file_uploads = On

[jrasmus1]

Is it possible to use php to upload files with x10hosting? More specifically, can "file_uploads = On" be set in the php.ini.

I followed the instructions given here: http://www.w3schools.com/php/php_file_upload.asp

But the file doesn't appear in the uploads folder on my webhosting server. I'm wondering if that's because the php.ini file needs to be changed to include: file_uploads = On

Any ideas?

Thanks!

 

[Dead-i]

Hi,

File uploads are already enabled on free hosting. Are you receiving any error messages?

Thank you,

 

[jrasmus1]

Thanks! I receive no errors, actually. I just don't find the uploaded file in the uploads directory I created.

Here is my HTML file (http://yourliferises.com/profile/upload.html):

<!DOCTYPE html>
<html>
<body>

<form action="upload.php" method="post" enctype="multipart/form-data">
Select image to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" value="Upload Image" name="submit">
</form>

</body>
</html>

Then here is my php file (http://yourliferises.com/profile/upload.php):

<?php
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
?>

I upload a small image and get this result: File is an image - image/png. But I don't find the image in my uploads folder: http://yourliferises.com/profile/uploads/

 

[bdistler]

I'm wondering if that's because the php.ini file needs to be changed to include: file_uploads = On

you can do your own test with this PHP script

<?php
error_reporting(E_ALL);

if(ini_get('file_uploads') == 1)
  {
    print 'HTTP Upload Enabled';
  }
  else
    {
      print 'HTTP Upload Disabled';
    }
?>

I receive no errors...

do you have display_errors setting enabled ?
see --> [ https://x10hosting.com/support/account/my-website-is-showing-a-blank-page ]
where they say how to do that[/QUOTE]

 

[jrasmus1]

Very helpful -- especially the tips about how to check the php settings and check for errors.

We're getting closer. So I turned on the error checking, and I was able to verify that file_uploads = on. I still receive no php errors (with display_errors turned on), yet the file doesn't appear in the uploads folder. Have others been able to upload a file using php? I assume so. Maybe there is a security setting? People have been so helpful already, and I'm grateful.

 

[bdistler]

I would throw some print statements at the PHP script like...
at - what is the path used by the script (after it is set in the script) ?
at - what is the file name used by the script (after it is set in the script) ?

and you might have been hit by a "mod_security" rule

 

[jrasmus1]

Good idea. I verified that when I select a file named "1.png" the target filename with path is this: http://yourliferises.com/profile/uploads/1.png.

Is there a way around the mod_security in this case?

 

[bdistler]

Is there a way around the mod_security in this case?

Premium users have the ability to completely disable mod_security on their account via cPanel - even though x10hosting discourage it.

For free-hosting x10hosting has a customized web server setup that does not allow for the same cPanel functionality to disable mod_security - x10hosting also decided it would not be a good idea to allow free-hosting users to disable it - as it is used to not only protect against inbound malicious attacks but to prevent outbound abuse also - Unfortunately free-hosting still gets abusive signups - and allowing them to disable something that helps to prevent their malicious actions would not be in x10hosting best interest

a Admin MIGHT make a change for you

BTW - when I try to run that code on my x10hosting's free-hosting server [ xo3 ] - I receive...

Forbidden

You don't have permission to access /uploads/upload.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

 

[jrasmus1]

Thanks. I just upgraded my account to see if I can solve the upload problem with a paid account. Once my account is activated, I'll try disabling mod_security. (If that's the *only* issue, I might hunt for a different free account, unless Admin can make the change for me. I'm prepared to pay long-term once the website takes off.)

 

[jrasmus1]

I turned off mod_security (by upgrading my account), and the file still doesn't upload -- now using: http://yourliferises.x10host.com/profile/upload.html

Has anyone used php to upload a file on x10host? (I also tried uploading to a dropbox server. Still no luck.)

 

[bdistler]

UPDATE:
I just uploaded image files on my x10hosting's free-hosting server [ xo3 ]

my 403 error was do to a block in my [ .htaccess ] file

AND

you are not using the complete PHP script...which I used
you need to look down the page at [ http://www.w3schools.com/php/php_file_upload.asp ]
there is no 'save' the file in the PHP script you posted

<?php
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
    $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } else {
        echo "File is not an image.";
        $uploadOk = 0;
    }
}
// Check if file already exists
if (file_exists($target_file)) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
    echo "Sorry, your file is too large.";
    $uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
    $uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
    echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
    if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
        echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
    } else {
        echo "Sorry, there was an error uploading your file.";
    }
}
?>

BTW - I would not use this script on a 'live' site - lots of open doors for the bad guys to walk through

 

[jrasmus1]

UPDATE:
I just uploaded image files on my x10hosting's free-hosting server [ xo3 ]

my 403 error was do to a block in my [ .htaccess ] file

AND

you are not using the complete PHP script...which I used
you need to look down the page at [ http://www.w3schools.com/php/php_file_upload.asp ]
there is no 'save' the file in the PHP script you posted

<?php
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
    $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } else {
        echo "File is not an image.";
        $uploadOk = 0;
    }
}
// Check if file already exists
if (file_exists($target_file)) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
    echo "Sorry, your file is too large.";
    $uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
    $uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
    echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
    if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
        echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
    } else {
        echo "Sorry, there was an error uploading your file.";
    }
}
?>

BTW - I would not use this script on a 'live' site - lots of open doors for the bad guys to walk through

 

[jrasmus1]

You solved it! Thank you! I'll summarize the progress:

1. x10hosting allows php file upload (even the free version).
2. Use the full php code pasted above.
3. You don't need to disable mod_security.
4. "file_uploads = On" by default, which is great.

Thanks again!

 

[bdistler]

be sure that you understand this from the TOS...

The account holder is responsible for all hosted material on the account and any actions performed by the account due to material hosted on it.

the above scripts will allow anyone to post anything to your account - only the file extension and size are tested

 

[caftpx10]

What bdistler said is very true. I can tell because the upload form is just HTML and the uploader doesn't have any checks like if the user is logged in or not.