Jump to content

Can Some Tell Me How To Make This Script Check For The Password Before It Starts The Upload Process Instead Of After The File Is Uploaded?


Josparky

Recommended Posts

Can some tell me how to make this script check for the password before it starts the upload process instead of after the file is uploaded? Some of the files I need uploaded are big and it sucks to wait till the file is uploaded before it tells me that the password was wrong.

Thanks for any help you can provide.

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
   <html xmlns="http://www.w3.org/1999/xhtml" lang="en">
   <head>
     <title>ES Simple Uploader</title>
     <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
     <meta name="generator" content="handmade" />
       <style type="text/css">
       <!--
           body {
               font-family: Arial, Helvetica, sans-serif;
               font-size: 14px;
               background-color: #DDDDDD;
           }
           .cnt {
               text-align: center;
           }
           .cnt_welcome {
               font-size: 16px;
               font-weight: bold;
               text-align: center;
           }
           .cnt_powered {
               font-size: 14px;
               font-weight: bold;
               text-align: center;
           }
           .cnt_small {
               font-size: 12px;
               text-align: center;
               padding-top: 50px;
           }
           .head_line {
               background-color: #BBBBBB;
           }
           .main_table {
               border: solid 1px #9D9992;
               font-size: 13px;
           }
           h4 {
               font-size: 12px;
               color: #DD0000;
               text-align: center;
           }
           .button {
               border: 1px solid #55555;
               font-weight: bold;
           }
   -->
   </style>
   </head>


   <body>
   <?
   include("config.php");


   function path_options()
   {
    global $upload_dirs;
     $option = "";
     foreach ($upload_dirs as $path => $pinfo)
     {
       $option .= '<option value="'.$path.'">'.$pinfo["name"].'</option>';
     }
    return $option;
   }


   function check_vals()
   {
    global $upload_dirs, $err;
       if (!ini_get("file_uploads")) { $err .= "HTTP file uploading is blocked in php configuration file (php.ini). Please, contact to server administrator."; return 0; }
       $pos = strpos(ini_get("disable_functions"), "move_uploaded_file");
       if ($pos !== false) { $err .= "PHP function move_uploaded_file is blocked in php configuration file (php.ini). Please, contact to server administrator."; return 0; }
     if (!isset($_POST["path"]) || (strlen($_POST["path"]) == 0)) { $err .= "Please fill out path"; return 0; }
     if (!isset($upload_dirs[$_POST["path"]])) { $err .= "Incorrect path"; return 0; }
     if (!isset($_POST["pwd"]) || (strlen($_POST["pwd"]) == 0)) { $err .= "Please fill out password"; return 0; }
     elseif ($_POST["pwd"] != $upload_dirs[$_POST["path"]]["password"]) { $err .= "The upload password is incorrect"; return 0; }
     if (!isset($_FILES["userfile"])) { $err .= "Empty file"; return 0; }
     elseif (!is_uploaded_file($_FILES['userfile']['tmp_name'])) { $err .= "Empty file"; return 0; }
    return 1;
   }


   $err = ""; $status = 0;
   if (isset($_POST["upload"])) {
     if (check_vals()) {
       if (filesize($_FILES["userfile"]["tmp_name"]) > $max_file_size) $err .= "Maximum file size limit: $max_file_size bytes";
       else {
         if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $upload_dirs[$_POST["path"]]["dir"].$_FILES["userfile"]["name"])) {
                   $status = 1;
               }
         else $err .= "There are some errors!";
       }
     }
   }


   if (!$status) {
     if (strlen($err) > 0) echo "<h4>$err</h4>";
   }
   else {
     echo "<h4>"".$_FILES["userfile"]["name"]."" was successfully uploaded.</h4>";
   }
   ?>
   <p class="cnt_welcome">Welcome to ES Simple Uploader v 1.1.</p>
   <p class="cnt">« <a href="http://www.energyscripts.com/Products/product2.html">Back to Product page</a> «</p>
   <p class="cnt">(Select folder, set it's password, then select a file to upload and click "Upload" button).
       <br />Note: 
           Folder: "Images folder", Password: "images";
           Folder: "Docs", Password: "docs";
           Folder: "Common files", Password: "common";
           Maximum file size: <?=$max_file_size/1024?> Kb.</p><br />
   <form enctype="multipart/form-data" action="index.php" method="POST">
   <input type="hidden" name="MAX_FILE_SIZE" value="<?=$max_file_size?>" />
   <table class="main_table" align="center">
     <tr>
       <td colspan="2" class="head_line"> </td>
     </tr>
     <tr>
       <td>Folder:</td>
       <td><select name="path"><?=path_options()?></select></td>
     </tr>
     <tr>
       <td>Password:</td>
       <td><input type="password" name="pwd" style="width: 217px;" /></td>
     </tr>
     <tr>
       <td>Choose file:</td>
       <td><input type="file" name="userfile" style="width: 222px;" /></td>
     </tr>
     <tr>
       <td colspan="2" align="right"><input type="submit" name="upload" value="Upload" class="button" /></td>
     </tr>
   </table>
   </form>
   </p>
   <p class="cnt_powered">Powered by <a href="http://www.energyscripts.com" target="_blank">EnergyScripts</a></p>
   <p class="cnt_small">Find more power solution: <a href="http://www.energyscripts.com/Products/product1.html" target="_blank">ES File Upload & Download Manager</a></p>
   </body>
   </html>

Link to comment
Share on other sites

  • 2 weeks later...

Both the upload form and the form processing code would check that the current visitor is logged in before doing anything. This of course assumes you have a user authentication system in place that accepts the login credentials as a separate step (or uses AJAX on the upload form) to authenticate the visitor and remembers that the current visitor is logged in using a session.

Link to comment
Share on other sites

Josparky,

 

Did you set the password in the config.php file?

 

$upload_dirs = array(
 "images" => array(
  "dir"	 =>"uploads/images/",
  "name"    =>"Images folder",
  "password"=>"images",
 ),
 "docs" => array(
  "dir"	 =>"uploads/docs/",
  "name"    =>"Docs",
  "password"=>"docs",
 ),
 "common" => array(
  "dir"	 =>"uploads/common/",
  "name"    =>"Common files",
  "password"=>"common",
 ),
);

Link to comment
Share on other sites

Thanks for your replies. Yes I set the password it is letting me log in the problem is after logging in and browsing to the file to upload it starts the upload and begins uploading the file. But if you mistakenly put the password in wrong it doesn't tell you till after you the file has tried to upload then it will say the password you entered was incorrect and makes you do it all over again? This is a real problem if it's a b ig file.

Here is a link to the scripts page I hope someone can help me out with this.

http://www.energyscripts.com/Products/product2.html

 

Thanks for any help

Link to comment
Share on other sites

We know what you are asking. Someone told you the structure changes that would be needed to accomplish it. If you cannot take the statement of what is needed and produce the code (which is what programming is, i.e. writing code to get a computer to do what you want), you should just hire someone to do this for you or find another script that requires the login to be submitted before the upload form will be displayed.

Link to comment
Share on other sites

Here are some specific hints -

 

1) You would add a session based login check to the start of your index.php code. If the current user is not logged in, redirect to a login page.

 

2) The login page would have a form with the path and password. Once the the correct password is entered for the selected path, you would set a session variable to indicate that the visitor is logged in. Since the index.php page needs to know the selected path, you could store that value and use it as the logged in flag. After logging in, redirect to the index.php page.

 

3) On the index.php page, use the path that was saved in a session variable in place of the $_POST['path'] value. The form would only need the type='file' field. You should probably display the path, something like - "You can upload a file to the images folder.", so that the visitor knows that they can upload a file and where it will be put.

 

4) After successfully uploading one file, you would probably want to clear the logged in flag so that someone must select a new path and enter the password again to upload more files.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.