PHP - Checking If File Is .pdf

Hi Community! :-) (Sorry for my average english)

I recently started coding in php, till now, i allready have advanced skills in programming with C# and thus, had no problems writing my own script.   Still, my script does not really work, i'm trying to check if a file contains a md5(string), but the script never finds the string.

This is the script: (please don't mind any security issues, this is just a test. But if you have any tips and tricks to improve the security, i'd be glad to receive them)

<?php
$webname = $_POST["webname"];
$webcode = $_POST["webcode"];
$webpass = $_POST["webpass"];
if (file_exists("web/". $webname . ".html")) {
$file = file_get_contents("web/". $webname . ".html", "r");

if (strpos(md5($webpass),$file) !== false) {
$usergen = fopen("web/" . $webname . ".html", "w")  or die("Unable to open file!");
fwrite($usergen, $webcode);
fwrite($usergen, "<!--- ". md5($webpass) . "--->");
fclose($usergen);
echo "Generated! You can view your site under /web/" . $webname . ".html";
}
else
{
echo "The file already exists but you entered the wrong Password.<br> Pressing the \"return\" Button will bring you back without loosing the code you entered.";
}
}
else
{
$usergen = fopen("web/" . $webname . ".html", "w")  or die("Unable to open file!");
fwrite($usergen, $webcode);
fwrite($usergen, "<br><!--- ". md5($webpass) . " --->");
fclose($usergen);
echo "Generated! You can view your site under /web/" . $webname . ".html";
}
echo "<FORM><INPUT Type=\"button\" VALUE=\"Back\" onClick=\"history.go(-1);return true;\"></FORM>";
?>

What it does it pretty simple, you enter some html-code that'll be stored in the "webcode" variable, a password, let's say "apple" in "webpass" and the filename is stored in "webname".
On first creation, a html-file is created with the
<!--- md5(apple) ---> at it's end, the HTML Tags are needed to hide the string from any visitors.

If someone wants to edit the File created before, he also enters "apple".
Then the string will be looked up as md5(apple) in the file.
If the strings match, it's true and the changes should be saved.
Whatever i do, though, i'm allways ending up here if i try to edit an existing file: "The file already exists but you entered the wrong Password.<br> Pressing the \"return\" Button will bring you back without loosing the code you entered.";
As i said, i'm a newbie, i'd appreciate any tips and help.

Thank you in advance!

Hi,

I'm trying to figure out the best way to determine if a user is currently downloading a file from my website.
The way my site works, is the user waits 30 seconds and views an ad. After the timer is up the download becomes available.
I heard that I could probably use a timestamp or something of the sort. I've read up on it but not sure how I could go about this.

Hi Guys,

I'm using the following code to write emails to a .txt file:



                // Write the email to file
                $leadsFile = "leads/emails.txt";
                $fh = fopen($leadsFile, 'a') or die ("can't open leads file!");
                $writeData = "$conEM\r\n";
                fwrite($fh, $writeData);
                fclose($fh); 


which works great, but i can't figure out how to NOT write an email to the .txt file if it's already on it, i'm not using a database for a change i'm stumped lol

thanks for any help guys

Graham

I've got a page that allows users to upload a file (pdf, jpg, gif png). The user must be logged in in order to upload something. I have a query that checks if the user has already uploaded a file with the same name as the name of the file they are trying to upload.
If they have not uploaded the file yet, the file uploads and they get a "Success" message. If the file has already been uploaded by the user, they will get the message, "You have already uploaded that file".
When the query goes through, the message that shows is, "You have already uploaded that file". I ensured the file was not already in the database, and it still shows this error. I tried changing the if statement to say:

if ($duplicate==0)

instead of:

if ($duplicate!=0)

but it always shows the same error. Any ideas of what could be wrong with my code?

my sql table looks like:

Field     Type      Null     
id    int(11)    No          
userid    int(11)    No          
artist    varchar(50)    No          
title    varchar(50)    No          
file    varchar(2083)    No          
uploaded    varchar(3)    No          

Code:

<?php
session_start();

if (isset($_SESSION['username'])){

$username = $_SESSION['username'];
$submit = $_POST['submit'];

include_once('inc/connect.php');

$uploadsql = mysql_query("SELECT * FROM `users` WHERE `username`='$username'"); 
$uploadrow = mysql_fetch_assoc($uploadsql); 

$userid = $uploadrow['id']; 
$folder = "sheets/fromusers/";

if (isset($submit)){

// Name of file
$name = $_FILES["location"]["name"];
// Type of file (video/avi) or image/jpg, etc
$type = $_FILES["location"]["type"];
//size of file
$size = $_FILES["location"]["size"];
//stores file in a temporary location
$temp = $_FILES["location"]["tmp_name"];
// if there is an error
$error = $_FILES["location"]["error"];

$artist = strtolower($_POST['artist']);
$title = strtolower($_POST['title']);

// Check if fields are filled in
if($artist&&$title){

if ($error > 0)
{
$sheeterror = "<div id='messageerror'>An error occured. Please try again.</div>";
}
else
{

// Determine the extension of the file
// If file is This File.pdf
// Then $ext is now equal to pdf

$ext = strtolower(substr($name, strrpos($name, '.') + 1)); 

if ($ext=="pdf" || $ext=="gif" || $ext=="jpeg" || $ext=="jpg" || $ext=="png")
{
if ($size <= 26214400) // If size <= 25 megabytes
{
$duplicatecheck = mysql_query("SELECT file FROM upload WHERE id='$userid'");
$duplicate = mysql_num_rows($duplicatecheck);

if ($duplicate!=0){
$sheeterror = "<div id='messageerror'>You have already uploaded this file!</div>";

}
else{
$sheetquery = mysql_query("INSERT INTO upload VALUES ('','$userid','$artist','$title','$name','no')");

move_uploaded_file($temp, $folder.$name);

$success = "<div id='messagesuccess'>Upload Complete!</div><div align='center'>".ucwords($artist)." - ".ucwords($title)."</div>";
}

}
else{
$sheeterror = "<div id='messageerror'>Your sheet must be less than 25 megabytes.</div>";
}
}
else
{
$sheeterror = "<div id='messageerror'>".ucfirst($ext)." files are not allowed!</div>";

}
}
}
else{
$sheeterror = "<div id='messageerror'>Fill In All Fields</div>";
}
}
}
else{
$sheeterror = "<div id='messageerror'>You must be logged in to add sheets!</div>";
}

?>

 <html>
 <head>
 <title>Add Sheet</title>
 <style>
 #container{
width: 350px;
height: 150px;
margin-left: auto;
margin-right: auto; 
background-color: #cccccc;
 }
  
 #formhold{
width: 300px;
text-align: right;
margin-right: auto; 
 }
 #messagesuccess{
background-color: #66CD00; 
width: 350px; 
margin-left: auto; 
margin-right: auto;
 }
  #messageerror{
background-color: #ff2211; 
width: 350px; 
margin-left: auto; 
margin-right: auto;
 }
 </style>
 </head>
 <body OnLoad="document.newsheet.artist.focus();">
<?php
include_once('inc/nav.php');
?>
 <center>
 <h1>Add Sheet</h1>
 <br />
 <div id="container">
 <br />
 <div id="formhold">
 <form action="addsheet.php" method="post" name="newsheet" enctype="multipart/form-data">
Artist: <input type="text" name="artist" size="30"><br />
Title: <input type="text" name="title" size="30"><br />
Sheet: <input type="file" name="location" size="17"><br />
 </div>
<center><input type="submit" name="submit" value="Submit"></center>
 </form>
 

 </div>
 <div id="bottomcont">
 <?php echo $success, $sheeterror; ?>
 </div>
 </center>
 </body>
 </html>

Hi Im trying to write info to a text file and it works perfectly with the following script, but it writes duplicate info, how can I change it so that no duplicate records are being added to my file and just ignore inserting it without giving a message?  

<?php
$myfile = fopen("users.csv", "a+") or die("Unable to open file!");
$mxituid = $_SERVER["HTTP_X_MXIT_USERID_R"];
$txt = "$mxituid\n";
fwrite($myfile, $txt);
fclose($myfile);
?>