I'm trying to upload a user's photo using a simple HTML input form, but I'm getting the following error. I've set the permissions of my upload folder to 755. I tried 777 and that works, but I've read that setting it to 777 is not advised and that I should be able to use 755?
Warning: move_uploaded_file(uploads/2014_08_21_11_03_14k.jpg) [function.move-uploaded-file]: failed to open stream: Permission denied in /home/yadayada/register.php on line 136
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/php8KQwyh' to 'uploads/2014_08_21_11_03_14k.jpg' in /home/yadayada/register.php on line 136
This is my php code:
$userPhotoUrl = 'uploads/'.date('Y_m_d_H_i_s').$_FILES['photo']['name'];
if (is_uploaded_file($_FILES['photo']['tmp_name'])) {
if (!move_uploaded_file($_FILES['photo']['tmp_name'], $userPhotoUrl)) {
// show error message
return;
}
} else {
// show error message
return;
}
First of all, you have to understand what is 755.
For folder, 755 means drwxr-xr-x, which means:
As the user running PHP is probably not the owner of the folder, it does not have write permission to the folder. Either:
chown the folder to PHP's user; or777: everybody has Read, Write & Execute permissionOf course, the latter choice has a security issue, as if somebody uploads an executable shell script to your folder, he can execute the script. Therefore, you should stick with the first choice.