Jump to content

Image Upload (SOLVED)


ShibSta

Recommended Posts

I need an image upload script that checks if a file uploaded is infact an image and not a script.
Also, I'd like to be able to define allowed file types easily using (define("FILE_TYPES", "gif, jpeg, jpg, png");)

I know this is a rather straight forward and "give me the code" question.
However, I have tried making one for awhile now and finally gave in to asking for one.

Also, is it possible to do checks before you move the file? (Ex. check width, height, and filesize)
If no, is there a way to delete the file if a check fails?
Link to comment
Share on other sites

bump ^^
Anyone? I need this resolved asap if possible, kinda stuck on my project until this part is finished...

I wouldnt be surprised if the answer is in the comments on the bottom of the tutorial's page but when I click on them it refreshes the page but does not display the comments...
Link to comment
Share on other sites

use the getimagesize() function to check width and height. It also checks the filetype so that even something named wombat.jpg will fail if it isn't a real jpg file (and similarly for any image type you want).

http://fundisom.com/phparadise/php/image_handling/image_upload_and_resize

is lixlpixel's script that works 'straight out of the box'.

That should get you moving in the right direction.
Link to comment
Share on other sites

Thing is I'm working with functions and classes already. If someone can help me determine the reason I am receiving errors on the class that was given to me above, I'd have everything working.
Thanks

Also, I don't want a complex script that makes a thumbnail. I am only working with images/gif's of the size 100x100px
Link to comment
Share on other sites

The code you cant see is the code from the tutorial that was given in the link above.  :)
[quote]
http://www.phpfreaks.com/tutorials/85/0.php[/quote]
Anyway, here is my code that calls the class

Basicly I have the form element -> process.php -> class_upload.php

Form POST's to process.php
process.php calls function addBanner()
function addBanner:
[code]  /**
  * addBanner - Uploads the file and executes the MySQL Query to update the database
  */
  function addBanner() {
    global $upload_files, $database, $session, $form;

    $upload_class                =new Upload_Files;
    $upload_class->temp_file_name=trim($_FILES['upload']['tmp_name']);
    $upload_class->file_name    =trim(strtolower($_FILES['upload']['name']));
    $upload_class->upload_dir    =IMG_PATH;
    $upload_class->upload_log_dir="" . IMG_PATH . "/upload_logs/";
    $upload_class->max_file_size =MAX_IMG_SIZE;
    $upload_class->banned_array  =array("");
    $upload_class->ext_array    =array(".gif",".jpg",".jpeg",".png");
    $valid_ext                  =$upload_class->validate_extension();
    $valid_size                  =$upload_class->validate_size();
    $valid_user                  =$upload_class->validate_user();
    $max_size                    =$upload_class->get_max_size();
    $file_size                  =$upload_class->get_file_size();
    $file_exists                =$upload_class->existing_file();
    $field                      ="userfile"; //Use field name for username
    if ($valid_ext) {
      $form->setError($field, "* Invalid file type");
      $retval=1;
    } elseif(!$valid_size) {
      $form->setError($field, "* Invalid file size");
      $retval=1;
    } elseif(!$valid_user) {
      $form->setError($field, "* Banned from uploading");
      $retval=1;
    } elseif($file_exists) {
      $form->setError($field, "* File exists");
      $retval=1;
    } else {
      $upload_file=$upload_class->upload_file_with_validation();
      if (!$upload_file) {
        $form->setError($field, "* Error during upload");
        $retval=2;
      } else {
        $retval=0;
      }
    }
    /* Upload Successful */
    if ($retval == 0) {
      if ($database->addBanner($cid, $uid, $newfile)) {
        return 0; //Query Successfil
        $_SESSION['reguname']  =$_POST['file'];
        $_SESSION['regsuccess']=true;
        header ("Location: " . BASE_URL . "/index.php?act=banners&sub=addbanner&cid=$_POST[cid]");
      } else {
        return 2; //Error with query
        $_SESSION['reguname']  =$_POST['user'];
        $_SESSION['regsuccess']=false;
        header ("Location: " . BASE_URL . "/index.php?act=banners&sub=addbanner&cid=$_POST[cid]");
      }
    }
    /* Error found with form */
    else if($retval == 1) {
      $_SESSION['value_array']=$_POST;
      $_SESSION['error_array']=$form->getErrorArray();
      header ("Location: " . BASE_URL . "/index.php?act=banners&sub=addbanner&cid=$_POST[cid]");
    }
    /* Upload attempt failed */
    else if($retval == 2) {
      $_SESSION['reguname']  =$_POST['user'];
      $_SESSION['regsuccess']=false;
      header ("Location: " . BASE_URL . "/index.php?act=banners&sub=addbanner&cid=$_POST[cid]");
    }
  }
[/code]
Link to comment
Share on other sites

[quote author=printf link=topic=110025.msg444490#msg444490 date=1159657422]
Tell me exactly what you will use it for, and I will give a quick example! I have a bunch of ready made examples, so give me an idea of what one would best help you! What mean is, tell me what you need it to support, (ie: multi upload, restrict size, restrict type, ...)

me!
[/quote]

Ok, lets see how I can best describe this.
I am creating a BannerExchange that uses 100x100 images, but I want these variables to be easily changed in a config file.
I want to upload images, again would be nice to have it as an easy access array in a config file with extensions allowed.
I need it to verify that it is an image and not a script (Security measure)
I need it to check that the size is less than a defined size in config. (51200bytes - 50kb/ default)
I need it to then, after the checks, copy the temp file to a permanent location with a name I can easily specify.
(ex. $id_$cid_$uid.$ext - BannerID_ChannelID_UserID.Extension)
Last but not least I need to be able to implement it into my system.
Form -> process.php -> funtion addBanner
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.