robert_gsfame Posted September 25, 2009 Share Posted September 25, 2009 see i have my code shown below require_once('config.php'); $query = mysql_query("SELECT * FROM table"); $find = mysql_fetch_array($query); $limit_size=10000; $filesize1=$HTTP_POST_FILES['file']['size']; $filetype1=$HTTP_POST_FILES['type']['type']; $filename1=$HTTP_POST_FILES['file']['name']; if(($filesize1 >= $limit_size)||($filetype1!= 'image/jpeg')||(file_exists("upload/" . $filename1)){ echo "Max 10 Kb in JPG format and must not exists yet"; }else{ $path1= "upload/".$filename1; if(copy($HTTP_POST_FILES['file']['tmp_name'], $path1)){ echo "File Name :".$HTTP_POST_FILES['file']['name']."<BR/>"; }else{ $find=mysql_fetch_array(' if ($find['upload']!=""){ echo $find['upload']; echo "<td><font face=arial size=2><a href=page2.php>delete</a></font></td>"; }else{ echo "<font face=arial size=2>No image uploaded yet!</font>"; } } } } Okay that's it...the problem is that when user has already uploaded their file go to index.php and assume they want to update their image, why the $find['upload'] doesn't appear ?? i get this "Max 10 Kb in JPG format and must not exists yet" some part might be wrong but which one????? thanks a lot in advance Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 i think the problem is with the file_exists but how to restrict that the file name cannot be the same Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 really confused not solved yet :'( :'( Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 25, 2009 Share Posted September 25, 2009 You seam to have code missing, ie $find=mysql_fetch_array(' if ( this is probably the route I would take <?php require_once ('config.php'); //Check if file exists in database $query = mysql_query("SELECT * FROM table"); $find = mysql_fetch_array($query); if (! empty($find['upload'])) { echo $find['upload']; echo "<td><font face=arial size=2><a href=page2.php>delete</a></font></td>"; } elseif(!empty($_FILES)){//Check file has been sent $limit_size = 10000; $filesize1 = $_FILES['file']['size']; $filetype1 = $_FILES['type']['type']; $filename1 = $_FILES['file']['name']; //Check up load details if (($filesize1 >= $limit_size) || ($filetype1 != 'image/jpeg') || (file_exists("upload/" . $filename1))) { echo "Max 10 Kb in JPG format and must not exists yet"; } else { //Moved Accepted upload to folder $path1 = "upload/" . $filename1; if (copy($_FILES['file']['tmp_name'], $path1)) { //Display filename echo "File Name :" . $_FILES['file']['name'] . "<BR/>"; } else { echo "<font face=arial size=2>Failed to upload!</font>"; } } }else{ echo "<font face=arial size=2>No image uploaded yet!</font>"; } ?> Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 okay actually i almost solve the problem i try one by one like this $limit_size=60000; $filesize1=$HTTP_POST_FILES['ufile']['size'][0]; $filetype1=$HTTP_POST_FILES['ufile']['type'][0]; $filename1=$HTTP_POST_FILES['ufile']['name'][0]; if(($filesize1 > $limit_size)&&($filetype1=='image/jpeg')&&(!(file_exists("upload/".$filename1)))){ echo "Your file size is over limit, 60 Kb is the max size allowed"; }else if(($filesize1 < $limit_size)&&($filetype1!='image/jpeg')&&(!(file_exists("upload/".$filename1)))){ echo "Image must be in JPEG format";}else if(($filesize1 < $limit_size)&&($filetype1=='image/jpeg')&&(file_exists("upload/".$filename1))){ echo "File is already exists";}else if(($filesize1 > $limit_size)&&($filetype1!='image/jpeg')&&(!(file_exists("upload/".$filename1)))){ echo "Size is over limit, image must be in JPEG format";}else if(($filesize1 < $limit_size)&&($filetype1!='image/jpeg')&&(!(file_exists("upload/".$filename1)))){echo "Image must be in JPEG format, file name already exists";}else if(($filesize1 > $limit_size)&&($filetype1=='image/jpeg')&&(file_exists("upload/".$filename1))){echo "Size is over limit, file name already exists";}else if(($filesize1 > $limit_size)&&($filetype1!='image/jpeg')&&(file_exists("upload/".$filename1))){echo "60 Kb file in JPEG format and name shouldn't be existed";}else{ $path1= "upload/".$HTTP_POST_FILES['ufile']['name'][0]; if( copy($HTTP_POST_FILES['ufile']['tmp_name'][0], $path1)){ echo "File Name :".$HTTP_POST_FILES['ufile']['name'][0]."<BR/>"; }else{ if ($info['upload']!=""){ echo $info['upload']; * But it works correctly in Mozilla but not in IE 6.0 WHAT HAPPENED??? all files which is in JPEG format is counted as another format......PLEASE HELP :'( Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 crazy IE Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 Getting the mime type as a check for if the file is actually an image file or not is not the best practice. Mime types can be spoofed, and not all browsers even send a mime type. you should get the extension via substr and test that. like so $ext = substr($fileName, strrpos($fileName, '.') + 1);//$fileName is the name of the file if ($ext != 'jpg' || $ext != 'jpeg'){ echo "Wrong file type"; exit(); } Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 but it works well without any problems in mozilla............this error only occured in IE 6.0 Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 yes, because mozilla provides the Mime type. obviously IE isn't providing one, or is providing a different one. If you want it to work across all browsers, don't rely on mime type, rely on the file extension. Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 one more thing...i've tried both with jpg and jpeg, n i got the same feedback....it seems like IE 6.0 cannot read image/jpg and image/jpeg then what should i write then Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 ... I just posted code to check the extension... use what I posted Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 hey i've tried yours and it works GREAT...you're such a genius!!!!! can you help me explaining this?? $str = substr($fileName, strrpos($fileName, '.') + 1); what this is for Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 but another problem occured.........how come when i upload the file with psd extention and it still read as jpeg??? Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 what to do next Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 sure! lets break it down into steps $str = substr($fileName, strrpos($fileName, '.') + 1); the first function called is substr. This will take a part of the string (the first parameter) from the startposition of the second parameter. (there is also a 3rd parameter called length that will specify the length of the substr. if not specified it will take the string from the start position to the finish position. for example $hello = "Hello World"; echo substr($hello, 2);// llo World echo substr($hello, 0);//Hello World echo substr($hello, 1, 4);// ello Now the second parameter has another function call, which isstrrpos). This will get the string position of the last occurence of the second parameter, from the string in the first parameter. In this case, we look for the period character in the $fileName string. Say we have "myFile.jpg" strrpos will return the position 6 if we were to look for the period. (Note, strings are 0 based, so the first character will be in position 0) We add 1 to the string position of the period character because we want everything after the period (IE the file extension). that line is basically like doing $fileName = "file.php"; $ext = substr($fileName, 5);//5 is the position of the p in php, or the position of the period + 1 but it works for any file names/file types. also works for multiple periods in 1 file, since strrpos finds the last occurence of the second paramter Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 know what...it makes all of my script messed up now both IE and MOZILLA don't restrict that only jpeg format could be submitted Please help me more Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 post code? Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 what should i do with [file] and [file][type] ?? Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 you can restrict the file size of uploaded files with the file-size value... Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 yeah i know but it doesn't work in IE and MOZILLA after i put what you've said Mime Type Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 post code... Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 $limit_size=60000; $filesize1=$HTTP_POST_FILES['ufile']['size'][0]; $filetype1=$HTTP_POST_FILES['ufile']['type'][0]; $filenamexx=$HTTP_POST_FILES['ufile']['name'][0]; $filename1= substr($fileNamex, strrpos($fileNamex, '.') + 1); if(($filesize1 > $limit_size)&&($filetype1=='image/jpeg')&&(!(file_exists("upload/".$filename1)))){ echo "Your file size is over limit, 60 Kb is the max size allowed"; }else if(($filesize1 < $limit_size)&&($filetype1!='image/jpeg')&&(!(file_exists("upload/".$filename1)))){ echo "Image must be in JPEG format";}else if(($filesize1 < $limit_size)&&($filetype1=='image/jpeg')&&(file_exists("upload/".$filename1))){ echo "File is already exists";}else if(($filesize1 > $limit_size)&&($filetype1!='image/jpeg')&&(!(file_exists("upload/".$filename1)))){ echo "Size is over limit, image must be in JPEG format";}else if(($filesize1 < $limit_size)&&($filetype1!='image/jpeg')&&(!(file_exists("upload/".$filename1)))){echo "Image must be in JPEG format, file name already exists";}else if(($filesize1 > $limit_size)&&($filetype1=='image/jpeg')&&(file_exists("upload/".$filename1))){echo "Size is over limit, file name already exists";}else if(($filesize1 > $limit_size)&&($filetype1!='image/jpeg')&&(file_exists("upload/".$filename1))){echo "60 Kb file in JPEG format and name shouldn't be existed";}else{ $path1= "upload/".$HTTP_POST_FILES['ufile']['name'][0]; if( copy($HTTP_POST_FILES['ufile']['tmp_name'][0], $path1)){ echo "File Name :".$HTTP_POST_FILES['ufile']['name'][0]."<BR/>"; }else{ if ($info['upload']!=""){ echo $info['upload']; Which part is wrong please help as all format can be submitted although i have restricted this Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 25, 2009 Share Posted September 25, 2009 OMG.. you really need to re-think that code! also use code tags! Oh and you should have 3 for jpegs image/jpg image/jpeg image/pjpeg Quote Link to comment Share on other sites More sharing options...
robert_gsfame Posted September 25, 2009 Author Share Posted September 25, 2009 that code is what i can only at last as several problems occured when i made it more simple so i break it and make more stupid complicated Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted September 25, 2009 Share Posted September 25, 2009 Everything is wrong. First of all, here $filenamexx=$HTTP_POST_FILES['ufile']['name'][0]; $filename1= substr($fileNamex, strrpos($fileNamex, '.') + 1); you aren't even using the right variable name. it should be $filenamexx=$HTTP_POST_FILES['ufile']['name'][0]; $filename1= substr($filenamexx, strrpos($filenamexx, '.') + 1); secondly, you aren't testing for mime type any more, and your if statements are all wrong too, and they don't even really make. sense at all... Half of them you don't even need... you have to test file type like this if ($filename1 != 'jpg' || $filename1 != 'jpeg'){ echo "Invalid file type"; exit(); } which is what I wrote before if you were paying attention. evidently not... your code is formatted horribly, and I can't even tell if you have else ifs, or you if you are just making syntax errors if ($filename1 != 'jpg' || $filename1 != 'jpeg'){ echo "Invalid file type"; exit(); } if ($filesize > $maxsize){ echo "File too big"; exit(); } if (file_exists("upload/".$filename1)){ echo "File already exists"; exit(); } thats all the error checking you seem to want to do, but with 3 if statements.. one more thing, if you have multiple file types you want to test, you should put them into an array, and use the in_array function like so $allowed_files = array('jpg', 'jpeg', 'png', 'bmp'); if (!in_array($filename1, $allowed_files)){ echo "invalid File type"; exit(); } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.