|
PHP - Anyway Of Allowing File Upload And Directory Creation On A File System?
I havent included the whole title as it wouldnt let me but I was wondering if someone could help me on this?
I know this is possible as torrentflux caters for this but unsure of where to start. I dont want to allow file or directory uploads or creation in my /etc/php.ini file (this is turned off). Yet then torrentflux allows me to link a torrent from an external source (using legal downloads of course ) but then it uploads it on my server and creates folders on a per user basis. How is this possible can someone give me some pointers please? I look forward to any replies, Jeremy. Similar TutorialsGood Evening, If anyone could help with this little problem be much appreciated. what i'm trying to do is using a drop down menu select a folder name which is stored in a database table.. then taking that folder name and upload various files to that specified folder. There's probably an easier way to do this but i've searched google argggh.. The first part of code is the php to grab the folder names and the file selection form Code: [Select] <?php include("connection.php"); $sql="SELECT id, name FROM gallery"; $result=mysql_query($sql); $options=""; while ($row=mysql_fetch_array($result)) { $id=$row["id"]; $thing=$row["name"]; $options.="<OPTION VALUE=\"$id\">".$thing ; } ?> <table width="500" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form action="postFiles.php" method="post" enctype="multipart/form-data" name="form1" id="form1"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td><strong>multiple Files Upload </strong></td> </tr> <td><SELECT NAME=thing> <OPTION VALUE=0>Choose <?=$options?> </SELECT> </td> <tr> <td>Select file <input name="ufile[]" type="file" id="ufile[]" size="50" /></td> </tr> <tr> <td>Select file <input name="ufile[]" type="file" id="ufile[]" size="50" /></td> </tr> <tr> <td>Select file <input name="ufile[]" type="file" id="ufile[]" size="50" /></td> </tr> <tr> <td align="center"><input type="submit" name="Submit" value="Upload" /></td> </tr> </table> </td> </form> </tr> </table> The second part of the code below is the php code to upload those files, the problem being how do i specify the upload destination using the drop down in the previous form (instead of UPLOAD) which it is default set to Code: [Select] <?php //set where you want to store files //in this example we keep file in folder upload //$HTTP_POST_FILES['ufile']['name']; = upload file name //for example upload file name cartoon.gif . $path will be upload/cartoon.gif $path1= "upload".$HTTP_POST_FILES['ufile']['name'][0]; $path2= "upload".$HTTP_POST_FILES['ufile']['name'][1]; $path3= "upload".$HTTP_POST_FILES['ufile']['name'][2]; //copy file to where you want to store file copy($HTTP_POST_FILES['ufile']['tmp_name'][0], $path1); copy($HTTP_POST_FILES['ufile']['tmp_name'][1], $path2); copy($HTTP_POST_FILES['ufile']['tmp_name'][2], $path3); //$HTTP_POST_FILES['ufile']['name'] = file name //$HTTP_POST_FILES['ufile']['size'] = file size //$HTTP_POST_FILES['ufile']['type'] = type of file echo "File Name :".$HTTP_POST_FILES['ufile']['name'][0]."<BR/>"; echo "File Size :".$HTTP_POST_FILES['ufile']['size'][0]."<BR/>"; echo "File Type :".$HTTP_POST_FILES['ufile']['type'][0]."<BR/>"; echo "<img src=\"$path1\" width=\"150\" height=\"150\">"; echo "<P>"; echo "File Name :".$HTTP_POST_FILES['ufile']['name'][1]."<BR/>"; echo "File Size :".$HTTP_POST_FILES['ufile']['size'][1]."<BR/>"; echo "File Type :".$HTTP_POST_FILES['ufile']['type'][1]."<BR/>"; echo "<img src=\"$path2\" width=\"150\" height=\"150\">"; echo "<P>"; echo "File Name :".$HTTP_POST_FILES['ufile']['name'][2]."<BR/>"; echo "File Size :".$HTTP_POST_FILES['ufile']['size'][2]."<BR/>"; echo "File Type :".$HTTP_POST_FILES['ufile']['type'][2]."<BR/>"; echo "<img src=\"$path3\" width=\"150\" height=\"150\">"; /////////////////////////////////////////////////////// // Use this code to display the error or success. $filesize1=$HTTP_POST_FILES['ufile']['size'][0]; $filesize2=$HTTP_POST_FILES['ufile']['size'][1]; $filesize3=$HTTP_POST_FILES['ufile']['size'][2]; if($filesize1 && $filesize2 && $filesize3 != 0) { echo "We have recieved your files"; } else { echo "ERROR....."; } ////////////////////////////////////////////// // What files that have a problem? (if found) if($filesize1==0) { echo "There're something error in your first file"; echo "<BR />"; } if($filesize2==0) { echo "There're something error in your second file"; echo "<BR />"; } if($filesize3==0) { echo "There're something error in your third file"; echo "<BR />"; } ?> Thanks in advance for any help if you need to see a live version of these files i can provide a link So I'm a little confused and hoping someone can help me understand. I have a form that I use to upload a file, html with browse button, etc. The php file creates a directory based on the a value (lastname) from the form, so the folder files creates a directory named the value lastname. My problem is that I can't get the upload function to put the file in the newly created directory. So here is the upload script. $foldername = $_POST['lastname']; // Desired folder structure $structure = 'files/'.$foldername.''; // To create the nested structure, the $recursive parameter // to mkdir() must be specified. if (!mkdir($structure, 0777, true)) { die('Failed to create folders...'); } $target = "files/"; $target = $target . basename( $_FILES['userfile']['name']) ; if(move_uploaded_file($_FILES['userfile']['tmp_name'], $target)) { echo "<center>The file ". basename( $_FILES['userfile']['name']). " has been uploaded.</center>"; } else { echo "No File was uploaded"; } So when I edited the target, it just changed the filename . What should I change in the code above to upload the file to the new directory? Thanks again, Sanchez I have been following a tutorial to create my first php application, a file (image) uploading system. I am hoping to add it to my site, http://www.kalam1ty.com/upload.php I have read through the code multiple times and cannot find out what is wrong. I have tried to fix this for about half an hour now and cannot seem to find where the code is wrong. It does not generate any errors and passes all of the checks that I wrote, it just does not upload the image. Nothing in the upload part of the script looks off to me, but I am a PHP newbie, and am not 100% sure. Here is the whole page's code: Code: [Select] <?php if(isset($_FILES['image'])) { $errors = array(); $allowed_ext = array('jpg', 'jpeg', 'png', 'gif'); $file_name = $_FILES['image']['name']; $file_ext = strtolower(end(explode('.', $file_name ))); $file_size = $_FILES['image']['size']; $file_tmp = $_FILES['image']['tmp']; if(in_array($file_ext, $allowed_ext) === false) { $errors[] = 'Extionsion not allowed.'; } if($file_size > 10485760) { $errors[] = 'File too large. Must be under 10MB.'; } if(empty($errors)) { //upload file if (move_uploaded_file($file_tmp, 'uploads/images'.$file_name)) { echo 'File uploaded to kalam1ty.com/uploads/images/'; } } else { foreach ($errors as $error) { echo $error, '<br>'; } } } ?> <html> <head> <title> Kalam1ty - Home </title> <link rel="stylesheet" type="text/css" href="style.css" /> <link href='http://fonts.googleapis.com/css?family=Anonymous+Pro' rel='stylesheet' type='text/css'> <link rel="shortcut icon" href="/home/corona/Development/Web/favicon.ico" type="image/x-icon" /> <meta name="google" value="notranslate"> </head> <body> <div id="EncBG"> <div id="Navbar"> <a href="index.php">Home</a> <a href="downloads.php">Downloads</a> <a href="upload.php">Upload</a> <a href="contact.php">Contact</a> </div> <div id="Enc1"> <div id="Content"> <h2>Upload Files</h2> <form action='' method='POST' enctype='multipart/form-data'> <p> <input type='file' name='image'> <input type='submit' value='Upload'> </p> </form> </div> </div> <div id="Footer" class="whitetext" align="center"> <b><i> <a href="index.html">HOME</a> // <a href="downloads.html">DOWNLOADS</a> // <a href="#">OTHER</a> </b></i><br> <img src="smlogo.png" alt="Kalam1ty"/> </div> </div> </body> </html> Thank you guys very much if you can help me! Hi Everyone, this is a very old code. I know I have to change the 'addslashes' method in this code. I also just changed the code using 'mysqli'. There are two files to upload the images to a gallery, preexport.php and export.php. The upload works up to five images. if I choose 6 or more and press add images, the browser refreshes itself and the upload won't happen. All the fields on the form clears itself and no errors shows up...can you please take a look and help me correct this problem? Here are the two files...
export.php
<?php
include("config.inc.php");
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
include("config.inc.php");
if(!$_POST) {
header("Location: preexport.php");
exit();
}
// initialization
$result_final = "";
$counter = 0;
// List of our known photo types
$known_photo_types = array(
'image/pjpeg' => 'jpg',
'image/jpeg' => 'jpg',
'image/gif' => 'gif',
'image/bmp' => 'bmp',
'image/x-png' => 'png'
);
// GD Function List
$gd_function_suffix = array(
'image/pjpeg' => 'JPEG',
'image/jpeg' => 'JPEG',
'image/gif' => 'GIF',
'image/bmp' => 'WBMP',
'image/x-png' => 'PNG'
);
// Fetch the photo array sent by preexport.php
$photos_uploaded = $_FILES['photo_filename'];
$filename[]= $photos_uploaded['name'][$counter];
//print_r($photos_uploaded);
$photo_caption = $_POST['photo_caption'];
// Fetch the photo caption array
$photo_description = $_POST['photo_description'];
// Fetch the photo caption array
$photo_keyword = $_POST['photo_keyword'];
while( $counter <count($_FILES['photo_filename']['tmp_name']) )
{
if($photos_uploaded['size'][$counter] > 0)
{
if(!array_key_exists($photos_uploaded['type'][$counter], $known_photo_types))
{
$result_final .= "File ".($counter+1)." is not a photo<br />";
}
else
{
/*print "HHHHHH\n";
print "Counter is $counter : ";
print $photos_uploaded['name'][0];
print $photos_uploaded['name'][1];
print "Photo caption is $photo_caption[$counter]"; */
mysqli_query(
$mysqli,"INSERT INTO
gallery_photos (
`photo_filename`,
`photo_caption`,
`photo_description`,
`photo_keywords`,
`category_name`
) VALUES(
'".addslashes($photos_uploaded['name'][$counter])."',
'".addslashes($photo_caption[$counter])."',
'".addslashes($photo_description[$counter])."',
'".addslashes($photo_keyword[$counter])."',
'".addslashes($_POST['category'])."')"
) or die(mysqli_error() . 'Photo not uploaded');
// $new_id = mysqli_insert_id();
$filetype = $photos_uploaded['type'][$counter];
$extention = $known_photo_types[$filetype];
//$filename = $photo_filename[$counter].".".$extention;
//$filename = $new_id.".".$extention;
// mysqli_query( "UPDATE gallery_photos SET photo_filename='".addslashes($filename)."' WHERE photo_id='".addslashes($new_id)."'" );
// Store the orignal file
copy($photos_uploaded['tmp_name'][$counter], $images_dir."/".$photos_uploaded['name'][$counter]);
// Let's get the Thumbnail size
$size = GetImageSize( $images_dir."/".$photos_uploaded['name'][$counter] );
if($size[0] > $size[1])
{
$thumbnail_width = 200;
$thumbnail_height = (int)(200 * $size[1] / $size[0]);
}
else
{
$thumbnail_width = (int)(200 * $size[0] / $size[1]);
$thumbnail_height = 200;
}
// Build Thumbnail with GD 1.x.x, you can use the other described methods too
$function_suffix = $gd_function_suffix[$filetype];
$function_to_read = "ImageCreateFrom".$function_suffix;
$function_to_write = "Image".$function_suffix;
// Read the source file
$source_handle = $function_to_read ( $images_dir."/".$photos_uploaded['name'][$counter] );
$sharpenMatrix = array
(
array(-1.2, -1, -1.2),
array(-1, 8, -1),
array(-1.2, -1, -1.2)
);
// calculate the sharpen divisor
$divisor = array_sum(array_map('array_sum', $sharpenMatrix));
$offset = 0;
if($source_handle)
{
// Let's create an blank image for the thumbnail
$destination_handle = ImageCreateTrueColor ( $thumbnail_width, $thumbnail_height );
// Now we resize it
ImageCopyResized( $destination_handle, $source_handle, 0, 0, 0, 0, $thumbnail_width, $thumbnail_height, $size[0], $size[1] );
}
// Let's save the thumbnail
$function_to_write( $destination_handle, $images_dir."/tb_".$photos_uploaded['name'][$counter], 100 );
ImageDestroy($destination_handle );
//
$result_final .= "<img src='".$images_dir. "/tb_".$photos_uploaded['name'][$counter]."' /> File ".($counter+1)." Added<br />";
}
}
$counter++;
}
// Print Result
echo <<<__HTML_END
<html>
<head>
<title>Photos uploaded</title>
</head>
<body>
$result_final
</body>
</html>
__HTML_END;
}
?>
preexport.php
<?php
include 'config.inc.php';
$photo_category_list = '';
$photo_upload_fields = '';
$counter = 1;
// If we want more fields, then use, preexport.php?number_of_fields=9
$number_of_fields = (isset($_GET['number_of_fields'])) ?
(int)($_GET['number_of_fields']) : 9;
// Firstly Lets build the Category List
$result = mysqli_query($mysqli,'SELECT category_name FROM gallery_category');
/*if($result === FALSE) {
die(mysqli_error()); // TODO: better error handling
}*/
while($row = mysqli_fetch_array($result)) {
$photo_category_list .= <<<__HTML_END
<option value="$row[0]">$row[0]</option>\n
__HTML_END;
}
mysqli_free_result( $result );
// Lets build the Image Uploading fields
while($counter <= $number_of_fields) {
$photo_upload_fields .= <<<__HTML_END
<tr><td>
Photo {$counter}:
<input name="photo_filename[]"
type="file" />
</td></tr>
<tr><td>
Caption:
<textarea name="photo_caption[]" cols="50"
rows="1"></textarea>
</td></tr>
<tr><td>
Description:
<textarea name="photo_description[]" cols="50"
rows="4"></textarea>
</td></tr>
<tr><td>
Keyword:
<textarea name="photo_keyword[]" cols="50"
rows="4"></textarea>
</td></tr>
__HTML_END;
$counter++;
}
// Final Output
echo <<<__HTML_END
<html>
<head>
<title> Rajeev lets upload photos!! </title>
</head>
<body>
<form enctype="multipart/form-data"
action="export.php" method="post"
name="export_form">
<table width="90%" border="0"
align="center" style="width: 90%;">
<tr><td>
Select Category
<select name="category">
$photo_category_list
</select>
</td></tr>
<!—Insert the image fields here -->
$photo_upload_fields
<tr><td>
<input type="submit" name="submit"
value="Add Photos" />
</td></tr>
</table>
</form>
</body>
</html>
__HTML_END;
?>
I have this code where I add records: Code: [Select] <?php ini_set('display_errors',1); error_reporting(-1); require_once ('./includes/config.inc.php'); require_once (MYSQL); $add_cat_errors = array(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Check for a name: if (empty($_POST['product'])) { $add_cat_errors['product'] = 'Please enter the name!'; } // Check for a description: if (empty($_POST['prod_descr'])) { $add_cat_errors['prod_descr'] = 'Please enter the description!'; } // Check for a category: if (!isset($_POST['cat']) || !filter_var($_POST['cat'], FILTER_VALIDATE_INT, array('min_range' => 1))) { $add_cat_errors['cat'] = 'Please select a category!'; } // Check for a price: if (empty($_POST['price']) || !filter_var($_POST['price'], FILTER_VALIDATE_FLOAT) || ($_POST['price'] <= 0)) { $add_cat_errors['price'] = 'Please enter a valid price!'; } // Check for a category: if (!isset($_POST['directory']) || !filter_var($_POST['directory'], FILTER_VALIDATE_INT, array('min_range' => 1))) { $add_cat_errors['directory'] = 'Please select a directory!'; } // Check for an image: if (is_uploaded_file ($_FILES['image']['tmp_name']) && ($_FILES['image']['error'] == UPLOAD_ERR_OK)) { $file = $_FILES['image']; $size = ROUND($file['size']/1024); // Validate the file size: if ($size > 512) { $add_cat_errors['image'] = 'The uploaded file was too large.'; } // Validate the file type: $allowed_mime = array ('image/jpeg', 'image/JPG', 'image/jpg'); $allowed_extensions = array ('.jpg', 'jpeg'); $image_info = getimagesize($file['tmp_name']); $ext = substr($file['name'], -4); if ( (!in_array($file['type'], $allowed_mime)) || (!in_array($image_info['mime'], $allowed_mime) ) || (!in_array($ext, $allowed_extensions) ) ) { $add_cat_errors['image'] = 'The uploaded file was not of the proper type.'; } // Move the file over, if no problems: if (!array_key_exists('image', $add_cat_errors)) { // Create a new name for the file: $new_name = (string) sha1($file['name'] . uniqid('',true)); // Add the extension: $new_name .= ((substr($ext, 0, 1) != '.') ? ".{$ext}" : $ext); //$new_name = $dir . '/' . $new_name; $dest = "../db/images/$new_name"; // Move the file to its proper folder but add _tmp, just in case: //$dest = "../db/images/$new_name"; $dirs = array('full_heads', 'human_hair', 'lip_tattoos', 'ponytails', 'synthetic_hair'); if (move_uploaded_file($file['tmp_name'], $dest)) { // Store the data in the session for later use: $_SESSION['image']['new_name'] = $new_name; $_SESSION['image']['file_name'] = $file['name']; // Print a message: echo '<h4>The file has been uploaded!</h4>'; } else { trigger_error('The file could not be moved.'); unlink ($file['tmp_name']); } } // End of array_key_exists() IF. } elseif (!isset($_SESSION['image'])) { // No current or previous uploaded file. switch ($_FILES['image']['error']) { case 1: case 2: $add_cat_errors['image'] = 'The uploaded file was too large.'; break; case 3: $add_cat_errors['image'] = 'The file was only partially uploaded.'; break; case 6: case 7: case 8: $add_cat_errors['image'] = 'The file could not be uploaded due to a system error.'; break; case 4: default: $add_cat_errors['image'] = 'No file was uploaded.'; break; } // End of SWITCH. } // End of $_FILES IF-ELSEIF-ELSE. // Check for a stock: if (empty($_POST['stock']) || !filter_var($_POST['stock'], FILTER_VALIDATE_INT, array('min_range' => 1))) { $add_cat_errors['stock'] = 'Please enter the quantity in stock!'; } if (empty($add_cat_errors)) { $query = "INSERT INTO product (product, prod_descr, catID, price, dirID, image, stock) VALUES (?, ?, ?, ?, ?, ?, ?)"; // Prepare the statement: $stmt = mysqli_prepare($dbc, $query); // For debugging purposes: // if (!$stmt) echo mysqli_stmt_error($stmt); // Bind the variables: mysqli_stmt_bind_param($stmt, 'ssssssi', $name, $desc, $_POST['cat'], $_POST['price'], $_POST['directory'], $_SESSION['image']['new_name'], $_POST['stock']); // Make the extra variable associations: $name = strip_tags($_POST['product']); $desc = strip_tags($_POST['prod_descr']); // Execute the query: mysqli_stmt_execute($stmt); if (mysqli_stmt_affected_rows($stmt) == 1) { // If it ran OK. // Print a message: echo '<h4>The product has been added!</h4>'; // Clear $_POST: $_POST = array(); // Clear $_FILES: $_FILES = array(); // Clear $file and $_SESSION['image']: unset($file, $_SESSION['image']); } else { // If it did not run OK. trigger_error('The product could not be added due to a system error. We apologize for any inconvenience.'); unlink ($dest); } } // End of $errors IF. } else { // Clear out the session on a GET request: unset($_SESSION['image']); } // End of the submission IF. require_once ('./includes/form_functions.inc.php'); ?> <form enctype="multipart/form-data" action="add_product.php" method="post" accept-charset="utf-8"> <input type="hidden" name="MAX_FILE_SIZE" value="524288" /> Product<br /><?php create_form_input('product', 'text', $add_cat_errors); ?> Description<br /><?php create_form_input('prod_descr', 'textarea', $add_cat_errors); ?> Category<br /><select name="cat"<?php if (array_key_exists('cat', $add_cat_errors)); ?>> <option>Select One</option> <?php // Retrieve all the categories and add to the pull-down menu: $q = 'SELECT catID, cat FROM category ORDER BY cat ASC'; $r = mysqli_query ($dbc, $q); while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) { echo "<option value=\"$row[0]\""; // Check for stickyness: if (isset($_POST['cat']) && ($_POST['cat'] == $row[0]) ) echo ' selected="selected"'; echo ">$row[1]</option>\n"; } ?> </select><?php if (array_key_exists('cat', $add_cat_errors)) echo $add_cat_errors['cat']; ?> Price<br /><?php create_form_input('price', 'text', $add_cat_errors); ?> Directory<br /><select name="directory"<?php if (array_key_exists('directory', $add_cat_errors)); ?>> <option>Select One</option> <?php // Retrieve all the categories and add to the pull-down menu: $q = 'SELECT dirID, directory FROM directory ORDER BY directory ASC'; $r = mysqli_query ($dbc, $q); while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) { echo "<option value=\"$row[0]\""; // Check for stickyness: if (isset($_POST['directory']) && ($_POST['directory'] == $row[0]) ) echo ' selected="selected"'; echo ">$row[1]</option>\n"; } ?> </select><?php if (array_key_exists('directory', $add_cat_errors)) echo $add_cat_errors['directory']; ?> </select> Image<br /><?php // Check for an error: if (array_key_exists('image', $add_cat_errors)) { echo $add_cat_errors['image'] . '<br /><input type="file" name="image"/>'; } else { // No error. echo '<input type="file" name="image" />'; // If the file exists (from a previous form submission but there were other errors), // store the file info in a session and note its existence: if (isset($_SESSION['image'])) { echo "<br />Currently '{$_SESSION['image']['file_name']}'"; } } // end of errors IF-ELSE. ?> <br /> Stock<br /><?php create_form_input('stock', 'text', $add_cat_errors); ?> <input type="submit" value="Add This Product" class="button" /> </fieldset> </form> What I want to achieve is this; When a record is being inserted, a user will make a selection from the dropdown box with a list of directories. Then, a user will upload an image. When a image is uploaded and a directory is chosen, I want the image to be assigned to a specific directory from the list so when the record is inserted, that image will be placed in the specific directory. How do I achieve this please? I have some code where i input data and upload images to a database (working 100% correctly) However I want to expand on it - what I want is when a user uploads an image of their choice, to assign it to a directory of their choosing. Then, when input is successful, write the directory of where the image is stored (not just the image) to the database. Here is the code; Code: [Select] <?php ini_set('display_errors',1); error_reporting(-1); require_once ('./includes/config.inc.php'); require_once (MYSQL); $add_cat_errors = array(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Check for a name: if (empty($_POST['product'])) { $add_cat_errors['product'] = 'Please enter the name!'; } // Check for a description: if (empty($_POST['prod_descr'])) { $add_cat_errors['prod_descr'] = 'Please enter the description!'; } // Check for a category: if (!isset($_POST['cat']) || !filter_var($_POST['cat'], FILTER_VALIDATE_INT, array('min_range' => 1))) { $add_product_errors['cat'] = 'Please select a category!'; } // Check for a price: if (empty($_POST['price']) || !filter_var($_POST['price'], FILTER_VALIDATE_FLOAT) || ($_POST['price'] <= 0)) { $add_cat_errors['price'] = 'Please enter a valid price!'; } // Check for an image: if (is_uploaded_file ($_FILES['image']['tmp_name']) && ($_FILES['image']['error'] == UPLOAD_ERR_OK)) { $file = $_FILES['image']; $size = ROUND($file['size']/1024); // Validate the file size: if ($size > 512) { $add_cat_errors['image'] = 'The uploaded file was too large.'; } // Validate the file type: $allowed_mime = array ('image/jpeg', 'image/JPG', 'image/jpg'); $allowed_extensions = array ('.jpg', 'jpeg'); $image_info = getimagesize($file['tmp_name']); $ext = substr($file['name'], -4); if ( (!in_array($file['type'], $allowed_mime)) || (!in_array($image_info['mime'], $allowed_mime) ) || (!in_array($ext, $allowed_extensions) ) ) { $add_cat_errors['image'] = 'The uploaded file was not of the proper type.'; } // Move the file over, if no problems: if (!array_key_exists('image', $add_cat_errors)) { // Create a new name for the file: $new_name = (string) sha1($file['name'] . uniqid('',true)); // Add the extension: $new_name .= ((substr($ext, 0, 1) != '.') ? ".{$ext}" : $ext); // Move the file to its proper folder but add _tmp, just in case: $dest = "../db/images/$new_name"; if (move_uploaded_file($file['tmp_name'], $dest)) { // Store the data in the session for later use: $_SESSION['image']['new_name'] = $new_name; $_SESSION['image']['file_name'] = $file['name']; // Print a message: echo '<h4>The file has been uploaded!</h4>'; } else { trigger_error('The file could not be moved.'); unlink ($file['tmp_name']); } } // End of array_key_exists() IF. } elseif (!isset($_SESSION['image'])) { // No current or previous uploaded file. switch ($_FILES['image']['error']) { case 1: case 2: $add_cat_errors['image'] = 'The uploaded file was too large.'; break; case 3: $add_cat_errors['image'] = 'The file was only partially uploaded.'; break; case 6: case 7: case 8: $add_cat_errors['image'] = 'The file could not be uploaded due to a system error.'; break; case 4: default: $add_cat_errors['image'] = 'No file was uploaded.'; break; } // End of SWITCH. } // End of $_FILES IF-ELSEIF-ELSE. // Check for a stock: if (empty($_POST['stock']) || !filter_var($_POST['stock'], FILTER_VALIDATE_INT, array('min_range' => 1))) { $add_cat_errors['stock'] = 'Please enter the quantity in stock!'; } if (empty($add_cat_errors)) { $query = "INSERT INTO product (product, prod_descr, catID, price, image, stock) VALUES (?, ?, ?, ?, ?, ?)"; // Prepare the statement: $stmt = mysqli_prepare($dbc, $query); // For debugging purposes: // if (!$stmt) echo mysqli_stmt_error($stmt); // Bind the variables: mysqli_stmt_bind_param($stmt, 'sssssi', $name, $desc, $_POST['cat'], $_POST['price'], $_SESSION['image']['new_name'], $_POST['stock']); // Make the extra variable associations: $name = strip_tags($_POST['product']); $desc = strip_tags($_POST['prod_descr']); // Execute the query: mysqli_stmt_execute($stmt); if (mysqli_stmt_affected_rows($stmt) == 1) { // If it ran OK. // Print a message: echo '<h4>The product has been added!</h4>'; // Clear $_POST: $_POST = array(); // Clear $_FILES: $_FILES = array(); // Clear $file and $_SESSION['image']: unset($file, $_SESSION['image']); } else { // If it did not run OK. trigger_error('The product could not be added due to a system error. We apologize for any inconvenience.'); unlink ($dest); } } // End of $errors IF. } else { // Clear out the session on a GET request: unset($_SESSION['image']); } // End of the submission IF. require_once ('./includes/form_functions.inc.php'); ?> <form enctype="multipart/form-data" action="add_product.php" method="post" accept-charset="utf-8"> <input type="hidden" name="MAX_FILE_SIZE" value="524288" /> Product<br /><?php create_form_input('product', 'text', $add_cat_errors); ?> Description<br /><?php create_form_input('prod_descr', 'textarea', $add_cat_errors); ?> Category<br /><select name="cat"<?php if (array_key_exists('cat', $add_cat_errors)); ?>> <option>Select One</option> <?php // Retrieve all the categories and add to the pull-down menu: $q = 'SELECT catID, cat FROM category ORDER BY cat ASC'; $r = mysqli_query ($dbc, $q); while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) { echo "<option value=\"$row[0]\""; // Check for stickyness: if (isset($_POST['cat']) && ($_POST['cat'] == $row[0]) ) echo ' selected="selected"'; echo ">$row[1]</option>\n"; } ?> </select><?php if (array_key_exists('cat', $add_cat_errors)) echo $add_product_errors['cat']; ?> Price<br /><?php create_form_input('price', 'text', $add_cat_errors); ?> Image<br /><?php // Check for an error: if (array_key_exists('image', $add_cat_errors)) { echo $add_cat_errors['image'] . '<br /><input type="file" name="image"/>'; } else { // No error. echo '<input type="file" name="image" />'; // If the file exists (from a previous form submission but there were other errors), // store the file info in a session and note its existence: if (isset($_SESSION['image'])) { echo "<br />Currently '{$_SESSION['image']['file_name']}'"; } } // end of errors IF-ELSE. ?> <br /> <select name="select"> <option value="full_heads">db/images/full_heads</option> <option value="human_hair">db/images/human_hair</option> </select> Stock<br /><?php create_form_input('stock', 'text', $add_cat_errors); ?> <input type="submit" value="Add This Product" class="button" /> </fieldset> </form> How do I achieve this?
I have a form on which the filepond plugin send the file manually
Look here
if(empty($_POST['image'])) {
echo 'add file!';
}
$myimage = $_POST['image'];
$myimage = str_replace('data:image/png;base64,', '', $myimage);
$myimage = str_replace(' ', '+', $myimage);
$decode = base64_decode($myimage);
$myfile = $_SERVER['DOCUMENT_ROOT'].'/mages/' . uniqid() . '.png';
//now put the file
file_put_contents($myfile, $decode);
files that upload during insert/submit form was gone , only files upload during the update remain , is the way query for update multiple files is wrong ?
$targetDir1= "folder/pda-semakan/ic/";
if(isset($_FILES['ic'])){
$fileName1 = $_FILES['ic']['name'];
$targetFilePath1 = $targetDir1 . $fileName1;
//$main_tmp2 = $_FILES['ic']['tmp_name'];
$move2 =move_uploaded_file($_FILES["ic"]["tmp_name"], $targetFilePath1);
}
$targetDir2= "folder/pda-semakan/sijil_lahir/";
if(isset($_FILES['sijilkelahiran'])){
$fileName2 = $_FILES['sijilkelahiran']['name'];
$targetFilePath2 = $targetDir2 . $fileName2;
$move3 =move_uploaded_file($_FILES["sijilkelahiran"]["tmp_name"], $targetFilePath2);
}
$targetDir3= "folder/pda-semakan/sijil_spm/";
if(isset($_FILES['sijilspm'])){
$fileName3 = $_FILES['sijilspm']['name'];
$targetFilePath3 = $targetDir3 . $fileName3;
$move4 =move_uploaded_file($_FILES["sijilspm"]["tmp_name"], $targetFilePath3);
}
$query1=("UPDATE semakan_dokumen set student_id='$noMatrik', email= '$stdEmail', surat_tawaran='$fileName', ic='$fileName1',sijil_lahir='$fileName2',sijil_spm= '$fileName3' where email= '$stdEmail'");
Hiya, Firstly, I'm a complete novice, apologies! But I have got my upload.php working which is nice. I will post the code below. However, I would now like to restrict the file size and file type to only word documents. I currently have a restriction of 200KB but it's not working - no idea why as I've looked at other similar codes and they look the same. Also, just to complicate things - can I stop files overwriting each other when uploaded? At the moment, if 2 people upload files with the same name one will overwrite the other. Is this too many questions in 1? Any help is very much appreciated! Code below: Code: [Select] <form enctype="multipart/form-data" action="careers.php" method="POST"> Please choose a file: <input name="uploaded" type="file" /><br /> <input type="submit" value="Upload" /> </form> <?php $target = "upload/"; $target = $target . basename( $_FILES['uploaded']['name']) ; $ok=1; //This is our size condition if ($uploaded_size > 200) { echo "Your file is too large.<br>"; $ok=0; } //This is our limit file type condition if ($uploaded_type =="text/php") { echo "No PHP files<br>"; $ok=0; } //Here we check that $ok was not set to 0 by an error if ($ok==0) { Echo "Sorry your file was not uploaded"; } //If everything is ok we try to upload it else { if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) { echo "Your file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded."; } else { echo "Sorry, there was a problem uploading your file."; } } ?> In this multi file upload form, choose three images, click submit and preview the images on the preview page. If the user wishes to delete or replace an image, click edit and the form will go back to the previous page. Select the replace radio button for example on one of the three images and select a new image from the file input prompt and click submit. The form will go to the preview page again to display the images. During this process the image names are being input into a table and the images are being moved to a directory. The table is `id` AUTO_INCREMENT, `image0` `image1` `image2` `status` So input name='image[image0]' can be directed to table `image0` and so on. The code for keep and delete work fine, but how do I replace an image? I have two foreach blocks. The first one deletes the image file from the directory and deletes the image name from the table, but the second foreach dose not move the new image file into the directory. Thanks. <input type='radio' name='image[image0]' value='keep' checked='checked'/> <input type='radio' name='image[image0]' value='delete' /> <input type='radio' name='image[image0]' value='replace' /> <input type="file" name="image[]" /> <input type='radio' name='image[image1]' value='keep' checked='checked'/> <input type='radio' name='image[image1]' value='delete' /> <input type='radio' name='image[image1]' value='replace' /> <input type="file" name="image[]" /> <input type='radio' name='image[image2]' value='keep' checked='checked'/> <input type='radio' name='image[image2]' value='delete' /> <input type='radio' name='image[image2]' value='replace' /> <input type="file" name="image[]" /> <?php if (isset($_POST['status'])) { $status = $_POST['status']; $confirm_code = $status; #--------------------------- replace -------------------------------------------- if (isset($_POST['submitted']) && ($image = $_POST['image'])) { foreach($image as $imageKey => $imageValue) { if ($imageValue == 'replace') { $query = "SELECT $imageKey FROM table WHERE status = '$status' "; if($result = $db->query( $query )){ $row = $result->fetch_array(); } unlink( UPLOAD_DIR.$row[0] ); $query = "UPDATE table SET $imageKey = '' WHERE status = '$status' "; } } foreach($image as $imageKey => $imageValue) { if ($imageValue == 'replace') { $filenm = $_FILES['image']['name']; $file = $_FILES['image']['tmp_name']; move_uploaded_file($file, UPLOAD_DIR . $filenm); $filename[] = $filenm; $query = "INSERT INTO table VALUES ('','$filename[0]','$filename[1]','$filename[2]','$confirm_code')"; } } } } ?> <td><label for='images'> <b>File to upload:</b> </label></td> <td><input type='file' name = 'drama_image' '<?php echo $row['drama_image']; ?>'/></ </tr> <?php $target_path = "images/"; $target_path = $target_path . basename( $_FILES['images']['name']); if(move_uploaded_file($_FILES['images']['tmp_name'], $target_path)) { echo "The file ". basename( $_FILES['images']['name']). " has been uploaded"; } else{ echo $row['drama_image']; } ?> ['drama_image'] is the name of the file I wanna echo it out in the box of file upload so when I save , the default picture will still be there instead of being overwritten as the box does not have any value in it. So, I'm learning how to upload pictures into a system from my awesome PHP book. I've looked and looked through the script but I can't figure out whats wrong with it. Goal: The script is meant to save a full version of the image in the images folder and a thumbnail in the thumbnail folder. Bug: The full image does not appear in any folder, and the thumbnail is created but its put in the images folder. I've checked the GD library, and everything is supported. image_effect.php <?php //change this path to match your images directory $dir ='C:/x/xampp/htdocs/images'; //change this path to match your fonts directory and the desired font putenv('GDFONTPATH=' . 'C:/Windows/Fonts'); $font = 'arial'; // make sure the requested image is valid if (isset($_GET['id']) && ctype_digit($_GET['id']) && file_exists($dir . '/' . $_GET['id'] . '.jpg')) { $image = imagecreatefromjpeg($dir . '/' . $_GET['id'] . '.jpg'); } else { die('invalid image specified'); } // apply the filter $effect = (isset($_GET['e'])) ? $_GET['e'] : -1; switch ($effect) { case IMG_FILTER_NEGATE: imagefilter($image, IMG_FILTER_NEGATE); break; case IMG_FILTER_GRAYSCALE: imagefilter($image, IMG_FILTER_GRAYSCALE); break; case IMG_FILTER_EMBOSS: imagefilter($image, IMG_FILTER_EMBOSS); break; case IMG_FILTER_GAUSSIAN_BLUR: imagefilter($image, IMG_FILTER_GAUSSIAN_BLUR); break; } // add the caption if requested if (isset($_GET['capt'])) { imagettftext($image, 12, 0, 20, 20, 0, $font, $_GET['capt']); } //add the logo watermark if requested if (isset($_GET['logo'])) { // determine x and y position to center watermark list($width, $height) = getimagesize($dir . '/' . $_GET['id'] . '.jpg'); list($wmk_width, $wmk_height) = getimagesize('images/logo.png'); $x = ($width - $wmk_width) / 2; $y = ($height - $wmk_height) / 2; $wmk = imagecreatefrompng('images/logo.png'); imagecopymerge($image, $wmk, $x, $y, 0, 0, $wmk_width, $wmk_height, 20); imagedestroy($wmk); } // show the image header('Content-Type: image/jpeg'); imagejpeg($image, '', 100); ?> check_image.php <?php include 'db.inc.php'; //connect to MySQL $db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or die ('Unable to connect. Check your connection parameters.'); mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db)); //change this path to match your images directory $dir ='C:/x/xampp/htdocs/images'; //change this path to match your thumbnail directory $thumbdir = $dir . '/thumbs'; //change this path to match your fonts directory and the desired font putenv('GDFONTPATH=' . 'C:/Windows/Fonts'); $font = 'arial'; // handle the uploaded image if ($_POST['submit'] == 'Upload') { //make sure the uploaded file transfer was successful if ($_FILES['uploadfile']['error'] != UPLOAD_ERR_OK) { switch ($_FILES['uploadfile']['error']) { case UPLOAD_ERR_INI_SIZE: die('The uploaded file exceeds the upload_max_filesize directive ' . 'in php.ini.'); break; case UPLOAD_ERR_FORM_SIZE: die('The uploaded file exceeds the MAX_FILE_SIZE directive that ' . 'was specified in the HTML form.'); break; case UPLOAD_ERR_PARTIAL: die('The uploaded file was only partially uploaded.'); break; case UPLOAD_ERR_NO_FILE: die('No file was uploaded.'); break; case UPLOAD_ERR_NO_TMP_DIR: die('The server is missing a temporary folder.'); break; case UPLOAD_ERR_CANT_WRITE: die('The server failed to write the uploaded file to disk.'); break; case UPLOAD_ERR_EXTENSION: die('File upload stopped by extension.'); break; } } //get info about the image being uploaded $image_caption = $_POST['caption']; $image_username = $_POST['username']; $image_date = @date('Y-m-d'); list($width, $height, $type, $attr) = getimagesize($_FILES['uploadfile']['tmp_name']); // make sure the uploaded file is really a supported image $error = 'The file you uploaded was not a supported filetype.'; switch ($type) { case IMAGETYPE_GIF: $image = imagecreatefromgif($_FILES['uploadfile']['tmp_name']) or die($error); break; case IMAGETYPE_JPEG: $image = imagecreatefromjpeg($_FILES['uploadfile']['tmp_name']) or die($error); break; case IMAGETYPE_PNG: $image = imagecreatefrompng($_FILES['uploadfile']['tmp_name']) or die($error); break; default: die($error); } //insert information into image table $query = 'INSERT INTO images (image_caption, image_username, image_date) VALUES ("' . $image_caption . '", "' . $image_username . '", "' . $image_date . '")'; $result = mysql_query($query, $db) or die (mysql_error($db)); //retrieve the image_id that MySQL generated automatically when we inserted //the new record $last_id = mysql_insert_id(); // save the image to its final destination $image_id = $last_id; imagejpeg($image, $dir . '/' . $image_id . '.jpg'); imagedestroy($image); } else { // retrieve image information $query = 'SELECT image_id, image_caption, image_username, image_date FROM images WHERE image_id = ' . $_POST['id']; $result = mysql_query($query, $db) or die (mysql_error($db)); extract(mysql_fetch_assoc($result)); list($width, $height, $type, $attr) = getimagesize($dir . '/' . $image_id . '.jpg'); } if ($_POST['submit'] == 'Save') { // make sure the requested image is valid if (isset($_POST['id']) && ctype_digit($_POST['id']) && file_exists($dir . '/' . $_POST['id'] . '.jpg')) { $image = imagecreatefromjpeg($dir . '/' . $_POST['id'] . '.jpg'); } else { die('invalid image specified'); } // apply the filter $effect = (isset($_POST['effect'])) ? $_POST['effect'] : -1; switch ($effect) { case IMG_FILTER_NEGATE: imagefilter($image, IMG_FILTER_NEGATE); break; case IMG_FILTER_GRAYSCALE: imagefilter($image, IMG_FILTER_GRAYSCALE); break; case IMG_FILTER_EMBOSS: imagefilter($image, IMG_FILTER_EMBOSS); break; case IMG_FILTER_GAUSSIAN_BLUR: imagefilter($image, IMG_FILTER_GAUSSIAN_BLUR); break; } // add the caption if requested if (isset($_POST['emb_caption'])) { imagettftext($image, 12, 0, 20, 20, 0, $font, $image_caption); } //add the logo watermark if requested if (isset($_POST['emb_logo'])) { // determine x and y position to center watermark list($wmk_width, $wmk_height) = getimagesize('images/logo.png'); $x = ($width - $wmk_width) / 2; $y = ($height - $wmk_height) / 2; $wmk = imagecreatefrompng('images/logo.png'); imagecopymerge($image, $wmk, $x, $y, 0, 0, $wmk_width, $wmk_height, 20); imagedestroy($wmk); } // save the image with the filter applied imagejpeg($image, $dir . '/' . $_POST['id'] . '.jpg', 100); //set the dimensions for the thumbnail $thumb_width = $width * 0.10; $thumb_height = $height * 0.10; //create the thumbnail $thumb = imagecreatetruecolor($thumb_width, $thumb_height); imagecopyresampled($thumb, $image, 0, 0, 0, 0, $thumb_width, $thumb_height, $width, $height); imagejpeg($thumb, $dir . '/' . $_POST['id'] . '.jpg', 100); imagedestroy($thumb); ?> <html> <head> <title>Here is your pic!</title> </head> <body> <h1>Your image has been saved!</h1> <img src="images/<?php echo $_POST['id']; ?>.jpg" /> </body> </html> <?php } else { ?> <html> <head> <title>Here is your pic!</title> </head> <body> <h1>So how does it feel to be famous?</h1> <p>Here is the picture you just uploaded to our servers:</p> <?php if ($_POST['submit'] == 'Upload') { $imagename = 'images/' . $image_id . '.jpg'; } else { $imagename = 'image_effect.php?id=' . $image_id . '&e=' . $_POST['effect']; if (isset($_POST['emb_caption'])) { $imagename .= '&capt=' . urlencode($image_caption); } if (isset($_POST['emb_logo'])) { $imagename .= '&logo=1'; } } ?> <img src="<?php echo $imagename; ?>" style="float:left;"> <table> <tr><td>Image Saved as: </td><td><?php echo $image_id . '.jpg'; ?></td></tr> <tr><td>Height: </td><td><?php echo $height; ?></td></tr> <tr><td>Width: </td><td><?php echo $width; ?></td></tr> <tr><td>Upload Date: </td><td><?php echo $image_date; ?></td></tr> </table> <p>You may apply special options to your image below. Note: saving an image with any of the options applied <em>cannot be undone</em>.</p> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <div> <input type="hidden" name="id" value="<?php echo $image_id;?>"/> Filter: <select name="effect"> <option value="-1">None</option> <?php echo '<option value="' . IMG_FILTER_GRAYSCALE . '"'; if (isset($_POST['effect']) && $_POST['effect'] == IMG_FILTER_GRAYSCALE) { echo ' selected="selected"'; } echo '>Black and White</option>'; echo '<option value="' . IMG_FILTER_GAUSSIAN_BLUR . '"'; if (isset($_POST['effect']) && $_POST['effect'] == IMG_FILTER_GAUSSIAN_BLUR) { echo ' selected="selected"'; } echo '>Blur</option>'; echo '<option value="' . IMG_FILTER_EMBOSS . '"'; if (isset($_POST['effect']) && $_POST['effect'] == IMG_FILTER_EMBOSS) { echo ' selected="selected"'; } echo '>Emboss</option>'; echo '<option value="' . IMG_FILTER_NEGATE . '"'; if (isset($_POST['effect']) && $_POST['effect'] == IMG_FILTER_NEGATE) { echo ' selected="selected"'; } echo '>Negative</option>'; ?> </select> <br/><br/> <?php echo '<input type="checkbox" name="emb_caption"'; if (isset($_POST['emb_caption'])) { echo ' checked="checked"'; } echo '>Embed caption in image?'; echo '<br/><br/><input type="checkbox" name="emb_logo"'; if (isset($_POST['emb_logo'])) { echo ' checked="checked"'; } echo '>Embed watermarked logo in image?'; ?> <br/><br/> <input type="submit" value="Preview" name="submit" /> <input type="submit" value="Save" name="submit" /> </div> </form> </body> </html> <?php } ?> Any help appreciated. Hello, all: been trying to convert this little single-file upload to multiple by naming each file form-field as "userfile[]" as it's supposed to automatically treat them as an array.. but no luck! Can you guide me as to what am I doing wrong?? appreciate the help! Code: [Select] <?php if (!isset($_REQUEST["seenform"])) { ?> <form enctype="multipart/form-data" action="#" method="post"> Upload file: <input name="userfile[]" type="file" id="userfile[]"> Upload file: <input name="userfile[]" type="file" id="userfile[]"> <input type="submit" value="Upload"> <input type="hidden" name="seenform"> </form> <?php } else { // upload begins $userfiles = array($_FILES['userfile']); foreach ($userfiles as $userfile) { // foreach begins $uploaded_dir = "uploads/"; $userfile = $_FILES['userfile']["name"]; $path = $uploaded_dir . $userfile; if (move_uploaded_file($_FILES['userfile']["tmp_name"], $path)) { print "$userfile file moved"; // do something with the file here } else { print "Move failed"; } } // foreach ends } // upload ends ?> HI All, I have a form submission that uploads a photo as well as submitting other data. I would like to change the name of the photo to the id of the person record (created automatically on by the database) then a hyphen, then their first name and lastname. (i am flexible on this). This file name will also need to be submitted into the person record so the photo and the person can be linked. I am struggling with this one - but here is the code i have so far.
<?php
include 'includes/dbconn.php';
$target_dir = "img/people/";
$target_file = $target_dir . basename($_FILES["personHeadshot"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
if ($_SERVER['REQUEST_METHOD']=='POST'){
$fn = $_POST['fname'];
$ln = $_POST['lname'];
$ad1 = $_POST['ad1'];
$ad2 = $_POST['ad2'];
$city = $_POST['city'];
$post = $_POST['postcode'];
$tel = $_POST['phone'];
$email = $_POST['email'];
$crole = $_POST['comRole'];
$OFA = $_POST['OFA'];
$playerType = $_POST['playerType'];
$team = $_POST['primaryTeam'];
$stmt = $conn->prepare("
INSERT IGNORE INTO person (fname, lname, committee_role_id, player_type_id, team_id, ad1, ad2, city, postcode, mobile, email, on_field_auth_id)
VALUES (?,?,?,?,?,?,?,?,?,?,?,?)
");
$stmt -> bind_param(ssiiissssssi, $fn, $ln, $crole, $playerType, $team, $ad1, $ad2, $city, $post, $tel, $email, $OFA);
$stmt -> execute();
// Check if image file is a actual image or fake image
//photo upload
$check = getimagesize($_FILES["personHeadshot"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
//photo upload
header("location: ../admin-people-list.php");
}
// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["personHeadshot"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["personHeadshot"]["tmp_name"], $target_file)) {
echo "The file ". basename( $_FILES["personHeadshot"]["name"]). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
Hello! I have this validation script that seems to work great until I add the size validation. I'm ready to pull my hair out! Can someone tell me what I'm doing wrong? Code: [Select] if (isset($_POST['Submit'])) { $user_id = $userdata[user_id]; $number_of_file_fields = 0; $number_of_uploaded_files = 0; $number_of_moved_files = 0; $uploaded_files = array(); $max_filesize = 5242880; // Maximum filesize in BYTES (currently 5MB). $upload_directory = dirname(__file__) . '/'.$user_id.'/'; //set upload directory if (!is_dir($upload_directory)) { mkdir($upload_directory, 0777, true); } for ($i = 0; $i < count($_FILES['images']['name']); $i++) { $number_of_file_fields++; if ($_FILES['images']['name'][$i] != '') { //check if file field empty or not $number_of_uploaded_files++; if($_FILES['images']['size'] > $max_filesize){ echo "<b class='red'>Max file size is 5MB.</b><br/>"; $sz = true; } $ext = validate_extension($_FILES['images']['name'][$i]); if (($ext == true) && ($sz == true)){ $uploaded_files[] = $_FILES['images']['name'][$i]; if (move_uploaded_file($_FILES['images']['tmp_name'][$i], $upload_directory . $_FILES['images']['name'][$i])) { $number_of_moved_files++; } }else { echo "<b class='red'>File extention error. Only .doc, .pdf, .jpg and .gif files are allowed. </b><br/>"; } } } if ($number_of_uploaded_files >= 1){ echo "Number of files submitted:<b class='red>".$number_of_uploaded_files."</b><br/>"; echo "Number of successfully uploaded files:<b class='red>".$number_of_moved_files."</b><br/><br/>"; echo "Uploaded File Name(s):<br/>" . implode('<br/>', $uploaded_files); } } As of now it results in every uploaded file returning the error "Max file size is 5MB." i have mysql community server 5.5 workbench 5.2 php 5.3.8 apache http server 2.2 summary: can i write the same code using less variables for the file name and content? okay so i managed to write a code that creates a filename, and each new filename is 1 higher. colony1 colony2 colony3. it also uses the same mysql query created variable to write idcol as 1 higher in the new file than in the previous written file. however to write the code i had to use a buttload of variables. here is the code, the resultant filename and the resultant content of the created file. is there a way to write such a code with less than 15 variables? the problem seems to be that when writing text to a file, i cannot insert certain characters outside of a variable into the final variable which is put in the $string variable input into the fwrite() function. File Name: Colony$.php where $=the last entry in the idcol column in table coltest. File Code: Code: [Select] <?php $idcol = $; include('Colony0.php'); ?> </body> </html> where $=the last entry in the idcol column in table coltest. Code: Code: [Select] <?php $dbhost = 'localhost:3306'; $dbuser = 'root'; $dbpass = 'root'; $dbname = 'aosdb'; $conn = mysql_connect($dbhost,$dbuser,$dbpass) or die ('Error connecting to mysql'); mysql_select_db($dbname); $query = "SELECT idcol FROM coltest ORDER BY idcol DESC LIMIT 1"; $result = mysql_query($query); $id = mysql_result($result, 0); $vcol = "Colony"; $vcolp = ".php"; $File = "$vcol$id$vcolp"; $FileHandle = fopen($File, 'w') or die("can't open file"); fclose($FileHandle); $File = "$vcol$id$vcolp"; $myFile = $File; $fh = fopen($myFile, 'w') or die("can't open file"); $idw = "$"; $icol= "idcol"; $ique = "?"; $iphp = "Colony0.php"; $ief = "<"; $ieb = ">"; $irese = "= "; $iresn = ";"; $iii= "include('$iphp');"; $ihtml ="</body> </html>"; $hph = "php"; $string = "$ief$ique$hph $idw$icol $irese$id$iresn $iii $ique$ieb $ihtml"; fwrite($fh, $string); fclose($fh); ?> Been looking on the web on and off for the past few days but can't seem to find a list of all file types that PHP (or is it Apache) appreciates. Like when you go and upload file using a form and then it outputs: Quote Array ( [upload_file] => Array ( [name] => discount_xcart_orders.csv [type] => text/comma-separated-values [tmp_name] => /tmp/phprAk2R6 [error] => 0 [size] => 674 ) ) Is there an entire list of file types that this '[type] => text/comma-separated-values' falls under? Just out of interest of course, Jeremy. Hey all So have been working on a file upload script, it was uploading the file but also adding the path name instead of NULL to mysql when no image was to upload, that is now fixed however now it won't upload the actual image to the directory. I tried undoing the mysql changes but it still won't upload the image to the directory. Am testing on my own computer using xampp so no file permission issues, plus it was working before. Any help much appreciated. Thanks
<?php
$product_code = mysqli_real_escape_string($conn, $_POST['product_code']);
$product_name = mysqli_real_escape_string($conn, $_POST['product_name']);
$category = mysqli_real_escape_string($conn, $_POST['category']);
$filter = mysqli_real_escape_string($conn, $_POST['filter']);
$description = mysqli_real_escape_string($conn, $_POST['description']);
$specification = mysqli_real_escape_string($conn, $_POST['specification']);
$price = mysqli_real_escape_string($conn, $_POST['price']);
$target_dir = "../images/products/";
if (!isset ($_FILES["img1"]["name"])) {
$target_file1 = NULL;
} else {
if (!empty($_FILES["img1"]["name"])) {
$target_file1 = $target_dir . basename($_FILES["img1"]["name"]);
} else {
$target_file1 = NULL;
}
}
if (!isset ($_FILES["img2"]["name"])) {
$target_file2 = NULL;
} else {
if (!empty($_FILES["img2"]["name"])) {
$target_file2 = $target_dir . basename($_FILES["img2"]["name"]);
} else {
$target_file2 = NULL;
}
}
if (!isset ($_FILES["img3"]["name"])) {
$target_file3 = NULL;
} else {
if (!empty($_FILES["img3"]["name"])) {
$target_file3 = $target_dir . basename($_FILES["img3"]["name"]);
} else {
$target_file3 = NULL;
}
}
if (!isset ($_FILES["img4"]["name"])) {
$target_file4 = NULL;
} else {
if (!empty($_FILES["img4"]["name"])) {
$target_file4 = $target_dir . basename($_FILES["img4"]["name"]);
} else {
$target_file4 = NULL;
}
}
$uploadOk = 1;
$imageFileType1 = strtolower(pathinfo($target_file1,PATHINFO_EXTENSION));
$imageFileType2= strtolower(pathinfo($target_file2,PATHINFO_EXTENSION));
$imageFileType3 = strtolower(pathinfo($target_file3,PATHINFO_EXTENSION));
$imageFileType4 = strtolower(pathinfo($target_file4,PATHINFO_EXTENSION));
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check1 = getimagesize($_FILES["img1"]["tmp_name"]);
$check2 = getimagesize($_FILES["img2"]["tmp_name"]);
$check3 = getimagesize($_FILES["img3"]["tmp_name"]);
$check4 = getimagesize($_FILES["img4"]["tmp_name"]);
if($check1 !== false) {
echo "File is an image - " . $check1["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
if (file_exists($target_file1)) {
echo "Sorry, image one already exists.";
$uploadOk = 0;
}
if($imageFileType1 != "jpg" && $imageFileType1 != "png" && $imageFileType1 != "jpeg"
&& $imageFileType1 != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed for img1.";
$uploadOk = 0;
}
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["img1"]["tmp_name"], $target_file1)) {
echo "The file ". htmlspecialchars( basename( $_FILES["img1"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading image one.";
}
}
echo '<br />';
if($check2 !== false) {
echo "File is an image - " . $check2["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
if (file_exists($target_file2)) {
echo "Sorry, image two already exists.";
$uploadOk = 0;
}
if($imageFileType2 != "jpg" && $imageFileType2 != "png" && $imageFileType2 != "jpeg"
&& $imageFileType2 != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed for img2.";
$uploadOk = 0;
}
if (isset ($target_file2)) {
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["img2"]["tmp_name"], $target_file2)) {
echo "The file ". htmlspecialchars( basename( $_FILES["img1"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading image two.";
}
}
}
echo '<br />';
if($check3 !== false) {
echo "File is an image - " . $check3["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
if (file_exists($target_file3)) {
echo "Sorry, image three already exists.";
$uploadOk = 0;
}
if($imageFileType3 != "jpg" && $imageFileType3 != "png" && $imageFileType3 != "jpeg"
&& $imageFileType3 != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed for img3.";
$uploadOk = 0;
}
if (isset ($target_file3)) {
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["img3"]["tmp_name"], $target_file3)) {
echo "The file ". htmlspecialchars( basename( $_FILES["img3"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading image three.";
}
}
}
echo '<br />';
if($check4 !== false) {
echo "File is an image - " . $check4["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
if (file_exists($target_file4)) {
echo "Sorry, image four already exists.";
$uploadOk = 0;
}
if($imageFileType4 != "jpg" && $imageFileType4 != "png" && $imageFileType4 != "jpeg"
&& $imageFileType4 != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed for img4.";
$uploadOk = 0;
}
if (isset ($target_file4)) {
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["img4"]["tmp_name"], $target_file4)) {
echo "The file ". htmlspecialchars( basename( $_FILES["img4"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading image four.";
}
}
}
}
echo '<br />';
$image1 = basename($target_file1);
$image2 = basename($target_file2);
$image3 = basename($target_file3);
$image4 = basename($target_file4);
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "INSERT INTO products (product_code, product_name, category, filter, description, specification, img1, img2, img3, img4, price) VALUES('$product_code', '$product_name', '$category', '$filter', '$description', '$specification', '$image1', '$image2', '$image3', '$image4', '$price')";
if (mysqli_query($conn, $sql)) {
echo "Product Added successfully, Now on to the Sizes";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
?>
How do I Upload Multiple Files using a PHP form and script? 10 files at one time would be great. Ultimately I need a photo upload and management script. Here is my current single file upload form: <form action="upload.php" method="post" enctype="multipart/form-data"> <label for="file">Upload a Photo:</label> <input type="file" name="file" id="file" /> <br /> <input type="submit" name="submit" value="Submit" /> </form> </body> </html> Here is the Php Script: <?php if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 200000)) { if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />"; if (file_exists("upload/" . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["file"]["tmp_name"], "uploads/" . $_FILES["file"]["name"]); echo "Stored in: " . "uploads/" . $_FILES["file"]["name"]; } } } else { echo "Invalid file"; } ?> Day
I'm using Codeigniter and inside the framework I create a file with PHP code If I try to point to it, the web-server doesn't deliver due to permission issues.
All this is done in a 'register function' where I create some fields in a SQL
If I put the user credentials into the database 'by hand' and likewise when I
I'm pretty sure this issue has been existed before and I'd appreciate any help.
Thanks for your help in forward. Gee Edited August 17, 2020 by bogus |
|||||||