How to Configure Apache to Accept Uploads

How to upload a file using Apache and PHP

Summary

This article explains how to configure the Apache web server to upload files, with each file going to each user's domicile directory. It assumes you already take a webserver that supports php. See linuxsetup42.html for details on compiling Apache with PHP support.

Stride 1: Edit httpd.conf or .htaccess

Add together the following lines to the httpd.conf file:

LoadModule php5_module        modules/libphp5.so AddHandler php5-script php  DirectoryIndex index.html index.php   AddType awarding/x-httpd-php .php .htm .html

The first iii lines should already be nowadays if php is working on your server. The concluding line adds support for inline php commands, which are needed to integrate environment variables such equally usernames into your xhtml code. Re-starting time Apache so the new configuration takes result.

If you don't have permission to alter the httpd.conf file, the AddType command can also be added to a .htaccess file in your home directory. This may or may non work, depending on the setting of the AllowOverride line in httpd.conf.

Stride 2: Make certain inline php is working

Add together the line <?php echo "Inline php is working"; ?> /> into an html file.
Note: inline php volition simply work if the html file is in the designated html directory, where the server accesses it. If you load the same html file past typing "file:// ..." instead of "http:// ... " in the address bar, it won't work.

Hither is a complete html file demonstrating inline php.

<html> <head></caput> <body> Test of inline php <br /> <?php echo "This line will exist visible if inline php is working on this server.";?>  </torso> </html>

When you lot click on the above page, you should see this:

Step 3: Create the upload course

Hither is a consummate upload form (upload.html). A real form would as well have a more than consummate doctype header, including a line for the css page to control the formatting, but this case still works.

<html> <head></head> <body> <h4> File uploads </h4> <form enctype="multipart/form-information" activity="../../cgi-bin/upload.php"  	method="post"> <p> Select File: <input type="file" size="35" proper name="uploadedfile" /> <br />  Destination <input type="text" size="35" proper noun="destination"         value= "<?php repeat $_ENV["USER"];?>" /> <br /> <input type="submit" name="Upload" value="Upload" /> </p> </form> </body> </html>        

Notes:

1. This file requires a php file chosen upload.php (described beneath), which has to be placed in the cgi-bin directory.
2. This form has a push for the user to select the source file, and a text surface area to specify the destination directory. Unfortunately, there is no easy mode to select a directory using HTML. We could take added another input push, but it would always get a file, which would confuse the user. So we will become the directory from the user'south text string and create a home directory for each user to put their files.
3. The default directory is the user's username. This is obtained past reading the USER environs variable, using the following line of php: <?php echo $_ENV["USER"];?> . PHP defines a lot of other surroundings variables, including the server proper noun, script name, date, etc. which can exist accessed at whatever time inside your html file. To get a list of these variables, put this line in your html file: <? phpinfo(); ?> .

Footstep four: Create the php script

Hither is a minimal merely functional php script (upload.php) for uploading a file.

<?php  $destination_path = $_REQUEST["destination"] . "/";  $target_path = "../htdocs/" . $destination_path; $target_path = $target_path . basename( $_FILES['uploadedfile']['name']);   repeat "User=" .          $_ENV[USER] . "<br />"; repeat "Source=" .        $_FILES['uploadedfile']['proper noun'] . "<br />";  repeat "Destination=" .   $destination_path . "<br />";  repeat "Target path=" .   $target_path . "<br />";  echo "Size=" .          $_FILES['uploadedfile']['size'] . "<br />";  //echo "Tmp name=" .    $_FILES['uploadedfile']['tmp_name'] . "<br />";    if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {     echo "The file ".  basename( $_FILES['uploadedfile']['name']).      " has been uploaded"; } else{     repeat "In that location was an error uploading the file, delight try once again!"; } ?>

Here is the output from the above script:

Notes:

1. This script would be placed in the cgi-bin directory, or wherever the server is configured to execute cgi scripts. The ExecCGI pick must as well be specified in the httpd.conf file in society for this script to work.
2. The script strips the path from the user-specified file and appends the base filename to the directory that the user specified. In a real-world situation, you would take to be careful virtually this, considering a user could type a variety of path characters to upload files in undesirable locations. For example, a user might exist able to upload a new password file and obtain root access on your server.
3. move_uploaded_file is a born PHP part.
4. The upload.php script does not need to have execute permissions.
5. The tjnelson directory (located in /usr/local/httpd/htdocs/ in this example) should be writable by the httpd procedure.
6. It would be a good idea to hard-lawmaking the username in the script, instead of allowing them to change it. Otherwise, your users could overwrite each other'south files.
7. Making this script secure so your organization doesn't get pwned five seconds after you post this form is, equally usual, left as an exercise for the reader.

strattonwoution.blogspot.com

Source: https://randombio.com/linuxsetup107.html

Share this post