文档建议反馈控制台
首页
学习
活动
专区
工具
TVP
最新优惠活动
文章/答案/技术大牛
发布
社区首页 >问答首页 >无法从PHP创建的目录中删除图像。PHP问题与apache安全问题

无法从PHP创建的目录中删除图像。PHP问题与apache安全问题
EN

Stack Overflow用户
提问于 2018-07-18 08:23:45
回答 2查看 29关注 0票数 0

我已经为推荐提供者编写了代码,以便在推荐过程中将图像和文档上传到我们的网站。脚本工作,创建目录,重命名图像并上传。我的问题是我不能物理删除文件(使用Filezilla和Dreamweaver)。

这可能是脚本的问题,还是Apache设置的问题?

我曾想过尝试添加类似这样的东西,但它上传了文件,但$img_file没有复制到数据库中,当我查看图像的chmod设置时,它们被设置为644,所以很明显,下面的代码片段没有像预期的那样工作。

代码语言:javascript
复制
       // rename uploaded file
        $img_file = chmod("$UMNCaseNo . '_' .$Pet_Name . '_' .$ClientName . '_' . rand(1000000000,1000000000000).".".$imgExt", 755);

注意:我知道脚本有两个部分,一个有这个,一个没有。这两种方法我都试过了。

我无法更改Filezilla中的chmod设置,这让我相信可能是Apache设置有问题?

我的脚本是:

代码语言:javascript
复制
<?PHP
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

$mysqli = new mysqli("xxx", "xxx", "xxx", "xxx");
$mysqli->set_charset("utf8");
$mysqli->query("SET NAMES 'utf8'");

if (mysqli_connect_error()) { echo mysqli_connect_error(); exit; }

// check to make sure the form was submitted 
if (isset($_POST['Upload'])){

// derm form ID 
if(isset($_POST['dermdvmID']))
   {
    $id = $_POST["dermdvmID"];
   }    
else {
    $id = NULL;
 }  

// PA or Case Number    
if(isset($_POST['UMNCaseNo']))
   {
    $UMNCaseNo = $_POST["UMNCaseNo"];
   }    
else {
    $UMNCaseNo = $_POST["dermdvmID"];
 }

// Client Name  
if(isset($_POST['ClientName']))
   {
    $ClientName = $_POST["ClientName"];
   }    
else {
    $ClientName = NULL;
 }  

// Patient Name 
if(isset($_POST['Pet_Name']))
   {
    $Pet_Name = $_POST["Pet_Name"];
   }    
else {
    $Pet_Name = NULL;
 }      

      // Image File Information
      $imgFile = $_FILES['file']['name'];
      $tmp_dir = $_FILES['file']['tmp_name'];
      $imgSize = $_FILES['file']['size'];

      // Upload to Directory
      $upload_dir = '/xx/xx/xx/xx/public/dermatology/files/' .$UMNCaseNo . '_' .$Pet_Name . '_' .$ClientName . '/'; // upload directory

      // Check to see if the Directory already exists. If not, create the directory and give settings 0777
       if (!is_dir('/xx/xx/xx/xx/public/dermatology/files/' .$UMNCaseNo . '_' .$Pet_Name . '_' .$ClientName . '/')) {
        mkdir('/xx/xx/xx/xx/public/dermatology/files/' .$UMNCaseNo . '_' .$Pet_Name . '_' .$ClientName . '/', 0777, TRUE);

       }

       // Get file extension
       $imgExt = strtolower(pathinfo($imgFile,PATHINFO_EXTENSION)); // get file extension

       // valid file extensions
       $valid_extensions = array('jpeg', 'jpg', 'png', 'gif', 'tif', 'bmp', 'dicom', 'dcm', 'pdf', 'doc', 'docx', 'xls', 'xlsx' ); // valid extensions

       // rename uploaded file
        $img_file = chmod("$UMNCaseNo . '_' .$Pet_Name . '_' .$ClientName . '_' . rand(1000000000,1000000000000).".".$imgExt", 755);        

       // allow valid file formats
       if(in_array($imgExt, $valid_extensions)){   
        // Check file size '15MB'
        if($imgSize < 1500000)    {
         move_uploaded_file($tmp_dir,$upload_dir.$img_file);
        }
        else{
         $errMSG = "Sorry, the file you are trying to upload is too large.";
        }
       }
       else{
        $errMSG = "Sorry, only JPG, JPEG, PNG, TIFF, GIF, BMP, DICOM, PDF, DOC, DOCX, TXT, XLS, & XLSX files are allowed.";  
       }

$sql = "INSERT INTO tbl_dermatology_rdvm_attachments (dermformID, UMNCaseNo, ClientName, PatientName, file, original_filename, date_uploaded) VALUES (?,?,?,?,?,?, NOW())";

$stmt = $mysqli->prepare($sql);
$stmt->bind_param("ssssss", $id, $UMNCaseNo, $ClientName, $Pet_Name, $img_file, $imgFile ); // bind variables

if ($stmt->execute()){

        $attachID = $stmt->insert_id;

        header('Location: the link goes here', 
            TRUE, // rewrite existing Location header
            302  // set status code 
                   );
    }

 else {
        echo "Something went wrong with the upload. Please try again.";

  $stmt->close();

} 
     }

// check to make sure the form was submitted for upload a new image
if (isset($_POST['Upload2'])){

// derm form ID 
if(isset($_POST['dermdvmID']))
   {
    $id = $_POST["dermdvmID"];
   }    
else {
    $id = NULL;
 }  

// PA or Case Number    
if(isset($_POST['UMNCaseNo']))
   {
    $UMNCaseNo = $_POST["UMNCaseNo"];
   }    
else {
    $UMNCaseNo = $_POST["dermdvmID"];
 }

// Client Name  
if(isset($_POST['ClientName']))
   {
    $ClientName = $_POST["ClientName"];
   }    
else {
    $ClientName = NULL;
 }  

// Patient Name 
if(isset($_POST['Pet_Name']))
   {
    $Pet_Name = $_POST["Pet_Name"];
   }    
else {
    $Pet_Name = NULL;
 }      

      // Image File Information
      $imgFile = $_FILES['file']['name'];
      $tmp_dir = $_FILES['file']['tmp_name'];
      $imgSize = $_FILES['file']['size'];

      $upload_dir = '/xx/xx/xx/xx/public/dermatology/files/' .$UMNCaseNo . '_' .$Pet_Name . '_' .$ClientName . '/'; // upload directory

       if (!is_dir('/xx/xx/xx/xx/public/dermatology/files/' .$UMNCaseNo . '_' .$Pet_Name . '_' .$ClientName . '/')) {
            mkdir('/xx/xx/xx/xx/public/dermatology/files/' .$UMNCaseNo . '_' .$Pet_Name . '_' .$ClientName . '/', 0777, TRUE);
       }

       $imgExt = strtolower(pathinfo($imgFile,PATHINFO_EXTENSION)); // get file extension

       // valid image extensions
       $valid_extensions = array('jpeg', 'jpg', 'png', 'gif', 'tif', 'bmp', 'dicom', 'dcm', 'pdf', 'doc', 'docx', 'xls', 'xlsx' ); // valid extensions

       // rename uploading image
        $img_file = $UMNCaseNo . '_' .$Pet_Name . '_' .$ClientName . '_' . rand(1000000000,1000000000000) . ".".$imgExt;    

       // allow valid image file formats
       if(in_array($imgExt, $valid_extensions)){  

        // Check file size '15MB'
        if($imgSize < 1500000)    {
         move_uploaded_file($tmp_dir,$upload_dir.$img_file);
        }
        else{
         $errMSG = "Sorry, the file you are trying to upload is too large.";
        }
       }
       else{
        $errMSG = "Sorry, only JPG, JPEG, PNG, TIFF, GIF, BMP, DICOM, PDF, DOC, DOCX, TXT, XLS, & XLSX files are allowed.";  
       }

$sql = "INSERT INTO tbl_dermatology_rdvm_attachments (dermformID, UMNCaseNo, ClientName, PatientName, file, original_filename, date_uploaded) VALUES (?,?,?,?,?,?, NOW())";

$stmt = $mysqli->prepare($sql);
$stmt->bind_param("ssssss", $id, $UMNCaseNo, $ClientName, $Pet_Name, $img_file, $imgFile ); // bind variables

if ($stmt->execute()){
        // derm form ID 
        if(isset($_POST['dermdvmID']))
           {
            $id = $_POST["dermdvmID"];
           }    
        else {
            $id = NULL;
         }  

        header('Location: https://URL/public/dermatology/rdvm_upload_form_success.php?id='. $id,
      TRUE, // rewrite existing Location header
            302  // set status code 
      );
    }

 else {

        echo "Something went wrong with the upload. Please try again.";

  $stmt->close();

} 
     }

?>
php
apache
file-upload
EN

回答 2

Stack Overflow用户

发布于 2018-07-18 08:39:08

根据您使用的用户,您的FTP用户(例如ftp)可能没有权限编辑/删除该用户创建的文件,例如Apache由用户httpd运行,而ftp可能不是组/替代用户httpd的一部分。

票数 0
EN

Stack Overflow用户

发布于 2018-07-19 19:49:36

添加以下代码解决了我的问题:

代码语言:javascript
复制
$oldmask = umask(0);

mkdir('/xx/xx/xx/xx/public/dermatology/files/' .$UMNCaseNo . '_' .$Pet_Name . '_' .$ClientName . '/', 0777, TRUE);

umask($oldmask);
票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/51391869

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2024 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 深公网安备号 44030502008569

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号 | 京公网安备号11010802020287

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档