By danbars
Hello,
I have configured LAMP droplet on Ubunto 14.04. PHP is running and everything works - except when I try to upload files. My web site allows users to upload images that should end up being at /var/www/html/userphotos/<date>/. PHP first upload them to a temp folder, then creates the <date> folder if needed, and then moves it to the destination folder. It all worked on another hosting so I’m sure the PHP script is fine. I don’t have log files and I’m not a Linux expert, so I’m not even sure how turn them on. My guess is that it’s a permission thing. What I have done so far:
- chmod to 755 on the entire html folder
- manually created html/userphotos folder and chmod to 777 (temporarily, just to make sure it’s not that problem).
- defined upload_tmp_dir in php.ini to /tmp and verified in info.php that configration applied. I also chmod on that folder to 777 (apparently it was 1777 before my change and now it is 0777 so maybe I ought to change it back)
Any help on how to set up php/apache to allow file upload and folder creation will be highly appreciated.
Thanks!
Edit I have found the log files under /var/log/apache2, and here are the relevant lines:
[:error] [pid 21363] [client 198.143.41.65:53984] PHP Warning: mkdir(): Permission denied in /var/www/html/uploadphoto.php on line 55
[:error] [pid 21363] [client 198.143.41.65:53984] PHP Warning: copy(/var/www/html/usersphotos/2015-04-24/241403605.jpg): failed to open stream: No such file or directory in /var/www/html/uploadphoto.php on line 59
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Answering my own question, hopefully this could help someone:
Per this stackoverflow answer, I gave ownership to the apache user and group to the entire www folder, and then gave permission to that group on the folder:
chown -R www-data:www-data /var/www/ chmod -R g+rw /var/www/
Heya,
In case anyone else stumbles upon this, here is a guid from the beginning on how to configure this/
Configuring a LAMP stack (Linux, Apache, MySQL, and PHP) to allow visitors to upload files involves several steps, focusing on both functionality and security. Here’s a general guide to set this up:
1. Setting Up the HTML Form
Create an HTML form with an input of type file. Ensure your form uses the POST method and includes the enctype="multipart/form-data" attribute, which is necessary for file uploads.
<form action="upload.php" method="post" enctype="multipart/form-data">
Select file to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" value="Upload File" name="submit">
</form>
2. Handling the File Upload in PHP
Create a PHP script (like upload.php in the above form) to handle the file upload. This script should:
- Check if the file is actually uploaded.
- Validate file size and type for security purposes.
- Define where the file should be stored.
- Move the file from its temporary location to the desired directory.
Example PHP script:
<?php
$target_dir = "uploads/"; // Ensure this directory exists and is writable
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Check if file is a real image (optional)
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
// Check file size (for example, limit to 5MB)
if ($_FILES["fileToUpload"]["size"] > 5000000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats (e.g., jpg, png, jpeg, gif)
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
?>
3. Configuring PHP for File Uploads
Make sure your php.ini file is configured to allow file uploads:
file_uploads = On: Enables file upload.upload_max_filesize = 10M: Sets the maximum file size that PHP will accept.post_max_size = 10M: Sets the max size of post data allowed.max_execution_time = 300: Sets the maximum time in seconds a script is allowed to run before it is terminated.
4. Configuring Apache
Ensure that Apache has permissions to access the directory where files are being uploaded. Set the proper directory permissions.
5. Security Considerations
- Validate File Types: Be very careful about the types of files you allow to be uploaded to prevent script execution vulnerabilities.
- Storage Directory: Store uploaded files outside of the webroot or configure your web server to prevent execution of scripts in the upload directory.
- File Size Limit: Limit the size of uploads to what is reasonable for your application to prevent resource exhaustion.
- User Permissions: Run your script with the least privileges necessary.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.