and should the dates match, but use a different variable for $date and different storage name for the file.

move_upload_file not working and permissions are all there

1 Answers1