PHP Image Upload

[ChaosKnight]

I made this code that is supposed to upload an image to the server under the specified target path, but it doesn't want to... 

<?php
  $allowedExtensions = array("png","jpg","jpeg","gif");
  foreach ($_FILES as $file){
    if($file['tmp_name'] > ''){
      if(!in_array(end(explode(".",strtolower($file['name']))),$allowedExtensions)){
       die($file['name'].' has an invalid file type...<br/>');
      }else{
        if($file == 'logo'){
          $target_path = "images/logos/";
          $target_path = $target_path . basename($file['name']);
          move_uploaded_file($file['tmp_name'], $target_path);
        }elseif(($file == 'image1') || ($file == 'image2')){
          $target_path = "images/hotels/";
          $target_path = $target_path . basename($file['name']);
          move_uploaded_file($file['tmp_name'], $target_path);
        }
      }
    }
  }
?>

What did I do wrong?

 

The reason why I check whether it's logo, image1, or image2 is because they go into different directories.

 

Any help will be greatly appreciated

[The Eagle]

Well I thought I noticed an error.

 

Replace your code with this below and test it out.

 

<?php
  $allowedExtensions = array("png","jpg","jpeg","gif");
  foreach ($_FILES as $file){
    if($file['tmp_name'] > ''){
      if(!in_array(end(explode(".",strtolower($file['name']))),$allowedExtensions)){
       die($file['name'].' has an invalid file type...<br/>');
      }else{
        if($file == 'logo'){
          $target_path = "images/logos/";
          $target_path = $target_path . basename($file['name']);
          move_uploaded_file($file['tmp_name'], $target_path);
        }elseif(($file == 'image1') || ($file == 'image2')){
          $target_path2 = "images/hotels/";
          $target_path2 = $target_path . basename($file['name']);
          move_uploaded_file($file['tmp_name'], $target_path2);
        }
      }
    }
  }
?>

[mattal999]

if($file == 'logo'){

Should be:

 

if(explode(".",strtolower($file['name']))[0] == 'logo'){

Or something like that. Just make sure that use use the ['name'] part and get rid of the extension.

[ChaosKnight]

Still nothing after the code by the eagle... I changed the code to this:

<?php
  $allowedExtensions = array("png","jpg","jpeg","gif");
  foreach ($_FILES as $file){
    if($file['tmp_name'] > ''){
      if(!in_array(end(explode(".",strtolower($file['name']))),$allowedExtensions)){
       die($file['name'].' has an invalid file type...<br/>');
      }else{
        if($file == 'logo'){
          $target_path = "images/logos/";
          $target_path = $target_path . basename($file['name']);
          move_uploaded_file($file['tmp_name'], $target_path);
        }elseif(($file == 'image1') || ($file == 'image2')){
          $target_path2 = "images/hotels/";
          $target_path2 = $target_path . basename($file['name']);
          if(move_uploaded_file($file['tmp_name'], $target_path2)){
            echo "<h3>$file['name'] uploaded successfully...</h3>";
          }else{
            echo "3";
          }
        }else{
          echo "2";
        }
      }
    }else{
      echo "1";
    }
  }
?>

With the hope that it'll clarify what happens in the code, and it returned 121...

So it finds an error at if($file['tmp_name'] > '') and at if($file == 'logo) and the other 2 file checks, and then again at the if(file['tmp_name'] > '')

 

I don't want to check the name of the file, I just want to check from which file input it was submitted... On the previous form I have 3 file inputs: logo, image1 and image2, that is the reason why I need to check where it came from...

[mattal999]

Still nothing after the code by the eagle... I changed the code to this:

<?php
  $allowedExtensions = array("png","jpg","jpeg","gif");
  foreach ($_FILES as $file){
    if($file['tmp_name'] > ''){
      if(!in_array(end(explode(".",strtolower($file['name']))),$allowedExtensions)){
       die($file['name'].' has an invalid file type...<br/>');
      }else{
        if($file == 'logo'){
          $target_path = "images/logos/";
          $target_path = $target_path . basename($file['name']);
          move_uploaded_file($file['tmp_name'], $target_path);
        }elseif(($file == 'image1') || ($file == 'image2')){
          $target_path2 = "images/hotels/";
          $target_path2 = $target_path . basename($file['name']);
          if(move_uploaded_file($file['tmp_name'], $target_path2)){
            echo "<h3>$file['name'] uploaded successfully...</h3>";
          }else{
            echo "3";
          }
        }else{
          echo "2";
        }
      }
    }else{
      echo "1";
    }
  }
?>

With the hope that it'll clarify what happens in the code, and it returned 121...

So it finds an error at if($file['tmp_name'] > '') and at if($file == 'logo) and the other 2 file checks, and then again at the if(file['tmp_name'] > '')

 

I don't want to check the name of the file, I just want to check from which file input it was submitted... On the previous form I have 3 file inputs: logo, image1 and image2, that is the reason why I need to check where it came from...

Oh sorry, I misunderstood. It seems that the tmp_name is not being sent properly, and I think it relates to this: http://www.php.net/manual/en/features.file-upload.multiple.php#89333

 

Take a look and try incorporating the function at the start.

[The Eagle]

$newname = md5_file($file['file']['tmp_name']).'.'.$matches[1];

 

Is how I worked out doing tmp_name on my image upload script.

[ChaosKnight]

This is how I post the images:

<input type="file" id="logo" name="logo" />
<input type="file" id="image1" name="image1" />
<input type="file" id="image2" name="image2" />

So the 'file' in $_FILES['file'] can only be logo, image1 and image2.

The rest of the image's attributes are unknown, seeing that it's

a form to create a new hotel entry for a tourism company...

 

I don't know if that's where I made a logical error by using:

foreach($_FILES as $file)

Because I read somewhere just now that the $_FILES global is an associative array,

so should I use foreach($_FILES as $key => $value) instead?

 

I'm still confused with associative arrays, because I prefer the normal array...

 

I don't think it passes as a multi dimensional array

[PFMaBiSmAd]

should I use foreach($_FILES as $key => $value) instead?

 

Yes, $key will be the form field name="..." (logo, image1, image2) and $value (or $file in your existing code) will have the ['error'], ['tmp_name'], ['name'], ['type'] elements.

[ChaosKnight]

I simplified the code to only:

<?php
  $allowedExtensions = array("png","jpg","jpeg","gif");
  if(isset($_FILES['image1'])){
    if($_FILES['image1']['tmp_name'] > ''){
      if(!in_array(end(explode(".",strtolower($_FILES['image1']['name']))),$allowedExtensions)){
       die($_FILES['image1']['name'].' has an invalid file type...<br/>');
      }else{
        $target_path = "images/hotels/";
        $target_path = $target_path . basename($_FILES['image1']['name']);
        if(move_uploaded_file($_FILES['image1']['tmp_name'], $target_path)){
          echo "<h3>$_FILES['image1']['name'] uploaded successfully...</h3>";
        }
      }
    }
  }
?>

Now it runs the code successfully, but it gives me these messages:

Warning: move_uploaded_file(images/hotels/ph-hazyview-gardens.jpg) [function.move-uploaded-file]: failed to create stream: Permission denied in *web address* on line 10

Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move 'C:\PHP\uploadtemp\php154.tmp' to 'images/hotels/ph-hazyview-gardens.jpg' in *web address* on line 10

Is there some kind of setting that I have to enable in php.ini? If there is, what will the code be to change it on runtime, because I'm on a shared host, so I don't know if they enabled it or not...

[mattal999]

Have you CHMOD the images directory to 0777? If not, you need to do it via FTP (Google it).

[The Eagle]

Mattal999, you beat me too it!

 

Yes give CHMOD 0777 to that directory where you're moving them, and it will work. Good luck.

[ChaosKnight]

I never used chmod() before, so I don't really know what to do... I looked at the PHP Manual  , and it said that this should work:

$target_path = chmod("images/hotels/", 0777);

But then I tried it, and it returned this error message:

Warning: chmod() [function.chmod]: Permission denied in *address* on line 8

So I guess I can't use chmod then? 

[The Eagle]

In FileZilla, right click the file you're moving them too (up directory?) then go to Permissions, type in 0777 and it will be writable for the script.

[mattal999]

You'll have to do it manually using FTP. Open your FTP client (be it software or webware), and navigate to the directory in which /images/ resides. Then look for a properties or chmod button (depending on the interface) and set permissions to 0777 (grants pretty much everything).

 

EDIT: Eagle, you beat me to it this time

[ChaosKnight]

But that will enable everyone to upload anything to that folder?

 

I use CuteFTP, when I tried to change the CHMOD, it informed me that the command is not understood by the server...

Is CHMOD only for Linux servers? Because a few times before I thought that my web host has Windows Servers, if that's

the case then it will explain everything... The server I'm on also has a lot of downtime... And the webhost only gives support for ASP so they'll never assist me...

[The Eagle]

Not exactly, just your script because it needs it to be CHMODDED to move folders (and I think write to it).

[ChaosKnight]

I use CuteFTP, when I tried to change the CHMOD, it informed me that the command is not understood by the server...

Is CHMOD only for Linux servers? Because a few times before I thought that my web host has Windows Servers, if that's the case then it will explain everything... The server I'm on also has a lot of downtime... And the webhost only gives support for ASP so they'll never assist me...

[The Eagle]

Well, I am not too familiar with CuteFTP. You can right click the directory images, go to Permissions or Properties ~> and make it Read Only. This should work because it definitely seems your host is a Windows server.

[PFMaBiSmAd]

If you make the folder(s) using a php script, php should have ownership and the necessary permissions to access the folder(s).

[ChaosKnight]

I sent an e-mail to my host and asked them to check my permissions, they'll probably reply within the next 6 hours, I don't know what the time in the US is now, but here in South Africa it's 8:43PM, so it's probably somewhere around 9AM there...

 

I'm busy downloading FileZilla now, will try it instead of CuteFTP... How can I create a directory via PHP?

[The Eagle]

Pretty sure mkdir will do you just fine with this, I think below will work not sure you can try.

 

 

$thisdir = getcwd(); 

if(mkdir($thisdir ."/filename" , 0777))  /// $thisdir = directory script is in || /filename is the filename || 0777 is perms 
{ 
   echo "Directory has been created successfully..."; 
} 
else 
{ 
   echo "Failed to create directory..."; 


} 

[ChaosKnight]

Didn't seem to work... I'll wait for their e-mail about my permissions... Thanks for your help, I'm going to take a break now and watch some South Park  and then I'll try again haha... Thanks for all your help eagle...

[ChaosKnight]

Everything works perfectly now... SOLVED!!