pleek Posted November 29, 2008 Share Posted November 29, 2008 Hello, i am designing a website for my own personal use but im having trouble with upload forms. I found out how to upload the a directory on my site but heres the problem. I need a form that when you select (from a drop down box) the name of the file to be uploaded, when you browes it will only let you upload the file with the exact name and extenction. So like if i want to upload only .jpg's and i select "game" from the menu. The form will only allow "game.jpg" to be uploaded. Thanks in advance, Pleek Quote Link to comment https://forums.phpfreaks.com/topic/134710-upload-forms-help/ Share on other sites More sharing options...
dezkit Posted November 29, 2008 Share Posted November 29, 2008 I don't understand what you want do to, is that supposed to be done with javascript too? Can you further elaborate, we will help you, but you also need a code for us to look at. Quote Link to comment https://forums.phpfreaks.com/topic/134710-upload-forms-help/#findComment-701438 Share on other sites More sharing options...
pleek Posted November 29, 2008 Author Share Posted November 29, 2008 ok sorry, here is the code im currently using. Just a generic code that works to upload any file up to 100kb to the "game" dir. Yes i know its not very safe but its only open to me right now. upload form <form enctype="multipart/form-data" action="uploader.php" method="POST"> <input type="hidden" name="MAX_FILE_SIZE" value="1000000" /> Choose a file to upload: <input name="uploadedfile" type="file" /><br /> <input type="submit" value="Upload File" /> </form> upload.php <?php $target_path = "Games/"; $target_path = $target_path . basename( $_FILES['uploadedfile']['name']); if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) { echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded"; } else{ echo "There was an error uploading the file, please try again!"; } ?> And if you need javascript to do this that would be fine. This is what i need, i am using games as a generic term for what we're uploading... 1. First you select the name of the game you want to upload - i select "bike_game" as my game. 2. Then the upload form appears (optional). 3. Then when you select browse you can only select/upload so i would only be able to upload "bike_game.exe"\ if you still have questions please ask. Quote Link to comment https://forums.phpfreaks.com/topic/134710-upload-forms-help/#findComment-701440 Share on other sites More sharing options...
dezkit Posted November 29, 2008 Share Posted November 29, 2008 does it have to be any extension, or just .exe? Quote Link to comment https://forums.phpfreaks.com/topic/134710-upload-forms-help/#findComment-701442 Share on other sites More sharing options...
ShiloVir Posted November 29, 2008 Share Posted November 29, 2008 im sorry. But looking at this script it is very unsecure. It looks like a 5 year old wrote it. I would strongly advise you NOT to upload this to your webserver because if you do people will start uploading random garbage and even upload stuff that has the exec(); function in it and they will start to mess up your server. Just a warning... Quote Link to comment https://forums.phpfreaks.com/topic/134710-upload-forms-help/#findComment-701443 Share on other sites More sharing options...
pleek Posted November 29, 2008 Author Share Posted November 29, 2008 to the first question, no it does not have to be exe. but i would like to be able to set which extentions are allowed. to the second post, yes i know. thats what one thing i need help with. Quote Link to comment https://forums.phpfreaks.com/topic/134710-upload-forms-help/#findComment-701469 Share on other sites More sharing options...
PFMaBiSmAd Posted November 29, 2008 Share Posted November 29, 2008 HTML forms cannot set or specify a file extension to be listed in the file selection list. To do what you ask requires that you use a flash form. Take a look at this link - http://swfupload.org/ Quote Link to comment https://forums.phpfreaks.com/topic/134710-upload-forms-help/#findComment-701640 Share on other sites More sharing options...
pleek Posted November 30, 2008 Author Share Posted November 30, 2008 ok, thanks for that site man. Im trying out that right now. Ill get back to you if i have any more problems. thanks! Quote Link to comment https://forums.phpfreaks.com/topic/134710-upload-forms-help/#findComment-702582 Share on other sites More sharing options...
pleek Posted November 30, 2008 Author Share Posted November 30, 2008 ok, so i check out the swfupload and it was pretty cool. But not really what i need. So i did a little more google searching and i found this php code which does allow you to check the files extension before uploading. I can modify this to work but i need to know is it secure enough for an admin section in my script? form.php <form action="upload.php" method="post" ENCTYPE="multipart/form-data"> File: <input type="file" name="file" size="30"> <input type="submit" value="Upload!"> </form> upload.php <?php // ============== // Configuration // ============== $uploaddir = "uploads"; // Where you want the files to upload to - Important: Make sure this folders permissions is 0777! $allowed_ext = "jpg, gif, png, pdf"; // These are the allowed extensions of the files that are uploaded $max_size = "50000"; // 50000 is the same as 50kb $max_height = "100"; // This is in pixels - Leave this field empty if you don't want to upload images $max_width = "100"; // This is in pixels - Leave this field empty if you don't want to upload images // Check Entension $extension = pathinfo($_FILES['file']['name']); $extension = $extension[extension]; $allowed_paths = explode(", ", $allowed_ext); for($i = 0; $i < count($allowed_paths); $i++) { if ($allowed_paths[$i] == "$extension") { $ok = "1"; } } // Check File Size if ($ok == "1") { if($_FILES['file']['size'] > $max_size) { print "File size is too big!"; exit; } // Check Height & Width if ($max_width && $max_height) { list($width, $height, $type, $w) = getimagesize($_FILES['file']['tmp_name']); if($width > $max_width || $height > $max_height) { print "File height and/or width are too big!"; exit; } } // The Upload Part if(is_uploaded_file($_FILES['file']['tmp_name'])) { move_uploaded_file($_FILES['file']['tmp_name'],$uploaddir.'/'.$_FILES['file']['name']); } print "Your file has been uploaded successfully! Yay!"; } else { print "Incorrect file extension!"; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/134710-upload-forms-help/#findComment-702592 Share on other sites More sharing options...
pleek Posted December 2, 2008 Author Share Posted December 2, 2008 grrr. all i need is a secure form that will only upload the specified file size and extension. please somebody help me!!!!!!! lol but i do need help. Quote Link to comment https://forums.phpfreaks.com/topic/134710-upload-forms-help/#findComment-703595 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.