I’m hosting the superior website www.gekonntgekocht.de, which is actually running PHP 5.4. It uses WordPress for content management and authors got double with uploading files.
We noticed failing uploads with an error message like “The uploaded file could not be moved to …”. After checking directory permissions of PHP’s
upload_tmp_dir and the destination directory (set in WordPress) we found the following:
- Permissons of
upload_tmp_dirand destination are correct (user and group, mode
700in our case)
- PHP function
Code for last item:
// Move the file to the uploads dir $new_file = $uploads['path'] . "/$filename"; if ( false === @ move_uploaded_file( $file['tmp_name'], $new_file ) ) return $upload_error_handler( $file, sprintf( __('The uploaded file could not be moved to %s.' ), $uploads['path'] ) );
As stated in the PHP manual,
move_uploaded_file is aware of
open_basedir setting where you could restrict files opened by PHP.
But — in our case the destination was already a subdirectory of the
open_basedir and the upload worked when we disabled
open_basedir by setting an empty value.
So we moved
open_basedirand — tadaa — it worked!
open_basedir on the manual page of
move_uploaded_file shows this very old comment:
nlgordon at iastate dot edu 16-Jul-2007 04:29 Just a helpful comment. If you have open_basedir set then you must set upload_tmp_dir to somewhere within the open_basedir. Otherwise the file upload will be denied. move_uploaded_file might be open_basedir aware, but the rest of the upload process isn't.