On Sun, 2004-03-28 at 12:18, Amanda wrote:
> If I then do
> if(!move_uploaded_file($_FILES['userfile']['tmp_name'], $dest_file))
> (snip error messages for clarity)
>
> it uploads the file just fine, but permissions are set to -rw-------
>
> If I then do
> $result = chmod ("$dest_file", 0777);
> if (!$result)
> {
> echo "<P>ERROR CHANGING PERMISSIONS FOR $dest_file";
> }
This is probably PHP trying to be "secure". It's been a very long time
since I've used php, but as a starting point I'd suggest looking in
php.ini for 'safe mode' or similar. It might also be worth doing the
chmod before the move. I don't know if it'll change anything, but PHP
does keep track of the files it uses for uploads, It may let you perform
operations on uploaded files that you can't do on arbitrary files.
And, as always, check the filename and so forth.
HTH,
James.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
