File Up Error Message
-
Since the latest update, after being prompted in my Dashboard, files will not upload. I’m getting the following error message:
“Sorry about that, but <name of file> could not be uploaded.” where <name of file> is the actual name of the file.
Any ideas?
(My page is behind a paywall, for use by members.)
-
There are new security measures in place. I need details about your setup in order to tell you why you’re getting the error. What is your shortcode? What is the Base setting? Etc.
Thanks for your assistance.
Here’s the shortcode:
[fileaway drawerid=”1″ type=”table” search=”no” mod=”no” fadein=”opacity” fadetime=”500″ manager=”on” dirman_access=”administrator” hcolor=”blue” color=”blue” iconcolor=”black” prettify=”off”]
I’m using three base directories, each of which is a separate directory in wp-content/uploads
I’m not sure what else could be helpful, but just let me know.
Thanks again.
Thanks. What type of file are you trying to upload? Are there any special characters in the filename?
Are your site URL and wordpress URL the same or different?
Also, what does your fileup shortcode look like? You only shared the fileaway shortcode.
I’ve tried several types of files. Mostly .docx, .pdf, and .txt. None of the file names have strange characters.
Site URL and WordPress URL are the same – it’s an entirely WordPress site.
Here’s the fileup shortcode corresponding to the fileaway shortcode I posted earlier.
[fileup matchdrawer=”1″ filegroups=”adobe, compression, image, msdoc, msexcel, openoffice, powerpoint, text”]
OK. Hang on one minute while I type up some troubleshooting stuff.
First:
Open up your wp-config.php file which is in your main install folder.
Make sure your debug settings are defined as follows:
define('WP_DEBUG', true); define('WP_DEBUG_LOG', true); define('WP_DEBUG_DISPLAY', false);More instructions to follow.
Open up
wp-content/plugins/file-away/lib/cls/class.fileaway_management.phpGo to line 1165 and replace:
if(!fileaway_utility::verify_location_nonce($_POST['loc_nonce'],$file_path.'/'.$new_name,array($rootpath,$chosenpath))) die($dm);with:
//if(!fileaway_utility::verify_location_nonce($_POST['loc_nonce'],$file_path.'/'.$new_name,array($rootpath,$chosenpath))) die($dm);Try the upload again. If the upload works, we will try to figure out why your location nonce isn’t validating. If the upload doesn’t work, we will look in a couple other spots.
Make sure you hard refresh your page after you change the file and before you try again, fyi.
If you still can’t upload, replace all of this:
// upload action elseif($action == 'upload') { if(isset($_POST) && $_SERVER['REQUEST_METHOD'] == "POST") { if(!wp_verify_nonce($_POST['upload_nonce'], 'fileaway-fileup-nonce')) { echo 'system_error'; exit; } $file_name = str_replace('..','',strip_tags(fileaway_utility::stripslashes($_FILES['upload_file']['name']))); $new_name = str_replace('..','',strip_tags(fileaway_utility::stripslashes($_POST['new_name']))); $extension = sanitize_html_class($_POST['extension']); $check_ext = str_replace('/', '', $extension); $check_name = str_replace('/', '', $new_name); if(empty($check_ext) || empty($check_name)) { echo 'system_error'; exit; } $uploader = (int)fileaway_utility::stripslashes($_POST['uploader']); $file_id = strip_tags($_POST['upload_file_id']); $file_size = (float)$_FILES['upload_file']['size']; $max_file_size = (int)$_POST['max_file_size']; $file_path = str_replace('..','',trim($_POST['upload_path'], '/')); if($uploader) { $user = new WP_User($uploader); if($user) { $uploadedby = $_POST['identby'] == 'id' ? $user->ID : $user->display_name; if(preg_match('/\[([^\]]+)\]/', $new_name)) $new_name = fileaway_utility::replacelast($new_name, ']', ','.$uploadedby.']'); else $new_name = fileaway_utility::replacelast($new_name, '.'.$extension, ' ['.$uploadedby.'].'.$extension); } } $location = str_replace('//','/',$chosenpath.$file_path.'/'.$new_name); if(!fileaway_utility::verify_location_nonce($_POST['loc_nonce'],$file_path.'/'.$new_name,array($rootpath,$chosenpath))) die($dm); $location = fileaway_utility::stripslashes($location); $dir = fileaway_utility::dirname($location); if($file_size > $max_file_size) echo 'system_error'; elseif(stripos($location, 'wp-admin') !== false) echo 'system_error'; elseif(stripos($location, 'wp-config') !== false) echo 'system_error'; elseif(is_file(fileaway_utility::dirname($location).'/wp-config.php')) echo 'sytem_error'; elseif(stripos($location, '.php') !== false) echo 'system_error'; elseif(stripos($extension, 'php') !== false) echo 'system_error'; elseif(strpos($dir, '..') !== false) echo 'system_error'; else { if(!is_dir($dir)) mkdir($dir, 0755, true); $p = fileaway_utility::pathinfo($location); $filename = $p['filename']; $i = 1; $overwrite = $li && stripslashes($_POST['overwrite']) == 'true' ? true : false; if(!$overwrite) { while(is_file($location)) { if($i == 1) $filename = $filename." ($i)"; else { $j = ($i - 1); $filename = rtrim($filename, " ($j)"); $filename = $filename." ($i)"; } $i++; $name = $filename.'.'.$p['extension']; $location = $p['dirname'].'/'.$name; } } $name = fileaway_utility::sanitize_filename($filename.'.'.$p['extension']); $location = $p['dirname'].'/'.$name; if(move_uploaded_file(strip_tags($_FILES['upload_file']['tmp_name']), $location)) echo $file_id; else echo 'system_error'; } exit; } else { echo 'system_error'; exit; } }with all of this:
// upload action elseif($action == 'upload') { if(isset($_POST) && $_SERVER['REQUEST_METHOD'] == "POST") { if(!wp_verify_nonce($_POST['upload_nonce'], 'fileaway-fileup-nonce')) { error_log('fileup-nonce-error'); echo 'system_error'; exit; } $file_name = str_replace('..','',strip_tags(fileaway_utility::stripslashes($_FILES['upload_file']['name']))); $new_name = str_replace('..','',strip_tags(fileaway_utility::stripslashes($_POST['new_name']))); $extension = sanitize_html_class($_POST['extension']); $check_ext = str_replace('/', '', $extension); $check_name = str_replace('/', '', $new_name); if(empty($check_ext) || empty($check_name)) { error_log('fileup name and extension check error'); echo 'system_error'; exit; } $uploader = (int)fileaway_utility::stripslashes($_POST['uploader']); $file_id = strip_tags($_POST['upload_file_id']); $file_size = (float)$_FILES['upload_file']['size']; $max_file_size = (int)$_POST['max_file_size']; $file_path = str_replace('..','',trim($_POST['upload_path'], '/')); if($uploader) { $user = new WP_User($uploader); if($user) { $uploadedby = $_POST['identby'] == 'id' ? $user->ID : $user->display_name; if(preg_match('/\[([^\]]+)\]/', $new_name)) $new_name = fileaway_utility::replacelast($new_name, ']', ','.$uploadedby.']'); else $new_name = fileaway_utility::replacelast($new_name, '.'.$extension, ' ['.$uploadedby.'].'.$extension); } } $location = str_replace('//','/',$chosenpath.$file_path.'/'.$new_name); if(!fileaway_utility::verify_location_nonce($_POST['loc_nonce'],$file_path.'/'.$new_name,array($rootpath,$chosenpath))) { error_log('fileup location nonce error'); echo 'system_error'; exit; } $location = fileaway_utility::stripslashes($location); $dir = fileaway_utility::dirname($location); if($file_size > $max_file_size) { error_log('fileup maxsize error'); echo 'system_error'; } elseif(stripos($location, 'wp-admin') !== false) { error_log('fileup wp-admin error'); echo 'system_error'; } elseif(stripos($location, 'wp-config') !== false) { error_log('fileup wp-config error'); echo 'system_error'; } elseif(is_file(fileaway_utility::dirname($location).'/wp-config.php')) { error_log('fileup install directory error'); echo 'system_error'; } elseif(stripos($location, '.php') !== false) { error_log('fileup php in filename error'); echo 'system_error'; } elseif(stripos($extension, 'php') !== false) { error_log('fileup php extension error'); echo 'system_error'; } elseif(strpos($dir, '..') !== false) { error_log('fileup directory traversal error'); echo 'system_error'; } else { if(!is_dir($dir)) mkdir($dir, 0755, true); $p = fileaway_utility::pathinfo($location); $filename = $p['filename']; $i = 1; $overwrite = $li && stripslashes($_POST['overwrite']) == 'true' ? true : false; if(!$overwrite) { while(is_file($location)) { if($i == 1) $filename = $filename." ($i)"; else { $j = ($i - 1); $filename = rtrim($filename, " ($j)"); $filename = $filename." ($i)"; } $i++; $name = $filename.'.'.$p['extension']; $location = $p['dirname'].'/'.$name; } } $name = fileaway_utility::sanitize_filename($filename.'.'.$p['extension']); $location = $p['dirname'].'/'.$name; if(move_uploaded_file(strip_tags($_FILES['upload_file']['tmp_name']), $location)) echo $file_id; else { error_log('fileup move uploaded file error'); echo 'system_error'; } } exit; } else { error_log('fileup unknown error'); echo 'system_error'; exit; } }Then reload your page and try again. Then go to your wp-content folder and open up the file named debug.log and look for a fileup error in the log. Tell me what the error says if it’s there.
Instead of doing all that, update to 3.9.8.3 and try the upload again. It should now give you a more specific error message and then I can tell you what’s wrong
Thank you. My day job got in the way since your last messages.
Here’s the current error message:
“Sorry about that, but FileName.pdf could not be uploaded.
Location nonce failed”We will have to modify a few files to figure this one out. The new location nonce feature has worked for me under every testing environment and is being used live by many of my clients as we speak, so there’s something unique to your situation that we have to pin down.
Probably easiest to do this over email. Email me at [email protected]
Resolved in 3.9.8.7
The topic ‘File Up Error Message’ is closed to new replies.
