Jump to content

PHP Upload Script

alil2cul4u

By alil2cul4u
in PHP Coding Help

 Share

Recommended Posts

alil2cul4u Newbie

alil2cul4u

Posted
  • Author
Posted

I have 2 the .html and the .php

Upload.htm

<form enctype="multipart/form-data" action="uploader.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
Choose a file to upload: <input name="uploadedfile" type="file" /><br />
<input type="submit" value="Upload File" />
</form>

 

Uploader.php

<?php
$target_path = "uploads/";

$target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['uploadedfile']['name']). 
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
?>

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

The form processing code in that tutorial is so minimal that it has almost no error checking, error reporting, or error recovery logic to get it to tell you why it is failing. Edit: And even the following code is not checking everything possible.

 

Give this a try (you will need to modify the size settings and permitted mime types to suit your needs) -

<?php
// upload processing code with full upload-error testing logic
ini_set("display_errors", "1");
error_reporting(E_ALL);
// check if the page reqeust came from an upload form (to the best of php's ability) and if php can process uploads
function check_request(){
// check if a form submitted to this code (exit/die if not)
if(strtolower($_SERVER['REQUEST_METHOD']) !== 'post'){
	echo "Page was not accessed through a post method form<br />";
	return FALSE; // this code was reached via a request that was not a form submission
}
// check if uploads are enabled -
// ini_get(), on gives a string with '1' (off is empty string or a string with '0')
if(ini_get('file_uploads') !== '1'){
	echo "Uploads are not enabled on this server and nothing can be uploaded<br />";
	return FALSE; // cannot continue
}
// check for exceeding the post_max_size value (both the $_POST and $_FILES arrays are empty) or the form does not contan any named $_POST variable or it does not contain a file upload field
$post_max = ini_get('post_max_size');
if(empty($_FILES) && empty($_POST)){
	echo "Either the upload exceeded the post_max_size setting: $post_max, or the form is invalid (no enctype and/or no named file/post fields)<br />";
	return FALSE; // cannot continue
}
// check for a form that contains a $_POST variable, but does not contain an upload enctype or it does not contain a file upload field
if(empty($_FILES) && !empty($_POST)){
	echo "Either the form does not contain a correct enctype attribute or it does not contain a valid named file upload field<br />";
	return FALSE; // cannot continue
}
// $_FILES contains something
return TRUE;
} // end of check_request function

// check the passed $_FILES... array for upload errors, mime type, and file size
function check_upload($file){
// test for upload errors
if($file['error'] > 0){
	echo "An upload error occured, error number: {$file['error']}<br />";
	switch ($file['error']) {
		case 0:
			echo "The file uploaded to the server OK<br />";
			break;
		case 1:
			echo "The uploaded file exceeds the upload maximum size directive in php.ini<br />";
			break;
		case 2:
			echo "The uploaded file exceeds {$_POST['MAX_FILE_SIZE']}, the MAX_FILE_SIZE directive in the HTML form<br />";
			break;
		case 3:
			echo "The uploaded file was only partially uploaded<br />";
			break;
		case 4:
			echo "No file was selected<br />";
			break;
		case 6:	
			echo "Missing a temporary folder<br />";
			break;
		case 7:
			echo "Failed to write file to disk<br />";
			break;
		case 8:
			echo "File upload stopped by extension<br />";
			break;			
		default:
			echo "An unused error value was returned<br />";
	}
	return FALSE; // cannot continue
}
// check the mime type
$types = array();
$types[] = 'image/gif';
$types[] = 'image/jpeg';
$types[] = 'image/pjpeg';
if(!in_array($file['type'],$types)){
	// not found
	echo "The mime type of the uploaded file: {$file['type']}, is not permitted<br />";
	return FALSE; // cannot continue
}
// check the file size
$max_size = 200000000;
if($file['size'] > $max_size){
	// exceeds max
	echo "The file size of the uploaded file: {$file['size']}, exceeds the permitted file size of $max_size<br />";
	return FALSE; // cannot continue
}
return TRUE;
} // end of check_upload function

// main code
$target_path = "uploads/";
$files_index = "uploadedfile";
// check if the request for this page can be processed (came from a form and uploads are enabled on the server...)
if(!check_request()){
// the request for the page cannot be processed
die;
}
// the $_FILES array has something in it, $_POST array may or may not depending on the actual form fields (should at least have a named submit button)
// start normal form processing code
if(isset($_POST['submit'])){
// check the uploaded file for errors, mime type, and file size
if(check_upload($_FILES[$files_index])){
	// the uploaded file can be moved
	// test if the destination file already exists
	if(file_exists($target_path . $_FILES[$files_index]["name"])){
		echo "{$_FILES[$files_index]['name']} already exists.<br />";
	} else {
		// move the uplaoded file
		if(!move_uploaded_file($_FILES[$files_index]["tmp_name"],
			$target_path . $_FILES[$files_index]["name"])){
			// the move failed
			echo "Could not process (move) the uploaded file<br />";
		} else {
			echo "Uploaded file was stored in: $target_path{$_FILES[$files_index]["name"]}<br />";
			// other code to process the uploaded file would go here...
		}
	}
} else {
	// echo "check_upload() returned FALSE and should have printed an error message why the upload failed<br />";
}
} // end of form processing code
echo "done";
?>

 

You will also need to give the submit button a name -

 

<form enctype="multipart/form-data" action="uploader.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
Choose a file to upload: <input name="uploadedfile" type="file" /><br />
<input type="submit" name="submit" value="Upload File" />
</form>

Link to comment
Share on other sites
alil2cul4u Newbie

alil2cul4u

Posted
  • Author
Posted

Ok, So I fixed that problem... I didnt reset the Max_file_size... Now I have this error and I do not understand this one at all

 

 

Warning: move_uploaded_file(uploads/song.mp3) [function.move-uploaded-file]: failed to open stream: No such file or directory in G:\wamp\www\uploader.php on line 108

 

Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move 'C:\wamp\tmp\php2E11.tmp' to 'uploads/song.mp3' in G:\wamp\www\uploader.php on line 108

Could not process (move) the uploaded file

done

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.