[MEDIUM:FIXED:1.0.11] Can't upload image

[pcigre]

Description:
When wrinting newarticle, can't upload images. Popup returns no autorisation text.

Reported on:
1.0.11

Classification:
High coz now autors that doesn't have ftp accress can't post articles.

System info:
PHP built On:  Linux vps.pcigre.com 2.6.9-022stab078.14-enterprise #1 SMP Wed Jul 19 14:35:02 MSD 2006 i686
Database Version: 4.1.21-standard
PHP Version: 4.4.4
Web Server: Apache
WebServer to PHP interface: apache2handler
Joomla! Version: Joomla! 1.0.11 Stable [ Sunbow ] 28 August 2006 20:00 UTC
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6

[infograf768]

I confirm you have first to apply the changes i.e. create the content item first.
Upload then works OK.

There is a known bug for banners uploading.
http://forum.joomla.org/index.php/topic,90039.0.html

[pcigre]

It works when content is saved... Now need to crate announcment to all authors about this...

Thanks for hint.

[infograf768]

http://forum.joomla.org/index.php/topic ... #msg457639

[user deleted]

[TAGGED: Q&T] Status > Under Review

[user deleted]

Confirmed and added a bug tracker report: http://forge.joomla.org/sf/go/artf5780?nav=1

[Shimon]

Hi!

What is the reason to make admin first to save content item, next to upload images?

Here are few issues:

1. there is check for option and task from $_SESSION. So if you opened in one window already saved content item, next you open some component in another window (to copy and paste information for example) - seems that we'll get two problems at a time:
  a. the wrong option and task! (do we need the check, if we get the wrong result?)
  b. if the task of the last opened component is not 'edit' and is not 'editA' - the user will get error "You are not authorized to view this resource."

2. The message "You are not authorized to view this resource." is confusing users, as they are either used to upload and never got this message, or they are in status of admin or superadmin and they ARE authorized for such task.

3. If another component is using the STANDART Joomla! function to upload files, the user will get error "You are not authorized to view this resource." - the only one way to fix is to edit uploadimage.php (after every update?).


It's not a bug. It's just something new and is not usable at all.

It seems for me, that for example if you add the option to the Global Configuration, like 'allow users to upload files from nonsystem components', or something like that, and if you'll check for the usertype - the solution will be much more useful.

[pcigre]

It looks like its fixed in svn. Can someone post changes in files?

[Shimon]

Here is the last changed around 10 minutes ago code.

# Fixed [artf5780] : lack of 'new' task in allowed tasks check
# Fixed [artf5779] : lack of 'com_typedcontent' option in allowed options check
# Fixed [art5766] : Bannerupload failt

Code: Select all

<?php
/**
* @version $Id$
* @package Joomla
* @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*/

// Set flag that this is a parent file
define( "_VALID_MOS", 1 );

/** security check */
require( '../includes/auth.php' );
include_once ( $mosConfig_absolute_path . '/language/' . $mosConfig_lang . '.php' );

/*
* Stops file upload below /images/stories directory
* Added 1.0.11
*/
function limitDirectory( &$directory ) {
	if ( strpos($directory, '../') !== false ) {
		$directory = str_replace('../', '', $directory);
	}

	if ( strpos($directory, '..\\') !== false ) {
		$directory = str_replace('..\\', '', $directory);
	}
	
	if ( strpos($directory, ':') !== false ) {
		$directory = str_replace(':', '', $directory);
	}
	
	return $directory;
}

// limit access to functionality
$option = strval( mosGetParam( $_SESSION, 'option', '' ) );
$task 	= strval( mosGetParam( $_SESSION, 'task', '' ) );

switch ($option) {
	case 'com_banners':
		break;		
		
	case 'com_categories':
	case 'com_content':
	case 'com_sections':
	case 'com_typedcontent':
		if ( $task != 'edit' && $task != 'editA' && $task != 'new' ) {
			echo _NOT_AUTH;
			return;
		}
		break;		
		
	default:
		echo _NOT_AUTH;
		return;
		break;		
}

$directory	= mosGetParam( $_REQUEST, 'directory', '');
$css 		= mosGetParam( $_REQUEST, 't','');

$media_path	= $mosConfig_absolute_path.'/media/';

$userfile2		= (isset($_FILES['userfile']['tmp_name']) ? $_FILES['userfile']['tmp_name'] : "");
$userfile_name	= (isset($_FILES['userfile']['name']) ? $_FILES['userfile']['name'] : "");

limitDirectory( $directory );

// check to see if directory exists
if ( $directory != 'banners' && $directory != '' && !is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) {
	$directory 	= '';
}
	
if (isset($_FILES['userfile'])) {
	if ($directory == 'banners') {
		$base_Dir = "../../images/banners/";
	} else if ( $directory != '' ) {
		$base_Dir = '../../images/stories/'. $directory;

		if (!is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) {
			$base_Dir 	= '../../images/stories/';
			$directory 	= '';
		}
	} else {
		$base_Dir = '../../images/stories/';
	}

	if (empty($userfile_name)) {
		echo "<script>alert('Please select an image to upload'); document.location.href='uploadimage.php';</script>";
	}

	$filename = split("\.", $userfile_name);

	if (eregi("[^0-9a-zA-Z_]", $filename[0])) {
		mosErrorAlert('File must only contain alphanumeric characters and no spaces please.');
	}

	if (file_exists($base_Dir.$userfile_name)) {
		mosErrorAlert('Image '.$userfile_name.' already exists.');
	}

	if ((strcasecmp(substr($userfile_name,-4),'.gif')) && (strcasecmp(substr($userfile_name,-4),'.jpg')) && (strcasecmp(substr($userfile_name,-4),'.png')) && (strcasecmp(substr($userfile_name,-4),'.bmp')) &&(strcasecmp(substr($userfile_name,-4),'.doc')) && (strcasecmp(substr($userfile_name,-4),'.xls')) && (strcasecmp(substr($userfile_name,-4),'.ppt')) && (strcasecmp(substr($userfile_name,-4),'.swf')) && (strcasecmp(substr($userfile_name,-4),'.pdf'))) {
		mosErrorAlert('The file must be gif, png, jpg, bmp, swf, doc, xls or ppt');
	}


	if (eregi('.pdf', $userfile_name) || eregi('.doc', $userfile_name) || eregi('.xls', $userfile_name) || eregi('.ppt', $userfile_name)) {
		if (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$media_path.$_FILES['userfile']['name']) || !mosChmod($media_path.$_FILES['userfile']['name'])) {
			mosErrorAlert('Upload of '.$userfile_name.' failed');
		} else {
			mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()");
		}
	} elseif (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$base_Dir.$_FILES['userfile']['name']) || !mosChmod($base_Dir.$_FILES['userfile']['name'])) {
		mosErrorAlert('Upload of '.$userfile_name.' failed');
	} else {
		mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()");
	}
		echo $base_Dir.$_FILES['userfile']['name'];
}

// css file handling
// check to see if template exists
if ( $css != '' && !is_dir($mosConfig_absolute_path .'/administrator/templates/'. $css .'/css/template_css.css' )) {
	$css 	= 'joomla_admin';
} else if ( $css == '' ) {
	$css 	= 'joomla_admin';
}

$iso = split( '=', _ISO );
// xml prolog
echo '<?xml version="1.0" encoding="'. $iso[1] .'"?' .'>';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Upload a file</title>
</head>
<body>

<link rel="stylesheet" href="../templates/<?php echo $css; ?>/css/template_css.css" type="text/css" />
<form method="post" action="uploadimage.php" enctype="multipart/form-data" name="filename">

<table class="adminform">
<tr>
	<th class="title"> 
		File Upload : <?php echo $directory; ?>
	</th>
</tr>
<tr>
	<td align="center">
		<input class="inputbox" name="userfile" type="file" />
	</td>
</tr>
<tr>
	<td>
		<input class="button" type="submit" value="Upload" name="fileupload" />
		Max size = <?php echo ini_get( 'post_max_size' );?>
	</td>
</tr>
</table>

<input type="hidden" name="directory" value="<?php echo $directory;?>" />
</form>

</body>
</html>

[Predator]

Fixed in SVN

[Shimon]

Thanks to Predator and to facedancer for the fast bugfixing, I've checked on one of my websites - didn't get error message.

But still there are the same issues:l

1. there is check for option and task from $_SESSION. So if you opened in one window already saved content item, next you open some component in another window (to copy and paste information for example) - seems that we'll get two problems at a time:
  a. the wrong option and task! (do we need the check, if we get the wrong result?)
  b. if the task of the last opened component is not 'edit' and is not 'editA' - the user will get error "You are not authorized to view this resource."

2. The message "You are not authorized to view this resource." is confusing users, as they are either used to upload and never got this message, or they are in status of admin or superadmin and they ARE authorized for such task.

3. If another component is using the STANDART Joomla! function to upload files, the user will get error "You are not authorized to view this resource." - the only one way to fix is to edit uploadimage.php (after every update?).

Also, could you give to admin an ability to change in preferences the which directories are not allowed to upload to, such as i have a component, uploading images to images/tiles, so I'm using the pathway ../tiles - i had to comment the part of code which is checking for the '../' in the pathway of upload.

And one more thing, seems to be a vulnerability.
If you are logged in the frontend and editing content - you are working with the component com_content - the same as in the backend, with the same task 'edit' - uploadimage.php allows you to upload files from the frontend even if you are not logged in the backend and even if your status is just 'Author'.

Code: Select all

http://website.com/administrator/popups/uploadimage.php?directory=&t=joomla_admin

[pcigre]

Upload in backend now works fine. Thanks everyone.

edit: it would be nice that Known issues 1.0.11 Sunbow topic is being updated with links to fixes.

[user deleted]

Hi,

I will be updating all Q&T topics tomorrow. I will add fixes to the known issue list as well.

Regards Robin

[Shimon]

Hi,

I will be updating all Q&T topics tomorrow. I will add fixes to the known issue list as well.

Regards Robin

Hi!

Is there any news? Any changes?

[user deleted]

Hi,

No news yet, I'm depending on the Dev's to fix this  This file has been fixed already though so you should be able to get it here:
http://forge.joomla.org/integration/vie ... 2&view=log

[lejovchina]

Here is the last changed around 10 minutes ago code.

# Fixed [artf5780] : lack of 'new' task in allowed tasks check
# Fixed [artf5779] : lack of 'com_typedcontent' option in allowed options check
# Fixed [art5766] : Bannerupload failt

Code: Select all

<?php
/**
* @version $Id$
* @package Joomla
* @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*/

// Set flag that this is a parent file
define( "_VALID_MOS", 1 );

/** security check */
require( '../includes/auth.php' );
include_once ( $mosConfig_absolute_path . '/language/' . $mosConfig_lang . '.php' );

/*
* Stops file upload below /images/stories directory
* Added 1.0.11
*/
function limitDirectory( &$directory ) {
	if ( strpos($directory, '../') !== false ) {
		$directory = str_replace('../', '', $directory);
	}

	if ( strpos($directory, '..\\') !== false ) {
		$directory = str_replace('..\\', '', $directory);
	}
	
	if ( strpos($directory, ':') !== false ) {
		$directory = str_replace(':', '', $directory);
	}
	
	return $directory;
}

// limit access to functionality
$option = strval( mosGetParam( $_SESSION, 'option', '' ) );
$task 	= strval( mosGetParam( $_SESSION, 'task', '' ) );

switch ($option) {
	case 'com_banners':
		break;		
		
	case 'com_categories':
	case 'com_content':
	case 'com_sections':
	case 'com_typedcontent':
		if ( $task != 'edit' && $task != 'editA' && $task != 'new' ) {
			echo _NOT_AUTH;
			return;
		}
		break;		
		
	default:
		echo _NOT_AUTH;
		return;
		break;		
}

$directory	= mosGetParam( $_REQUEST, 'directory', '');
$css 		= mosGetParam( $_REQUEST, 't','');

$media_path	= $mosConfig_absolute_path.'/media/';

$userfile2		= (isset($_FILES['userfile']['tmp_name']) ? $_FILES['userfile']['tmp_name'] : "");
$userfile_name	= (isset($_FILES['userfile']['name']) ? $_FILES['userfile']['name'] : "");

limitDirectory( $directory );

// check to see if directory exists
if ( $directory != 'banners' && $directory != '' && !is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) {
	$directory 	= '';
}
	
if (isset($_FILES['userfile'])) {
	if ($directory == 'banners') {
		$base_Dir = "../../images/banners/";
	} else if ( $directory != '' ) {
		$base_Dir = '../../images/stories/'. $directory;

		if (!is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) {
			$base_Dir 	= '../../images/stories/';
			$directory 	= '';
		}
	} else {
		$base_Dir = '../../images/stories/';
	}

	if (empty($userfile_name)) {
		echo "<script>alert('Please select an image to upload'); document.location.href='uploadimage.php';</script>";
	}

	$filename = split("\.", $userfile_name);

	if (eregi("[^0-9a-zA-Z_]", $filename[0])) {
		mosErrorAlert('File must only contain alphanumeric characters and no spaces please.');
	}

	if (file_exists($base_Dir.$userfile_name)) {
		mosErrorAlert('Image '.$userfile_name.' already exists.');
	}

	if ((strcasecmp(substr($userfile_name,-4),'.gif')) && (strcasecmp(substr($userfile_name,-4),'.jpg')) && (strcasecmp(substr($userfile_name,-4),'.png')) && (strcasecmp(substr($userfile_name,-4),'.bmp')) &&(strcasecmp(substr($userfile_name,-4),'.doc')) && (strcasecmp(substr($userfile_name,-4),'.xls')) && (strcasecmp(substr($userfile_name,-4),'.ppt')) && (strcasecmp(substr($userfile_name,-4),'.swf')) && (strcasecmp(substr($userfile_name,-4),'.pdf'))) {
		mosErrorAlert('The file must be gif, png, jpg, bmp, swf, doc, xls or ppt');
	}


	if (eregi('.pdf', $userfile_name) || eregi('.doc', $userfile_name) || eregi('.xls', $userfile_name) || eregi('.ppt', $userfile_name)) {
		if (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$media_path.$_FILES['userfile']['name']) || !mosChmod($media_path.$_FILES['userfile']['name'])) {
			mosErrorAlert('Upload of '.$userfile_name.' failed');
		} else {
			mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()");
		}
	} elseif (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$base_Dir.$_FILES['userfile']['name']) || !mosChmod($base_Dir.$_FILES['userfile']['name'])) {
		mosErrorAlert('Upload of '.$userfile_name.' failed');
	} else {
		mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()");
	}
		echo $base_Dir.$_FILES['userfile']['name'];
}

// css file handling
// check to see if template exists
if ( $css != '' && !is_dir($mosConfig_absolute_path .'/administrator/templates/'. $css .'/css/template_css.css' )) {
	$css 	= 'joomla_admin';
} else if ( $css == '' ) {
	$css 	= 'joomla_admin';
}

$iso = split( '=', _ISO );
// xml prolog
echo '<?xml version="1.0" encoding="'. $iso[1] .'"?' .'>';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Upload a file</title>
</head>
<body>

<link rel="stylesheet" href="../templates/<?php echo $css; ?>/css/template_css.css" type="text/css" />
<form method="post" action="uploadimage.php" enctype="multipart/form-data" name="filename">

<table class="adminform">
<tr>
	<th class="title"> 
		File Upload : <?php echo $directory; ?>
	</th>
</tr>
<tr>
	<td align="center">
		<input class="inputbox" name="userfile" type="file" />
	</td>
</tr>
<tr>
	<td>
		<input class="button" type="submit" value="Upload" name="fileupload" />
		Max size = <?php echo ini_get( 'post_max_size' );?>
	</td>
</tr>
</table>

<input type="hidden" name="directory" value="<?php echo $directory;?>" />
</form>

</body>
</html>

In which file is this supposed to go?

Ljv.

[Shimon]

In which file is this supposed to go?

In administrator/popups/uploadimage.php

[Muneo]

I detected the uploadimage.php is used in many other components (like artbanners), so this "default" in "switch" it's too specific.
I changed:
line 59: (now it's detected when request comes from all component)

Code: Select all

default:
    $opt = explode("_", $option); 
    $pos = strpos("com", $opt[0]);
    if($pos === false){ //if option comes "com" in name
        echo _NOT_AUTH;
        return;
    }

line ~124:

Code: Select all

} else {
    chmod($base_Dir.$_FILES['userfile']['name'], 0644); //correct chmod - in some cases, chmod set 600 when upload the file...
    mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()");
}

Could someone validate my code?

[pstill]

New addition to the "can't upload" and "restricted access" - I use a 3rd party plugin for an editor, wysiwygpro.com, and with all other version's uploading images within it, adding links, etc. was perfect - when ever I use it now to try and upload an image, or create a link, the popup sales "restricted access" --- help.

[midway31]

Tried that although I am not sure what to do . I assume you mean swap line 59 for the code you posted, but not sure if you mean replace line 124 for code you posted. Also do I need to do any thing else besides just replace code?
When i do the above i get this message
Parse error: syntax error, unexpected $end in /home/oh/public_html/administrator/popups/uploadimage.php on line 175

[Muneo]

I just add:

Code: Select all

   chmod($base_Dir.$_FILES['userfile']['name'], 0644);

Because, in my case, the uploaded file have 600 (chmod), so this line, correct the permission...
Well, this is my uploadimage.php

Code: Select all

<?php
/**
* @version $Id: uploadimage.php 4866 2006-08-31 15:02:22Z facedancer $
* @package Joomla
* @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*/

// Set flag that this is a parent file
define( "_VALID_MOS", 1 );

/** security check */
require( '../includes/auth.php' );
include_once ( $mosConfig_absolute_path . '/language/' . $mosConfig_lang . '.php' );

/*
* Stops file upload below /images/stories directory
* Added 1.0.11
*/
function limitDirectory( &$directory ) {
	if ( strpos($directory, '../') !== false ) {
		$directory = str_replace('../', '', $directory);
	}

	if ( strpos($directory, '..\\') !== false ) {
		$directory = str_replace('..\\', '', $directory);
	}
	
	if ( strpos($directory, ':') !== false ) {
		$directory = str_replace(':', '', $directory);
	}
	
	return $directory;
}

// limit access to functionality
$option = strval( mosGetParam( $_SESSION, 'option', '' ) );
$task 	= strval( mosGetParam( $_SESSION, 'task', '' ) );

switch ($option) {
	case 'com_banners':
		break;		
		
	case 'com_categories':
	case 'com_content':
	case 'com_sections':
	case 'com_typedcontent':
		if ( $task != 'edit' && $task != 'editA' && $task != 'new' ) {
			echo _NOT_AUTH;
			return;
		}
		break;		
		
	default:
		$opt = explode("_", $option);
		$pos = strpos("com", $opt[0]);
		if($pos === false){
			echo _NOT_AUTH;
			return;
		}		
}

$directory	= mosGetParam( $_REQUEST, 'directory', '');
$css 		= mosGetParam( $_REQUEST, 't','');

$media_path	= $mosConfig_absolute_path.'/media/';

$userfile2		= (isset($_FILES['userfile']['tmp_name']) ? $_FILES['userfile']['tmp_name'] : "");
$userfile_name	= (isset($_FILES['userfile']['name']) ? $_FILES['userfile']['name'] : "");

limitDirectory( $directory );

// check to see if directory exists
if ( $directory != 'banners' && $directory != '' && !is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) {
	$directory 	= '';
}
	
if (isset($_FILES['userfile'])) {
	if ($directory == 'banners') {
		$base_Dir = "../../images/banners/";
	} else if ( $directory != '' ) {
		$base_Dir = '../../images/stories/'. $directory;

		if (!is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) {
			$base_Dir 	= '../../images/stories/';
			$directory 	= '';
		}
	} else {
		$base_Dir = '../../images/stories/';
	}

	if (empty($userfile_name)) {
		echo "<script>alert('Please select an image to upload'); document.location.href='uploadimage.php';</script>";
	}

	$filename = split("\.", $userfile_name);

	if (eregi("[^0-9a-zA-Z_]", $filename[0])) {
		mosErrorAlert('File must only contain alphanumeric characters and no spaces please.');
	}

	if (file_exists($base_Dir.$userfile_name)) {
		mosErrorAlert('Image '.$userfile_name.' already exists.');
	}

	if ((strcasecmp(substr($userfile_name,-4),'.gif')) && (strcasecmp(substr($userfile_name,-4),'.jpg')) && (strcasecmp(substr($userfile_name,-4),'.png')) && (strcasecmp(substr($userfile_name,-4),'.bmp')) &&(strcasecmp(substr($userfile_name,-4),'.doc')) && (strcasecmp(substr($userfile_name,-4),'.xls')) && (strcasecmp(substr($userfile_name,-4),'.ppt')) && (strcasecmp(substr($userfile_name,-4),'.swf')) && (strcasecmp(substr($userfile_name,-4),'.pdf'))) {
		mosErrorAlert('The file must be gif, png, jpg, bmp, swf, doc, xls or ppt');
	}


	if (eregi('.pdf', $userfile_name) || eregi('.doc', $userfile_name) || eregi('.xls', $userfile_name) || eregi('.ppt', $userfile_name)) {
		if (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$media_path.$_FILES['userfile']['name']) || !mosChmod($media_path.$_FILES['userfile']['name'])) {
			mosErrorAlert('Upload of '.$userfile_name.' failed');
		} else {
			mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()");
		}
	} elseif (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$base_Dir.$_FILES['userfile']['name']) || !mosChmod($base_Dir.$_FILES['userfile']['name'])) {
		mosErrorAlert('Upload of '.$userfile_name.' failed');
	} else {
		chmod($base_Dir.$_FILES['userfile']['name'], 0644);
		mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()");
	}
		echo $base_Dir.$_FILES['userfile']['name'];
}

// css file handling
// check to see if template exists
if ( $css != '' && !is_dir($mosConfig_absolute_path .'/administrator/templates/'. $css .'/css/template_css.css' )) {
	$css 	= 'joomla_admin';
} else if ( $css == '' ) {
	$css 	= 'joomla_admin';
}

$iso = split( '=', _ISO );
// xml prolog
echo '<?xml version="1.0" encoding="'. $iso[1] .'"?' .'>';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Upload a file</title>
</head>
<body>

<link rel="stylesheet" href="../templates/<?php echo $css; ?>/css/template_css.css" type="text/css" />
<form method="post" action="uploadimage.php" enctype="multipart/form-data" name="filename">

<table class="adminform">
<tr>
	<th class="title"> 
		File Upload : <?php echo $directory; ?>
	</th>
</tr>
<tr>
	<td align="center">
		<input class="inputbox" name="userfile" type="file" />
	</td>
</tr>
<tr>
	<td>
		<input class="button" type="submit" value="Upload" name="fileupload" />
		Max size = <?php echo ini_get( 'post_max_size' );?>
	</td>
</tr>
</table>

<input type="hidden" name="directory" value="<?php echo $directory;?>" />
</form>

</body>
</html>

[midway31]

That worked thanks.
I set it to 777.Not sure if it should be 766 as no-one else needs to upload images though.
Only problem is the images are not showing in the adbanners plus banners. But they are uploading into the joomla banners folder

[user deleted]

Q&T Note; can we please stay on topic, only reply here if it is really related to the bug. Not add personal problems, replies etc. Thanks.

[user deleted]

Classification set to MEDIUM

Edit; Fix has been tested and approved by Q&T, artifact was already closed, also closing forum topic and moving it to Resolved.