Jump to content

Validate image upload form

Lisa23

By Lisa23
in PHP Coding Help

Recommended Posts

Lisa23 Regular Member

Lisa23

Posted
Posted

how can i valiadte the form so in case user doesnt insert a image and click upload error message saying no image inserted

 


<?php
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("admin", $con);
?>



<?php
//define a maxim size for the uploaded images in Kb
define ("MAX_SIZE","100");
//This function reads the extension of the file. It is used to determine if the file is an image by checking the extension.
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
//This variable is used as a flag. The value is initialized with 0 (meaning no error found) and it will be changed to 1 if an errro occures. If the error occures the file will not be uploaded.
$errors=0;
//checks if the form has been submitted
if(isset($_POST['Submit']))
{
//reads the name of the file the user submitted for uploading
$image=$_FILES['image']['name'];
//if it is not empty
if ($image)
{
//get the original name of the file from the clients machine
$filename = stripslashes($_FILES['image']['name']);
//get the extension of the file in a lower case format
$extension = getExtension($filename);
$extension = strtolower($extension);
//if it is not a known extension, we will suppose it is an error and will not upload the file, otherwize we will do more tests
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
{
//print error message
echo '<h1>Unknown extension!</h1>';
$errors=1;
}
else
{
//get the size of the image in bytes
//$_FILES['image']['tmp_name'] is the temporary filename of the file in which the uploaded file was stored on the server
$size=filesize($_FILES['image']['tmp_name']);
//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*102400)
{
echo '<h1>You have exceeded the size limit!</h1>';
$errors=1;
}
//we will give an unique name, for example the time in unix time format
$image_name=time(). '.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="images/".$image;




$query="INSERT INTO photos values ('$image','$user')"; //into database
mysql_query( $query );

$copied = copy($_FILES['image']['tmp_name'], $newname);

if (!$copied)
{
echo '<h1>Copy unsuccessfull!</h1>';
$errors=1;
}}}}
//If no errors registred, print the success message
if(isset($_POST['Submit']) && !$errors)
{
echo "<h1>File Uploaded Successfully! Try again!</h1>";
}
?>
<form name="newad" method="post" enctype="multipart/form-data" action="adminprocess.php">
<table>
<tr><td><input type="file" name="image"></td></tr>
<input type="hidden" name="user_id" value="$_SESSION['user_id']" />




<tr><td><input name="Submit" type="submit" value="Upload image"></td></tr>
</table>
</form>

Link to comment
https://forums.phpfreaks.com/topic/197965-validate-image-upload-form/
Share on other sites
Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

If no file was selected, $_FILES['image'] should be empty, IIRC.

If the $_FILES['image']['error'] index contains a value other than 0 (zero), the upload failed, or was incomplete.

 

 

The PHP manual lists the error codes in the array: http://www.php.net/manual/en/features.file-upload.errors.php

Deoctor Member

Deoctor

Posted
Posted

try this code..

 

<form enctype="multipart/form-data" action="upload.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="9999999999999999" />
Choose a file to upload: <input name="uploaded" type="file" /><br />
<input type="submit" name="submit_x" value="Upload File" />
</form>
<?php
//Working for uploading the files of a particular type
if(isset($_POST['submit_x']))
{
       function file_upload_error_message($error_code)
{
    switch ($error_code)
    {
        case 0:
            return 'There is no error, the file uploaded with success...';
        case 1:
            return 'The uploaded file exceeds the upload_max_filesize directive in php.ini';
        case 2:
            return 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form';
        case 3:
            return 'The uploaded file was only partially uploaded';
        case 4:
            return 'No file was uploaded';
        case 6:
            return 'Missing a temporary folder';
        case 7:
            return 'Failed to write file to disk';
        case 8:
            return 'File upload stopped by extension';
        default:
            return 'Unknown upload error';
    }
}

    $host="localhost";
    $user="root";
    $pass="admin";
    $db="develop";
    mysql_connect($host,$user,$pass) or die(mysql_error());
    mysql_select_db($db) or die(mysql_error());
    $query="select type_name from filetype";
    $result=mysql_query($query);
    ini_set("display_errors",1);
    //error_reporting(E_ALL);
    $target = "upload/";
    $target = $target . basename( $_FILES['uploaded']['name']) ;
    $uploaded_type=strtolower(substr($_FILES['uploaded']['name'],strrpos($_FILES['uploaded']['name'],'.')+1));
    print_r($_FILES['uploaded']);
    $error_code=$_FILES['uploaded']['error'];
       $error_message = file_upload_error_message($error_code);
    echo "Name ".$_FILES['uploaded']['name']."<br>";
    echo "Type ".$_FILES['uploaded']['type']."<br>";
    echo "Error ".$error_message."<br>";
    echo "Size ".$_FILES['uploaded']['size']."<br>";


    //echo "<br>FileX ".$uploaded_type;
     while($row = mysql_fetch_array($result))
     {
          if($uploaded_type==$row['type_name'])
          {

              if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
              {
              echo "The file ". basename( $_FILES['uploaded']['name']). " has been uploaded";
                  break;
              }
              else
              {
              echo "Sorry, there was a problem uploading your file.";
              }

          }
     }
}
?>

Lisa23 Regular Member

Lisa23

Posted
  • Author
Posted
Mine upload image to a folder and send path to the database i just cant get in case user doenst upload any message get error message


<?php
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("admin", $con);
?>



<?php
//define a maxim size for the uploaded images in Kb
define ("MAX_SIZE","100");
//This function reads the extension of the file. It is used to determine if the file is an image by checking the extension.
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
//This variable is used as a flag. The value is initialized with 0 (meaning no error found) and it will be changed to 1 if an errro occures. If the error occures the file will not be uploaded.
$errors=0;
//checks if the form has been submitted
if(isset($_POST['Submit']))
{
//reads the name of the file the user submitted for uploading
$image=$_FILES['image']['name'];
//if it is not empty
if ($image)
{
//get the original name of the file from the clients machine
$filename = stripslashes($_FILES['image']['name']);
//get the extension of the file in a lower case format
$extension = getExtension($filename);
$extension = strtolower($extension);
//if it is not a known extension, we will suppose it is an error and will not upload the file, otherwize we will do more tests
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
{
//print error message
echo '<h1>Unknown extension!</h1>';
$errors=1;
}
else
{
//get the size of the image in bytes
//$_FILES['image']['tmp_name'] is the temporary filename of the file in which the uploaded file was stored on the server
$size=filesize($_FILES['image']['tmp_name']);
//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*102400)
{
echo '<h1>You have exceeded the size limit!</h1>';
$errors=1;
}
//we will give an unique name, for example the time in unix time format
$image_name=time(). '.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="images/".$image;




$query="INSERT INTO photos values ('$image','$user')"; //into database
mysql_query( $query );

$copied = copy($_FILES['image']['tmp_name'], $newname);

if (!$copied)
{
echo '<h1>Copy unsuccessfull!</h1>';
$errors=1;
}}}}
//If no errors registred, print the success message
if(isset($_POST['Submit']) && !$errors)
{
echo "<h1>File Uploaded Successfully! Try again!</h1>";
}
?>
<form name="newad" method="post" enctype="multipart/form-data" action="adminprocess.php">
<table>
<tr><td><input type="file" name="image"></td></tr>
<input type="hidden" name="user_id" value="$_SESSION['user_id']" />




<tr><td><input name="Submit" type="submit" value="Upload image"></td></tr>
</table>
</form>

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.