web user can not upload files

[Dave]

My training program can allow users to upload files relevant to the course they are enrolled in . However, this functionality is not working on this server. Please advise me on how to configure this feature.
Dave
-------------------------------------------------------------------------------
Moodle requires a number of PHP settings to be active for it to work. On most servers these will already be the default settings. However, some PHP servers (and some of the more recent PHP versions) may have things set differently. These are defined in PHP's configuration file (usually called php.ini):

magic_quotes_gpc = 1 (preferred but not necessary)
magic_quotes_runtime = 0 (necessary)
file_uploads = 1
session.auto_start = 0
session.bug_compat_warn = 0

[jason]

From a server standpoint there is nothing special you need to do to make this happen, it should just work. You'll probably need to update the script that is recieving the file to direct it to a directory within your webspace--otherwise it will sit in temporary space and will eventually be deleted. You'll need to look at the script and any documentation that came with it to see exactly what you need to change.

Also, in order to upload files properly, you need to be sure that the <form> tag for the form that the upload is occuring from has enctype="multipart/form-data" added to it.

Just as an aside, be very careful with file uploads. Make sure you are filtering them to ensure that people are uploading only what they are supposed to, or don't let them upload to a web-accessible path (anything inside of public_html). Otherwise someone could, for instance, upload a cgi script and essentially hijack your account. (Your script may already do this already.)

--Jason

[jason]

You added to your post while I was responding...

I'm not sure about all of those settings and they may vary from server to server. HTTPD is down on my server right now, so I can't check my server's settings. To check your's, create a PHP file with the following in it:

PHP Code:

<?php
    phpinfo();
?>

upload it and run it from your browser. You'll get all kinds of info about the PHP config. If any of the values disagree with what your script needs, you may be able to modify them for your site with your .htaccess file (through the CPanel or edited with your favorite editor and uploaded with ftp). Just add a line for each value you wnat to modify that looks like this:

php_flag magic_quotes_gpc 1
php_flag magic_quotes_runtime 0

it won't work for every option that PHP offers, but it will for most.

--Jason