Search the Community

Can someone please give me some guidance on how to deal with the following warning All directories and files in the path have full owner permissions and I've made myself the owner of them all (I'm on a linux system). I've also done the same with the /tmp folder. I can't even think of anything else to change and haven't found anything online that solves the issue. in case it's needed, the php is as follows: <?php require("assets/initializations.php"); if(isset($_POST['add_post']) && !empty($_FILES['post_image'])) { $filename = $_FILES['post_image']['name']; $file_tmp_name = $_FILES['post_image']['tmp_name']; $filesize = $_FILES['post_image']['size']; $file_ext = explode('.', $filename); $file_act_ext = strtolower(end($file_ext)); $allowed = array('jpeg', 'jpg', 'png', 'gif'); if(!in_array($file_act_ext, $allowed)) { header("Location: add_post.php?message=file_type_not_allowed"); } else { if($filesize > 10000000) { header("Location: add_post.php?message=file_too_large"); } else { $file_new_name = uniqid('', true) . "." . $file_act_ext; $dir = "../usernet/img/"; $target_file = $dir . basename($file_new_name); move_uploaded_file($file_tmp_name, $target_file); echo "<script>alert('Image uploaded successfully');</script>"; } } } I do get the javascript alert that's it's been successfully uploaded, but the image doesn't make it into the specified directory and I get the warnings at the top. I'm also, probably obviously from the path, using XAMPP server for development. TIA

Hello all, I dont know why I'm getting this error with calculating the duration for the video, everything works fine with uploading, file is going in my database and folder, the duration of my video is ok. ​http://prnt.sc/e59i4f here is my code: // video duration ob_start(); passthru("ffmpeg -i $tmp 2>&1"); $duration = ob_get_contents(); ob_end_clean(); $search='/Duration: (.*?)[.]/'; $duration=preg_match($search, $duration, $matches, PREG_OFFSET_CAPTURE); //error is on this line botom $duration = $matches[1][0]; ​//error is on this line botom list($hours, $mins, $secs) = split('[:]', $duration); //echo "Hours: ".$hours." Minutes: ".$mins." Seconds: ".$secs; $duration=$hours.':'.$mins.':'.$secs;

I am trying out a new script that lets me resize an image before uploading. It is based on this script. http://www.w3bees.com/2013/03/resize-image-while-upload-using-php.html Basically what happens is, it resizes and makes 3 thumbnails and puts them in their relative folder. That works. The part that's giving me the problem is when inserting it into the database. Error says the "image_path" cannot be null. Since it's creating an array of 3 different thumbnails, should I create 2 more fields in the database tabel to account for that? If so, how would I insert the 3 different thumbnail paths into the query? What would it look like? Below is my code. <?php $db_userid = intval($row['user_id']); $get_item_id = intval($row['item_id']); // settings $max_file_size = 5242880; // 5mb $valid_exts = array('jpeg', 'jpg', 'png', 'gif'); // thumbnail sizes $sizes = array(100 => 100, 150 => 150, 250 => 250); // dir paths $target_dir = 'images/'.$db_userid.'/items/'.$get_item_id.'/'; if ($_SERVER['REQUEST_METHOD'] == 'POST' AND isset($_FILES['image'])) { if(!empty($_FILES['image']['name'])) { if($_FILES['image']['size'] < $max_file_size ){ // get file extension $ext = strtolower(pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION)); if(in_array($ext, $valid_exts)) { function resize($width, $height){ global $db_userid; global $get_item_id; /* Get original image x y*/ list($w, $h) = getimagesize($_FILES['image']['tmp_name']); /* calculate new image size with ratio */ $ratio = max($width/$w, $height/$h); $h = ceil($height / $ratio); $x = ($w - $width / $ratio) / 2; $w = ceil($width / $ratio); /* new file name */ $path = 'images/'.$db_userid.'/items/'.$get_item_id.'/'.$width.'x'.$height.'_'.$_FILES['image']['name']; /* read binary data from image file */ $imgString = file_get_contents($_FILES['image']['tmp_name']); /* create image from string */ $image = imagecreatefromstring($imgString); $tmp = imagecreatetruecolor($width, $height); imagecopyresampled($tmp, $image, 0, 0, $x, 0, $width, $height, $w, $h); /* Save image */ switch ($_FILES['image']['type']) { case 'image/jpeg': imagejpeg($tmp, $path, 100); break; case 'image/png': imagepng($tmp, $path, 0); break; case 'image/gif': imagegif($tmp, $path); break; default: exit; break; } return $path; /* cleanup memory */ imagedestroy($image); imagedestroy($tmp); } /* resize image */ foreach($sizes as $w => $h) { if(!is_dir($target_dir)){ mkdir($target_dir, 0775, true); } $files[] = resize($w, $h); } $insert_image = $db->prepare("INSERT INTO images(user_id, item_id, image_path, date_added) VALUES(:user_id, :item_id, :image_path, :date_added)"); $insert_image->bindParam(':user_id', $db_userid); $insert_image->bindParam(':item_id', $get_item_id); $insert_image->bindParam(':image_path', $path); $insert_image->bindParam(':date_added', $item_date_added); if(!$insert_image->execute()) { $errors[] = 'There was a problem uploading the image!'; } else { if(empty($errors)) { $db->commit(); $success = 'Your item has been saved.'; } else { $db->rollBack(); } } } else { $errors[] = 'Unsupported file'; } } else{ $errors[] = 'Please upload image smaller than 5mb'; } } else { $errors[] = 'An image is required!'; } }

I am trying out a new script for image upload and resize using ajax method. All the ones I've found so far process the php file through the form action="". Since I am inserting other data into the database and calling the other php code directly on the same page as a the html form, I would like to know if there is another way I can run that specific image upload php code through ajax. This is one the scripts I have looked at . http://www.sanwebe.com/2012/05/ajax-image-upload-and-resize-with-jquery-and-php This is what their html form looks like. <form action="processupload.php" method="post" enctype="multipart/form-data" id="MyUploadForm"> <input name="image_file" id="imageInput" type="file" /> <input type="submit" id="submit-btn" value="Upload" /> <img src="images/ajax-loader.gif" id="loading-img" style="display:none;" alt="Please Wait"/> </form> <div id="output"></div> I would like to process the "processupload.php" above through the ajax code below and leave the form action="" empty, as I am running other php code on the same page to insert other data as well. How would you do that? <script> $(document).ready(function() { var options = { target: '#output', // target element(s) to be updated with server response beforeSubmit: beforeSubmit, // pre-submit callback success: afterSuccess, // post-submit callback resetForm: true // reset the form after successful submit }; $('#MyUploadForm').submit(function() { $(this).ajaxSubmit(options); // always return false to prevent standard browser submit and page navigation return false; }); }); function afterSuccess() { $('#submit-btn').show(); //hide submit button $('#loading-img').hide(); //hide submit button } //function to check file size before uploading. function beforeSubmit(){ //check whether browser fully supports all File API if (window.File && window.FileReader && window.FileList && window.Blob) { if( !$('#imageInput').val()) //check empty input filed { $("#output").html("Are you kidding me?"); return false } var fsize = $('#imageInput')[0].files[0].size; //get file size var ftype = $('#imageInput')[0].files[0].type; // get file type //allow only valid image file types switch(ftype) { case 'image/png': case 'image/gif': case 'image/jpeg': case 'image/pjpeg': break; default: $("#output").html("<b>"+ftype+"</b> Unsupported file type!"); return false } //Allowed file size is less than 1 MB (1048576) if(fsize>1048576) { $("#output").html("<b>"+bytesToSize(fsize) +"</b> Too big Image file! <br />Please reduce the size of your photo using an image editor."); return false } $('#submit-btn').hide(); //hide submit button $('#loading-img').show(); //hide submit button $("#output").html(""); } else { //Output error to older browsers that do not support HTML5 File API $("#output").html("Please upgrade your browser, because your current browser lacks some new features we need!"); return false; } } //function to format bites bit.ly/19yoIPO function bytesToSize(bytes) { var sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB']; if (bytes == 0) return '0 Bytes'; var i = parseInt(Math.floor(Math.log(bytes) / Math.log(1024))); return Math.round(bytes / Math.pow(1024, i), 2) + ' ' + sizes[i]; } </script>

Hi there guys, I've a little problem with inserting a file name into a database table. I can't see wich is the problem. The code is bellow and i think the problem is at INSERT INTO part. <?php $path = "./cv/"; $valid_formats = array("doc", "pdf"); if(isset($_POST) and $_SERVER['REQUEST_METHOD'] == "POST") { $name = $_FILES['photoimg']['name']; $size = $_FILES['photoimg']['size']; if(strlen($name)) { list($txt, $ext) = explode(".", $name); if(in_array($ext,$valid_formats)) { if($size<(20480*20480)) // Image size max 20 MB { $actual_image_name = time().$id.".".$ext; $tmp = $_FILES['photoimg']['tmp_name']; if(move_uploaded_file($tmp, $path.$actual_image_name)) { mysqli_query($mysqli,"INSERT INTO formular_client (client_cv = '$actual_image_name')"); } else echo "failed"; } else echo "Image file size max 20 MB"; } else echo "Invalid file format.."; } } ?> <input type="file" name="photoimg" id="photoimg" />

I am using this for multi image upload. https://github.com/CreativeDream/jquery.filer Since it doesn't show example of how to use it with a database, I am having a bit of an issue. The following is my code. Couple things. 1. It won't insert into database with the "tokens". If I remove the token code, then it'll work. The same token works in other forms that I use. 2. Yes It inserts into the database. The issue is that it inserts only 1 file at a time and not all the selected files. <?php require_once ($_SERVER['DOCUMENT_ROOT'] . '/home/templates/header.php'); if(isset($_POST['submit'])) { if($_POST['token'] === $_SESSION['token']) { if(isset($_FILES['files'])){ $date_added = date('Y-m-d H:i:s'); // Setting up folder for images $user_dir = $_SERVER['DOCUMENT_ROOT'] .'/home/members/images/'.$db_userid.'/records/'; if(!is_dir($user_dir)){ mkdir($_SERVER['DOCUMENT_ROOT'] .'/home/members/images/'.$db_userid.'/records/', 0775, true); } else { $uploader = new Uploader(); $data = $uploader->upload($_FILES['files'], array( 'limit' => 10, //Maximum Limit of files. {null, Number} 'maxSize' => 10, //Maximum Size of files {null, Number(in MB's)} 'extensions' => null, //Whitelist for file extension. {null, Array(ex: array('jpg', 'png'))} 'required' => false, //Minimum one file is required for upload {Boolean} 'uploadDir' => '../uploads/', //Upload directory {String} 'title' => array('auto', 10), //New file name {null, String, Array} *please read documentation in README.md 'removeFiles' => true, //Enable file exclusion {Boolean(extra for jQuery.filer), String($_POST field name containing json data with file names)} 'perms' => null, //Uploaded file permisions {null, Number} 'onCheck' => null, //A callback function name to be called by checking a file for errors (must return an array) | ($file) | Callback 'onError' => null, //A callback function name to be called if an error occured (must return an array) | ($errors, $file) | Callback 'onSuccess' => null, //A callback function name to be called if all files were successfully uploaded | ($files, $metas) | Callback 'onUpload' => null, //A callback function name to be called if all files were successfully uploaded (must return an array) | ($file) | Callback 'onComplete' => null, //A callback function name to be called when upload is complete | ($file) | Callback 'onRemove' => 'onFilesRemoveCallback' //A callback function name to be called by removing files (must return an array) | ($removed_files) | Callback )); if($data['isComplete']){ $files = $data['data']; print_r($files); } if($data['hasErrors']){ $errors = $data['errors']; print_r($errors); } function onFilesRemoveCallback($removed_files){ foreach($removed_files as $key=>$value){ $file = '../uploads/' . $value; if(file_exists($file)){ unlink($file); } } return $removed_files; } for($i = 0; $i < count($_FILES['files']['name']); $i++) { $name = $_FILES['files']['name'][$i]; $temp = $_FILES['files']['tmp_name'][$i]; $ext = pathinfo($name, PATHINFO_EXTENSION); $upload = md5( rand( 0, 1000 ) . rand( 0, 1000 ) . rand( 0, 1000 ) . rand( 0, 1000 )); $image_thumb_path = $user_dir . 'thumb_' . $upload . $ext; try { $insert_image = $db->prepare("INSERT INTO images(user_id, image_path, date_added) VALUES(:user_id, :image_path, :date_added)"); $insert_image->bindParam(':user_id', $db_userid); $insert_image->bindParam(':image_path', $image_thumb_path); $insert_image->bindParam(':date_added', $date_added); $result_image = $insert_image->execute(); if($result_image == false) { $error = 'There was a problem inserting images!'; } else { move_uploaded_file($temp, $image_thumb_path); $success = 'Your images has been saved.'; } } catch(Exception $e) { $error = die($e->getMessage()); } } } } } } ?> <h1>Upload Images</h1> <?php include_once ($dir_path . '/home/snippets/success-errors.php'); ?> <form action="" method="post" enctype="multipart/form-data"> <fieldset> <input type="file" multiple="multiple" name="files[]" id="input2"> <fieldset> <input type="hidden" name="token" value="<?php echo $_SESSION['token'] = md5(rand(time (), true)); ?>" /> <input type="submit" name="submit" class="red-btn" value="upload" /> </fieldset> </form> <?php require_once ($_SERVER['DOCUMENT_ROOT'] . '/home/templates/footer.php');

Say I am uploading an image that gets resized. The resized image is a thumb. I have it's file path saved in the database and the image itself saved in a folder. Originally I was saving both to the database and folder. But now that I think about it, do I have to save the orginal image? Wouldn't I be saving up a lot of space if I only save the thumb image? What do you think?

I've written a script to store images in my database. The images have a caption that is also uploaded and stored. This was fairly easy to get working. I have a jquery function setup to add a new file input and caption input every time I click a button. This also works. What is not working is my PHP is not uploading multiple files for some reason. Could someone tell me what I have done wrong? Thanks HTML: <form id="uploadMultiple" method="post" action="/scripts/php/imageUploadTest" enctype="multipart/form-data"> <table class="fileUploadTable" id="uploadArea" cellspacing="0"> <tr> <td> <label for="imageFile">Image:</label> <input type="file" name="imageFile" accept=".jpg,.jpeg,.png,.gif"> </td> <td> <label for="imageCaption">Image Caption:</label> <input type="text" name="imageCaption"> </td> <td width="150px"> </td> </tr> <tr id="uploadSubmission"> <td> <input type="submit" value="Upload More" id="uploadMore"> </td> <td> <input type="submit" value="Submit" name="addImage"> </td> <td width="150px"> </td> </tr> </table> </form> JQuery for adding new elements: $(function() { var scntDiv = $('#uploadArea'); var i = $('#p_scents tr td').size() + 1; $('#uploadMore').live('click', function() { $('<tr><td><label for="imageFile">Image:</label> <input type="file" name="imageFile" accept=".jpg,.jpeg,.png,.gif"></td><td><label for="imageCaption">Image Caption:</label> <input type="text" name="imageCaption"></td><td><a href="#" class="removeUpload" width="150px" style="text-align: center">Remove</a></td></tr>').insertBefore( $('#uploadSubmission') ); i++; return false; }); $('.removeUpload').live('click', function() { if( i > 1 ) { $(this).parents('tr').remove(); i--; } return false; }); }); And finally the PHP: require($_SERVER['DOCUMENT_ROOT'].'/settings/globalVariables.php'); require($_SERVER['DOCUMENT_ROOT'].'/settings/mysqli_connect.php'); $db_name = 'imageUploads'; $tbl_name = 'gallery'; if(!$conn) { die('Could not connect: ' . mysqli_error()); } mysqli_select_db($conn, "$db_name")or die("cannot select DB"); foreach($_FILES['imageFile'] as $file){ $caption = $_POST['imageCaption']; $uploadDir = 'http://www.example.com/images/'.'gallery/'; $fileName = $_FILES['imageFile']['name']; $filePath = $uploadDir . $fileName; if(move_uploaded_file($_FILES["imageFile"]["tmp_name"],$_SERVER['DOCUMENT_ROOT']."/images/gallery/".$_FILES["imageFile"]["name"])) { $query_image = "INSERT INTO $tbl_name(filename,path,caption) VALUES ('$fileName','$uploadDir','$caption')"; if(mysqli_query($conn, $query_image)) { echo "Stored in: " . "gallery/" . $_FILES["imageFile"]["name"]; } else { echo 'File name not stored in database'; } } } I was hoping I had it working properly for multiple images with my `foreach` loop but it only uploads one image even if I have 4 selected. EDIT: I've tried modifying my code to this and it's not working either but looking at tutorials this seems to be more on the right track than my previous code: r equire($_SERVER['DOCUMENT_ROOT'].'/settings/globalVariables.php'); require($_SERVER['DOCUMENT_ROOT'].'/settings/mysqli_connect.php'); $db_name = 'imageUploads'; $tbl_name = 'gallery'; if(!$conn) { die('Could not connect: ' . mysqli_error()); } mysqli_select_db($conn, "$db_name")or die("cannot select DB"); foreach($_FILES['imageFile'] as $key => $name){ $caption = $_POST['imageCaption']; $uploadDir = 'http://www.example.com/images/'.'gallery/'; $fileName = $key.$_FILES['imageFile']['name'][$key]; $file_size = $_FILES['files']['size'][$key]; $file_tmp = $_FILES['files']['tmp_name'][$key]; $file_type= $_FILES['files']['type'][$key]; $filePath = $uploadDir . $fileName; if(move_uploaded_file($file_tmp,$_SERVER['DOCUMENT_ROOT']."/images/gallery/".$fileName)) { $query_image = "INSERT INTO $tbl_name(filename,path,caption) VALUES ('$fileName','$uploadDir','$caption')"; if(mysqli_query($conn, $query_image)) { echo "Stored in: " . "gallery/" . $_FILES["imageFile"]["name"]; } else { echo 'File name not stored in database'; } } } I've also added `[]` in the names of the HTML input elements that needed them.

Hey guys! I'm trying to add an upload feature to my contact form. I had one before that simply added the image under the text in the email not as an actual attachment and it was pretty easy but I lost the code and can’t seem to find it again. But I seem to be having a problem finding a form that can help me add this. As of now the code in HTML has the upload but the PHP doesn’t at all. If anyone could help me add the rest of the PHP code I'd really appreciate it! HTML: <form name="htmlform" method="post" action="oc.php"><label for="fname"><p>Full Name:</p></label> <input type="text" name="fname" maxlength="50" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td valign="top"> <label for="phone"> <p>Phone Number: </p></label> <input type="text" name="phone" maxlength="50" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td valign="top"> <label for="email"> <p> Email Address: </p></label> <input type="text" name="email" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> </tr> <tr> <td> <h4>DELIVERY INFORMATION:</h4> <label for="address"> <p>Address: </p></label> <input type="text" name="address" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="city"> <p>City: </p></label> <input type="text" name="city" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="state"> <p>State: </p></label> <input type="text" name="state" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="zip"> <p>Zip Code: </p></label> <input type="text" name="zip" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <h4>INFORMATION:</h4> <label for="first"> <p>First Name: </p></label> <input type="text" name="first" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="last"> <p>Last Name: </p></label> <input type="text" name="last" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="rec"> <p>Recommendation ID Number: </p></label> <input type="text" name="rec" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="exp"> <p>Recommendation Experation Date: </p></label> <input type="text" name="exp" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="doc"> <p>Doctors Name: </p></label> <input type="text" name="doc" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="docphone"> <p>Doctors Phone Number: </p></label> <input type="text" name="docphone" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="ver"> <p>Verification Website: </p></label> <input type="text" name="ver" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> </td> </tr> <tr> <td valign="top"><label for="message"><p>How did you hear about us?</p></label><textarea name="message" id="message" style="background-color:#fff; color:#000;" cols="45"/></textarea></td> </tr> <tr> <td colspan="2" style="text-align:left"> <p> Upload Recommendation:</p> <input type="file" name="pic" id="pic"> <br /> <p> Upload California State ID:</p> <input type="file" name="id" id="id"> <br /> <br /> <input type="image" value="submit"img src="img/sub.png" onmouseover="this.src='img/sub1.png'" onmouseout="this.src='img/sub.png'" /> </form> PHP: <?php // first clean up the input values foreach($_POST as $key => $value) { if(ini_get('magic_quotes_gpc')) $_POST[$key] = stripslashes($_POST[$key]); $_POST[$key] = htmlspecialchars(strip_tags($_POST[$key])); } $ip=$_SERVER['REMOTE_ADDR']; $email_to = "info@example.com"; $email_subject = "Register"; $email_message .= "Full Name: ".$_POST["fname"]."\n"; $email_message .= "Phone Number: ".$_POST["phone"]."\n"; $email_message .= "Email Address: ".$_POST["email"]."\n"; $email_message .= "Address: ".$_POST["address"]."\n"; $email_message .= "City: ".$_POST["city"]."\n"; $email_message .= "State: ".$_POST["state"]."\n"; $email_message .= "Zip Code: ".$_POST["zip"]."\n"; $email_message .= "First Name: ".$_POST["first"]."\n"; $email_message .= "Last Name: ".$_POST["last"]."\n"; $email_message .= "Recommendation ID Number: ".$_POST["rec"]."\n"; $email_message .= "Recommendation Exp Date: ".$_POST["exp"]."\n"; $email_message .= "Doctors Name: ".$_POST["doc"]."\n"; $email_message .= "Doctors Phone Number: ".$_POST["docphone"]."\n"; $email_message .= "Verification Website: ".$_POST["ver"]."\n"; $email_message .= "Message: ".$_POST["message"]."\n"; $userEmail = filter_var( $_POST['email'],FILTER_VALIDATE_EMAIL ); if( ! $userEmail ){ exit; } //email headers $headers = 'From: '.$_POST["email"]."\r\n". 'Reply-To: '.$_POST["email"]."\r\n" . 'X-Mailer: PHP/' . phpversion(); echo (mail($email_to, $email_subject, $email_message, $headers) ? "<html><head><meta http-equiv='Refresh' content='0; url=http://www..com/thankyou.html'><body bgcolor='#fff'> ":"<html><body bgcolor='#fff'><center><font color='white'><h2>We're sorry, something went wrong.</h2></font><p><font color='white'>Please return to <a href='http://www..com'></a>.</font></p></center></body></html>"); $ip=$_SERVER['REMOTE_ADDR']; $email_to = $_POST["email"]; $email_subject = "420 In Action"; $email_message1 = "Welcome! Sincerely, "; //email headers $headers = 'From: '.$_POST["email"]."\r\n". 'Reply-To: '.$_POST["email"]."\r\n" . 'X-Mailer: PHP/' . phpversion(); echo (mail($email_to, $email_subject, $email_message1, $headers) ? "":""); exit(); // test input values for errors $errors = array(); if(strlen($fname) < 2) { if(!$fname) { $errors[] = "You must enter a name."; } else { $errors[] = "Name must be at least 2 characters."; } } if(!$email) { $errors[] = "You must enter an email."; } else if (!validEmail($email)) { $errors[] = "You must enter a valid email."; } if($errors) { // output errors to browser and die with a failure message $errortext = ""; foreach($errors as $error) { $errortext .= "<li>".$error."</li>"; } die("<span class='failure'>The following errors occured:<ul>". $errortext ."</ul></span>"); } // check to see if email is valid function validEmail($email) { $isValid = true; $atIndex = strrpos($email, "@"); if (is_bool($atIndex) && !$atIndex) { $isValid = false; } else { $domain = substr($email, $atIndex+1); $local = substr($email, 0, $atIndex); $localLen = strlen($local); $domainLen = strlen($domain); if ($localLen < 1 || $localLen > 64) { $isValid = false; } // local part length exceeded else if ($domainLen < 1 || $domainLen > 255) { $isValid = false; } // domain part length exceeded else if ($local[0] == '.' || $local[$localLen-1] == '.') { $isValid = false; } // local part starts or ends with '.' else if (preg_match('/\\.\\./', $local)) { $isValid = false; } // local part has two consecutive dots else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) { $isValid = false; } // character not valid in domain part else if (preg_match('/\\.\\./', $domain)) { $isValid = false; } // domain part has two consecutive dots else if (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\","",$local))) { // character not valid in local part unless local part is quoted if (!preg_match('/^"(\\\\"|[^"])+"$/', str_replace("\\\\","",$local))) { $isValid = false; } } if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) { $isValid = false; } // domain not found in DNS } return $isValid; } ?>

Hi guys, does anybody know of any good libraries to handle and validate file uploading including Zipped folders. Also I was needing some tips, so my website developers can come and upload zipped folders, files etc. but eventually would'nt this start taking up a lot of space especially the zipped folders?

I have this script from http://lampload.com/component/option,com_jdownloads/Itemid,382/cid,69/task,view.download/ (I am not using a database) I can upload images fine, I can view files, but I want to delete them. When I press the delete button, nothing happens http://www.jayg.co.uk/gallery6/upload_gallery.php <form> <?php $dir = dirname(__FILENAME__)."/images/gallery" ; $files1 = scandir($dir); foreach($files1 as $file){ if(strlen($file) >=3){ $foil = strstr($file, 'jpg'); // As of PHP 5.3.0 $foil = $file; $pos = strpos($file, 'css'); if ($foil==true){ echo '<input type="checkbox" name="filenames[]" value="'.$foil.'" />'; echo "<img width='130' height='38' src='images/gallery/$file' /><br/>"; // for live host //echo "<img width='130' height='38' src='/ABOOK/SORTING/gallery-dynamic/images/gallery/ $file' /><br/>"; } } }?> <input type="submit" name="mysubmit2" value="Delete"> </form> any ideas please? thanks

Here is my code which i use to recieve uploaded files. $filepath = $_SERVER['DOCUMENT_ROOT'] . "file/"; $fileunzippath = $filepath."unzipped/"; $exclude_list = array(".", "..", "...", "index.php", ".php", ".htaccess"); if($_FILES["zip_file"]["name"]) { $filename = $_FILES["zip_file"]["name"]; $source = $_FILES["zip_file"]["tmp_name"]; $type = $_FILES["zip_file"]["type"]; $name = explode(".", $filename); $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed'); foreach($accepted_types as $mime_type) { if($mime_type == $type) { $okay = true; break; } } $continue = strtolower($name[1]) == 'zip' ? true : false; if(!$continue) { $message = "The file you are trying to upload is not a .zip file. Please try again."; } $string = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $filename); $clean_name = strtr($string, array('Š' => 'S','Ž' => 'Z','š' => 's','ž' => 'z','Ÿ' => 'Y','À' => 'A','Á' => 'A','Â' => 'A','Ã' => 'A','Ä' => 'A','Å' => 'A','Ç' => 'C','È' => 'E','É' => 'E','Ê' => 'E','Ë' => 'E','Ì' => 'I','Í' => 'I','Î' => 'I','Ï' => 'I','Ñ' => 'N','Ò' => 'O','Ó' => 'O','Ô' => 'O','Õ' => 'O','Ö' => 'O','Ø' => 'O','Ù' => 'U','Ú' => 'U','Û' => 'U','Ü' => 'U','Ý' => 'Y','à' => 'a','á' => 'a','â' => 'a','ã' => 'a','ä' => 'a','å' => 'a','ç' => 'c','è' => 'e','é' => 'e','ê' => 'e','ë' => 'e','ì' => 'i','í' => 'i','î' => 'i','ï' => 'i','ñ' => 'n','ò' => 'o','ó' => 'o','ô' => 'o','õ' => 'o','ö' => 'o','ø' => 'o','ù' => 'u','ú' => 'u','û' => 'u','ü' => 'u','ý' => 'y','ÿ' => 'y')); $clean_name = strtr($clean_name, array('Þ' => 'TH', 'þ' => 'th', 'Ð' => 'DH', 'ð' => 'dh', 'ß' => 'ss', 'Œ' => 'OE', 'œ' => 'oe', 'Æ' => 'AE', 'æ' => 'ae', 'µ' => 'u')); $clean_name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $clean_name); $target_path = $filepath.$clean_name; // change this to the correct site path if(move_uploaded_file($source, $target_path)) { echo "Source: ".$source."<br/>"; echo "Type: ".$type."<br/>"; echo "Filename: ".$filename."<br/>"; $zip = new ZipArchive(); $x = $zip->open($target_path); if ($x === true) { $zip->extractTo($fileunzippath.$clean_name); // change this to the correct site path $zip->close(); $exclude_list; $dir_path = $_SERVER['DOCUMENT_ROOT']; $dir_path .= "/file/unzipped/"; $directories = array_diff(scandir($fileunzippath.$clean_name), $exclude_list); foreach($directories as $entry) { if(is_dir($dir_path.$entry)) { if($entry != 'part0' || $entry !='part1') { rmdir($entry); } } } } $message = "Your .zip file was uploaded and unpacked."; } else { $message = "There was a problem with the upload. Please try again."; } } Specifically i want to highlight this part: $exclude_list; $dir_path = $_SERVER['DOCUMENT_ROOT']; $dir_path .= "/file/unzipped/"; $directories = array_diff(scandir($fileunzippath.$clean_name), $exclude_list); foreach($directories as $entry) { if(is_dir($dir_path.$entry)) { if($entry != 'part0' || $entry !='part1') { rmdir($entry); } } } When I upload a zip file containing 2 directories(one called 'part0', and one called 'bad'), they get unzipped correctly and it gives no errors, however the fake directories(not called part0 or part1) I put in there are still there. Any Help?

The code works but it puts the files into /uploadir/. The users directories go by their email addresses ($email). Using the error reporting it tells me: ! ) Notice: Undefined variable: email in /var/www/html/Lab5/uploadfile.php on line 10 Call Stack # Time Memory Function Location 1 0.0010 129288 {main}( ) ../uploadfile.php:0 Any help is much appreciated!! <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors','1'); session_start(); if ($_COOKIE["auth"] == "1") { $file_dir = "/var/www/html/uploaddir/$email"; foreach($_FILES as $file_name => $file_array) { echo "path: ".$file_array["tmp_name"]."<br/>\n"; echo "name: ".$file_array["name"]."<br/>\n"; echo "type: ".$file_array["type"]."<br/>\n"; echo "size: ".$file_array["size"]."<br/>\n"; if (is_uploaded_file($file_array["tmp_name"])) { move_uploaded_file($file_array["tmp_name"], "$file_dir/".$file_array["name"]) or die ("Couldn't copy"); echo "File was moved!<br/>"; } } } else { //redirect back to login form if not authorized header("Location: userlogin.html"); exit; } ?>

Hi: Am not sure if this is the best algorithm to go about saving a record and uploading (plus moving to another directory) files. I feel i need another algorithm? if (self::post()->isPost()) { #check if there is any file if($this->request->hasFiles() == true){ $uploads = $this->request->getUploadedFiles(); $isUploaded = false; #do a loop to handle each file individually foreach($uploads as $upload){ #define a "unique" name and a path to where our file must go $path = 'temp/'.md5(uniqid(rand(), true)).'-'.strtolower($upload->getname()); #move the file and simultaneously check if everything was ok if($upload->moveTo($path)) { #Build an array to be sent to the API for moving the uploaded file to front end directory $files=""; $files = array( 'name' => $upload->getName(), 'link' => $this->di['url']->get('temp/' . $upload->getName()), 'direction' => 'adverts' ); $saveResult = self::request()->request('move-advert/', array('file' => $files), 'POST'); if($saveResult->response == 'success') $isUploaded = true; else $isUploaded = false; } } #if any file couldn't be moved, then throw an message if($isUploaded) { $save_response = self::request()->request('advert/' . $id, self::editValues(self::post()->getPost()), 'POST'); if ($save_response->response == 'success') { $this->flashSession->success('Advert Updated'); return $this->response->redirect('adverts/list-adverts'); } else { $this->flashSession->notice('Could not update Advert'); } } else { $this->flashSession->notice('Some error ocurred. Please try again'); } }else { $this->flashSession->notice('You must Choose an advert image'); } } Any suggestions?

I was wondering if there is a way to add an progress bar to this script that uploads files to a sql database <!DOCTYPE html> <head> <title>MySQL file upload</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> </head> <body> <form action="add_file.php" method="post" enctype="multipart/form-data"> <input type="file" name="uploaded_file"><br> <input type="submit" value="Upload file"> </form> <p> <a href="list_files.php">See all files</a> </p> <p> <a href="search.php">Search Database</a> </p> </body> </html> If so, how would i go about doing that?

I receive files/images and loop through an array as follows: $files=rearrfiles( $_FILES['image']); foreach($files as $key=>$item) { if(is_array($item) && !empty($item['name']) && !empty($item['tmp_name'])){ //$_POST['imageFile']=$item['name']; //echo $item['name']; if($error!=true && !uploadImageB(array('image'=>'image'), DB_EXTENTION."mod_projects_images", $naming, $search = $editId, $dir, 'photo')) { $error=true; $action='Edit'; $message.='<br>Images were unable to be uploaded.'; } } } The function uploadImageB() is as follows: function uploadImageB($info, $table, $naming, $search, $path, $add='uploaded', $maxw=1280, $maxh=1280, $dynamic=true, $id='Id', $thumbMaxWidth = 120) { global $connection; if(!$_POST){ global $HTTP_POST_VARS; @$_POST=$HTTP_POST_VARS;} if(!$_FILES){ global $HTTP_POST_FILES; @$_FILES=$HTTP_POST_FILES;} if(is_array($info) && !empty($info) && $table!='' && !empty($path)) { $error=false; $d=$naming; foreach($info as $key=>$val) { $names[$val]=$dynamic==true?$add.'_'.$result[$id].'_'.$d.'_.'.strtolower(mygetext($_FILES[$val]['name'])):$add.strtolower(mygetext($_FILES[$val]['name'])); if(is_array(@$_FILES[$val]) && !empty($_FILES[$val]['name']) && !empty($names[$val])) { if(!singMove($path, $names[$val], $_FILES[$val], array(), array('gif', 'jpeg', 'jpg', 'png', 'bmp', 'svg'))) { $error=true; break; } else{ $valid[$val]=$names[$val]; resizeImage($path.$names[$val], $maxw, $maxh); make_thumb($path.$names[$val],$names[$val], $path, $thumbMaxWidth); } } } if($error==true) return false; elseif(!empty($valid)) { $connection->info=$info; $connection->input=$valid; $connection->id=array('field'=>$id, 'val'=>addslashes($result[$id])); $connection->makenew($table); $connection->return_db($connection->query); } } return true; } I get the error: Images were unable to be uploaded. Any help?

Can I get some help or a point in the right direction. I am trying to create a form that allows me to add, edit and delete records from a database. I can add, edit and delete if I dont include the image upload code. If I include the upload code I cant edit records without having to upload the the same image to make the record save to the database. So I can tell I have got the code processing in the wrong way, thing is I cant seem to see or grasp the flow of this, to make the corrections I need it work. Any help would be great! Here is the form add.php code <?php require_once ("dbconnection.php"); $id=""; $venue_name=""; $address=""; $city=""; $post_code=""; $country_code=""; $url=""; $email=""; $description=""; $img_url=""; $tags=""; if(isset($_GET['id'])){ $id = $_GET['id']; $sqlLoader="Select from venue where id=?"; $resLoader=$db->prepare($sqlLoader); $resLoader->execute(array($id)); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Add Venue Page</title> <link href='http://fonts.googleapis.com/css?family=Droid+Sans' rel='stylesheet' type='text/css'> <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css"> <script src="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js"></script> </head> <body> <div class="container"> <?php $sqladd="Select * from venue where id=?"; $resadd=$db->prepare($sqladd); $resadd->execute(array($id)); while($rowadd = $resadd->fetch(PDO::FETCH_ASSOC)){ $v_id=$rowadd['id']; $venue_name=$rowadd['venue_name']; $address=$rowadd['address']; $city=$rowadd['city']; $post_code=$rowadd['post_code']; $country_code=$rowadd['country_code']; $url=$rowadd['url']; $email=$rowadd['email']; $description=$rowadd['description']; $img_url=$rowadd['img_url']; $tags=$rowadd['tags']; } ?> <h1 class="edit-venue-title">Add Venue:</h1> <form role="form" enctype="multipart/form-data" method="post" name="formVenue" action="save.php"> <input type="hidden" name="id" value="<?php echo $id; ?>"/> <div class="form-group"> <input class="form-control" type="hidden" name="id" value="<?php echo $id; ?>"/> <p><strong>ID:</strong> <?php echo $id; ?></p> <strong>Venue Name: *</strong> <input class="form-control" type="text" name="venue_name" value="<?php echo $venue_name; ?>"/><br/> <br/> <strong>Address: *</strong> <input class="form-control" type="text" name="address" value="<?php echo $address; ?>"/><br/> <br/> <strong>City: *</strong> <input class="form-control" type="text" name="city" value="<?php echo $city; ?>"/><br/> <br/> <strong>Post Code: *</strong> <input class="form-control" type="text" name="post_code" value="<?php echo $post_code; ?>"/><br/> <br/> <strong>Country Code: *</strong> <input class="form-control" type="text" name="country_code" value="<?php echo $country_code; ?>"/><br/> <br/> <strong>URL: *</strong> <input class="form-control" type="text" name="url" value="<?php echo $url; ?>"/><br/> <br/> <strong>Email: *</strong> <input class="form-control" type="email" name="email" value="<?php echo $email; ?>"/><br/> <br/> <strong>Description: *</strong> <textarea class="form-control" type="text" name="description" rows ="7" value=""><?php echo $description; ?></textarea><br/> <br/> <strong>Image Upload: *</strong> <input class="form-control" type="file" name="image" value="<?php echo $img_url; ?>"/> <small>File sizes 300kb's and below 500px height and width.<br/><strong>Image is required or data will not save.</strong></small> <br/><br/> <strong>Tags: *</strong> <input class="form-control" type="text" name="tags" value="<?php echo $tags; ?>"/><small>comma seperated vales only, e.g. soul,hip-hop,reggae</small><br/> <br/> <p>* Required</p> <br/> <input class="btn btn-primary" type="submit" name="submit" value="Save"> </div> </form> </div> </body> </html> Here is the save.php code <?php error_reporting(E_ALL); ini_set("display_errors", 1); include ("dbconnection.php"); $venue_name=$_POST['venue_name']; $address=$_POST['address']; $city=$_POST['city']; $post_code=$_POST['post_code']; $country_code=$_POST['country_code']; $url=$_POST['url']; $email=$_POST['email']; $description=$_POST['description']; $tags=$_POST['tags']; $id=$_POST['id']; if(is_uploaded_file($_FILES['image']['tmp_name'])){ $folder = "images/hs-venues/"; $file = basename( $_FILES['image']['name']); $full_path = $folder.$file; if(move_uploaded_file($_FILES['image']['tmp_name'], $full_path)) { //echo "succesful upload, we have an image!"; var_dump($_POST); if($id==null){ $sql="INSERT INTO venue(venue_name,address,city,post_code,country_code,url,email,description,img_url,tags)values(:venue_name,:address,:city,:post_code,:country_code,:url,:email,:description,:img_url,:tags)"; $qry=$db->prepare($sql); $qry->execute(array(':venue_name'=>$venue_name,':address'=>$address,':city'=>$city,':post_code'=>$post_code,':country_code'=>$country_code,':url'=>$url,':email'=>$email,':description'=>$description,':img_url'=>$full_path,':tags'=>$tags)); }else{ $sql="UPDATE venue SET venue_name=?, address=?, city=?, post_code=?, country_code=?, url=?, email=?, description=?, img_url=?, tags=? where id=?"; $qry=$db->prepare($sql); $qry->execute(array($venue_name, $address, $city, $post_code, $country_code, $url, $email, $description, $full_path, $tags, $id)); } if($success){ var_dump($_POST); echo "<script language='javascript' type='text/javascript'>alert('Successfully Saved!')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('index.php','_self')</script>"; } else{ var_dump($_POST); echo "<script language='javascript' type='text/javascript'>alert('Successfully Saved!')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('index.php','_self')</script>"; } } //if uploaded else{ var_dump($_POST); echo "<script language='javascript' type='text/javascript'>alert('Upload Recieved but Processed Failed!')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('index.php','_self')</script>"; } } //move uploaded else{ var_dump($_POST); echo "<script language='javascript' type='text/javascript'>alert('Successfully Updated.')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('index.php','_self')</script>"; } ?> Thanks in advance!

I'm not amazing with PhP, so excuse me if it looks terrible xD I've taken tutorials, edited them to fit my wanting and tried it out, it seems to deny anything other than an image type, but could it be abused? <div id="image-upload"> <h2>Upload your image</h2> <form action="upload.php" method="post" enctype="multipart/form-data"> Upload:<br><br> <input type="file" name="image"><br><br> Image Title:<br><br> <input type="text" name="image_title"><br><br> <input type="submit" name="submit" value="Upload"> </form> <?php include("upload_file.php"); function GetImageExtension($imagetype) { if(empty($imagetype)) return false; switch($imagetype) { case 'image/bmp': return '.bmp'; case 'image/jpeg': return '.jpg'; case 'image/png': return '.png'; default: return false; } } if ($_FILES['image']['error'] !== UPLOAD_ERR_OK) { die(); } $extension = getimagesize($_FILES['image']['tmp_name']); if ($extension === FALSE) { die("<br><font color='#8B0000'>Unable to determine image typeof uploaded file</font>"); } if (($extension[2] !== IMAGETYPE_GIF) && ($extension[2] !== IMAGETYPE_JPEG) && ($extension[2] !== IMAGETYPE_PNG)) { die("<br><font color='#8B0000'>Only images are allowed!</font>"); } if (!empty($_FILES["image"]["name"])) { $file_name=$_FILES["image"]["name"]; $temp_name=$_FILES["image"]["tmp_name"]; $imgtype=$_FILES["image"]["type"]; $ext= GetImageExtension($imgtype); $imagename=$_FILES["image"]["name"]; $target_path = "../../images/upload/".$imagename; $title = $_POST["image_title"]; if(move_uploaded_file($temp_name, $target_path)) { $query_upload="INSERT into `images_tbl` (`images_path`,`submission_date`,`image_title`) VALUES ('".$target_path."','".date("Y-m-d")."','".$title."')"; mysql_query($query_upload) or die("error in $query_upload == ----> ".mysql_error()); echo '<br>Image uploaded!'; }else{ echo '<br><font color="#8B0000">Only images are allowed!</font>'; } } ?>

Hi. I have a problem where when i try to display the uploaded JPEG file, the browser would only dispay the placeholder for an image . I think the problem is within the 3rd IF statement. Please help me thanks. <?php if($_SERVER['REQUEST_METHOD'] == 'POST') { if(isset($_FILES['photo']) && is_uploaded_file($_FILES['photo']['tmp_name']) && $_FILES['photo']['error']==UPLOAD_ERR_OK) { if($_FILES['photo']['type']=='image/jpeg') { echo 'asdsad'; $tmp_img = $_FILES['photo']['tmp_name']; $image = imagecreatefromjpeg($tmp_img); header('Content-Type: image/jpeg'); imagejpeg($image, NULL, 90); imagedestroy($image); } else { echo "Uploaded file was not a JPG image."; } } else { echo "No photo uploaded!"; }} else { echo " <form action='test.php' method='post' enctype='multipart/form-data'> <label for='photo'>User Photo:</label> <input type='file' name='photo' /> <input type='submit' value='Upload a Photo' /> </form> ";} ?>

Hey ,, what's going on guy ! I've a question how i can uplaod image to a database inside Dreamweaver ? without coding ? using dreamweaver tools ?

Hi everyone. I am new to PHP and i am trying to upload multiple images using a form. I need to send those images to the admin of the site via mail. Can anyone help me and show me a little demo? Here is the code of form for start <form enctype="multipart/form-data" id='cartform' name='cartform' method='POST' action='<?php echo home_url('/submit-order');?>'> <div> <input name="userimage[]" type="file" multiple accept="image/*"> <input type='submit' name='submit1' value='Proceed'> </div> </form> I need want to get the images on next page and use them as attachment with mail to admin. I am using Wordpress

hello, I'm trying to make a table that uploads files to my server (localhost right now). I followed an online tutorial on how to do this. Did exactly what i was supposted to but for some reason My page just says undefined uploaded file and other things.. I'm getting these errors: Notice: Undefined index: uploadedfile in C:\xampp\htdocs\files\php3\other\admin\cms.php on line 201 Notice: Undefined index: uploadedfile in C:\xampp\htdocs\files\php3\other\admin\cms.php on line 202 Notice: Undefined index: uploadedfile in C:\xampp\htdocs\files\php3\other\admin\cms.php on line 208 Here's my code: echo "<form method='POST' enctype=\"multipart/form-data\"><input type=\"file\" name=\"file\" placeholder=\"upload\"><input type=\"submit\" name=\"submit\" value='submit'/></form> "; if (isset($_POST['submit'])){ $destination = "../pic/"; $destination = $destination . basename( $_FILES['uploadedfile']['name']); if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $destination)) { echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded"; } else{ echo "There was an error uploading the file, please try again!"; } } thanks for the help.

Hi, I want to create a place to receive large files from my customers. This is how it supposed to look like: http://sextantecontratos.com.br/restrito.php It should be able to let user upload files <30MB and with specifc extensions shown. However, I'm not able to make it fully working. I did get file upload succesfully thru coding below, which means my server is ok. <html> <body> <form enctype="multipart/form-data" action="teste.php" method="post"> <input type="hidden" name="MAX_FILE_SIZE" value="32000000"> Send this file: <input name="userfile" type="file"> <input type="submit" value="Send File"> </form></body></html> and <?php $uploaddir = './'; $uploadfile = $uploaddir . $_FILES['userfile']['name']; print "<pre>"; if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])) {print "TESTE OK (arquivo valido e carregado com sucesso). Dados:\n"; print_r($_FILES);} else {print "ERRO NA OPERAÇÃO. Dados:\n"; print_r($_FILES);} print "</pre>"; ?> But when I face the "restrito.php" code, I can't make it work... Can anyone please help?

I am working on a project, that lets users register, upload a photo and have that photo as a profile image which then other users can view. I am not sure how to structure this. Here is how I would imagine the process goes. 1-During user registration, user mkdir to create a a new directory that uses the users email address for the name of this new directory. 2-Take users to a upload image page, if users dont upload one, then use a default image. 3-User uploads image. 4-Image gets stored into the directory, and the image name is sent to mysql database. 5-Echo image in users profile by using a SELECT query. 6-using an image tag, select directory name by echoing out the users email from the db, and echo the image name from the db at appropriate areas. Step 6 would kinda look like this: //Grab user email from db and set it to a variable, do the same for image name $user_email = $email_from_db; $user_image = $image_from_db; <img src="image/<?php echo=$user_email; ?>/<?php $user_image; ?> /> Not sure if this is how its done, or if this is a secure way, also I have no idea how I would let users upload an image. Can anyone give me some advice?

so i am trying to use a form to upload pdf documents to my server remotely. The php code is in its own file called "upload.php". The error I am getting is the die error "The file you attempted to upload is not allowed" therefore something is wrong because I have permissions set for PDF documents which is what I am trying to upload. <?php // Configuration - Your Options $allowed_filetypes = array('.pdf'); // These will be the types of file that will pass the validation. $max_filesize = 524288; // Maximum filesize in BYTES (currently 0.5MB). $upload_path = './users/'; // The place the files will be uploaded to (currently a 'files' directory). $filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension). $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename. // Check if the filetype is allowed, if not DIE and inform the user. if(!in_array($ext,$allowed_filetypes)) die('The file you attempted to upload is not allowed.'); // Now check the filesize, if it is too large then DIE and inform the user. if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize) die('The file you attempted to upload is too large.'); // Check if we can upload to the specified path, if not DIE and inform the user. if(!is_writable($upload_path)) die('You cannot upload to the specified directory, please CHMOD it to 777.'); // Upload the file to your specified path. if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename)) echo 'Your file upload was successful, view the file <a href="' . $upload_path . $filename . '" title="Your File">here</a>'; // It worked. else echo 'There was an error during the file upload. Please try again.'; // It failed . ?> here is the HTML form code <center><table width="600" align="center" cellpadding="5"> <form action="upload.php" method="post"> <p><font color="red"><?php print("$message");?></font></p> <tr> <td width="163"><div align="right">File:</div></td> <td width="409"><input type="file" name="userfile" id="file"/></td> </tr> <tr> <td><div align="right"></div></td> <td><input type="submit" name="Submit" value="submit" /></td> </tr> </form> </table> </center> thanks