PHP - Second File Upload On Form Help

Hi all

I have a script that I have patched together and got to work in pieces.  I'm up to the last part.  I have the form working and emailing.  It also will upload an image by itself and put it in a folder.  Now i just need to tie those together and have the image put in the email as an attachment then deleted from server.

I have it at a stage where it sends me the users details.. and it tries to send the photo but it comes through as junk txt.  I think its the MIME encoding stuff that I have wrong.. not sure?

Here's what I have so far.

Code: [Select]

$attachment = $path_of_uploaded_file;
$fileatt = $attachment; // Path to the file                 
$fileatt_type = "application/octet-stream"; // File Type
    $start= strrpos($attachment, '/') == -1 ? strrpos($attachment, '//') : strrpos($attachment, '/')+1;
$fileatt_name = substr($attachment, $start, strlen($attachment)); // Filename that will be used for the file as the attachment

    $file = fopen($fileatt,'rb');
$data = fread($file,filesize($fileatt));
fclose($file);

$semi_rand = md5(time());
$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
$headers = "\nMIME-Version: 1.0\n" .
            "Content-Type: multipart/mixed;\n" .
            " boundary=\"{$mime_boundary}\"";

$email_message .= "This is a multi-part message in MIME format.\n\n" .
                "--{$mime_boundary}\n" .
                "Content-Type:text/html; charset=\"iso-8859-1\"\n" .
               "Content-Transfer-Encoding: 7bit\n\n" .

$data = chunk_split(base64_encode($data));
$email_message .= "--{$mime_boundary}\n" .
                  "Content-Type: {$fileatt_type};\n" .
                  " name=\"{$fileatt_name}\"\n" .
                  "Content-Disposition: attachment;\n" .
                  " filename=\"{$fileatt_name}\"\n" .
                  "Content-Transfer-Encoding: base64\n\n" .
                 $data . "\n\n" .
                  "--{$mime_boundary}--\n";
     
// create email headers
$headers .= 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();

@mail($email_to, $email_subject, $email_message, $headers); 



Thanks

Wolfsta

I'm trying to add a file size limit to my upload form-code (below)

Hi,

I have a form that allows a user to enter details and also to upload a image. The form works great and inserts into the database if i dont include the file input.

What i would like happen is:

The user enters details and selects a file

The file then gets uploaded to ../images and the path is then written to bedroom1 variable

The addresses and the bedroom1 variable that now holds the uploaded file path e.g. images/test.jpg is written to the database

Form
Code: [Select]
<form action="admin.php" method="POST">
   <table>
     <tr><td>
     Address 1:
</td><td>
     <input type="text" name="address1" id="address1" onfocus="selected(this)" onblur="notselected(this)">
</td><td>
     <div id="dynamicText1">
             </div>
</td></tr>

<tr><td>
     Address 2:
</td><td>
     <input type="text" name="address2" id="address2" onfocus="selected(this)" onblur="notselected(this)">
</td><td>
     <div id="dynamicText1">
             </div>
</td></tr>

<tr><td>
     County:
</td><td>
     <input type="text" name="county" id="county" onfocus="selected(this)" onblur="notselected(this)">
</td><td>
     <div id="dynamicText1">
             </div>
</td></tr>

<tr><td>
     Bedroom 1:
</td><td>
     <input type="file" name="bedroom1" id="bedroom1" input name="uploadedfile">
</td><td>
     <div id="dynamicText1">
             </div>
</td></tr>



<tr><td>
     <input type="submit" name="submitaddapartment" value="Add" id="registerbutton">
</td></tr>

   </table
           
        </form>

And the php code to add it to the database


Code: [Select]
<?php
  //get variables
  $submitaddapartment = $_POST['submitaddapartment'];
  $address1 = strip_tags($_POST['address1']);
  $address2 =  strip_tags($_POST['address2']);
  $county = strip_tags($_POST['county']);
  $bedroom1 = strip_tags($_POST['bedroom1']);
   
  
  

  if ($submitaddapartment) //if submit button was pressed
  {
    if ($address1&&$address2&&$county&&$bedroom1&&) //if fields arn't blank
    {
  include 'dbase.php'; //connect to database
  
  if ((($_FILES["bedroom1"]["type"] == "image/gif")
  || ($_FILES["bedroom1"]["type"] == "image/jpg")
  || ($_FILES["bedroom1"]["type"] == "image/pjpeg"))
  && ($_FILES["bedroom1"]["size"] < 20000000))
  {

  if ($_FILES["bedroom1"]["error"] > 0)
  {
  echo "Return Code: " . $_FILES["bedroom1"]["error"] . "<br />";
  }
  else
  {
  echo "Upload: " . $_FILES["bedroom1"]["name"] . "<br />";
  echo "Type: " . $_FILES["bedroom1"]["type"] . "<br />";
  echo "Size: " . ($_FILES["bedroom1"]["size"] / 1024) . " Kb<br />";
  echo "Temp file: " . $_FILES["bedroom1"]["tmp_name"] . "<br />";
  
  if (file_exists("../images/" . $_FILES["bedroom1"]["name"]))
      {
      echo $_FILES["bedroom1"]["name"] . " already exists. ";
      }
  else
      {
      move_uploaded_file($_FILES["bedroom1"]["tmp_name"],
      "/" . $_FILES["bedroom1"]["name"]);
      echo "Stored in: " . "../images/" . $_FILES["bedroom1"]["name"];
  $bedroom1=".'images/.' $_FILES["bedroom1"]["name"]";  
  }
  }
  }
  
  else
  {
  echo "Invalid file";
  }
  
  
  mysql_query ("INSERT INTO user VALUES(NULL,'$address1','$address2','$county','$bedroom1')");
          
    }
    else
    {
    }
  }    
  
?>
Any help would be greatly appreciated.

Thanks

Fred

I want to let users select and upload a file.

The select form and upload sritp work when they are on different pages, but I want them on the same page with the upload script executing only if the form has been submitted.

Here the upload form

<!--select the file -->
<form enctype="multipart/form-data" action="manage_files.php" method="POST">Please choose a file to upload: <input name="uploaded" type="file" /><input type="submit" value="Upload" /></form> 

... and here's the upload code...

<!--upload the file -->
<?php
if (isset($_POST['submit'])) {
$target = "safes/";
$target = $target . basename( $_FILES['uploaded']['name']) ;
$ok=1;

//This is our size condition
//if ($uploaded_size > 350000)
//{
//echo "Your file is too large.<br>";
//$ok=0;
//}

//if (!($uploaded_type=="application/zip")) {
//echo "You may only upload ZIP files.<br>";
//$ok=0;
//}

//Here we check that $ok was not set to 0 by an error
if ($ok==0)
{
Echo "Sorry your file was not uploaded";
}

//If everything is ok we try to upload it
else
{
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
}
else
{
echo "Sorry, there was a problem uploading your file.";
}
}
}
?>


What am I missing?

Thanks for any help!

Hi,

This is the code I made to show the problem:

$useragent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729)";
$timeout = 10 ;
$cookie = tempnam ("/tmp", "CURLCOOKIE");
 
$post = array('_method'=>"put",
                     'authenticity_token'=>'
zcvcxfsdfvxcv',
                     'profile_image[a]'=>"@Girl-Next-Door-movie-f01.jpg"
                    );
       
        $ch = curl_init();
        curl_setopt( $ch, CURLOPT_USERAGENT, $useragent);
        curl_setopt($ch, CURLOPT_HEADER, 1);
        curl_setopt($ch, CURLOPT_POST, 1);
        curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:'));
        curl_setopt($ch, CURLOPT_URL, "http://localhost/test.php");
        curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie);
        curl_setopt( $ch, CURLOPT_COOKIEJAR, $cookie );
        curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
        curl_setopt( $ch, CURLOPT_ENCODING, "" );
        curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
        curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
        curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );    # required for https urls
        curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, $timeout );
        curl_setopt( $ch, CURLOPT_TIMEOUT, $timeout );
        curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
        $html = curl_exec($ch);
        curl_close($ch);

Now this link used above: http://localhost/test.php has this code:

    print_r($_POST);
    print_r($_FILES);

It simply prints whats in post and files.


So the above code displays this on screen:

Code: [Select]
Array
(
    [_method] => put

    [authenticity_token] => zcvcxfsdfvxcv
)
Array
(
    [profile_image] => Array
        (
            [name] => Array
                (
                    [a] => Girl-Next-Door-movie-f01.jpg
                )

            [type] => Array
                (
                    [a] => image/jpeg
                )

            [tmp_name] => Array
                (
                    [a] => /tmp/phppLJPQV
                )

            [error] => Array
                (
                    [a] => 0
                )

            [size] => Array
                (
                    [a] => 55377

                )
        )

)
but we need to modify the code so that it should display this:

Code: [Select]
Array
(
    [_method] => put
    [authenticity_token] => zcvcxfsdfvxcv
)
Array
(
    [profile_image[a]] => Array
        (
            [name] => Girl-Next-Door-movie-f01.jpg
             
            [type] => image/jpeg
               
            [tmp_name] =>  /tmp/phppLJPQV

            [error] =>  0
               
            [size] =>  55377
               
        )

)

Meaning, it is taking this(profile_image[a]) as an array when we are defining $post because that's how curl recognizes that we want to upload only a file or an array of files on server by http post.

So, basically the problem is the name of the input field that is defined as an array (profile_image[a]) on the web page that we are trying to mock. If this(profile_image[a]) was this (profile_image_a)(without []) on that webpage, then it would not have been a problem. So, if you understand, this is basically a syntax problem. I do not know how stop curl from reading 'profile_image[a]' as an array here 'profile_image[a]'=>"@Girl-Next-Door-movie-f01.jpg. I need curl to read 'profile_image[a]' as an string and not array. I have to use [], otherwise I will not be able to mock the webpage as the name will change. It will give error.


I hope I explained the problem and also gave you a way to test if you have a solution. Again, if your code starts displaying this:

Code: [Select]
Array
(
    [_method] => put
    [authenticity_token] => zcvcxfsdfvxcv

)
Array
(
    [profile_image[a]] => Array

        (
            [name] => Girl-Next-Door-movie-f01.jpg     

            [type] => image/jpeg

            [tmp_name] =>  /tmp/phppLJPQV

            [error] =>  0
 
            [size] =>  55377
        )

)
,then we have a solution.

Thanks for helping in advance.

Regards,
Manoj

I have a one-page responsive website template with a built-in contact email form whereby I would like to add an upload file attachment provision to the contact form. While I have been able to successfully add two fields (source, URL) to the built-in contact email form, with exception of adding the HTML to the form , modification to the contact email form's PHP files  appears to be much more involved whereby I have been unable to find a barebones PHP code I can add to the existing PHP to make this work. I should also add that while I am well versed in HTML, CSS, and Javascript, I am not when it comes to PHP. In brief, I prefer not to replace the built-in contact form with different HTML and PHP for adding a contact form email file attachment.  Any suggestions regarding this subject matter are appreciated. Since PHP is not listed under accepted file types for attachment to this post, I can provide download links to the contact email form PHP files from my iHost server for review if need be. The website address to view the HTML source code for the built-in contact form is https://www.seoauditspecialists.com. Apart from my having to add 'enctype=”multipart/form-data”' to the contact form's <form action> line of code, the HTML to add the 'file' field is provided below. Thank you ahead of time.

              <div class="form-group">
                <input type="file" class="form-control" name="uploaded_file" id="uploaded_file" /
              </div>

In this multi file upload form, choose three images, click submit and preview the images on the preview page. If the user wishes to delete or replace an image, click edit and the form will go back to the previous page. Select the replace radio button for example on one of the three images and select a new image from the file input prompt and click submit. The form will go to the preview page again to display the images. During this process the image names are being input into a table and the images are being moved to a directory.

The table is

  `id`  AUTO_INCREMENT,
  `image0`
  `image1`
  `image2`
  `status`

So input name='image[image0]' can be directed to table `image0` and so on.

The code for keep and delete work fine, but how do I replace an image?
I have two foreach blocks. The first one deletes the image file from the directory and deletes the image name from the table, but the second foreach dose not move the new image file into the directory.
Thanks.

<input type='radio' name='image[image0]' value='keep' checked='checked'/>
<input type='radio' name='image[image0]' value='delete' />
<input type='radio' name='image[image0]' value='replace' />
<input type="file" name="image[]" />

<input type='radio' name='image[image1]' value='keep' checked='checked'/>
<input type='radio' name='image[image1]' value='delete' />
<input type='radio' name='image[image1]' value='replace' />
<input type="file" name="image[]" />

<input type='radio' name='image[image2]' value='keep' checked='checked'/>
<input type='radio' name='image[image2]' value='delete' />
<input type='radio' name='image[image2]' value='replace' />
<input type="file" name="image[]" />

<?php
if (isset($_POST['status'])) {

$status = $_POST['status'];
$confirm_code = $status;

#--------------------------- replace --------------------------------------------

if (isset($_POST['submitted']) &&
($image = $_POST['image'])) {

foreach($image as $imageKey => $imageValue) {
if ($imageValue == 'replace') {
$query = "SELECT $imageKey FROM table WHERE status = '$status' ";
if($result = $db->query( $query )){
$row = $result->fetch_array();
}

unlink( UPLOAD_DIR.$row[0] );

$query = "UPDATE table SET $imageKey = '' WHERE status = '$status' ";
}
}

foreach($image as $imageKey => $imageValue) {
if ($imageValue == 'replace') {

$filenm = $_FILES['image']['name']; 
$file = $_FILES['image']['tmp_name'];

move_uploaded_file($file, UPLOAD_DIR . $filenm);
$filename[] = $filenm; 

$query = "INSERT INTO table VALUES ('','$filename[0]','$filename[1]','$filename[2]','$confirm_code')";
}
}
}
}
?>

Hiya,

Firstly, I'm a complete novice, apologies! But I have got my upload.php working which is nice. I will post the code below.

However, I would now like to restrict the file size and file type to only word documents.

I currently have a restriction of 200KB but it's not working - no idea why as I've looked at other similar codes and they look the same.

Also, just to complicate things - can I stop files overwriting each other when uploaded? At the moment, if 2 people upload files with the same name one will overwrite the other.

Is this too many questions in 1?

Any help is very much appreciated!

Code below:

Code: [Select]
<form enctype="multipart/form-data" action="careers.php" method="POST">
        Please choose a file: <input name="uploaded" type="file" /><br />
<input type="submit" value="Upload" />
</form>

<?php 
 $target = "upload/"; 
 $target = $target . basename( $_FILES['uploaded']['name']) ; 
 $ok=1; 
 
 //This is our size condition 
 if ($uploaded_size > 200) 
 { 
 echo "Your file is too large.<br>"; 
 $ok=0; 
 } 
 
 //This is our limit file type condition 
 if ($uploaded_type =="text/php") 
 { 
 echo "No PHP files<br>"; 
 $ok=0; 
 } 
 
 //Here we check that $ok was not set to 0 by an error 
 if ($ok==0) 
 { 
 Echo "Sorry your file was not uploaded"; 
 } 
 
 //If everything is ok we try to upload it 
 else 
 { 
 if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) 
 { 
 echo "Your file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded."; 
 } 
 else 
 { 
 echo "Sorry, there was a problem uploading your file."; 
 } 
 } 
 ?>

Hello, all: been trying to convert this little single-file upload to multiple by naming each file form-field as "userfile[]" as it's supposed to automatically treat them as an array.. but no luck!  Can you guide me as to what am I doing wrong??
appreciate the help!


Code: [Select]
<?php

if (!isset($_REQUEST["seenform"])) {
?>
   <form enctype="multipart/form-data" action="#" method="post">
   Upload file: <input name="userfile[]" type="file" id="userfile[]">
   Upload file: <input name="userfile[]" type="file" id="userfile[]">
   <input type="submit" value="Upload">
   <input type="hidden" name="seenform">
   </form>
<?php
} 
else 
{ // upload begins
$userfiles = array($_FILES['userfile']);
foreach ($userfiles as $userfile)
{ // foreach begins
   $uploaded_dir = "uploads/";
   $userfile = $_FILES['userfile']["name"];
   $path = $uploaded_dir . $userfile;
   if (move_uploaded_file($_FILES['userfile']["tmp_name"], $path)) 
     {
   print "$userfile file moved";
   // do something with the file here
    } else 
{
   print "Move failed";
}
} // foreach ends
} // upload ends

?>

<td><label for='images'> <b>File to upload:</b> </label></td>
            <td><input type='file'  name = 'drama_image' '<?php echo $row['drama_image']; ?>'/></
                       </tr>
         
   <?php
            $target_path = "images/";
            $target_path = $target_path . basename( $_FILES['images']['name']);

            if(move_uploaded_file($_FILES['images']['tmp_name'], $target_path)) {
                echo "The file ".  basename( $_FILES['images']['name']).
             " has been uploaded";
            } else{
                echo $row['drama_image'];
            }
         
     ?>

['drama_image'] is the name of the file

I wanna echo it out in the box of file upload so when I save , the default picture will still be there instead of being overwritten as the box does not have any value in it.

I havent included the whole title as it wouldnt let me but I was wondering if someone could help me on this?

I know this is possible as torrentflux caters for this but unsure of where to start.

I dont want to allow file or directory uploads or creation in my /etc/php.ini file (this is turned off).

Yet then torrentflux allows me to link a torrent from an external source (using legal downloads of course  ) but then it uploads it on my server and creates folders on a per user basis.

How is this possible can someone give me some pointers please?

I look forward to any replies,
Jeremy.

So, I'm learning how to upload pictures into a system from my awesome PHP book. I've looked and looked through the script but I can't figure out whats wrong with it.

Goal:
The script is meant to save a full version of the image in the images folder and a thumbnail in the thumbnail folder.
Bug:
The full image does not appear in any folder, and the thumbnail is created but its put in the images folder.

I've checked the GD library, and everything is supported.

image_effect.php

<?php
//change this path to match your images directory
$dir ='C:/x/xampp/htdocs/images';

//change this path to match your fonts directory and the desired font
putenv('GDFONTPATH=' . 'C:/Windows/Fonts');
$font = 'arial';

// make sure the requested image is valid
if (isset($_GET['id']) && ctype_digit($_GET['id']) && file_exists($dir . '/' .
    $_GET['id'] . '.jpg')) {
    $image = imagecreatefromjpeg($dir . '/' . $_GET['id'] . '.jpg');
} else {
    die('invalid image specified');
}

// apply the filter
$effect = (isset($_GET['e'])) ? $_GET['e'] : -1;
switch ($effect) {
case IMG_FILTER_NEGATE:
    imagefilter($image, IMG_FILTER_NEGATE); 
    break;
case IMG_FILTER_GRAYSCALE:
    imagefilter($image, IMG_FILTER_GRAYSCALE); 
    break;
case IMG_FILTER_EMBOSS:
    imagefilter($image, IMG_FILTER_EMBOSS); 
    break;
case IMG_FILTER_GAUSSIAN_BLUR:
    imagefilter($image, IMG_FILTER_GAUSSIAN_BLUR);
    break;
}

// add the caption if requested
if (isset($_GET['capt'])) {
    imagettftext($image, 12, 0, 20, 20, 0, $font, $_GET['capt']);
}

//add the logo watermark if requested
if (isset($_GET['logo'])) {
    // determine x and y position to center watermark
    list($width, $height) = getimagesize($dir . '/' . $_GET['id'] . '.jpg');
    list($wmk_width, $wmk_height) = getimagesize('images/logo.png');
    $x = ($width - $wmk_width) / 2;
    $y = ($height - $wmk_height) / 2;
    
    $wmk = imagecreatefrompng('images/logo.png');
    imagecopymerge($image, $wmk, $x, $y, 0, 0, $wmk_width, $wmk_height, 20);
    imagedestroy($wmk);
}

// show the image
header('Content-Type: image/jpeg');
imagejpeg($image, '', 100);
?>


check_image.php

<?php
include 'db.inc.php';
//connect to MySQL
$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or 
    die ('Unable to connect. Check your connection parameters.');
mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));

//change this path to match your images directory
$dir ='C:/x/xampp/htdocs/images';

//change this path to match your thumbnail directory
$thumbdir = $dir . '/thumbs';

//change this path to match your fonts directory and the desired font
putenv('GDFONTPATH=' . 'C:/Windows/Fonts');
$font = 'arial';

// handle the uploaded image
if ($_POST['submit'] == 'Upload') {

    //make sure the uploaded file transfer was successful
    if ($_FILES['uploadfile']['error'] != UPLOAD_ERR_OK)
    {
        switch ($_FILES['uploadfile']['error']) {
        case UPLOAD_ERR_INI_SIZE:
            die('The uploaded file exceeds the upload_max_filesize directive ' .
                'in php.ini.');
            break;
        case UPLOAD_ERR_FORM_SIZE:
            die('The uploaded file exceeds the MAX_FILE_SIZE directive that ' .
                'was specified in the HTML form.');
            break;
        case UPLOAD_ERR_PARTIAL:
            die('The uploaded file was only partially uploaded.');
            break;
        case UPLOAD_ERR_NO_FILE:
            die('No file was uploaded.');
            break;
        case UPLOAD_ERR_NO_TMP_DIR:
            die('The server is missing a temporary folder.');
            break;
        case UPLOAD_ERR_CANT_WRITE:
            die('The server failed to write the uploaded file to disk.');
            break;
        case UPLOAD_ERR_EXTENSION:
            die('File upload stopped by extension.');
            break;
        }
    }
    
    //get info about the image being uploaded
    $image_caption = $_POST['caption'];
    $image_username = $_POST['username'];
    $image_date = @date('Y-m-d');
    list($width, $height, $type, $attr) =
        getimagesize($_FILES['uploadfile']['tmp_name']);

    // make sure the uploaded file is really a supported image
    $error = 'The file you uploaded was not a supported filetype.';
    switch ($type) {
    case IMAGETYPE_GIF:
        $image = imagecreatefromgif($_FILES['uploadfile']['tmp_name']) or
            die($error);
        break;
    case IMAGETYPE_JPEG:
        $image = imagecreatefromjpeg($_FILES['uploadfile']['tmp_name']) or
            die($error);
        break;
    case IMAGETYPE_PNG:
        $image = imagecreatefrompng($_FILES['uploadfile']['tmp_name']) or
            die($error);
        break;
    default:
        die($error);
    }

    //insert information into image table
    $query = 'INSERT INTO images
        (image_caption, image_username, image_date)
    VALUES
        ("' . $image_caption . '", "' . $image_username . '", "' . $image_date .
        '")';
    
    $result = mysql_query($query, $db) or die (mysql_error($db));
    
    //retrieve the image_id that MySQL generated automatically when we inserted
    //the new record
    $last_id = mysql_insert_id();
    
    // save the image to its final destination
    $image_id = $last_id;
    imagejpeg($image, $dir . '/' . $image_id  . '.jpg');
    imagedestroy($image);

} else {
    // retrieve image information
    $query = 'SELECT
        image_id, image_caption, image_username, image_date
    FROM
        images
    WHERE
        image_id = ' . $_POST['id'];
    $result = mysql_query($query, $db) or die (mysql_error($db));
    extract(mysql_fetch_assoc($result));

    list($width, $height, $type, $attr) = getimagesize($dir . '/' . $image_id .
        '.jpg');
}

if ($_POST['submit'] == 'Save') {
    // make sure the requested image is valid
    if (isset($_POST['id']) && ctype_digit($_POST['id']) &&
        file_exists($dir . '/' . $_POST['id'] . '.jpg')) {
        $image = imagecreatefromjpeg($dir . '/' . $_POST['id'] . '.jpg');
    } else {
        die('invalid image specified');
    }

    // apply the filter    
    $effect = (isset($_POST['effect'])) ? $_POST['effect'] : -1;
    switch ($effect) {
    case IMG_FILTER_NEGATE:
        imagefilter($image, IMG_FILTER_NEGATE); 
        break;
    case IMG_FILTER_GRAYSCALE:
        imagefilter($image, IMG_FILTER_GRAYSCALE); 
        break;
    case IMG_FILTER_EMBOSS:
        imagefilter($image, IMG_FILTER_EMBOSS); 
        break;
    case IMG_FILTER_GAUSSIAN_BLUR:
        imagefilter($image, IMG_FILTER_GAUSSIAN_BLUR);
        break;
    }

    // add the caption if requested
    if (isset($_POST['emb_caption'])) {
        imagettftext($image, 12, 0, 20, 20, 0, $font, $image_caption);
    }

    //add the logo watermark if requested
    if (isset($_POST['emb_logo'])) {
        // determine x and y position to center watermark
        list($wmk_width, $wmk_height) = getimagesize('images/logo.png');
        $x = ($width - $wmk_width) / 2;
        $y = ($height - $wmk_height) / 2;
    
        $wmk = imagecreatefrompng('images/logo.png');
        imagecopymerge($image, $wmk, $x, $y, 0, 0, $wmk_width, $wmk_height, 20);
        imagedestroy($wmk);
    }

    // save the image with the filter applied
    imagejpeg($image, $dir . '/' . $_POST['id'] . '.jpg', 100);

    //set the dimensions for the thumbnail
    $thumb_width = $width * 0.10;
    $thumb_height = $height * 0.10;

    //create the thumbnail
    $thumb = imagecreatetruecolor($thumb_width, $thumb_height);
    imagecopyresampled($thumb, $image, 0, 0, 0, 0, $thumb_width, $thumb_height,
        $width, $height);
    imagejpeg($thumb, $dir . '/' . $_POST['id'] . '.jpg', 100);
    imagedestroy($thumb);
?>
<html>
 <head>
  <title>Here is your pic!</title>
 </head>
 <body>
  <h1>Your image has been saved!</h1>
  <img src="images/<?php echo $_POST['id']; ?>.jpg" />
 </body>
</html>
<?php
} else {
?>
<html>
 <head>
  <title>Here is your pic!</title>
 </head>
 <body>
  <h1>So how does it feel to be famous?</h1>
  <p>Here is the picture you just uploaded to our servers:</p>
<?php 
   if ($_POST['submit'] == 'Upload') {
       $imagename = 'images/' . $image_id  . '.jpg';
   } else {
       $imagename = 'image_effect.php?id=' . $image_id  . '&e=' .
           $_POST['effect'];

       if (isset($_POST['emb_caption'])) {
           $imagename .= '&capt=' . urlencode($image_caption); 
       }

       if (isset($_POST['emb_logo'])) {
           $imagename .= '&logo=1'; 
       }
   }
?>
   <img src="<?php echo $imagename; ?>" style="float:left;">
  <table>
   <tr><td>Image Saved as: </td><td><?php echo $image_id  . '.jpg'; ?></td></tr>
   <tr><td>Height: </td><td><?php echo $height; ?></td></tr>
   <tr><td>Width: </td><td><?php echo $width; ?></td></tr>
   <tr><td>Upload Date: </td><td><?php echo $image_date; ?></td></tr>
  </table>
  <p>You may apply special options to your image below. Note: saving an image
with any of the options applied  <em>cannot be undone</em>.</p>
  <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
   <div>
    <input type="hidden" name="id" value="<?php echo $image_id;?>"/>
    Filter: <select name="effect">
     <option value="-1">None</option>
<?php
    echo '<option value="' . IMG_FILTER_GRAYSCALE . '"';
    if (isset($_POST['effect']) && $_POST['effect'] == IMG_FILTER_GRAYSCALE) {
        echo ' selected="selected"';
    }
    echo '>Black and White</option>';

    echo '<option value="' . IMG_FILTER_GAUSSIAN_BLUR . '"';
    if (isset($_POST['effect']) && $_POST['effect'] ==
        IMG_FILTER_GAUSSIAN_BLUR) {
        echo ' selected="selected"';
    }
    echo '>Blur</option>';

    echo '<option value="' . IMG_FILTER_EMBOSS . '"';
    if (isset($_POST['effect']) && $_POST['effect'] == IMG_FILTER_EMBOSS) {
        echo ' selected="selected"';
    }
    echo '>Emboss</option>';

    echo '<option value="' . IMG_FILTER_NEGATE . '"';
    if (isset($_POST['effect']) && $_POST['effect'] == IMG_FILTER_NEGATE) {
        echo ' selected="selected"';
    }
    echo '>Negative</option>';
?>
    </select>
    <br/><br/>
<?php
    echo '<input type="checkbox" name="emb_caption"';
    if (isset($_POST['emb_caption'])) {
        echo ' checked="checked"';
    }
    echo '>Embed caption in image?';
    echo '<br/><br/><input type="checkbox" name="emb_logo"';
    if (isset($_POST['emb_logo'])) {
        echo ' checked="checked"';
    }
    echo '>Embed watermarked logo in image?';
?>
    <br/><br/>
    <input type="submit" value="Preview" name="submit" />
    <input type="submit" value="Save" name="submit" />
   </div>
  </form>
 </body>
</html>
<?php
}
?>


Any help appreciated.

Hello! I have this validation script that seems to work great until I add the size validation. I'm ready to pull my hair out! Can someone tell me what I'm doing wrong?

Code: [Select]
if (isset($_POST['Submit'])) {
$user_id = $userdata[user_id];
    $number_of_file_fields = 0;
    $number_of_uploaded_files = 0;
    $number_of_moved_files = 0;
    $uploaded_files = array();
$max_filesize = 5242880; // Maximum filesize in BYTES (currently 5MB).
    $upload_directory = dirname(__file__) . '/'.$user_id.'/'; //set upload directory
if (!is_dir($upload_directory)) {
    mkdir($upload_directory, 0777, true);
}

    for ($i = 0; $i < count($_FILES['images']['name']); $i++) {
        $number_of_file_fields++;
        if ($_FILES['images']['name'][$i] != '') { //check if file field empty or not
            $number_of_uploaded_files++;
if($_FILES['images']['size'] > $max_filesize){
echo "<b class='red'>Max file size is 5MB.</b><br/>";
$sz = true;
}
$ext = validate_extension($_FILES['images']['name'][$i]);
if (($ext == true) && ($sz == true)){
$uploaded_files[] = $_FILES['images']['name'][$i];
if (move_uploaded_file($_FILES['images']['tmp_name'][$i], $upload_directory . $_FILES['images']['name'][$i])) {
$number_of_moved_files++;
            }
}else { echo "<b class='red'>File extention error. Only .doc, .pdf, .jpg and .gif files are allowed. </b><br/>";
}

        }

    }
if ($number_of_uploaded_files >= 1){
echo "Number of files submitted:<b class='red>".$number_of_uploaded_files."</b><br/>";
echo "Number of successfully uploaded files:<b class='red>".$number_of_moved_files."</b><br/><br/>";
echo "Uploaded File Name(s):<br/>" . implode('<br/>', $uploaded_files);
}


}
As of now it results in every uploaded file returning the error "Max file size is 5MB."

HI All,

I have a form submission that uploads a photo as well as submitting other data.

I would like to change the name of the photo to the id of the person record (created automatically on by the database) then a hyphen, then their first name and lastname. (i am flexible on this).

This file name will also need to be submitted into the person record so the photo and the person can be linked.

I am struggling with this one - but here is the code i have so far.

 

<?php 
include 'includes/dbconn.php';

$target_dir = "img/people/";
$target_file = $target_dir . basename($_FILES["personHeadshot"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));

if ($_SERVER['REQUEST_METHOD']=='POST'){

	$fn = $_POST['fname'];
	$ln = $_POST['lname'];
	$ad1 = $_POST['ad1'];
	$ad2 = $_POST['ad2'];
	$city = $_POST['city'];
	$post = $_POST['postcode'];
	$tel = $_POST['phone'];
	$email = $_POST['email'];
	$crole = $_POST['comRole'];
	$OFA = $_POST['OFA'];
	$playerType = $_POST['playerType'];
	$team = $_POST['primaryTeam'];


	$stmt = $conn->prepare("
	                       INSERT IGNORE INTO person (fname, lname, committee_role_id, player_type_id, team_id, ad1, ad2, city, postcode, mobile, email, on_field_auth_id) 
	                       VALUES (?,?,?,?,?,?,?,?,?,?,?,?)
	                       ");
	$stmt -> bind_param(ssiiissssssi, $fn, $ln, $crole, $playerType, $team, $ad1, $ad2, $city, $post, $tel, $email, $OFA);
	$stmt -> execute();

	// Check if image file is a actual image or fake image
//photo upload
	$check = getimagesize($_FILES["personHeadshot"]["tmp_name"]);
  if($check !== false) {
    echo "File is an image - " . $check["mime"] . ".";
    $uploadOk = 1;
  } else {
    echo "File is not an image.";
    $uploadOk = 0;
  }
//photo upload

	header("location: ../admin-people-list.php");
}
// Check if file already exists
if (file_exists($target_file)) {
  echo "Sorry, file already exists.";
  $uploadOk = 0;
}

// Check file size
if ($_FILES["personHeadshot"]["size"] > 500000) {
  echo "Sorry, your file is too large.";
  $uploadOk = 0;
}

// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
  echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
  $uploadOk = 0;
}

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
  echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
  if (move_uploaded_file($_FILES["personHeadshot"]["tmp_name"], $target_file)) {
    echo "The file ". basename( $_FILES["personHeadshot"]["name"]). " has been uploaded.";
  } else {
    echo "Sorry, there was an error uploading your file.";
  }
}

 

How do I Upload Multiple Files using a PHP form and script? 10 files at one time would be great.
Ultimately I need a photo upload and management script.

Here is my current single file upload form:

<form action="upload.php" method="post"
enctype="multipart/form-data">
<label for="file">Upload a Photo:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>

</body>
</html>


Here is the Php Script:

<?php
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 200000))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    echo "Type: " . $_FILES["file"]["type"] . "<br />";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";

    if (file_exists("upload/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"],
      "uploads/" . $_FILES["file"]["name"]);
      echo "Stored in: " . "uploads/" . $_FILES["file"]["name"];
      }
    }
  }
else
  {
  echo "Invalid file";
  }
?>