|
PHP - Checking If User Has Already Uploaded A File
I've got a page that allows users to upload a file (pdf, jpg, gif png). The user must be logged in in order to upload something. I have a query that checks if the user has already uploaded a file with the same name as the name of the file they are trying to upload.
If they have not uploaded the file yet, the file uploads and they get a "Success" message. If the file has already been uploaded by the user, they will get the message, "You have already uploaded that file". When the query goes through, the message that shows is, "You have already uploaded that file". I ensured the file was not already in the database, and it still shows this error. I tried changing the if statement to say: if ($duplicate==0) instead of: if ($duplicate!=0) but it always shows the same error. Any ideas of what could be wrong with my code? my sql table looks like: Field Type Null id int(11) No userid int(11) No artist varchar(50) No title varchar(50) No file varchar(2083) No uploaded varchar(3) No Code: <?php session_start(); if (isset($_SESSION['username'])){ $username = $_SESSION['username']; $submit = $_POST['submit']; include_once('inc/connect.php'); $uploadsql = mysql_query("SELECT * FROM `users` WHERE `username`='$username'"); $uploadrow = mysql_fetch_assoc($uploadsql); $userid = $uploadrow['id']; $folder = "sheets/fromusers/"; if (isset($submit)){ // Name of file $name = $_FILES["location"]["name"]; // Type of file (video/avi) or image/jpg, etc $type = $_FILES["location"]["type"]; //size of file $size = $_FILES["location"]["size"]; //stores file in a temporary location $temp = $_FILES["location"]["tmp_name"]; // if there is an error $error = $_FILES["location"]["error"]; $artist = strtolower($_POST['artist']); $title = strtolower($_POST['title']); // Check if fields are filled in if($artist&&$title){ if ($error > 0) { $sheeterror = "<div id='messageerror'>An error occured. Please try again.</div>"; } else { // Determine the extension of the file // If file is This File.pdf // Then $ext is now equal to pdf $ext = strtolower(substr($name, strrpos($name, '.') + 1)); if ($ext=="pdf" || $ext=="gif" || $ext=="jpeg" || $ext=="jpg" || $ext=="png") { if ($size <= 26214400) // If size <= 25 megabytes { $duplicatecheck = mysql_query("SELECT file FROM upload WHERE id='$userid'"); $duplicate = mysql_num_rows($duplicatecheck); if ($duplicate!=0){ $sheeterror = "<div id='messageerror'>You have already uploaded this file!</div>"; } else{ $sheetquery = mysql_query("INSERT INTO upload VALUES ('','$userid','$artist','$title','$name','no')"); move_uploaded_file($temp, $folder.$name); $success = "<div id='messagesuccess'>Upload Complete!</div><div align='center'>".ucwords($artist)." - ".ucwords($title)."</div>"; } } else{ $sheeterror = "<div id='messageerror'>Your sheet must be less than 25 megabytes.</div>"; } } else { $sheeterror = "<div id='messageerror'>".ucfirst($ext)." files are not allowed!</div>"; } } } else{ $sheeterror = "<div id='messageerror'>Fill In All Fields</div>"; } } } else{ $sheeterror = "<div id='messageerror'>You must be logged in to add sheets!</div>"; } ?> <html> <head> <title>Add Sheet</title> <style> #container{ width: 350px; height: 150px; margin-left: auto; margin-right: auto; background-color: #cccccc; } #formhold{ width: 300px; text-align: right; margin-right: auto; } #messagesuccess{ background-color: #66CD00; width: 350px; margin-left: auto; margin-right: auto; } #messageerror{ background-color: #ff2211; width: 350px; margin-left: auto; margin-right: auto; } </style> </head> <body OnLoad="document.newsheet.artist.focus();"> <?php include_once('inc/nav.php'); ?> <center> <h1>Add Sheet</h1> <br /> <div id="container"> <br /> <div id="formhold"> <form action="addsheet.php" method="post" name="newsheet" enctype="multipart/form-data"> Artist: <input type="text" name="artist" size="30"><br /> Title: <input type="text" name="title" size="30"><br /> Sheet: <input type="file" name="location" size="17"><br /> </div> <center><input type="submit" name="submit" value="Submit"></center> </form> </div> <div id="bottomcont"> <?php echo $success, $sheeterror; ?> </div> </center> </body> </html> Similar TutorialsHi, I'm trying to figure out the best way to determine if a user is currently downloading a file from my website. The way my site works, is the user waits 30 seconds and views an ad. After the timer is up the download becomes available. I heard that I could probably use a timestamp or something of the sort. I've read up on it but not sure how I could go about this. Hi, this is what I want to get working: each time I add an entry, it is displayed in a nice html table, and each entry listed in this html table has an UPDATE link that allows the user to update the Price and Description field of the corresponding table in my database. I have also included an upload element which whenever a user chooses an image, it will replace the default fileUploadIcon.jpg with this. Please see the index.php and bellUpdateForm.php below respectively Code: [Select] //index.php <table border="border"> <?php require 'bellConnect.inc.php'; $curImage; $imgIndx=-1;//iniitally $result=mysql_query("SELECT ID, Name, Manufacturer, Price, Description, SimSupport FROM bellProducts"); $indx=0;//***HOW DO I MAKE THIS SHARED SO THAT EACH ENTRY ADDED HAS AN INCREMENTED index appended to end of its name attribute //phpinfo(); //print "Val of \$counter so far: ".$counter; //NB: print table headings if(mysql_num_rows($result))//if there is at least one entry in bellProducts, make a table { //$counter+=1; print "<table border='border'>"; print "<tr> <th>ID</th> <th>Image</th> <th>Name</th> <th>Manufacturer</th> <th>Price</th> <th>Description</th> <th>SimSupport</th> <th colspan=2 align='center'>Modify</th> </tr>"; //NB: now output each row of records while($row=mysql_fetch_assoc($result)) { //extract($row); //if($indx<sizeof($bellProductsArray)) //{ "<tr align='center'> <td>$row[ID]</td> <td>"; if($_POST['upload']) print "<img src=".$_FILES['image']['name'].">"; else print "<img src='fileUploadIcon.jpg' name='image' /> </td> <td> $row[Name] </td> <td> $row[Manufacturer] </td> <td> $$row[Price]</td> <td align='left'>$row[Description]</td> <td>$row[SimSupport]</td> <td><a href='bellUpdateForm.php?ID=$row[ID]'>UPDATE</a></td> <td><a href='bellDeleteForm.php?ID=$row[ID]' name='delete'>DELETE</a></td> </tr>"; //}//END INNER IF $indx++; }//END WHILE }//END BIG IF ?> </table> </body> </html> Code: [Select] //bellUpdateForm.php <?php require 'bellConnect.inc.php'; if($_GET && !$_POST)//this is to make sure that the current entry is selected BUT the updated info NOT submitted yet { if(isset($_GET['ID'])) { $ID=$_GET['ID']; $result=mysql_query("SELECT * FROM bellProducts WHERE ID=$ID"); $row=mysql_fetch_assoc($result); //store the one entry that will be updated print "You are currently updating item: <strong>$row[Manufacturer] $row[Name] </strong> <br /><br />"; "<form action='bellUpdate.php' method='post'> <label> Price:<input type='text' value='$row[Price]' name='price' id='price'></input> </label> <label> Description: <textarea cols='60' rows='3' name='description' id='description'> $row[Description] </textarea> </label> <div> <input type='submit' value='Update entry' name='update' id='update' /> <input type='hidden' value=$row[ID] name='id' /> </div> <input type='reset' value='Reset entry' />"; print "</form>"; }//END INNER IF }//END BIG IF ?> <form method='post' action='index.php' enctype='multipart/form-data' name='uploadImage' id='uploadImage'> <p> <label>Upload image</label> <input type='file' name='image' id='image' /> </p> <p> <input type='submit' value='Upload this' name='upload' id='upload' /> </p> </form> <?php if(array_key_exists('upload', $_POST)) { // define constant for upload folder define('UPLOAD_DIR', 'C:\wamp\www'); // move the file to the upload folder and rename it move_uploaded_file($_FILES['image']['tmp_name'], ! UPLOAD_DIR.$_FILES['image']['name']); } ?> </body> </html> I don't know, it seemed simple but it turns out I don't know what to do.
I was told that storing a photo as a blob was much harder than simply storing a photo's url or directory location...
So... when a file has been selected through the browse-file manager triggered by
<input type="file"...>and the file selected is shown, when a person pusehs "upload" what is supposed to happen? Do I need some kind of FTP client to access the server and place the photo in there? It seems so easy in a way like the built in filemanager in cPanel... What am I missing? Thanks for any help. show list of files uploaded by current session user to the database. I want to show different users when they log in to the website...they can see a list of old files that they have uploaded. can anyone tell me the code/script to this.....please, ty Hey guys, total newb when it comes to php. any help here would be much apreciated, what i am trying to achieve is to allow a person to upload a jpg image that he wants displayed on a dynamic flash site, but seeing as the flash is looking for xx.jpg, is it possible that any jpg file he uploads , say its called golf.jpg, is automatically uploaded/renamed to xx.jpg ? so i dont have to get him to rename the files before uploading. i attempted to understand a short tutorial on doing this but failed, here is what code i used. ( i added that rename line, looking at it now sorta seems like a really lame attempt lol ) Code: [Select] <?php $target = "upload/"; $target = $target . basename( $_FILES['uploaded']['name']) ; $ok=1; rename ("*.jpg", "xx.jpg"); //This is our size condition if ($uploaded_size > 350000) { echo "Your file is too large.<br>"; $ok=0; } //This is our limit file type condition if ($uploaded_type =="text/php") { echo "No PHP files<br>"; $ok=0; } //Here we check that $ok was not set to 0 by an error if ($ok==0) { Echo "Sorry your file was not uploaded"; } //If everything is ok we try to upload it else { if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) { echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded"; } else { echo "Sorry, there was a problem uploading your file."; } } ?> <body> <form enctype="multipart/form-data" action="upload.php" method="POST"> Please choose a file: <input name="uploaded" type="file" /><br /> <input type="submit" value="Upload" /> </form> cheers This code logs the user in with the correct user_email, user_pwd, and active=1. A '0' is inserted into the active column of the users table during registration. I need help checking if active=0 then flash_warning('User account not activated'). login_user.php Code: [Select] <?php include(MODEL_PATH.'user.php'); switch ($route['view']){ case "login_user": if(login($params['user']['user_email'], $params['user']['user_pwd'])) { flash_notice('You are logged in!'); redirect_to(''); } else { flash_warning('Username or password is invalid!'); $route['view'] = 'login'; } break; }user.php Code: [Select] <?php session_start(); function login($username, $password) { db_connect_posts(); $query = sprintf("SELECT * FROM users WHERE user_email = '%s' AND user_pwd = '%s' AND active = '1'" , mysql_real_escape_string($username), md5($password) ); $result = mysql_query($query); $number_of_posts = mysql_num_rows($result); if($number_of_posts == 0) { return false; } $row = mysql_fetch_array($result); $_SESSION['user'] = $row; return true; } ?>Login form Code: [Select] <form action="<?php echo '/'.APP_ROOT.'/'; ?>sessions/login_user" method="post"> <fieldset> <legend>Login</legend> <div> <label>E-mail</label> <input name="user[user_email]" size="40" type="text" /> </div> <div> <label>Password</label> <input name="user[user_pwd]" size="40" type="password" /> </div> <input type="submit" value="Login" /> </fieldset> </form> Hi i have a simple script that functions perfect and easy but i am looking for a way to secure it a little
is there any way for me to create a simple user checking system ?
i have a mysql db with both usernames and passwords
is there any way to get the username and password from a get comand in the url and check the db to see if they exist and if they do run the rest of my code and if not throw access denied ?
i know this is not 100% secure but i its how i want it to be done
could anyone help me with this ?
I am trying to check for an admin user to access the admin panel. I have been playing around try different things and this what I have ended up with in my database table I have a column called usergroup and i do the follow to check for admin user. Code: [Select] $checkAdmin = mysql_query("SELECT * FROM `users` WHERE email='$email' , usergroup = 'admin'"); $adminUser = mysql_num_rows($checkAdmin); if ($adminUser == 0) { echo count($adminUser); die ('You do not have permissions to access this area'); } I do the select statement through phpmyadmin and it comes back with one row. which is basically hat i want to check for. I do have a variable called $email which is getting a value from the email cookie. currently $adminUser Return a value of 10. All of the count() functions is for testing purposes only. This is something that has intrigued me, that has only recently surfaced when viewing the forum. Which of the following methods of authenticating that a user exists would be better/faster/ect? Example 1 - Fetching Row Data <?PHP $username = 'LoserVille'; $password = 'password'; $myQuery = mysql_query("SELECT account_id FROM user_accounts WHERE username = '$username' AND password = '$password'"); $myQuery = mysql_fetch_assoc($myQuery); if($myQuery) { /*### User Exists ###*/ } else { /*### User Does Not Exist ###*/ } ?> Example 2 - Fetching Number of Results <?PHP $username = 'LoserVille'; $password = 'password'; $myQuery = mysql_query("SELECT account_id FROM user_accounts WHERE username = '$username' AND password = '$password'"); $myQuery = mysql_num_rows($myQuery); if($myQuery >= 1) { /*### User Exists ###*/ } else { /*### User Does Not Exist ###*/ } ?> Just looking for some insight, not really a problem Regards, PaulRyan. Below I am checking a user level and if they are level one they see some of the form, and if level two they see additional options. What they have already filled out is to show in the text field. Before I was doing the user level check it worked fine. Even now if something is put in a field it saves in the DB but it will not show in the fields on the form. // Everyone sees <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['FieldA']; ?>"> </tr> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['FieldB']; ?>"> </tr> // Check if level two and display if they are. <?php } if (checkUser()) { ?> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num1']; ?>"> </tr> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num2']; ?>"> </tr> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num3']; ?>"> </tr> <?php } ?> // Additional things everyone sees even level one. <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num4']; ?>"> </tr> <tr> So even <?php echo $row_settings['num4']; ?> will not show/work after the <?php } ?> Any thoughts? Thanks in advance everyone. Hey guys and gals! This is my first post here and needing a bit of help with my php code! So here is the deal, i have 3 tables in ms sql 2000 which i will be using on this project. i have an employee table that has the regular information such as: TABLE employee( uniqueid, employee_number, lastname, firstname, dob, address, city, state, zip ) TABLE employee_docs( uniqueid, employee_number, doc_type int, date_received, date_issued, date_expired ) TABLE doc_type(uniqueid, description, valid_month) so basically from the employee_doc table, the doc_type column is an int and will have the description of the document as well as valid month column which will tell you how long the document type is valid until. the Description gives a brief description of what the product is. The uniqueid is used as what ever number is chose from the employee_docs table will represent the document type from table doc_type. ok so now that i gave a brief explanation of the tables i am working with, I can tell you what i need. i need a php page that will display: employee number, lastname, firstname, doc_type, date_received, date_issued, date_expired. Code: [Select] select pn.empnum as employeeid, (pn.lastname + ', ' + pn.firstname)as [Full Name], dt.description as doc_type, formatDate(pd.received) as [Date Received], formatDate(pd.expired)as [Date Expired], formatDate(pd.issued) as [Date In Service] from personnel_document pd left join document_types dt on (dt.uniqueid = pd.doc_type) left join personnel pn on (pd.empnum = pn.empnum) where pd.empnum = '$EmpNum' now, I went ahead and did this for the html part: Code: [Select] <table border=0> <tr> <td height=20px weight=1px valign=bottom><span class=underline>DESCRIPTION</span></td> <td height=20px weight=1px valign=bottom><span class=underline>DATE RECEIVED</span></td> <td height=20px weight=1px valign=bottom><span class=underline>LICENSE NUMBER</span></td> <td height=20px weight=1px valign=bottom><span class=underline>DATE IN SERVICE</span></td> <td height=20px weight=1px valign=bottom><span class=underline>DATE EXPIRED</span></td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>PHYSICAL EXAM</span></td> <td valign=top><input class=demog_box type=text size=10 name= phexam_dr id=phexam_dr onBlur= 'formatDate(this)' value='<?php echo $phexam_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= phexam_ln id=phexam_ln onBlur='formatDate(this)' value='<?php echo $phexam_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= phexam_is id=phexam_is onBlur= 'formatDate(this)' value='<?php echo $phexam_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= phexam_ex id=phexam_ex onBlur='formatDate(this)' value='<?php echo $phexam_ex; ?>'> </td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>PROFESSIONAL LICENSE</span></td> <td valign=top><input class=demog_box type=text size=10 name= prolic_dr id=prolic_dr onBlur='formatDate(this)' value='<?php echo $prolic_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= prolic_ln id=prolic_ln onBlur='formatDate(this)' value='<?php echo $prolic_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= prolic_is id=prolic_is onBlur='formatDate(this)' value='<?php echo $prolic_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= prolic_ex id=prolic_ex onBlur='formatDate(this)' value='<?php echo $prolic_ex; ?>'> </td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>PROFESSIONAL INSURANCE</span></td> <td valign=top><input class=demog_box type=text size=10 name= proins_dr id=proins_dr onBlur='formatDate(this)' value='<?php echo $proins_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= proins_ln id=proins_ln onBlur='formatDate(this)' value='<?php echo $proins_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= proins_is id=proins_is onBlur='formatDate(this)' value='<?php echo $proins_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= proins_ex id=proins_ex onBlur='formatDate(this)' value='<?php echo $proins_ex; ?>'> </td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>DRIVER'S LICENSE</span></td> <td valign=top><input class=demog_box type=text size=10 name=dl_dr id=dl_dr onBlur='formatDate(this)' value='<?php echo $dl_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name=dl_ln id=dl_ln onBlur='formatDate(this)' value='<?php echo $dl_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name=dl_is id=dl_is onBlur='formatDate(this)' value='<?php echo $dl_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name=dl_ex id=dl_ex onBlur='formatDate(this)' value='<?php echo $dl_ex; ?>'> </td> </tr> <tr> </tr> <tr> </table> I am now doing the the sql statement to insert into my db but i am stuck. i basically want to get the information that the user enters for each field and save it on the employees profile. $querydoc = "update personnel_document set empnum = '$EmpNum' , doc_type = ???, date_received = ????, date_expired = ????, date issued = ??? where empnum = '$EmpNum' "; The problem is that since each description has a different variable im not sure how to update it.... would I have to create a new update for each description? also I hard coded the name of each description but i believe it is better if i echo the description name from the db as i cant use taht as the doc_type... i am pretty confused, if anyone has a better way of doing this i would really appreciate it! eventually i also want to make sure that the description is expired to to with the fields I have there and promp the user of something that is expired. Once again, any help given is much appreciated!!! Set up: * XAMPP 1.7.3 * Apache 2.2.14 (IPv6 enabled) + OpenSSL 0.9.8l * MySQL 5.1.41 + PBXT engine * PHP 5.3.1 * phpMyAdmin 3.2.4 * Perl 5.10.1 * FileZilla FTP Server 0.9.33 * Mercury Mail Transport System 4.72 I'm trying to set up a multipage registration script. It's tuff! I've set up some basic scripts to distribute variables into the correct tables from previous forms using a session. But I want the script to check the input from form one is valid before it moves on to form 2. Here are my scripts: form 1: <html> <head> <title>Register</title> <style type="text/css"> td { vertical-align: top; } </style> </head> <body> <form action="form2.php" method="post"> <table> <tr> <td><label for="name">Username:</label></td> <td><input type="text" name="name" id="name" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="password">Password:</label></td> <td><input type="password" name="password" id="password" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="first_name">First name:</label></td> <td><input type="text" name="first_name" id="first_name" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="last_name">Last name:</label></td> <td><input type="text" name="last_name" id="last_name" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="email">Email:</label></td> <td><input type="text" name="email" id="email" size="20" maxlength="50" value=""/></td> </tr><tr> <td><label for="address">Address:</label></td> <td><input type="text" name="address" id="address" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="city">City/Town:</label></td> <td><input type="text" name="city" id="city" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="county">County:</label></td> <td><input type="text" name="county" id="county" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="post">Postcode:</label></td> <td><input type="text" name="post" id="post" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="home">Home Number:</label></td> <td><input type="text" name="home" id="home" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="mobile">Mobile:</label></td> <td><input type="text" name="mobile" id="mobile" size="20" maxlength="20" value=""/></td> </tr><tr> <td> </td> <td><input type="submit" name="submit" value="Sumbit"/></td> </tr> </table> </form> </body> </html> Form 2: <?php //let's start the session session_start(); //now, let's register our session variables session_register('name'); session_register('password'); session_register('first_name'); session_register('last_name'); session_register('email'); session_register('address'); session_register('city'); session_register('county'); session_register('post'); session_register('home'); session_register('mobile'); //finally, let's store our posted values in the session variables $_SESSION['name'] = $_POST['name']; $_SESSION['password'] = $_POST['password']; $_SESSION['first_name'] = $_POST['first_name']; $_SESSION['last_name'] = $_POST['last_name']; $_SESSION['email'] = $_POST['email']; $_SESSION['address'] = $_POST['address']; $_SESSION['city'] = $_POST['city']; $_SESSION['county'] = $_POST['county']; $_SESSION['post'] = $_POST['post']; $_SESSION['home'] = $_POST['home']; $_SESSION['mobile'] = $_POST['mobile']; ?> <html> <head> <title>Register</title> <style type="text/css"> td { vertical-align: top; } </style> </head> <body> <form action="form3.php" method="post"> <table> <tr> <td><label for="bio">Biography:</label></td> <td><input type="text" name="bio" id="bio" size="400" maxlength="500" value=""/></td> </tr><tr> <td> </td> <td><input type="submit" name="submit" value="Sumbit"/></td> </tr> </table> </form> </body> </html> I've also got form3.php and process_forms.php(that's where I mysql_real_escape_string and input the data) but that's probably not relevant. How would I get this to work? Are there any sites I should look at that you'd recommend? Any help appreciated. This topic has been moved to Other. http://www.phpfreaks.com/forums/index.php?topic=318815.0 What's the maximum file size I can upload through a regular form ? If it's server dependant, how do I find out my max ? I tried to handle a 550MB file (on localhost) - I only wanted to show the filename, but it hung up for about 10secs, then returned nothing. Hi everyone, im a newbie and have written this script, has taken me a day to get here. The form inserts data into the database, uploads a file and sends an email. All this works fine, what i am trying to do is rename the file to the id of the record and check to make sure it is a pdf. I would really appreciate any help. I've tried and tried and just cant get it to work. <?php switch ($_REQUEST['action']) { case 'recruit': foreach($_POST as $key=>$value){ $$key = $value; } if ((!$name) || (!$email) || (!$phone)) { $error_msg = 'Fields marked<span class="gold"> * </span>are required to submit the form'; }elseif (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { $error_msg = 'Invalid email address'; } echo "$error_msg","<br><br>"; if ($error_msg == ''){ $date=date("d/m/y", time()); $add="recruitment/".$_FILES[userfile][name]; $cleaned = stripit($add); $add2 = $cleaned; if(move_uploaded_file ($_FILES[userfile][tmp_name], $add2)); $Q = mysql_query("INSERT INTO recruitment (`name`,`phone`,`email`, `qual`,`exper`,`file`) VALUES ('$name','$phone','$email','$qual','$exper','$cleaned')"); foreach($_POST as $key=>$value){ $$key = htmlentities(stripslashes($value)); } $companyname = 'Mead Business college'; $companyemail = 'ross@emediastudios.com.au'; $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/html; charset=iso-8859-1\r\n"; $headers .= "From: ".$name." <".$email.">\r\n"; $headers .= "Reply-To: ".$name." <".$email.">\r\n"; $to = "".$companyname."<".$companyemail.">"; $subject = "Mead Business College Recruitment Form Submission"; $message = '<style type="text/css>"; <!-- .style { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; } --> </style> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td class="style"> <b>Details:</b><br /><br /> <b>Name:</b> '.$name.'<br /> <b>Email:</b> '.$email.'<br /> <b>Mobile No:</b> '.$phone.'<br /> <b>Qualifications:</b><br> '.$qual.'<br /> <b>Experience:</b><br /><br />'.$exper.'<br /><br /> <b>Uploaded resume:</b> http://www.mydomain.com.au/'.$cleaned.' </td> </tr> </table>'; mail($to, $subject, $message, $headers); echo '<table width="99%" border="0" cellpadding="0" cellspacing="0"> <tr> <td class="mybody">Hi '.$name.',<p />Thank you for your enquiry. An MBC Consultant will contact you shortly.<br /> <br /> </td> </tr> </table>'; }else{ foreach($_POST as $key=>$value){ $$key = htmlentities(stripslashes($value)); } echo ' <FORM ENCTYPE="multipart/form-data" id="form" name="Contact Form" method="post" action="'.$_SERVER['PHP_SELF'].'?action=recruit"> <table width="489" border="0" cellspacing="5" cellpadding="0" class="formsw"> <tr> <td width="227">Name:</td> <td width="358"><input type="text" name="name" id="name" value="'.$name.'" /></td> </tr> <tr> <td>Contact Mobile:</td> <td><input type="text" name="phone" id="phone" value="'.$phone.'" /></td> </tr> <tr> <td>Email:</td> <td><input type="text" name="email" id="email" value="'.$email.'" /></td> </tr> <tr> <td>Relevent Qualifications:</td> <td><textarea name="qual" id="qual" cols="45" rows="5" value="'.$qual.'"></textarea></td> </tr> <tr> <td>Recent Experience:</td> <td><textarea name="exper" id="exper" cols="45" rows="5" value="'.$exper.'"></textarea></td> </tr> <tr> <td>Upload Resume:</td> <td><input type="file" name="userfile" id="userfile" /></td> </tr> <tr> <td><input type="submit" name="submit" id="submit" value="Submit" /></td> <td> </td> </tr> </table> </form>'; } break; } ?> Hi I need to change the name of a file being uploaded by a user. The reason i need this is because there is a strong possibility that duplicate filenames would be logged. This is the code i have currently: Code: [Select] $upload_path = 'cv/'; // The place the files will be uploaded to (currently a 'files' directory). $filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension). $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename. // Check if we can upload to the specified path, if not DIE and inform the user. if(!is_writable($upload_path)) die('You cannot upload to the specified directory, please CHMOD it to 777.'); // Upload the file to your specified path. if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename)); This code works fine to upload the file in the current name. I assume i need to seperate the filename from the file extension, and i can then assign a new variable to the filename. Easier said than done though as Ive tried many combinations of things. Is there a simple way using this script? or will i need to start from scratch? Cheers My 1st try practice uploading file to the server and it was successful. Now I wonder how can I set a default file name to the file that will be uploaded and overwrite the existing one. I have tried experimenting on the code but I can't get it to work. Here's my simple code.. edit_logo.php Code: [Select] <?php <form enctype="multipart/form-data" method="post" action="uploaded_logo.php"> <input type="hidden" name="MAX_FILE_SIZE" value="100000" /> <tr> <td>Choose a Logo to Upload: </td> <td><input name="uploaded_file" type="file" /></td> </tr> <tr> <td> </td> <td><input type="submit" value="Upload File" name="submit>"</td> </tr> </form> ?> uploaded_logo.php Code: [Select] <?php if($_FILES['uploaded_file']["type"] == "image/gif") { $target_path = "logo/"; $target_path = $target_path. basename($_FILES['uploaded_file']['name']); if(move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $target_path)) { echo "<span class=\"error_validation\">The Logo has been successfully changed!<br></span>"; echo "<span class=\"error_validation\">Upload Logo Again? <a href=\"edit_logo.php\">Click Here</a><br></span>"; } else { echo "<span class=\"error_validation\">There was an error uploading the logo. Pls. try again.<br></span>"; echo "<span class=\"error_validation\">Upload Logo Again? <a href=\"edit_logo.php\">Click Here</a><br></span>"; } } else { echo "<span class=\"error_validation\">Invalid file format. We are only accepting image file. Pls. try again.<br></span>"; echo "<span class=\"error_validation\">Upload Logo Again? <a href=\"edit_logo.php\">Click Here</a><br></span>"; } ?> So what the code suppose to do is.. If I upload an image file as the new logo it should have the default logo name "my_logo.gif", then it will overwrite the existing one... Anyone? Why does the following code not detect the following file? After I select a file and I click upload, it goes back to the upload form. <?php include_once("includes/config.php"); //grab their type if(!$_COOKIE['user']) { //they are a guest $info = "Guest"; } else { //they are a user $info = $_COOKIE['user']; } if(!$_FILE['file']) { $content = '<form action="submit.php" method="post" enctype="multipart/form-data"> <label for="file">SELECT SKIN:</label> <input type="file" name="file" id="file" /> <input type="submit" name="submit" value="Submit" /> </form>'; } else { if($_FILES['file']['error'] > 0) { $content = "There was an error trying to upload the skin ".$_FILES['file']['name'].".".$_FILES['file']['error']; } } ?> <html> <head> <title><?php $title; ?></title> <link rel="stylesheet" type="text/css" href="theme/style.css" /> </head> <body> <div id="header"> MCSkins </div> <?php echo "Submitting as: ".$info."<br/><br/>".$content; ?> </body> </html> Hi Guys, I have this script below which inserts the file name and path into my datebase and uploads the file into the customers folders (which is creates dynamically). The is no error checking as I want it to be as flexible as possible but mostly(99.999%) the files I upload are JPEG and PDF's. I would like my script to be able to resize the files above automatically to be smaller. Please is this possible thanks! Here is script: <?php //Will create a directory once a customer is clicked and will not if page is refreshed an so forth if (file_exists('customerUploads/' . $check_id . ', ' . $c_name . '')) { } else { mkdir('customerUploads/' . $check_id . ', ' . $c_name . ''); } ?> <?php //This php block of code will takecare of inserting the upload variables into the db if(isset($_POST['submitbutton'])) { $target_path = 'customerUploads/' . $check_id . ', ' . $c_name . '/'; $target_path = str_replace("'","",$target_path); $target_path = $target_path . basename( $_FILES['upload']['name']); $manager= mysql_real_escape_string($_POST['username']); $upload = $_FILES['upload']['name']; $upload = str_replace("'","",$upload); $check_id = mysql_real_escape_string($_POST['id']); $submitbutton= mysql_real_escape_string($_POST['submitbutton']); if($submitbutton) { if($manager&&$upload) { if (file_exists($target_path)) { echo $_FILES["upload"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["upload"]["tmp_name"],$target_path); echo "Stored in: " . 'customerUploads/' . $check_id . ', ' . $c_name . '/' . $_FILES["upload"]["name"]; $insert=mysql_query("INSERT INTO img_up (username,upload,id,target_path,img_date) VALUES ('$manager','$upload','$check_id','$target_path', now()) "); // Where the file is going to be placed $target_path = 'customerUploads/' . $check_id . ', ' . $c_name . '/'; /* Add the original filename to our target path. Result is "uploads/filename.extension" */ $target_path = $target_path . basename( $_FILES['upload']['name']); $target_path = 'customerUploads/' . $check_id . ', ' . $c_name . '/'; $target_path = $target_path . basename( $_FILES['upload']['name']); if (file_exists($target_path)) { echo $_FILES["upload"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["upload"]["tmp_name"],$target_path); echo "Stored in: " . 'customerUploads/' . $check_id . ', ' . $c_name . '/' . $_FILES["upload"]["name"]; } } } else { echo "There was an error uploading the file, please try again!"; } } header("location: mainupload_complete.php?id=$check_id"); } ?> |
|||||||