Jump to content

Validate image upload form

Lisa23

By Lisa23
in PHP Coding Help

 Share

Recommended Posts

Lisa23 Regular Member

Lisa23

Posted
Posted

how can i valiadte the form so in case user doesnt insert a image and click upload error message saying no image inserted

 


<?php
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("admin", $con);
?>



<?php
//define a maxim size for the uploaded images in Kb
define ("MAX_SIZE","100");
//This function reads the extension of the file. It is used to determine if the file is an image by checking the extension.
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
//This variable is used as a flag. The value is initialized with 0 (meaning no error found) and it will be changed to 1 if an errro occures. If the error occures the file will not be uploaded.
$errors=0;
//checks if the form has been submitted
if(isset($_POST['Submit']))
{
//reads the name of the file the user submitted for uploading
$image=$_FILES['image']['name'];
//if it is not empty
if ($image)
{
//get the original name of the file from the clients machine
$filename = stripslashes($_FILES['image']['name']);
//get the extension of the file in a lower case format
$extension = getExtension($filename);
$extension = strtolower($extension);
//if it is not a known extension, we will suppose it is an error and will not upload the file, otherwize we will do more tests
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
{
//print error message
echo '<h1>Unknown extension!</h1>';
$errors=1;
}
else
{
//get the size of the image in bytes
//$_FILES['image']['tmp_name'] is the temporary filename of the file in which the uploaded file was stored on the server
$size=filesize($_FILES['image']['tmp_name']);
//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*102400)
{
echo '<h1>You have exceeded the size limit!</h1>';
$errors=1;
}
//we will give an unique name, for example the time in unix time format
$image_name=time(). '.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="images/".$image;




$query="INSERT INTO photos values ('$image','$user')"; //into database
mysql_query( $query );

$copied = copy($_FILES['image']['tmp_name'], $newname);

if (!$copied)
{
echo '<h1>Copy unsuccessfull!</h1>';
$errors=1;
}}}}
//If no errors registred, print the success message
if(isset($_POST['Submit']) && !$errors)
{
echo "<h1>File Uploaded Successfully! Try again!</h1>";
}
?>
<form name="newad" method="post" enctype="multipart/form-data" action="adminprocess.php">
<table>
<tr><td><input type="file" name="image"></td></tr>
<input type="hidden" name="user_id" value="$_SESSION['user_id']" />




<tr><td><input name="Submit" type="submit" value="Upload image"></td></tr>
</table>
</form>

Link to comment
Share on other sites
Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

If no file was selected, $_FILES['image'] should be empty, IIRC.

If the $_FILES['image']['error'] index contains a value other than 0 (zero), the upload failed, or was incomplete.

 

 

The PHP manual lists the error codes in the array: http://www.php.net/manual/en/features.file-upload.errors.php

Link to comment
Share on other sites
Deoctor Member

Deoctor

Posted
Posted

try this code..

 

<form enctype="multipart/form-data" action="upload.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="9999999999999999" />
Choose a file to upload: <input name="uploaded" type="file" /><br />
<input type="submit" name="submit_x" value="Upload File" />
</form>
<?php
//Working for uploading the files of a particular type
if(isset($_POST['submit_x']))
{
       function file_upload_error_message($error_code)
{
    switch ($error_code)
    {
        case 0:
            return 'There is no error, the file uploaded with success...';
        case 1:
            return 'The uploaded file exceeds the upload_max_filesize directive in php.ini';
        case 2:
            return 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form';
        case 3:
            return 'The uploaded file was only partially uploaded';
        case 4:
            return 'No file was uploaded';
        case 6:
            return 'Missing a temporary folder';
        case 7:
            return 'Failed to write file to disk';
        case 8:
            return 'File upload stopped by extension';
        default:
            return 'Unknown upload error';
    }
}

    $host="localhost";
    $user="root";
    $pass="admin";
    $db="develop";
    mysql_connect($host,$user,$pass) or die(mysql_error());
    mysql_select_db($db) or die(mysql_error());
    $query="select type_name from filetype";
    $result=mysql_query($query);
    ini_set("display_errors",1);
    //error_reporting(E_ALL);
    $target = "upload/";
    $target = $target . basename( $_FILES['uploaded']['name']) ;
    $uploaded_type=strtolower(substr($_FILES['uploaded']['name'],strrpos($_FILES['uploaded']['name'],'.')+1));
    print_r($_FILES['uploaded']);
    $error_code=$_FILES['uploaded']['error'];
       $error_message = file_upload_error_message($error_code);
    echo "Name ".$_FILES['uploaded']['name']."<br>";
    echo "Type ".$_FILES['uploaded']['type']."<br>";
    echo "Error ".$error_message."<br>";
    echo "Size ".$_FILES['uploaded']['size']."<br>";


    //echo "<br>FileX ".$uploaded_type;
     while($row = mysql_fetch_array($result))
     {
          if($uploaded_type==$row['type_name'])
          {

              if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
              {
              echo "The file ". basename( $_FILES['uploaded']['name']). " has been uploaded";
                  break;
              }
              else
              {
              echo "Sorry, there was a problem uploading your file.";
              }

          }
     }
}
?>

Link to comment
Share on other sites
Lisa23 Regular Member

Lisa23

Posted
  • Author
Posted
Mine upload image to a folder and send path to the database i just cant get in case user doenst upload any message get error message


<?php
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("admin", $con);
?>



<?php
//define a maxim size for the uploaded images in Kb
define ("MAX_SIZE","100");
//This function reads the extension of the file. It is used to determine if the file is an image by checking the extension.
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
//This variable is used as a flag. The value is initialized with 0 (meaning no error found) and it will be changed to 1 if an errro occures. If the error occures the file will not be uploaded.
$errors=0;
//checks if the form has been submitted
if(isset($_POST['Submit']))
{
//reads the name of the file the user submitted for uploading
$image=$_FILES['image']['name'];
//if it is not empty
if ($image)
{
//get the original name of the file from the clients machine
$filename = stripslashes($_FILES['image']['name']);
//get the extension of the file in a lower case format
$extension = getExtension($filename);
$extension = strtolower($extension);
//if it is not a known extension, we will suppose it is an error and will not upload the file, otherwize we will do more tests
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
{
//print error message
echo '<h1>Unknown extension!</h1>';
$errors=1;
}
else
{
//get the size of the image in bytes
//$_FILES['image']['tmp_name'] is the temporary filename of the file in which the uploaded file was stored on the server
$size=filesize($_FILES['image']['tmp_name']);
//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*102400)
{
echo '<h1>You have exceeded the size limit!</h1>';
$errors=1;
}
//we will give an unique name, for example the time in unix time format
$image_name=time(). '.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="images/".$image;




$query="INSERT INTO photos values ('$image','$user')"; //into database
mysql_query( $query );

$copied = copy($_FILES['image']['tmp_name'], $newname);

if (!$copied)
{
echo '<h1>Copy unsuccessfull!</h1>';
$errors=1;
}}}}
//If no errors registred, print the success message
if(isset($_POST['Submit']) && !$errors)
{
echo "<h1>File Uploaded Successfully! Try again!</h1>";
}
?>
<form name="newad" method="post" enctype="multipart/form-data" action="adminprocess.php">
<table>
<tr><td><input type="file" name="image"></td></tr>
<input type="hidden" name="user_id" value="$_SESSION['user_id']" />




<tr><td><input name="Submit" type="submit" value="Upload image"></td></tr>
</table>
</form>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.