[Resolved] copy() move_uploaded_file() bypass

Kudose · Feb 14, 2004

I get this error:

Array ( [file] => Array ( [name] => louie.jpg [type] => image/pjpeg [tmp_name] => /tmp/phpQIPjgp [error] => 0 [size] => 35430 ) )

Warning: move_uploaded_file(): open_basedir restriction in effect. File(/SUV/louie.jpg) is not within the allowed path(s): (/home/zayyscec:/usr/lib/php:/usr/local/lib/php:/tmp) in /home/zayyscec/public_html/uploader.php on line 32

File has been successfully uploaded!

Well, not really an error, it says my file is uplaoded, but it sint, cause there was kinda an error....anyways, here is my script:

 <? 
include('dbinfo.inc.php');
$query = mysql_query("SELECT * FROM admin WHERE password='$password'") or die(mysql_error());
$rows = mysql_num_rows($query); 
if($rows=1){
include('top.php'); 
   include('left.php');?>

 <td width="81%">  <?

if ($HTTP_POST_VARS['submit']) {
  print_r($HTTP_POST_FILES);
  if (!is_uploaded_file($HTTP_POST_FILES['file']['tmp_name'])) {
    $error = "You did not upload a file!";
    unlink($HTTP_POST_FILES['file']['tmp_name']);
    // assign error message, remove uploaded file, redisplay form.
  } else {
    //a file was uploaded
    $maxfilesize=200000;

if ($HTTP_POST_FILES['file']['size'] > $maxfilesize) {
  $error = "file is too large";
  unlink($HTTP_POST_FILES['file']['tmp_name']);
  // assign error message, remove uploaded file, redisplay form.
} else {
  if ($HTTP_POST_FILES['file']['type'] != "image/gif" AND $HTTP_POST_FILES['file']['type'] != "image/pjpeg") { 
    $error = "This file type is not allowed";
    unlink($HTTP_POST_FILES['file']['tmp_name']);
    // assign error message, remove uploaded file, redisplay form.
  } else {
   //File has passed all validation, copy it to the final destination and remove the temporary file:
   move_uploaded_file($HTTP_POST_FILES['file']['tmp_name'],"/$path/".$HTTP_POST_FILES['file']['name']);
   unlink($HTTP_POST_FILES['file']['tmp_name']);
   print "File has been successfully uploaded!";
   exit;
 }
} 
  }
}
?>
 <form action="<?=$PHP_SELF?>" method="post" enctype="multipart/form-data">
    <?=$error?>
    <div align="center"><br>
      <font color="#FF0000" size="2" face="Tahoma"><strong>Password to upload 
      file: 
      <input type="password" name="password" maxlength="12">
      <br>Directory to upload:<select name="path" id="path">
          <option selected>Car</option>
          <option>Truck</option>
          <option>SUV</option>
        </select><br>
      Choose a file to upload: 
      <input type="file" name="file">
      <br>
      <input type="submit" name="submit" value="submit">
      </strong></font> </div>
  </form>

 </td> <?
include('bottom.php'); 
} else {
 include('top.php'); 
   include('left.php');?> <td height="110"> <?
   print "Password is invalid. "; 
   ?> </td> <?
include('bottom.php');
} 
?>

Does anyone know how to bypass the copy() or move_file_uploaded() from being check by open_basedir()?

Am I even on the right page to fix this issue?

[EDIT]By the way, I do not have access to my php.ini file[/EDIT]