mahalleday Posted November 11, 2008 Share Posted November 11, 2008 I am working on a file upload form for an application I am building for my site. Al it is to take a few input as well as a file (image) if the user so chooses and upload the file to a folder on the server and place the image name as well as the rest of the inputs into a database for later use. I can get all that to work but now that I have gone back to add some security measures i.e.. limiting the allowable file types to images and renaming the file that is uploaded, I am having some issues. Namely When I submit the form without a file to upload I always get back an error as if the I tried to upload an file with an unallowed extension. Here is my code: <?php //validate and handle file upload if(!empty($_FILES['image'])) { $file = $_FILES['image']['name']; //list of the allowed file types => this should be placed in a database table in the future $allowed = array('image/jpg', 'image/jpeg', 'image/png', 'image/pjeg'); //check to see if file is of the correct type if(in_array($_FILES['image']['type'], $allowed)) { //set upload directory $uploaddir = './images/'; //move imageto server and resize if needed } else {$errors[] = 'The file you attempted to uplaod was of an unallowed type';} } else { $file = 'ad_img.png'; } ?> Any ideas??? I am pretty much at my wits end here I can;t see any reall errors with what I have done. Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted November 11, 2008 Share Posted November 11, 2008 I think this will be good guidance for you http://www.w3schools.com/PHP/php_file_upload.asp Quote Link to comment Share on other sites More sharing options...
mahalleday Posted November 11, 2008 Author Share Posted November 11, 2008 Thanks, it looks not to dissimilar to what I already have. It's not the upload part it's the file type validation. But I'll give what they show a go and see what happens. Quote Link to comment Share on other sites More sharing options...
mahalleday Posted November 11, 2008 Author Share Posted November 11, 2008 That did not help. It validates fine when a file is submitted but what i need it to do is bypass the validation when no file is uploaded, to give people the option of not uploading an image. Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted November 11, 2008 Share Posted November 11, 2008 Then do something like if(isset($_POST['the_field_name_for_the_upload_box'])) { //do upload stuff } else { //nothing attempting to be uploaded } Quote Link to comment Share on other sites More sharing options...
mahalleday Posted November 11, 2008 Author Share Posted November 11, 2008 I tried that already all it totally bypasses everything. Here is my full code for the file validation. I have the move_uploaded file stuff commented because I plan to add that once the thing validates right (I have the code in another file ready to be thrown in). <?php //validate and handle file upload if(isset($_POST['image'])) { $file = $_FILES['image']['name']; $type = $_FILES['image']['type']; //list of the allowed file types => this should be placed in a database table in the future $allowed = array('image/jpg', 'image/jpeg', 'image/png', 'image/pjeg'); //check to see if file is of the correct type if(in_array($type, $allowed)) { //set upload directory $uploaddir = './images/'; //move imageto server and resize if needed /*if(move_uploaded_file()) { } else { $errors[] = 'The file could not be uploaded for the following:<br/>'; switch ($_FILES['image']['erorr']) { case 1: echo 'The file exceeds the alloalble max file size allowed by php'; break; case 2: echo 'The file size exceeds the max allowable file size for this site'; break; case 3: echo 'The file was not completley uploaded'; break; case 4: echo 'No file was available for upload'; break; case 6: echo 'No tempprary folder was available'; break; case default: echo 'A system error occured please report your error to webmaster and try again'; break; } } */ } else { $errors[] = 'The file you attempted to upload was of an unallowed type<br/>-Please upload a png, or jpeg image<br/>'; //delete image from server //unlink($_FILES['image']['tmp_name']); } } else { $file = 'ad_img.png'; $type = 'image/png'; } ?> Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted November 11, 2008 Share Posted November 11, 2008 try adding echo $file; echo "<br>"; print_r($_FILES); underneath $file = 'ad_img.png'; $type = 'image/png'; Just to see if what is going on Quote Link to comment Share on other sites More sharing options...
mahalleday Posted November 11, 2008 Author Share Posted November 11, 2008 hmm... I get this Array ( [image] => Array ( [name] => header.jpg [type] => image/jpeg [tmp_name] => C:\wamp\tmp\phpBD2F.tmp [error] => 0 => 7604 ) ) So I assume the for whatever reason my max size uplaod is set to 0 which is obviously being exceeded? Quote Link to comment Share on other sites More sharing options...
corbin Posted November 11, 2008 Share Posted November 11, 2008 Error 0 means there's not an error, and size => 7604 means it's 7604. Am I misreading that, or are you? Quote Link to comment Share on other sites More sharing options...
mahalleday Posted November 11, 2008 Author Share Posted November 11, 2008 No I would assume that it's me mis-reading it. I must admit I'm not fully up to speed on some of this stuff. Kinda learning as I go. Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted November 11, 2008 Share Posted November 11, 2008 Hmm, i don't see what is causing the error, this should help you in some ways. http://uk2.php.net/features.file-upload And maybe http://uk2.php.net/manual/en/ini.core.php#ini.post-max-size http://uk2.php.net/manual/en/ini.core.php#ini.upload-max-filesize Quote Link to comment Share on other sites More sharing options...
mahalleday Posted November 11, 2008 Author Share Posted November 11, 2008 I had a read through that stuff but it doesn't shed any light on why this won't work. I have even tried checking to see if the $_FILEs['image '] is empty and then processing accordingly but again that wont work either. I have also tried this... <?php if(isset($_POST['image'])) { //do the validation checks and upload } else { //since to file was uploaded use this default image $file = 'ad_img.png'; $type = 'image/png'; } ?> To me this should force the file and file type to be valid even if no file has been uploaded by the user. But this still won't work. If nothign is submitted I stil get my 'Invalid file type error...' This is driving me nuts, and you know it has to be some little thing. Quote Link to comment Share on other sites More sharing options...
mahalleday Posted November 14, 2008 Author Share Posted November 14, 2008 It came to me suddenly on the plane coming home from a business trip. At the start of the file upload validateion I origonaly had: <?php if(isset($_FILES['image'])) { //do this } else { //do this } ?> What is should have been was this: <?php if(isset($_FILES['image'][u][b]['name'][/b][/u])) { //do this } else { //do this } ?> Such a simple thing and it took so lonf to figure out. Thanks for all your advice and suggestions. Here is the full upload check code for anyone who is wants it: <?php //validate and handle file upload if(!empty($_FILES['image']['name'])) { $file = $_FILES['image']['name']; //$type = $_FILES['image']['type']; $type = strrchr($file, '.'); //list of the allowed file types => this should be placed in a database table in the future $allowed = array('.jpg', '.jpeg', '.png', '.pjeg'); //check to see if file is of the correct type if(in_array($type, $allowed)) { //set upload directory $uploaddir = './images/'; //move imageto server and resize if needed if(move_uploaded_file()) { } else { $errors[] = 'The file could not be uploaded for the following:<br/>'; switch ($_FILES['image']['erorr']) { case 1: echo 'The file exceeds the alloalble max file size allowed by php'; break; case 2: echo 'The file size exceeds the max allowable file size for this site'; break; case 3: echo 'The file was not completley uploaded'; break; case 4: echo 'No file was available for upload'; break; case 6: echo 'No tempprary folder was available'; break; case default: echo 'A system error occured please report your error to webmaster and try again'; break; } } } else { $errors[] = 'The file you attempted to upload was of an unallowed type<br/>-Please upload a png, or jpeg image<br/>'; //delete image from server //unlink($_FILES['image']['tmp_name']); } } else { //if the user does not choose to upload a pic you can specify a genric one here the $type varibale does not matter $file = 'ad_img.png'; //generic image if non uploaded by user $type = '.png'; //image type for generic image => does not matter } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.