File upload

Ole

Hi!
Through a .htaccess file the register globals is turned on (php_flag register_globals on). The .htaccess file is placed inside my directory on the webserver. So maybe the problem has something to do with the copy() from the temp dir outside my directory.

I'm using WS_FTP LE and have "Read" and "Write" permissions as "Owner" to the directory where the file should be placed.

When I try to upload a file, I get the "Could not upload the file"-error message and nothing is uploaded.
When I try to upload a file that is e.g. too big I get the right error message and the file is rejected as it should.

picture.php:

...
<FORM METHOD=\"post\" ACTION=\"action.php\" enctype=\"multipart/form-data\">
...
<INPUT TYPE=\"file\" NAME=\"img\" SIZE=\"79\">
...
<INPUT TYPE=\"submit\" NAME=\"ins_pict\" VALUE=\" - Upload - \">
...

action.php:

IF($_POST['ins_pict']) {
	$allowedTypes = array("image/jpeg", "image/pjpeg", "image/jpg"); //allowed file types
	$maxFileSize = 30720; //max size in bytes
	$maxImgWidth = 200; //max width in pixels

//security
$file=array("name"=>$_FILES['img']['name'],
"tmp_name"=>$_FILES['img']['tmp_name'],
"type"=>$_FILES['img']['type'],
"size"=>$_FILES['img']['size']);

IF($img != "none") {
	/* -- -- if img-input-field ok -- -- */

	//File type allowed?
	IF (in_array($file['type'],$allowedTypes)) {

		//Size allowed?
		IF ($file['size'] <= $maxFileSize) {

			//What is the width?
			$size = getImageSize($img);
			list($foo, $width, $bar, $height) = explode("\"",$size[3]);

			//Size allowed?
			IF ($width <= $maxImgWidth) {

				//Timestamp, later added to file name
				$dato_tid = date("His_dmy", time());

				//paths
				$path = "/docs/grafik/bands/";//*nix-path
				copy($file['tmp_name'],$path.$dato_tid.$file['name']) or die("Could not upload file!");
				unlink($file['tmp_name']);

				//Updating database
				MYSQL_CONNECT($host,$user,$password) OR DIE($c_error);
				MYSQL_SELECT_DB($database) OR DIE($s_error);

				$query = MYSQL_QUERY("UPDATE koncert SET imgsrc='$dato_tid$img_name' WHERE id='$id' ");

				$mess = "Picture added!";
			}
			ELSE {
				//Error mess. if pict too big
				$mess = "Picture NOT added. It is too big!";
			}
		}
		ELSE {
			//Error mess. if file too big
			$mess = "Picture NOT added. The file is too big!";
		}
	}
	ELSE {
		//Error mess. if file type not allowed
		$mess = "Picture NOT added. The file type is not allowed!";
	}
}
ELSE {
	//Error mess. if input field empty
	$mess = "Picture NOT added. File not specified!";
}
unset($ins_pict);
Header("Location:picture.php?id=$id&mess=$mess");
}