zymn Posted July 29, 2008 Share Posted July 29, 2008 yeah, i would like to be able to limit the file size and limit what can be uploaded... heres the code. <?php function display_upload_form() { echo <<<DISPLAY_UPLOAD_FORM <html> <style type="text/css" media="screen"> <!-- html body {background:#fff; font: 76%/1.5em arial, helvetica, sans-serif; color:#333;} input {color:#333;} --> </style> </head> <body> <form method="post" action="{$_SERVER['PHP_SELF']}" enctype="multipart/form-data"> <center> <p>Pick a File Already.<br /> <input type="file" name="myfile" tabindex="1" /></p> <p><input type="hidden" name="execute" value="1" /></p> <p><input type="submit" value="Upload File" tabindex="2" /> </center> </form> </body> </html> DISPLAY_UPLOAD_FORM; } // File Upload **************************************************************** function execute_upload() { // root path $path = $_SERVER['DOCUMENT_ROOT']; // upload directory. path will originate from root. $dirname = '/zymn/uploads/'; // permission settings for newly created folders $chmod = 0755; // create file vars to make things easier to read. $filename = $_FILES['myfile']['name']; $filesize = $_FILES['myfile']['size']; $filetype = $_FILES['myfile']['type']; $file_tmp = $_FILES['myfile']['tmp_name']; $file_err = $_FILES['myfile']['error']; $file_ext = strrchr($filename, '.'); // check if user actually put something in the file input field. if (($file_err == 0) && ($filesize != 0)) { // Check extension. if (!$file_ext) { unlink($file_tmp); die('File must have an extension.'); } // extra check to prevent file attacks. if (is_uploaded_file($file_tmp)) { /* * check if the directory exists * if it doesnt exist, make the directory */ $dir = $path . $dirname; if (!is_dir($dir)) { $dir = explode('/', $dirname); foreach ($dir as $sub_dir) { $path .= '/' . $sub_dir; if (!is_dir($path)) { if (!mkdir($path, $chmod)) { unlink($file_tmp); die('<strong>Error:</strong> Directory does not exist and was unable to be created.'); } } } } /* * copy the file from the temporary upload directory * to its final detination. */ if (@move_uploaded_file($file_tmp, $dir . '/' . $filename)) { // success! echo " <center> <p>Done. Be happy.</p> <p><strong>View Your Stupid Friggin File:</strong> <a href=\"$dirname/$filename\">$filename</a></p> </center> "; } else { // error moving file. check file permissions. unlink($file_tmp); echo '<strong>Error:</strong> Unable to move file to designated directory.'; } } else { // file seems suspicious... delete file and error out. unlink($file_tmp); echo '<strong>Error:</strong> File does not appear to be a valid upload. Could be a file attack.'; } } else { // Kill temp file, if any, and display error. if ($file_tmp != '') { unlink($file_tmp); } switch ($file_err) { case '0': echo 'That is not a valid file. 0 byte length.'; break; case '1': echo 'This file, at ' . $filesize . ' bytes, exceeds the maximum allowed file size as set in <em>php.ini</em>. '. 'Please contact your system admin.'; break; case '2': echo 'This file exceeds the maximum file size specified in your HTML form.'; break; case '3': echo 'File was only partially uploaded. This could be the result of your connection '. 'being dropped in the middle of the upload.'; case '4': echo 'You did not upload anything... Please go back and select a file to upload.'; break; } } } // Logic Code ***************************************************************** if (isset($_POST['execute'])) { execute_upload(); } else { display_upload_form(); } ?> Quote Link to comment Share on other sites More sharing options...
chad101 Posted July 29, 2008 Share Posted July 29, 2008 File size limit. <?php if($_FILES['myfile']['size'] > 1048576) { die('ERROR: 1 MB file limit'); } ?> ext restrict <?php $allowed_ext = array('doc','txt','rtf'); //add file extensions here... $ext = end(explode('.',$_FILES['myfile']['name']); if(!in_array($ext,$allowed_ext)){ die('File extension not allowed'); } ?> Quote Link to comment Share on other sites More sharing options...
zymn Posted July 29, 2008 Author Share Posted July 29, 2008 thanks. but, umm... where do i put them? Quote Link to comment Share on other sites More sharing options...
zymn Posted July 29, 2008 Author Share Posted July 29, 2008 bump. i'm BEGGIN for help here. Quote Link to comment Share on other sites More sharing options...
Adam Posted July 30, 2008 Share Posted July 30, 2008 Best to put them at the start of the execute_upload function .. Quote Link to comment Share on other sites More sharing options...
zymn Posted July 30, 2008 Author Share Posted July 30, 2008 that doesn't work... i'm gettin tired of this... i just want an answer. Quote Link to comment Share on other sites More sharing options...
MatthewJ Posted July 30, 2008 Share Posted July 30, 2008 I hear being a jerk on a community forum is the way to get help... If you want somone to code it for you, pay them... if not, LEARN Quote Link to comment Share on other sites More sharing options...
zymn Posted July 30, 2008 Author Share Posted July 30, 2008 i'm not bein a jerk. i've just been waiting for an answer for 3 days. i've tried every way... Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted July 30, 2008 Share Posted July 30, 2008 This forum is powered by people giving up there spare time, so don't moan if you don't get an answer or one that works, maybe try and work it out your self. Quote Link to comment Share on other sites More sharing options...
zymn Posted July 30, 2008 Author Share Posted July 30, 2008 i have tried. but none of them work... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.