Jump to content

if else statement, $_FILES getting uploaded

$php_mysql$

By $php_mysql$
in PHP Coding Help

 Share

Recommended Posts

$php_mysql$ Regular Member

$php_mysql$

Posted
Posted

so i need to check if the file type is correct only then let the file get uploaded

 

function uploadFile($file, $uploadPath) {

if (is_uploaded_file($file['tmp_name']) && $file['error']==0) {
    $path = $uploadPath . $file['name'];
    
    
        $types = array('image/png', 'image/jpeg', 'image/PNG', 'image/JPG');
if (!in_array($file['image']['type'], $types)) {
	$error=0;
} 
if ($error==0){
		echo "wrong type.";
}else{
if (move_uploaded_file($file['tmp_name'], $path)) {
	  echo "The file was uploaded successfully.";
	  return $path;
	} else {		
	  echo "The file was not uploaded successfully.";
	}
   } 
      } else {
echo "The file was not uploaded successfully.";
echo "(Error Code:" . $file['error'] . ")";
      }
    }

 

what is it that im doing wrong?

Link to comment
Share on other sites
$php_mysql$ Regular Member

$php_mysql$

Posted
  • Author
Posted

so i did this now

function uploadFile($file, $uploadPath) {

print 'file name'.$file["type"];
print '<br/>';
print 'file type'.$file['name'];

if (is_uploaded_file($file['tmp_name']) && $file['error']==0) {
    $path = $uploadPath . $file['name'];		

	$file_type = array("image/gif","image/jpg","image/png");
	$image_type = $file["type"];
	if(!in_array($image_type,$file_type)){
	  echo "wrong file";
	}else{

    if (!file_exists($path)) {
	if (move_uploaded_file($file['tmp_name'], $path)) {
	  echo "The file was uploaded successfully.";
	  return $path;
	} else {
	  echo "The file was not uploaded successfully.";
	}
    } else {
	echo "File already exists. Please upload another file.";
    }
	}
      } else {
echo "The file was not uploaded successfully.";
echo "(Error Code:" . $file['error'] . ")";
      }
    }

 

it says wrong file type but file still gets uploaded.

Link to comment
Share on other sites
$php_mysql$ Regular Member

$php_mysql$

Posted
  • Author
Posted

ok now this coding

 

function uploadFile($file, $uploadPath) {

print 'file type'  .$file["type"];
print '<br/>';
print 'file name'  .$file['name'];

if (is_uploaded_file($file['tmp_name']) && $file['error']==0) {
    $path = $uploadPath . $file['name'];	

	 if (file_exists($path)) {
	echo "File already exists. Please upload another file.";
	}	

	$file_type = array("image/gif","image/jpg","image/png");
	$image_type = $file["type"];
	if(!in_array($image_type,$file_type)){
	  		
	if (move_uploaded_file($file['tmp_name'], $path)) {
	  echo "The file was uploaded successfully.";
	  return $path;
	} else {
	  echo "The file was not uploaded successfully.";
	}
    } else {
	echo "wrong file";
    }

      } else {
echo "The file was not uploaded successfully.";
echo "(Error Code:" . $file['error'] . ")";
      }
    }

 

if i upload jpg image prints 

file type  image/jpeg
file name  result10+2.jpgThe file was uploaded successfully.

 

but if i try to upload an html file i get this 

file type  text/html
file name  test.htmlThe file was uploaded successfully.
Warning: imagesx() expects parameter 1 to be resource, null given in C:\wamp\www\script\image_resize.php on line 52

Warning: imagesy() expects parameter 1 to be resource, null given in C:\wamp\www\script\image_resize.php on line 55

Warning: imagecopyresampled() expects parameter 2 to be resource, null given in C:\wamp\www\script\image_resize.php on line 74

 

 

Link to comment
Share on other sites
$php_mysql$ Regular Member

$php_mysql$

Posted
  • Author
Posted

well thats what my issue if bro, i do not want users to be able to upload any other files than jpg, png and gif and it gets passed by by other function where i got the image_resize.php function before  inserting the values into database

 

                        $remove_symbols = array('+', '=', '-', '{', '}', '$', '(', ')');
		$removed_symbols = str_replace($remove_symbols, "_", $_FILES['image']['name']);  
		global $uploadPath;
		$randomnum=rand(00000000,99999999);  
		$imagepath = uploadFile($_FILES['image'], $uploadPath);
		$image = new SimpleImage();
		$image->load($imagepath);
		$image->resize(225,250);
		$resize_rename = $uploadPath.$randomnum._.$removed_symbols;
		$image->save($resize_rename);

		unlink($imagepath); //delete the original file

Link to comment
Share on other sites
$php_mysql$ Regular Member

$php_mysql$

Posted
  • Author
Posted

well im using this bit of coding now

 


function uploadFile($file, $uploadPath) {

print 'file name'.$file["type"];
print '<br/>';
print 'file type'.$file['name'];

if (is_uploaded_file($file['tmp_name']) && $file['error']==0) {
    $path = $uploadPath . $file['name'];	

	 if (file_exists($path)) {
	echo "File already exists. Please upload another file.";
	}	

	$file_type = array("image/gif","image/jpg","image/png");
	$image_type = $file["type"];
	if(in_array($image_type,$file_type)){		  		
	if (move_uploaded_file($file['tmp_name'], $path)) {
	  echo "The file was uploaded successfully.";
	  return $path;
	} else {
	  echo "The file was not uploaded successfully.";
	}
    } else {
	echo "wrong file";
    }

      } else {
echo "The file was not uploaded successfully.";
echo "(Error Code:" . $file['error'] . ")";
      }
    }

 

if i try to upload html of jpg both getting uploaded but also it show wrong file message

 

file nameimage/jpeg

file typeresult10+2.jpg wrong file

Link to comment
Share on other sites
$php_mysql$ Regular Member

$php_mysql$

Posted
  • Author
Posted

ok this is kinda helping me to atleast exit the page from executing but i need to print message in page instead of exiting it

 

////////////////////////////////////image error

function uploadFile($file, $uploadPath) {
 $path = $uploadPath . $file['name'];

 $file_type = array("image/gif","image/jpg","image/png","image/jpeg");
	$image_type = $file["type"];
	if(!in_array($image_type,$file_type)){

	echo "wrong file type";
	exit();
	}else{

 if (move_uploaded_file($file['tmp_name'], $path)) {
	  echo "The file was uploaded successfully.";
	  return $path;
	} else {
	  echo "The file was not uploaded successfully.";
	}
    }	
}

 

how can i do that? for rest of my form input error i do it this way

 

function ErrorCheck($data){	

	   $errormsg = array();
	   

		if($dataError['title'] == '') {
	   $errormsg['title'] = 'Title is required!';
	   	}	

	  return $errormsg;
}

how can i make this work that way?

Link to comment
Share on other sites
$php_mysql$ Regular Member

$php_mysql$

Posted
  • Author
Posted

if you could show me how to would really appreciate it, i have been trying and tryin with these things at last i managed to atleast not upload file if its of wrong file type but with the help of exit(); which makes my page blank, what other alternate way do i got to get the same relust with the error message displaying in the form itself? without making

 

if (move_uploaded_file($file['tmp_name'], $path)) {
	  echo "The file was uploaded successfully.";
	  return $path;
	} else {
	  echo "The file was not uploaded successfully.";
	}

 

execute

Link to comment
Share on other sites
TeNDoLLA Newbie

TeNDoLLA

Posted
Posted

Try this

function uploadFile($file, $uploadPath)
{
$path = $uploadPath . $file['name'];
$allowedTypes = array("image/gif","image/jpg","image/png","image/jpeg");

if (in_array($file['type']), $allowedTypes)
{
	if (move_uploaded_file($file['tmp_name']), $path)
	{
		echo 'Image uploaded succesfully.';
	}
	else
	{
		echo 'Error saving image.';
	}
}
else
{
	echo 'Invalid file type.';
}
}

 

And this can be done to separate the output from the logic

function uploadFile($file, $uploadPath)
{
$path = $uploadPath . $file['name'];
$allowedTypes = array("image/gif","image/jpg","image/png","image/jpeg");
$msg = ''; // Message to be returned from the function.

if (in_array($file['type']), $allowedTypes)
{
	if (move_uploaded_file($file['tmp_name']), $path)
	{
		$msg = 'Image uploaded succesfully.';
	}
	else
	{
		$msg = 'Error saving image.';
	}
}
else
{
	$msg = echo 'Invalid file type.';
}
return $msg; // Use the return value to print the message elsewhere.
}

Link to comment
Share on other sites
$php_mysql$ Regular Member

$php_mysql$

Posted
  • Author
Posted

im getting an error Parse error: parse error in C:\wamp\www\script\functions\functions.inc.php

 

which is

 

if (in_array($file['type']), $allowedTypes){

 

function uploadFile($file, $uploadPath)
{
$path = $uploadPath . $file['name'];
$allowedTypes = array("image/gif","image/jpg","image/png","image/jpeg");

$msg = ''; // Message to be returned from the function.	

if (in_array($file['type']), $allowedTypes){

if (move_uploaded_file($file['tmp_name']), $path)
{
$msg = 'Image uploaded succesfully.';
}else{
$msg = 'Error saving image.';
}
}else{
$msg = echo 'Invalid file type.';
}
return $msg; // Use the return value to print the message elsewhere.
}

Link to comment
Share on other sites
$php_mysql$ Regular Member

$php_mysql$

Posted
  • Author
Posted

yes im receiving parse error in C:\wamp\www\script\functions\functions.inc.php

 

on this line if (in_array($file['type']), $allowedTypes){ of this

 

function uploadFile($file, $uploadPath)
{



$path = $uploadPath . $file['name'];



$allowedTypes = array("image/gif","image/jpg","image/png","image/jpeg");



$msg = ''; // Message to be returned from the function.






if (in_array($file['type']), $allowedTypes)



{





if (move_uploaded_file($file['tmp_name']), $path)





{







$msg = 'Image uploaded succesfully.';





}





else





{







$msg = 'Error saving image.';





}



}



else



{





$msg = echo 'Invalid file type.';



}



return $msg; // Use the return value to print the message elsewhere.
}

 

code

Link to comment
Share on other sites
$php_mysql$ Regular Member

$php_mysql$

Posted
  • Author
Posted

my this bit of code works fine but with the exit(); function

 

function uploadFile($file, $uploadPath) {


 if (is_uploaded_file($file['tmp_name']) && $file['error']==0) {
 $path = $uploadPath . $file['name'];

 print 'file size' .$file['size'];

 $msg = '';

 	$blacklist = array(".php", ".php.jpg", ".php.jpeg", ".php.gif", ".php.png", ".phtml", ".php3", ".php4", ".html");
	foreach ($blacklist as $item) {
		if(preg_match("/$item\$/i", $file['name'])) {
		echo "Hacking file"; 
	exit();
	}
} 

	$max_size = 5242880;
	$file_size = $file['size'];
	if($file_size > $max_size){
	echo "file too large"; 
	exit();
}	 

 $file_type = array("image/gif","image/jpg","image/jpeg","image/png");
	$image_type = $file["type"];
	if(!in_array($image_type,$file_type)){		
	echo "wrong file type";
	exit();

	}else{

 if (move_uploaded_file($file['tmp_name'], $path)) {
	  echo "The file was uploaded successfully.";
	  return $path;
	} else {
	  echo "The file was not uploaded successfully.";
	}
    }
	} else {
echo "The file was not uploaded successfully.";
echo "(Error Code:" . $file['error'] . ")";
      }	
}

 

maybe could u implant the custom error message in this code removing the exit();?

 

but i have noticed that if i remove the exit(); then files get uploaded

Link to comment
Share on other sites
TeNDoLLA Newbie

TeNDoLLA

Posted
Posted

Maybe do something like this..

function uploadFile($file, $uploadPath) {
$max_size = 5242880;
$path = $uploadPath . $file['name'];
$blacklist = array(".php", ".jpg", ".jpeg", ".php.gif", ".php.png", ".phtml", ".php3", ".php4", ".html");
$file_type = array("image/gif","image/jpg","image/jpeg","image/png");
$patterns = implode('|', $blacklist);

if (preg_match('('. $patterns .')', $file['name']))
{
	return 'File is blacklisted.';
}
else if ($file['size'] > $max_size)
{
	return 'File is too large.';
}
else if (!in_array($file['type'], $file_type))
{
	return 'File type is not allowed.';
}
else if (move_uploaded_file($file['tmp_name'], $path))
{
	return "The file was uploaded successfully.";
}
else
{
	return "The file was not uploaded successfully. Error code: " . $file['error'];
}
}

Link to comment
Share on other sites
$php_mysql$ Regular Member

$php_mysql$

Posted
  • Author
Posted

html file is getting uploaded and a black image getting uploaded and get this error

 

Warning: getimagesize(File is blacklisted.) [function.getimagesize]: failed to open stream: No such file or directory in C:\wamp\www\script\image_resize.php on line 14

Warning: imagesx() expects parameter 1 to be resource, null given in C:\wamp\www\script\image_resize.php on line 52

Warning: imagesy() expects parameter 1 to be resource, null given in C:\wamp\www\script\image_resize.php on line 55

Warning: imagecopyresampled() expects parameter 2 to be resource, null given in C:\wamp\www\script\image_resize.php on line 74

Warning: unlink(File is blacklisted.) [function.unlink]: No such file or directory in C:\wamp\www\script\functions\functions.inc.php on line 312

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.