Jump to content


Photo

upload photo script


  • Please log in to reply
11 replies to this topic

#1 jasonc

jasonc
  • Members
  • PipPipPip
  • Advanced Member
  • 841 posts

Posted 08 June 2006 - 11:41 PM

trying to add an upload photo to the site, button.

can someone please suggest the best and yet secure way i can do this.

i mostly use PHP so if it can be done in PHp thats great.

I have once seen a form based upload image version but can not seem to find it.

any ideas?

thanks in advance


#2 Fyorl

Fyorl
  • Members
  • PipPipPip
  • Advanced Member
  • 273 posts
  • LocationUK

Posted 09 June 2006 - 12:58 AM

you could try [a href=\"http://www.phpfreaks.com/tutorials/85/0.php\" target=\"_blank\"]this[/a] tutorial or just search through the tutorials section, there are definitely ones in there
[table]



Don't worry, the printer fairies will sort it out.

#3 jasonc

jasonc
  • Members
  • PipPipPip
  • Advanced Member
  • 841 posts

Posted 09 June 2006 - 01:12 AM

after searching google i found.... [a href=\"http://www.blazonry.com/scripting/upload-size.phps\" target=\"_blank\"]http://www.blazonry.com/scripting/upload-size.phps[/a]
just added this script to a new php file, and viewed it and tried to upload a file to my server, nothing worked.

i changed the $uploaddir = ".";

to read the FULL server path to the folder i wish to store the files in.

still think

i think i must be missing something, have i missed something out?

[!--quoteo(post=381667:date=Jun 9 2006, 01:58 AM:name=Fyorl)--][div class=\'quotetop\']QUOTE(Fyorl @ Jun 9 2006, 01:58 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
you could try [a href=\"http://www.phpfreaks.com/tutorials/85/0.php\" target=\"_blank\"]this[/a] tutorial or just search through the tutorials section, there are definitely ones in there
[/quote]


#4 Fyorl

Fyorl
  • Members
  • PipPipPip
  • Advanced Member
  • 273 posts
  • LocationUK

Posted 09 June 2006 - 01:26 AM

could you link me to your script?
[table]



Don't worry, the printer fairies will sort it out.

#5 jasonc

jasonc
  • Members
  • PipPipPip
  • Advanced Member
  • 841 posts

Posted 09 June 2006 - 01:35 AM

[a href=\"http://www.pro-freelancers.com/\" target=\"_blank\"]http://www.pro-freelancers.com/[/a]

[!--quoteo(post=381676:date=Jun 9 2006, 02:26 AM:name=Fyorl)--][div class=\'quotetop\']QUOTE(Fyorl @ Jun 9 2006, 02:26 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
could you link me to your script?
[/quote]


#6 Fyorl

Fyorl
  • Members
  • PipPipPip
  • Advanced Member
  • 273 posts
  • LocationUK

Posted 09 June 2006 - 01:43 AM

Yup, I see your problem. In the <form> tags, you need to put the name of the PHP script used to upload the file in the action element. Like
<form action="script.php" name="a_form" method="post">

[table]



Don't worry, the printer fairies will sort it out.

#7 jasonc

jasonc
  • Members
  • PipPipPip
  • Advanced Member
  • 841 posts

Posted 09 June 2006 - 01:44 AM

i know that but i have not placed anything here before as it goes back to the same script, or have i missed a script out and there is more to this than i thought?


[!--quoteo(post=381683:date=Jun 9 2006, 02:43 AM:name=Fyorl)--][div class=\'quotetop\']QUOTE(Fyorl @ Jun 9 2006, 02:43 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
Yup, I see your problem. In the <form> tags, you need to put the name of the PHP script used to upload the file in the action element. Like
<form action="script.php" name="a_form" method="post">
[/quote]


#8 Fyorl

Fyorl
  • Members
  • PipPipPip
  • Advanced Member
  • 273 posts
  • LocationUK

Posted 09 June 2006 - 02:03 AM

even though it goes back to the same script you still have to put the script name in there. So say if your script was called script.php which generated that form, in the action element you would put script.php (eg action="script.php"). That way, what happens is the browser leaves your page and follows the action which happens to be pointing to the same script. So then it loads up the script again but this time it has all the form data, which the newly loaded script detects and uploads.
[table]



Don't worry, the printer fairies will sort it out.

#9 jasonc

jasonc
  • Members
  • PipPipPip
  • Advanced Member
  • 841 posts

Posted 09 June 2006 - 02:05 AM

yes i see, but still when i change it it still does not upload.

[!--quoteo(post=381693:date=Jun 9 2006, 03:03 AM:name=Fyorl)--][div class=\'quotetop\']QUOTE(Fyorl @ Jun 9 2006, 03:03 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
even though it goes back to the same script you still have to put the script name in there. So say if your script was called script.php which generated that form, in the action element you would put script.php (eg action="script.php"). That way, what happens is the browser leaves your page and follows the action which happens to be pointing to the same script. So then it loads up the script again but this time it has all the form data, which the newly loaded script detects and uploads.
[/quote]


#10 Fyorl

Fyorl
  • Members
  • PipPipPip
  • Advanced Member
  • 273 posts
  • LocationUK

Posted 09 June 2006 - 02:14 AM

OK, try changing
if ($REQUEST_METHOD == "POST")
to
if(isset($_REQUEST['submit']))

[table]



Don't worry, the printer fairies will sort it out.

#11 jasonc

jasonc
  • Members
  • PipPipPip
  • Advanced Member
  • 841 posts

Posted 09 June 2006 - 02:23 AM

ERROR
Image Extension Unknown.

Please upload only a JPEG image with the extension .jpg or .jpeg ONLY

The file you uploaded had the following extension:

Warning: unlink(): No such file or directory in /home/profree/public_html/index.php on line 103






[!--quoteo(post=381698:date=Jun 9 2006, 03:14 AM:name=Fyorl)--][div class=\'quotetop\']QUOTE(Fyorl @ Jun 9 2006, 03:14 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
OK, try changing
if ($REQUEST_METHOD == "POST")
to
if(isset($_REQUEST['submit']))
[/quote]


#12 Fyorl

Fyorl
  • Members
  • PipPipPip
  • Advanced Member
  • 273 posts
  • LocationUK

Posted 09 June 2006 - 02:48 AM

OK, I've been looking through the script and it doesn't look very good. So here's my verson (does not include the HTML, you can use the same as before, except you need to make sure the MAX_FILE_SIZE bit goes before the file input):
if(isset($_REQUEST['submit']((
{
$file = $_FILES['imgfile']['name'];
$tmp_file = $_FILES['imgfile']['tmp_name'];
$size = $_FILES['imgfile']['size'];

$uploaddir = '.';
$upload = $uploaddir . basename($file);
$allowed = array('jpg', 'jpeg', 'gif', 'png');
$ext = getFileExtension($file);

if(!in_array($ext, $allowed))
{
echo "ERROR: Invalid file extension.";
unlink($tmp_file);
exit;
}

if(move_uploaded_file($tmp_file, $upload))
{
echo "Image uploaded successfully!";
}
else
{
echo "Image uplaod failed.";
}

// Same function as the other script
function getFileExtension($str) {

        $i = strrpos($str,".");
        if (!$i) { return ""; }

        $l = strlen($str) - $i;
        $ext = substr($str,$i+1,$l);

        return $ext;

    }
}
It's pretty insecure but it'll get the job done.
[table]



Don't worry, the printer fairies will sort it out.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users