PHP - Direct User To New File

I've got a page that allows users to upload a file (pdf, jpg, gif png). The user must be logged in in order to upload something. I have a query that checks if the user has already uploaded a file with the same name as the name of the file they are trying to upload.
If they have not uploaded the file yet, the file uploads and they get a "Success" message. If the file has already been uploaded by the user, they will get the message, "You have already uploaded that file".
When the query goes through, the message that shows is, "You have already uploaded that file". I ensured the file was not already in the database, and it still shows this error. I tried changing the if statement to say:

if ($duplicate==0)

instead of:

if ($duplicate!=0)

but it always shows the same error. Any ideas of what could be wrong with my code?

my sql table looks like:

Field     Type      Null     
id    int(11)    No          
userid    int(11)    No          
artist    varchar(50)    No          
title    varchar(50)    No          
file    varchar(2083)    No          
uploaded    varchar(3)    No          

Code:

<?php
session_start();

if (isset($_SESSION['username'])){

$username = $_SESSION['username'];
$submit = $_POST['submit'];

include_once('inc/connect.php');

$uploadsql = mysql_query("SELECT * FROM `users` WHERE `username`='$username'"); 
$uploadrow = mysql_fetch_assoc($uploadsql); 

$userid = $uploadrow['id']; 
$folder = "sheets/fromusers/";

if (isset($submit)){

// Name of file
$name = $_FILES["location"]["name"];
// Type of file (video/avi) or image/jpg, etc
$type = $_FILES["location"]["type"];
//size of file
$size = $_FILES["location"]["size"];
//stores file in a temporary location
$temp = $_FILES["location"]["tmp_name"];
// if there is an error
$error = $_FILES["location"]["error"];

$artist = strtolower($_POST['artist']);
$title = strtolower($_POST['title']);

// Check if fields are filled in
if($artist&&$title){

if ($error > 0)
{
$sheeterror = "<div id='messageerror'>An error occured. Please try again.</div>";
}
else
{

// Determine the extension of the file
// If file is This File.pdf
// Then $ext is now equal to pdf

$ext = strtolower(substr($name, strrpos($name, '.') + 1)); 

if ($ext=="pdf" || $ext=="gif" || $ext=="jpeg" || $ext=="jpg" || $ext=="png")
{
if ($size <= 26214400) // If size <= 25 megabytes
{
$duplicatecheck = mysql_query("SELECT file FROM upload WHERE id='$userid'");
$duplicate = mysql_num_rows($duplicatecheck);

if ($duplicate!=0){
$sheeterror = "<div id='messageerror'>You have already uploaded this file!</div>";

}
else{
$sheetquery = mysql_query("INSERT INTO upload VALUES ('','$userid','$artist','$title','$name','no')");

move_uploaded_file($temp, $folder.$name);

$success = "<div id='messagesuccess'>Upload Complete!</div><div align='center'>".ucwords($artist)." - ".ucwords($title)."</div>";
}

}
else{
$sheeterror = "<div id='messageerror'>Your sheet must be less than 25 megabytes.</div>";
}
}
else
{
$sheeterror = "<div id='messageerror'>".ucfirst($ext)." files are not allowed!</div>";

}
}
}
else{
$sheeterror = "<div id='messageerror'>Fill In All Fields</div>";
}
}
}
else{
$sheeterror = "<div id='messageerror'>You must be logged in to add sheets!</div>";
}

?>

 <html>
 <head>
 <title>Add Sheet</title>
 <style>
 #container{
width: 350px;
height: 150px;
margin-left: auto;
margin-right: auto; 
background-color: #cccccc;
 }
  
 #formhold{
width: 300px;
text-align: right;
margin-right: auto; 
 }
 #messagesuccess{
background-color: #66CD00; 
width: 350px; 
margin-left: auto; 
margin-right: auto;
 }
  #messageerror{
background-color: #ff2211; 
width: 350px; 
margin-left: auto; 
margin-right: auto;
 }
 </style>
 </head>
 <body OnLoad="document.newsheet.artist.focus();">
<?php
include_once('inc/nav.php');
?>
 <center>
 <h1>Add Sheet</h1>
 <br />
 <div id="container">
 <br />
 <div id="formhold">
 <form action="addsheet.php" method="post" name="newsheet" enctype="multipart/form-data">
Artist: <input type="text" name="artist" size="30"><br />
Title: <input type="text" name="title" size="30"><br />
Sheet: <input type="file" name="location" size="17"><br />
 </div>
<center><input type="submit" name="submit" value="Submit"></center>
 </form>
 

 </div>
 <div id="bottomcont">
 <?php echo $success, $sheeterror; ?>
 </div>
 </center>
 </body>
 </html>

I would like to be able to add a yes/no to a field in a 'user' database when a logged in user clicks on a link to download a file.
The site I have built stores docs and applications. and my client would like to know which user has downloaded a certain application (clicked on a button to 'download' and installer file.
Is this possible?

Hi,

I'm trying to figure out the best way to determine if a user is currently downloading a file from my website.
The way my site works, is the user waits 30 seconds and views an ad. After the timer is up the download becomes available.
I heard that I could probably use a timestamp or something of the sort. I've read up on it but not sure how I could go about this.

Hello everybody,

This is my first post here and I am beginner in PHP world in terms of writing the code to serve my own purposes.

Well I am building a web app and basically it's a calendar which pulls information from .js file. Now I have thinking for the past couple of days how can I accomplish that each user that registers on the site manipulates its own .js file because information from .js file will be shown on calendar.

Let me tell you how it's currently set up:

1. JavaScript file with particular static name is called under the script that is placed on index.php and the data is displayed on the page itself.

So I would love to have is set it up like this:

1. Index page contains login form - Each registered/logged in user will have its own session
2. User registers and based on username/email new .js file is created out of a blank template and it is named based on user's username
3. user is then redirected to the calendar index which contains javascript that cals out that appropriate .js file based on the what user is logged in and displays data to the calendar

I am not sure if that is doable with PHP or not but that's my thinking how it can be done if it's doable. I am open for any kind of suggestions how all this can be put together and if you do have better ideas I would love to hear from you.

Hello, I am new and am having a hard time with PHP. 

Scenario:  There are PDF files on my website that I want users to register before downloading the files.  I do not want them to login but rather provide basic information such as name and email address.  Once the form is submitted, I am not sure if I should be using PHPSESSION to validate the user.  Also, I am not sure where to place the files: either in the webroot (/var/www/) or outside.

I am new to PHP so please forgive me if I use terminology incorrectly.

Thank you for reading my question.

Hello,   I want the user to get authenticated before file download starts   Here is my code:    <?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="My Realm"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Your request is cancelled';
    exit;
} else {
    //check $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW']
    if (isset ($valid)) {
        //start download

        $path = './data/negative_seq_60.txt';
        $type = "text/plain";

        header("Expires: 0");
        header("Pragma: no-cache");
        header('Cache-Control: no-store, no-cache, must-revalidate');
        header('Cache-Control: pre-check=0, post-check=0, max-age=0');
        header("Content-Description: File Transfer");
        header("Content-Type: " . $type);
        header("Content-Length: " .(string)(filesize($path)) );
        header('Content-Disposition: attachment; filename="'.basename($path).'"');
        header("Content-Transfer-Encoding: binary\n");

        readfile($path); // outputs the content of the file

        exit();
    } else {
        //show error
    }
}
?>   But on clicking download link, I am getting the following error : " Undefined variable: valid at line no 9".   Please help.

Hi all,
I am quite new to PHP and MySql. I know how to upload a file a and save the path in the DB, but now I need to send an automatic email to the user when a new invoice is added to his directory. Please help. Thanks

i have my upload process working that uploads documents to the server and then displays in onto the user page like this:

<?php 
						function find_all_files($dir) 
						{ 
    							$root = scandir($dir); 
    							foreach($root as $value) 
    							{ 
    				    				if($value === '.' || $value === '..') {continue;} 
        							if(is_file("$dir/$value")) {$result[]="$dir/$value";
        							continue;
        							} 
        							foreach(find_all_files("$dir/$value") as $value) 
        							{ 
           							 $result[]=$value; 
       								 } 
	   					 	} 
  					 		 return $result; 
						} 
							$fileupload = 'fileupload';
							$getem = find_all_files($fileupload);
							foreach($getem as $key => $value)
							{
								echo '<a href="'.$value.'">'.$value.'</a><br />';
							}
						?>
						
						
						
						<?php
						if($handle = opendir('members/')) {
						while (false !== ($entry = readdir($handle))) {
							if($entry != "." && $enrty != "..") {
							echo "<a href='download.php?file=".$entry."'>".$entry."</a>\n";
							}
							}
							closedir($handle);
							}
							?>

here they can download the files to their computer however is there a way to only display the file of the user that is logged in through their session?      

...and the file is to be copied into a folder created by me. I was wondering what the file path would be for Windows, since it does not seem to recognise the file path that I have chosen:

Upload Form code:
Code: [Select]
<html>
<head><title>Car Accident Report Uploader</title></head>
<body>
<form action="fileuploadform.php" method="post" enctype="multipart/form-data">
<input type="file" size="45" name ="file"><br>
<input type="submit" value = "Upload Car Accident Report">
</form>
</body>
</html>

Copying Script Code:
Code: [Select]
<?php
if ($_FILES['file']['name'] !="") {
copy ($_FILES['file']['tmp_name'], 'C:\xampp\htdocs\rcm' . $_FILES['file']['name'])
or die ("Could not copy Car Accident Report Form");
}
else {die ("No Car Accident Report Form has been chosen");}
?>
<html>
<head><title>Car Accident Report Form Upload Complete</title></head>
<body><h3>Car Accident Report Form has been uploaded</h3>

<ul>
<li>Sent: <?php echo $_FILES['file']['name']; ?>
<li>Size: <?php echo $_FILES['file']['size']; ?> bytes
<li>Type: <?php echo $_FILES['file']['type']; ?>

<a href = "<?php echo $_FILES['file']['name']; ?>">
Click here to view the Car Accident Report Form</a>
</body>
</html>

If anyone can help me find the relevant file path, it would be appreciated!

I need a way a user can upload a file onto my website(it's a shared site, I believe, but I own the domain), I've tried using the cURL library but it seems a bit over my head at the moment. And everything I tried with it would not result in a file being uploaded into any folder.

What can I do what I need? I've searched around and never found anything that worked for me.

Hi I am trying to pass a csv file into a powershell script and then return the output and display it to the user. The file is a firewall checker. Any advice or solutions on where I am going wrong would be most appreciative, Thanks.   <?php

Hello everyone, I have a question.

I'm trying to figure out a way to make it so that when a user visits a page for a certain file, they are given the file to download but can't see the link to that file.

Example:
There is a file on http://serverB.com/file.rar
A person goes to http://serverA.com/?file=file.rar
They can download http://serverB.com/file.rar without seeing the link to that file.

Is there any way to do this?

Thanks.

I have a php form for uploading file as the action sends to upload.php. How I can avoid any kind of direct access to upload.php? I want to kill the php process at the first line without performing the remaining code (it is very critical for me as I have a counter), except calls coming from form.php.

I have my template files and some functions in my server which are available for direct reach.
like ;
my "index.php" file includes "loginpage.php" form which is ok when I enter www.site.com/index.php

but also when I enter to www.site.com/loginpage.php it works and shows me just login page. So  this is what I dont want. How can I prevent to reach the files directly like this, I want them to work just for other pages of my website, not for directly seeing.

By the way can this problem also be solved by hosting settings or mod_rewrite ?

Trying to sort out setting a cookie that allows visitor to decide which sub domain to go directly to in subsequent visits.

Somewhat complicated by the fact that the sub domains are running seprate instances of wordpress.

Here's the code... any suggestions appreciated!

Code: [Select]
<?php
if (isset($_POST['submitted']))
{
$site=$_POST['site'];
setcookie("SitePref",$site, time() + 60*60*24*30, 'historybee.com');
if ($site == 'ms')
{
header("Location: http://ms.historybee.com/"); 
} 
elseif ($site == 'hs') 
{
define('WP_USE_THEMES', true);
require('./wp-blog-header.php');
}

} else {

//if we have a cookie, load the site
if (isset($_COOKIE['SitePref'])) 
{
if (($_COOKIE['SitePref']) == 'hs') {
define('WP_USE_THEMES', true);
require('./wp-blog-header.php');
    } else { 
header("Location: http://ms.historybee.com/");
}

} else { //if we don't have a cookie, load the form ?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<title>The National History Bee</title>
</head>
<body style="margin:0;padding:0;background: url('http://ms.historybee.com/wp-content/themes/makinghistoryblue/img/body_bg_hb5.jpg') repeat-x scroll center top #F2BF3B;">

<div align="center" style="width:800px;margin:0 auto;background:#fff;">

<p><img src="http://ms.historybee.com/wp-content/themes/makinghistoryblue/img/nhb_logo.png">

<p><h1>Welcome to the National History Bee!</h1>

<p>The National History Bee has both High School and Middle School competitions.

<p>Please choose which site you would like to visit.  Your choice will be remembered for 30 days.

<form action= "<?php echo $_SERVER['PHP_SELF']; ?>" method ="POST">

<input type="radio" name="site" value="ms"> Middle School Competition

<input type="radio" name="site" value="hs"> High School Competition

<input type ="hidden" name="submitted" value="true">

<p><input type="submit" value="Remember My Choice">
</form>
<br /><br /><br />
</div>
</body>
</html>

<?php } } ?>