ThunderLee Posted November 7, 2009 Share Posted November 7, 2009 Hi, I recently found a great php upload script (http://www.ultramegatech.com/blog/2008/12/creating-upload-progress-bar-php/5/) although the script is awesome I can't seem to add ANY validation to it as it seems to skip past it and just upload the file.. The type of validation I need is.. Checking wether the song AND artist exist in the database (both together), Checking the type (I only wanted MP3 but I couldn't figure out how to do that), Checking if the file already exists in the Music/ directory, If the above are ok then proceed with the upload.. What am I doing wrong? Here is the original upload.php (From the website above) <?php if($_FILES['file']['error'] == UPLOAD_ERR_OK){ $path = '/var/www/uploads/'; $path .= basename($_FILES['file']['name']); if(move_uploaded_file($_FILES['file']['tmp_name'], $path)){ // upload successful } } ?> And here is mine <?php session_start();?><?php include("connectvars.php"); ?><?php if($_FILES['file']['error'] == UPLOAD_ERR_OK) { $path = 'Music/'; $path .= basename($_FILES['file']['name']); //This is our limit file type condition if ($uploaded_type=="text/php") { echo "<div align=\"center\" id=\"content\">You're not aloud to upload this file</div><br>"; } //Gets info from other page $musicalbumart=$_POST['albumarturl']; $musicartist=$_POST['artistname']; $musicname=$_POST['songname']; $musicalbum=$_POST['albumname']; $musicgenre=$_POST['musicgenre']; $uploaded_file=($_FILES['file']['name']); // Connects to your Database mysql_connect("localhost", "root", "msb090909") or die(mysql_error()) ; mysql_select_db("mymediaupload") or die(mysql_error()) ; $martist = mysql_real_escape_string($_POST['artistname']); $mname = mysql_real_escape_string($_POST['songname']); $ufile= mysql_real_escape_string($_FILES['file']['name']); $ucheck = mysql_query("SELECT * FROM `music` WHERE `musicartist`='".$martist."' AND `musictitle`='".$mname."'") or die(mysql_error()); $ucheck2 = mysql_query("SELECT * FROM `music` WHERE `musiclocation`='".$path . ."'") or die(mysql_error()); if(mysql_num_rows($ucheck) >= 1) { echo "<div align=\"center\" id=\"content\">This song has already been added to MyMediaUpload<br>(The information you provided already exists in the database)</div><br>"; } if(mysql_num_rows($ucheck2) >= 1) { echo "<div align=\"center\" id=\"content\">This song has already been added to MyMediaUpload<br>(The file already exists on the server)</div><br>"; } else { if(move_uploaded_file($_FILES['file']['tmp_name'], $path)){ // upload successful } } } echo "<div align=\"center\" id=\"content\">The file ". basename( $_FILES['file']['name']). " has been uploaded</div><br>"; mysql_query("INSERT INTO `music` (`musicuploader`,`musicuploaderid`,`musictitle`,`musicartist`,`musicalbum`,`musicgenre`,`musiclocation`,`musicalbumart`,`dateadded`) VALUES ('".$_SESSION['dname']."','".$_SESSION['user_id']."','".$musicname."','".$musicartist."','".$musicalbum."','".$musicgenre."','".$path."','".$musicalbumart."',now())") or die(mysql_error()); ?> When I upload a file it just says upload compleate..? and the file existed in Music/ and the data existed in the database.. I want to prevent files from overwriting in Music/ and duplications in the database .. Link to comment https://forums.phpfreaks.com/topic/180634-php-upload-cant-seem-to-add-validation/ Share on other sites More sharing options...
ThunderLee Posted November 7, 2009 Author Share Posted November 7, 2009 BUMP, Please help.. Link to comment https://forums.phpfreaks.com/topic/180634-php-upload-cant-seem-to-add-validation/#findComment-953112 Share on other sites More sharing options...
cags Posted November 7, 2009 Share Posted November 7, 2009 These two lines... echo "<div align=\"center\" id=\"content\">The file ". basename( $_FILES['file']['name']). " has been uploaded</div><br>"; mysql_query("INSERT INTO `music` (`musicuploader`,`musicuploaderid`,`musictitle`,`musicartist`,`musicalbum`,`musicgenre`,`musiclocation`,`musicalbumart`,`dateadded`) VALUES ('".$_SESSION['dname']."','".$_SESSION['user_id']."','".$musicname."','".$musicartist."','".$musicalbum."','".$musicgenre."','".$path."','".$musicalbumart."',now())") or die(mysql_error()); Should be inside the else element, most likely where you actually have the comment //successfully uploaded. It currently is outside the loops/checks so will run every time the scrip does. Link to comment https://forums.phpfreaks.com/topic/180634-php-upload-cant-seem-to-add-validation/#findComment-953155 Share on other sites More sharing options...
ThunderLee Posted November 7, 2009 Author Share Posted November 7, 2009 Thanks I tried that but the script still uploads the file although the info and files exist ? Link to comment https://forums.phpfreaks.com/topic/180634-php-upload-cant-seem-to-add-validation/#findComment-953201 Share on other sites More sharing options...
cags Posted November 7, 2009 Share Posted November 7, 2009 I just pointed out the most obvious mistake in the code. Another is that you have if('artist and must not in database') { // inform user } if('music location not in database') { // inform user } else { // upload } There is nothing linking those two statements together so it could inform the user the artist/music is in the database and still upload the second if statment should probably be elseif. Link to comment https://forums.phpfreaks.com/topic/180634-php-upload-cant-seem-to-add-validation/#findComment-953215 Share on other sites More sharing options...
ThunderLee Posted November 7, 2009 Author Share Posted November 7, 2009 So this will work if the info doesn't exist? If the song name and artist name both exist in the database I don't want the file to upload, same if the file with the same name exists in the music directory.. I'll try Link to comment https://forums.phpfreaks.com/topic/180634-php-upload-cant-seem-to-add-validation/#findComment-953315 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.