Jump to content

PATHINFO error

3raser

By 3raser
in PHP Coding Help

 Share

Recommended Posts

Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

Shouldn't need to. pathinfo() will work even with a full path such as /var/www/htdocs/site/index.php. If there's nothing in the array element, that would be the problem. Post the chunk of code that uses this, from the point where the file is picked out of the form data through where pathinfo() is used.

Link to comment
Share on other sites
3raser Advanced Member

3raser

Posted
  • Author
Posted

Shouldn't need to. pathinfo() will work even with a full path such as /var/www/htdocs/site/index.php. If there's nothing in the array element, that would be the problem. Post the chunk of code that uses this, from the point where the file is picked out of the form data through where pathinfo() is used.

 

start_upload.php

 

<?php
session_start();
include("includes/mysql.php");
include("includes/config.php");

?>

<title><?php echo $title; ?></title>

<?php
echo "<a href='start_upload.php'>Upload</a> | <a href='search.php'>Search & Browse</a> | <a href='/news'>News & Announcements</a> | <a href='logout.php'>Logout</a><hr>";

if(!$_SESSION['user'])
	{
		echo "Your not allowed to upload plugins! <a href='index.php'>Go Home</a> or <a href='register.php'>Make an account</a>.";
	}
	else
	{
		echo '<form enctype="multipart/form-data" action="upload.php" method="POST">
		<input type="hidden" name="MAX_FILE_SIZE" value="10000000 byte" />
		Choose a Plugin to Upload: <input name="file" type="file" /><br />
		<b>Title:</b> <input type="text" name="title" maxlength="40"><br/>
		<b>Description</b><br/><textarea name="description" cols="45" rows="25" maxlength="2300"></textarea>
		<br/>
		<input type="submit" value="Upload Plugin" />
		</form>';

		echo "<br/><br/>";
		echo "NOTE: Uploading any harmful programs and/or files that can invade another users privacy, harm their computer, or uploading any files like malware, viruses, or trojans will result in an INSTANT, PERMANENT, IP Ban.";
	}
?>

<? 
include("includes/footer.php");
?>

 

upload.php

 

<?php
session_start();
include("includes/mysql.php");
include("includes/config.php");

?>

<title><?php echo $title; ?></title>

<?php

if(!$_SESSION['user'])
	{
		echo "Your not allowed to upload plugins! <a href='index.php'>Go Home</a> or <a href='register.php'>Make an account</a>.";
	}
	else
	{
	$description = $_POST['description'];
	$description = mysql_real_escape_string($description);
	$ip = $_SERVER['REMOTE_ADDR'];
	$date = date('m-d-y');
	$title = $_POST['title'];
	$title = mysql_real_escape_string($title);
	$user = $_SESSION['SESSION'];

		$target_path = "mods/";

		$target_path = $target_path . basename( $_FILES['file']['name']); 

		if(pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION)==".zip")
		{

		if(move_uploaded_file($_FILES['file']['tmp_name'], $target_path)) {

		$query = mysql_query("SELECT COUNT(id) FROM mods");
		$finish_query = mysql_fetch_assoc($query);
		$output = $finish_query['COUNT(id)'] + 1;
		$_FILES['file']['name'] = $output;

		echo "The mod ".  basename( $_FILES['file']['name']). 
		" has been uploaded. Check it out <a href='mods/". $output ."'>HERE.</a>";

		echo pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);

		mysql_query("INSERT INTO mods VALUES('', '$ip', '$date', '$title', '$description', '$user')");

		} else{
		echo "There was an error uploading the file, please try again!";
		}
		}
		else
		{
			echo "You cannot use a ". pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION) ." extension!";
			echo $_FILES['file']['name'];
		}
	}
include("includes/footer.php");
?>

Link to comment
Share on other sites
3raser Advanced Member

3raser

Posted
  • Author
Posted

You're changing the contents of $_FILES['file']['name'] on this line:

	$_FILES['file']['name'] = $output;

Is that part of your file-renaming routine? If it is, you'll need to check the extension before that point.

 

Nope, it's not changing anything important. :/

 

It worked before, now it isn't.

Link to comment
Share on other sites
3raser Advanced Member

3raser

Posted
  • Author
Posted

I has to be changing something important. $output would either contain an integer, or possibly an empty string or NULL value. None of those are file names.

 

Yes, it's an integer. But where it checks and displays the extensions are out of reach. (Checks = above $output, display is in another { } (dunno whats it's called) - And this is the latest code)

 

<?php
session_start();
include("includes/mysql.php");
include("includes/config.php");

?>

<title><?php echo $title; ?></title>

<?php
echo "<a href='start_upload.php'>Upload</a> | <a href='search.php'>Search & Browse</a> | <a href='/news'>News & Announcements</a> | <a href='logout.php'>Logout</a><hr>";

if(!$_SESSION['user'])
	{
		echo "Your not allowed to upload plugins! <a href='index.php'>Go Home</a> or <a href='register.php'>Make an account</a>.";
	}
	else
	{
	echo "<a href='start_upload.php'>Upload</a> | <a href='search.php'>Search & Browse</a> | <a href='/news'>News & Announcements</a> | <a href='logout.php'>Logout</a><hr>";

	$description = $_POST['description'];
	$description = mysql_real_escape_string($description);
	$ip = $_SERVER['REMOTE_ADDR'];
	$date = date('m-d-y');
	$title = $_POST['title'];
	$title = mysql_real_escape_string($title);
	$user = $_SESSION['SESSION'];

		$target_path = "mods/";

		$target_path = $target_path . basename( $_FILES['file']['name']); 

		if(pathinfo(basename($_FILES['file']['name']), PATHINFO_EXTENSION)=="zip")
		{

		if(move_uploaded_file($_FILES['file']['tmp_name'], $target_path)) {

		$query = mysql_query("SELECT COUNT(id) FROM mods");
		$finish_query = mysql_fetch_assoc($query);

		echo "The mod ". basename($_FILES['file']['name']) . 
		" has been uploaded. Check it out <a href='mods/". $output ."'>HERE.</a>";

		$output = $finish_query['COUNT(id)'] + 1;
		$_FILES['file']['name'] = $output;

		mysql_query("INSERT INTO mods VALUES('', '$ip', '$date', '$title', '$description', '$user')");

		} else{
		echo "There was an error uploading the file, please try again!";
		}
		}
		else
		{
			echo "You cannot use a .". pathinfo(basename($_FILES['file']['name']), PATHINFO_EXTENSION) ." extension! .zip is currently the only filed extension allowed.";
		}
	}
include("includes/footer.php");
?>

Link to comment
Share on other sites
3raser Advanced Member

3raser

Posted
  • Author
Posted

I just pasted in your latest code, indented it properly, and it made more sense. It seems to work for me. When I try to use a file with an extension other than .zip, I get the error message.

 

But if you DO use a zip, is gives you the error message. But it says:

 

You cannot use a . extension! .zip is currently the only filed extension allowed.

 

And also, thats just the way I code. I don't know what to do to improve it...

Link to comment
Share on other sites
Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

No, not for me it doesn't. I had to comment out your db queries, but otherwise I just pasted your code into my dev box.

When I try a .pdf: You cannot use a .pdf extension! .zip is currently the only filed extension allowed.

With a .zip I get the There was an error uploading the file, please try again! because I didn't replicate your directory structure, and no error for the extension.

Link to comment
Share on other sites
3raser Advanced Member

3raser

Posted
  • Author
Posted 

<?php
session_start();
include("includes/mysql.php");
include("includes/config.php");

?>

<title><?php echo $title; ?></title>

<?php
echo "<a href='start_upload.php'>Upload</a> | <a href='search.php'>Search & Browse</a> | <a href='/news'>News & Announcements</a> | <a href='logout.php'>Logout</a><hr>";

if(!$_SESSION['user'])
	{
		echo "Your not allowed to upload plugins! <a href='index.php'>Go Home</a> or <a href='register.php'>Make an account</a>.";
	}
	else
	{
	echo "<a href='start_upload.php'>Upload</a> | <a href='search.php'>Search & Browse</a> | <a href='/news'>News & Announcements</a> | <a href='logout.php'>Logout</a><hr>";

	$description = $_POST['description'];
	$description = mysql_real_escape_string($description);
	$ip = $_SERVER['REMOTE_ADDR'];
	$date = date('m-d-y');
	$title = $_POST['title'];
	$title = mysql_real_escape_string($title);
	$user = $_SESSION['SESSION'];

		$target_path = "mods/";


		$query = mysql_query("SELECT COUNT(id) FROM mods");
		$finish_query = mysql_fetch_assoc($query);
		$output = $finish_query['COUNT(id)'] + 1;
		$_FILES['file']['name'] = $output;

		$target_path = $target_path . basename( $_FILES['file']['name']); 

		if(pathinfo(basename($_FILES['file']['name']), PATHINFO_EXTENSION)=="zip")
		{

		if(move_uploaded_file($output, $target_path)) {

		echo "The mod ". basename($_FILES['file']['name']) . 
		" has been uploaded. Check it out <a href='mods/". $output ."'>HERE.</a>";


		mysql_query("INSERT INTO mods VALUES('', '$ip', '$date', '$title', '$description', '$user')");

		} else{
		echo "There was an error uploading the file, please try again!";
		}
		}
		else
		{
			echo "You cannot use a .". pathinfo(basename($_FILES['file']['name']), PATHINFO_EXTENSION) ." extension! .zip is currently the only filed extension allowed.";
		}
	}
include("includes/footer.php");
?>

 

How do I get it so it will upload the file name as $output, instead of basename($_FILES['file]['name'])

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.