Jump to content

[SOLVED] Need help in removing validation from upload files script


agron

Recommended Posts

I have this form in my website with one upload file field. I don't want the upload file function to be mandatory. Here I have included the .php code executing the form. Can anyone tell me what do I need to change in order not to have the upload mandatory. Here is my code:

 

<?php

// Receiving variables

@$pfw_ip= $_SERVER['REMOTE_ADDR'];

@$name = addslashes($_POST['name']);

@$companyname = addslashes($_POST['companyname']);

@$address = addslashes($_POST['address']);

@$city = addslashes($_POST['city']);

@$stateprovince = addslashes($_POST['stateprovince']);

@$postalzipcode = addslashes($_POST['postalzipcode']);

@$country = addslashes($_POST['country']);

@$phonenumber = addslashes($_POST['phonenumber']);

@$phonenrextention = addslashes($_POST['phonenrextention']);

@$contactfax = addslashes($_POST['contactfax']);

@$email = addslashes($_POST['email']);

@$services = addslashes($_POST['services']);

@$servicenotinlistdescription = addslashes($_POST['servicenotinlistdescription']);

@$materialtype = addslashes($_POST['materialtype']);

@$materialnotinlistdescription = addslashes($_POST['materialnotinlistdescription']);

@$fileupload_Name = $_FILES['fileupload']['name'];

@$fileupload_Size = $_FILES['fileupload']['size'];

@$fileupload_Temp = $_FILES['fileupload']['tmp_name'];

@$fileupload_Mime_Type = $_FILES['fileupload']['type'];

@$dimensionheight = addslashes($_POST['dimensionheight']);

@$dimensionswidth = addslashes($_POST['dimensionswidth']);

@$dimensionslength = addslashes($_POST['dimensionslength']);

@$dimensionsdia = addslashes($_POST['dimensionsdia']);

@$additionalcomments = addslashes($_POST['additionalcomments']);

 

function RecursiveMkdir($path)

{

  if (!file_exists($path))

  {

      RecursiveMkdir(dirname($path));

      mkdir($path, 0777);

    }

  }

// Validation

if( $fileupload_Size == 0)

{

header("Location: fail.html");

exit;

}

if( $fileupload_Size >10000000000)

{

//delete file

unlink($fileupload_Temp);

header("Location: fail.html");

exit;

}

if( $fileupload_Mime_Type != "image/jpeg" )

{

unlink($fileupload_Temp);

header("Location: fail.html");

exit;

}

$uploadFile = "uploads/".$fileupload_Name ;

if (!is_dir(dirname($uploadFile)))

  {

    @RecursiveMkdir(dirname($uploadFile));

  }

else

  {

  @chmod(dirname($uploadFile), 0777);

  }

@move_uploaded_file( $fileupload_Temp , $uploadFile);

chmod($uploadFile, 0644);

$fileupload_URL = "http://website.com/uploads/".$fileupload_Name ;

 

//Sending Email to form owner

$pfw_header = "From: $email\n"

  . "Reply-To: $email\n";

$pfw_subject = "h8";

$pfw_email_to = "email@email.com";

$pfw_message = "Visitor's IP: $pfw_ip\n"

. "name: $name\n"

. "companyname: $companyname\n"

. "address: $address\n"

. "city: $city\n"

. "stateprovince: $stateprovince\n"

. "postalzipcode: $postalzipcode\n"

. "country: $country\n"

. "phonenumber: $phonenumber\n"

. "phonenrextention: $phonenrextention\n"

. "contactfax: $contactfax\n"

. "email: $email\n"

. "services: $services\n"

. "servicenotinlistdescription: $servicenotinlistdescription\n"

. "materialtype: $materialtype\n"

. "materialnotinlistdescription: $materialnotinlistdescription\n"

. "fileupload: $fileupload_URL\n"

. "dimensionheight: $dimensionheight\n"

. "dimensionswidth: $dimensionswidth\n"

. "dimensionslength: $dimensionslength\n"

. "dimensionsdia: $dimensionsdia\n"

. "additionalcomments: $additionalcomments\n";

@mail($pfw_email_to, $pfw_subject ,$pfw_message ,$pfw_header ) ;

header("Location: success.html");

?>

 

I don't have a lot of .php knowledge so if someone will rewrite the above code and post it, would be really appreciated

 

Thank you very much in advance,

 

 

Link to comment
Share on other sites

Okay, remove them but add

this

<?php
// Validation
if(!empty($fileupload_Name))
{
if( $fileupload_Size == 0)
{
	header("Location: fail.html");
	exit;
}
if( $fileupload_Mime_Type != "image/jpeg" )
{
	unlink($fileupload_Temp);
	header("Location: fail.html");
	exit;
}
}
?>

 

this check to see if a file was used if it was then checks

Link to comment
Share on other sites

Now I am getting the "500 Internal Server Error" Here is the code again:

 

<?php

// Receiving variables

@$pfw_ip= $_SERVER['REMOTE_ADDR'];

@$name = addslashes($_POST['name']);

@$companyname = addslashes($_POST['companyname']);

@$address = addslashes($_POST['address']);

@$city = addslashes($_POST['city']);

@$stateprovince = addslashes($_POST['stateprovince']);

@$postalzipcode = addslashes($_POST['postalzipcode']);

@$country = addslashes($_POST['country']);

@$phonenumber = addslashes($_POST['phonenumber']);

@$phonenrextention = addslashes($_POST['phonenrextention']);

@$contactfax = addslashes($_POST['contactfax']);

@$email = addslashes($_POST['email']);

@$services = addslashes($_POST['services']);

@$servicenotinlistdescription = addslashes($_POST['servicenotinlistdescription']);

@$materialtype = addslashes($_POST['materialtype']);

@$materialnotinlistdescription = addslashes($_POST['materialnotinlistdescription']);

@$fileupload_Name = $_FILES['fileupload']['name'];

@$fileupload_Size = $_FILES['fileupload']['size'];

@$fileupload_Temp = $_FILES['fileupload']['tmp_name'];

@$fileupload_Mime_Type = $_FILES['fileupload']['type'];

@$dimensionheight = addslashes($_POST['dimensionheight']);

@$dimensionswidth = addslashes($_POST['dimensionswidth']);

@$dimensionslength = addslashes($_POST['dimensionslength']);

@$dimensionsdia = addslashes($_POST['dimensionsdia']);

@$additionalcomments = addslashes($_POST['additionalcomments']);

 

function RecursiveMkdir($path)

{

  if (!file_exists($path))

  {

      RecursiveMkdir(dirname($path));

      mkdir($path, 0777);

    }

  }

 

 

// Validation

if(!empty($fileupload_Name))

{

  if( $fileupload_Size == 0)

  {

      header("Location: fail.html");

      exit;

  }

  if( $fileupload_Mime_Type != "image/jpeg" )

  {

      unlink($fileupload_Temp);

      header("Location: fail.html");

      exit;

  }

}

$uploadFile = "uploads/".$fileupload_Name ;

if (!is_dir(dirname($uploadFile)))

  {

    @RecursiveMkdir(dirname($uploadFile));

  }

else

  {

  @chmod(dirname($uploadFile), 0777);

  }

@move_uploaded_file( $fileupload_Temp , $uploadFile);

chmod($uploadFile, 0644);

$fileupload_URL = "http://website.com/uploads/".$fileupload_Name ;

 

//Sending Email to form owner

$pfw_header = "From: $email\n"

  . "Reply-To: $email\n";

$pfw_subject = "Service Request";

$pfw_email_to = "email@website.com";

$pfw_message = "Visitor's IP: $pfw_ip\n"

. "name: $name\n"

. "companyname: $companyname\n"

. "address: $address\n"

. "city: $city\n"

. "stateprovince: $stateprovince\n"

. "postalzipcode: $postalzipcode\n"

. "country: $country\n"

. "phonenumber: $phonenumber\n"

. "phonenrextention: $phonenrextention\n"

. "contactfax: $contactfax\n"

. "email: $email\n"

. "services: $services\n"

. "servicenotinlistdescription: $servicenotinlistdescription\n"

. "materialtype: $materialtype\n"

. "materialnotinlistdescription: $materialnotinlistdescription\n"

. "fileupload: $fileupload_URL\n"

. "dimensionheight: $dimensionheight\n"

. "dimensionswidth: $dimensionswidth\n"

. "dimensionslength: $dimensionslength\n"

. "dimensionsdia: $dimensionsdia\n"

. "additionalcomments: $additionalcomments\n";

@mail($pfw_email_to, $pfw_subject ,$pfw_message ,$pfw_header ) ;

 

//Sending auto respond Email to visitor

$pfw_header = "From: email@website.com\n"

  . "Reply-To: email@webiste.com\n";

$pfw_subject = "Service Request";

$pfw_email_to = "$email";

$pfw_message = "Your request has been received. A representative will review your request and call you back with an estimate.\n"

. "If you have any questions or concern do not hesitate to call our hotline number at: 111-111-1111\n"

. "\n"

. "Thank you for your business\n"

. "\n"

. "Business name";

@mail($pfw_email_to, $pfw_subject ,$pfw_message ,$pfw_header ) ;

 

header("Location: success.html");

 

?>

 

I do want to thank you a lot for your quick response,

 

Take care

 

Link to comment
Share on other sites

try this

    <?php
    // Receiving variables
    @$pfw_ip= $_SERVER['REMOTE_ADDR'];
    @$name = addslashes($_POST['name']);
    @$companyname = addslashes($_POST['companyname']);
    @$address = addslashes($_POST['address']);
    @$city = addslashes($_POST['city']);
    @$stateprovince = addslashes($_POST['stateprovince']);
    @$postalzipcode = addslashes($_POST['postalzipcode']);
    @$country = addslashes($_POST['country']);
    @$phonenumber = addslashes($_POST['phonenumber']);
    @$phonenrextention = addslashes($_POST['phonenrextention']);
    @$contactfax = addslashes($_POST['contactfax']);
    @$email = addslashes($_POST['email']);
    @$services = addslashes($_POST['services']);
    @$servicenotinlistdescription = addslashes($_POST['servicenotinlistdescription']);
    @$materialtype = addslashes($_POST['materialtype']);
    @$materialnotinlistdescription = addslashes($_POST['materialnotinlistdescription']);
    @$fileupload_Name = $_FILES['fileupload']['name'];
    @$fileupload_Size = $_FILES['fileupload']['size'];
    @$fileupload_Temp = $_FILES['fileupload']['tmp_name'];
    @$fileupload_Mime_Type = $_FILES['fileupload']['type'];
    @$dimensionheight = addslashes($_POST['dimensionheight']);
    @$dimensionswidth = addslashes($_POST['dimensionswidth']);
    @$dimensionslength = addslashes($_POST['dimensionslength']);
    @$dimensionsdia = addslashes($_POST['dimensionsdia']);
    @$additionalcomments = addslashes($_POST['additionalcomments']);

    function RecursiveMkdir($path)
     {
       if (!file_exists($path))
       {
          RecursiveMkdir(dirname($path));
          mkdir($path, 0777);
        }
      }


    // Validation
    if(!empty($fileupload_Name))
    {
       if( $fileupload_Size == 0)
       {
          header("Location: fail.html");
          exit;
       }
       if( $fileupload_Mime_Type != "image/jpeg" )
       {
          unlink($fileupload_Temp);
          header("Location: fail.html");
          exit;
       }
        $uploadFile = "uploads/".$fileupload_Name ;
    if (!is_dir(dirname($uploadFile)))
      {
        @RecursiveMkdir(dirname($uploadFile));
      }else{
      @chmod(dirname($uploadFile), 0777);
      }
    @move_uploaded_file( $fileupload_Temp , $uploadFile);
    chmod($uploadFile, 0644);
    $fileupload_URL = "http://website.com/uploads/".$fileupload_Name ;
    }else{
    	$fileupload_URL ="";
    }
   

    //Sending Email to form owner
    $pfw_header = "From: $email\n"
      . "Reply-To: $email\n";
    $pfw_subject = "Service Request";
    $pfw_email_to = "email@website.com";
    $pfw_message = "Visitor's IP: $pfw_ip\n"
    . "name: $name\n"
    . "companyname: $companyname\n"
    . "address: $address\n"
    . "city: $city\n"
    . "stateprovince: $stateprovince\n"
    . "postalzipcode: $postalzipcode\n"
    . "country: $country\n"
    . "phonenumber: $phonenumber\n"
    . "phonenrextention: $phonenrextention\n"
    . "contactfax: $contactfax\n"
    . "email: $email\n"
    . "services: $services\n"
    . "servicenotinlistdescription: $servicenotinlistdescription\n"
    . "materialtype: $materialtype\n"
    . "materialnotinlistdescription: $materialnotinlistdescription\n"
    . "fileupload: $fileupload_URL\n"
    . "dimensionheight: $dimensionheight\n"
    . "dimensionswidth: $dimensionswidth\n"
    . "dimensionslength: $dimensionslength\n"
    . "dimensionsdia: $dimensionsdia\n"
    . "additionalcomments: $additionalcomments\n";
    @mail($pfw_email_to, $pfw_subject ,$pfw_message ,$pfw_header ) ;

    //Sending auto respond Email to visitor
    $pfw_header = "From: email@website.com\n"
      . "Reply-To: email@webiste.com\n";
    $pfw_subject = "Service Request";
    $pfw_email_to = "$email";
    $pfw_message = "Your request has been received. A representative will review your request and call you back with an estimate.\n"
    . "If you have any questions or concern do not hesitate to call our hotline number at: 111-111-1111\n"
    . "\n"
    . "Thank you for your business\n"
    . "\n"
    . "Business name";
    @mail($pfw_email_to, $pfw_subject ,$pfw_message ,$pfw_header ) ;

    header("Location: success.html");

    ?>

 

EDIT: Oh and your welcome,

Link to comment
Share on other sites

Okay heres a cleaned up version, it looks fine to me

 

<?php
error_reporting(0);
// Receiving variables
$pfw_ip = $_SERVER['REMOTE_ADDR'];
$name = (! empty($_POST['name'])) ? addslashes($_POST['name']) : "";
$companyname = (! empty($_POST['name'])) ? addslashes($_POST['companyname']) : "";
$address = (! empty($_POST['name'])) ? addslashes($_POST['address']) : "";
$city = (! empty($_POST['name'])) ? addslashes($_POST['city']) : "";
$stateprovince = (! empty($_POST['name'])) ? addslashes($_POST['stateprovince']) : "";
$postalzipcode = (! empty($_POST['name'])) ? addslashes($_POST['postalzipcode']) : "";
$country = (! empty($_POST['name'])) ? addslashes($_POST['country']) : "";
$phonenumber = (! empty($_POST['name'])) ? addslashes($_POST['phonenumber']) : "";
$phonenrextention = (! empty($_POST['name'])) ? addslashes($_POST['phonenrextention']) : "";
$contactfax = (! empty($_POST['name'])) ? addslashes($_POST['contactfax']) : "";
$email = (! empty($_POST['name'])) ? addslashes($_POST['email']) : "";
$services = (! empty($_POST['name'])) ? addslashes($_POST['services']) : "";
$servicenotinlistdescription = (! empty($_POST['name'])) ? addslashes($_POST['servicenotinlistdescription']) : "";
$materialtype = (! empty($_POST['name'])) ? addslashes($_POST['materialtype']) : "";
$materialnotinlistdescription = (! empty($_POST['name'])) ? addslashes($_POST['materialnotinlistdescription']) : "";
$dimensionheight = (! empty($_POST['name'])) ? addslashes($_POST['dimensionheight']) : "";
$dimensionswidth = (! empty($_POST['name'])) ? addslashes($_POST['dimensionswidth']) : "";
$dimensionslength = (! empty($_POST['name'])) ? addslashes($_POST['dimensionslength']) : "";
$dimensionsdia = (! empty($_POST['name'])) ? addslashes($_POST['dimensionsdia']) : "";
$additionalcomments = (! empty($_POST['name'])) ? addslashes($_POST['additionalcomments']) : "";
// File Validation
if (! empty($_FILES['fileupload']['name'])) {
    if ($_FILES['fileupload']['size'] == 0) {
        header("Location: fail.html");
        exit();
    }
    if ($_FILES['fileupload']['type'] != "image/jpeg") {
        unlink($_FILES['fileupload']['tmp_name']);
        header("Location: fail.html");
        exit();
    }
    $uploadFile = "uploads/" . $_FILES['fileupload']['name'];
    if (! is_dir(dirname($uploadFile))) {
        @RecursiveMkdir(dirname($uploadFile));
    } else {
        @chmod(dirname($uploadFile), 0777);
    }
    @move_uploaded_file($_FILES['fileupload']['tmp_name'], $uploadFile);
    chmod($uploadFile, 0644);
    $fileupload_URL = "http://website.com/uploads/" . $_FILES['fileupload']['name'];
} else {
    $fileupload_URL = "No file uploader";
}
//Sending Email to form owner
$pfw_header = "From: $email\r\nReply-To: $email\r\n";
$pfw_subject = "Service Request";
$pfw_email_to = "email@website.com";
$pfw_message = "Visitor's IP: $pfw_ip\n
name: $name\n
companyname: $companyname\n
address: $address\n
city: $city\n
stateprovince: $stateprovince\n
postalzipcode: $postalzipcode\n
country: $country\n
phonenumber: $phonenumber\n
phonenrextention: $phonenrextention\n
contactfax: $contactfax\n
email: $email\n
services: $services\n
servicenotinlistdescription: $servicenotinlistdescription\n
materialtype: $materialtype\n
materialnotinlistdescription: $materialnotinlistdescription\n
fileupload: $fileupload_URL\n
dimensionheight: $dimensionheight\n
dimensionswidth: $dimensionswidth\n
dimensionslength: $dimensionslength\n
dimensionsdia: $dimensionsdia\n
additionalcomments: $additionalcomments\n";
$sentmail = mail($pfw_email_to, $pfw_subject, $pfw_message, $pfw_header);
//Sending auto respond Email to visitor
$pfw_header = "From: email@website.com\r\nReply-To: email@webiste.com\r\n";
$pfw_subject = "Service Request";
$pfw_email_to = "$email";
$pfw_message = "Your request has been received. A representative will review your request and call you back with an estimate.\n
If you have any questions or concern do not hesitate to call our hotline number at: 111-111-1111\n\n
Thank you for your business\n\nBusiness name";
$sentmail = mail($pfw_email_to, $pfw_subject, $pfw_message, $pfw_header);
header("Location: success.html");
function RecursiveMkdir ($path)
{
    if (! file_exists($path)) {
        RecursiveMkdir(dirname($path));
        mkdir($path, 0777);
    }
}
?>

Link to comment
Share on other sites

It looks like it is working now. The only qustion I have is this: How do you fix this piece so that I have a 5 mgb file size limit:

 

// File Validation

if (! empty($_FILES['fileupload']['name'])) {

    if ($_FILES['fileupload']['size'] == 0) {

        header("Location: fail.html");

        exit();

    }

 

Thanks again

Link to comment
Share on other sites

I am probably boring you with all these questions but what do I need to do if I want to have 4 extensions: jpeg, jpg, png, gif?

I did this but it isn't working:

 

if ($_FILES['fileupload']['type'] != "image/gif" AND $fileupload_Mime_Type != "image/jpeg" AND $fileupload_Mime_Type != "image/png" ) {

        unlink($_FILES['fileupload']['tmp_name']);

        header("Location: fail.html");

        exit();

    }

Link to comment
Share on other sites

Okay

change

if ($_FILES['fileupload']['type'] != "image/gif" AND $fileupload_Mime_Type != "image/jpeg" AND $fileupload_Mime_Type != "image/png" )

 

to

$validfiles = array("image/gif","image/jpeg","image/png","image/jpeg","image/x-png");
if (!in_array($_FILES['fileupload']['type'] ,$validfiles))

 

Link to comment
Share on other sites

Right now I have:

 

if ($_FILES['fileupload']['type'] != "image/jpeg") {

        unlink($_FILES['fileupload']['tmp_name']);

        header("Location: fail.html");

        exit();

    }

and it is working only for "jpeg". I did try your fix but I am getting this error:

 

Parse error: syntax error, unexpected '}' in /home/..../public_html/form.php on line 46

and line 46 is far from the lines I changed

45) } else {

46)    $fileupload_URL = "No file uploader";

47) }

I just need to add a couple of more extensions, jpg, gif, png that's all

 

Thanks again,

Link to comment
Share on other sites

if ($_FILES['fileupload']['type'] != "image/jpeg") {
        unlink($_FILES['fileupload']['tmp_name']);
        header("Location: fail.html");
        exit();
    }

 

should be

 

$validfiles = array("image/gif","image/jpeg","image/png","image/jpeg","image/x-png");
if (!in_array($_FILES['fileupload']['type'] ,$validfiles)) {
        unlink($_FILES['fileupload']['tmp_name']);
        header("Location: fail.html");
        exit();
    }

 

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.