Jump to content

File Upload Issue


honkmaster

Recommended Posts

Hi, I have an issue with the following code. I want to upload files to a directory named by a form i.e "uploads/image/$company" the company name is posted from the form.

 

The issue is the files don't end up where I want? i.e they land "uploads/Image" along side the directory

 

ANy help would be great, its driving me mad!!

 

<?php
    //testing post
echo "$_POST[nouploads]";
echo "<br />";
echo "$_POST[company]";

//posted from form
$nouploads = "$_POST[nouploads]";
$company = "$_POST[company]";

//make a dir with the same name as company
//does not matter if it already exists
if (!file_exists ( "uploads/image/$company" )) {
mkdir("uploads/image/$company", 0777, true);
}

error_reporting(E_ALL);

    //directory to upload to
    $upload_dir= 'uploads/image/$company';

    //number of files to upload passed by form
    $num_uploads = "$nouploads";

    //maximum filesize allowed in bytes
    $max_file_size  = 2000000;

    //the maximum filesize from php.ini
    $ini_max = str_replace('M', '', ini_get('upload_max_filesize'));
    $upload_max = $ini_max * 2000000;

    //a message for users
    $msg = 'Please select files for uploading';

    //an array to hold messages
    $messages = array();	

    //check if a file has been submitted
    if(isset($_FILES['userfile']['tmp_name']))
    {
        //loop through the array of files
        for($i=0; $i < count($_FILES['userfile']['tmp_name']);$i++)
        {
            //check if there is a file in the array
            if(!is_uploaded_file($_FILES['userfile']['tmp_name'][$i]))
            {
                $messages[] = 'No file uploaded';
            }
            //check if the file is less then the max php.ini size
            elseif($_FILES['userfile']['size'][$i] > $upload_max)
            {
                $messages[] = "File size exceeds $upload_max php.ini limit";
            }
            //check the file is less than the maximum file size
            elseif($_FILES['userfile']['size'][$i] > $max_file_size)
            {
                $messages[] = "File size exceeds $max_file_size limit";
            }
            else
            {
                //copy the file to the specified dir 
                if(@copy($_FILES['userfile']['tmp_name'][$i],$upload_dir.'/'.$_FILES['userfile']['name'][$i]))
                {
                    //give praise and thanks to the php gods
                    $messages[] = $_FILES['userfile']['name'][$i].' uploaded';
                }
                else
                {
                    //an error message
                    $messages[] = 'Uploading '.$_FILES['userfile']['name'][$i].' Failed';
                }
            }
        }
    }
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Multiple File Upload</title>
</head>

<body>

<h3><?php echo $msg; ?></h3>
<p>
<?php
    if(sizeof($messages) != 0)
    {
        foreach($messages as $err)
        {
            echo $err.'<br />';
        }
    }
?>
</p>
<form enctype="multipart/form-data" action="upload3.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>" />
<?php
    $num = 0;
    while($num < $num_uploads)
    {
        echo '<div><input name="userfile[]" type="file" /></div>';
        $num++;
    }
?>

<input type="submit" value="Upload" />
</form>

</body>
</html>

Link to comment
Share on other sites

You should never allow a user to determine where a file goes. All that "personalization" stuff should be handled with a database and URL rewriting.

 

Store the file in a random place that's not normally accessible. Like in a folder not under the web root, or in one but locked down with a .htaccess. Then you use URL rewriting to route any appropriate URLs (like "/uploads/image/$company/$file") through a PHP script. That script queries your database according to the $company and $file for the actual image file to show, which it then does.

Link to comment
Share on other sites

thanks, the app is not WAN facing just used internaly on our LAN to help store content by company name.

 

I just don't under stand why the files don't end up in the right place.

 

If I replace the $company bit with a company name i.e "uploads/image/$company" to "uploads/image/companyname" it works??

 

Cheers Chris

Link to comment
Share on other sites

thanks, the app is not WAN facing just used internaly on our LAN to help store content by company name.

Doesn't matter. Users are users and they're all out to screw with you. Disgruntled employees, for instance.

 

Anyways,

'uploads/image/$company'

Variables don't work in single-quoted strings.

Link to comment
Share on other sites

Ok, I have put on  error reporting and fixed errors, I have also added echo to see what is happing. All works apart from the file does not end up in the "company" directory it ends up in the "image" directory with the "company" folders.

 

This is what is echoing back to start with "uploads/image/CompanyName/" Once the Directory is created it should put the uploaded files in the "CompanyName" directory. What i get echoed back is "uploads/image//" the "CompanyName" is missing

 

Very confused, any help would be great

 

Cheers Chris

 

<?php

error_reporting(-1);

//posted from form
if(isset($_POST['company']))
$target = "$_POST[company]";
if(isset($_POST['nouploads']))
$nouploads = "$_POST[nouploads]";

{
global $target, $nouploads, $dir;
} 

echo $target;
echo "<br />";

//make a dir with the same name as company
//does not matter if it already exists
if (!file_exists ( "uploads/image/$target/" )) {
mkdir("uploads/image/$target/", 0777, true);
} 

    //directory to upload to
    $upload_dir = "uploads/image/$target/";
echo $upload_dir;
echo "<br />";

    //number of files to upload passed by form
    $num_uploads = "$nouploads";

    //maximum filesize allowed in bytes
    $max_file_size  = 2000000;

    //the maximum filesize from php.ini
    $ini_max = str_replace('M', '', ini_get('upload_max_filesize'));
    $upload_max = $ini_max * 2000000;

    //a message for users
    $msg = 'Please select files for uploading';

    //an array to hold messages
    $messages = array();	

    //check if a file has been submitted
    if(isset($_FILES['userfile']['tmp_name']))
    {
        //loop through the array of files
        for($i=0; $i < count($_FILES['userfile']['tmp_name']);$i++)
        {
            //check if there is a file in the array
            if(!is_uploaded_file($_FILES['userfile']['tmp_name'][$i]))
            {
                $messages[] = 'No file uploaded';
            }
            //check if the file is less then the max php.ini size
            elseif($_FILES['userfile']['size'][$i] > $upload_max)
            {
                $messages[] = "File size exceeds $upload_max php.ini limit";
            }
            //check the file is less than the maximum file size
            elseif($_FILES['userfile']['size'][$i] > $max_file_size)
            {
                $messages[] = "File size exceeds $max_file_size limit";
            }
            else
            {
                //copy the file to the specified dir 
                if(@copy($_FILES['userfile']['tmp_name'][$i],$upload_dir.'/'.$_FILES['userfile']['name'][$i]))
                {
                    //give praise and thanks to the php gods
                    $messages[] = $_FILES['userfile']['name'][$i].' uploaded';
                }
                else
                {
                    //an error message
                    $messages[] = 'Uploading '.$_FILES['userfile']['name'][$i].' Failed';
                }
            }
        }
    }
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Multiple File Upload</title>
</head>

<body>

<h3><?php echo $msg; ?></h3>
<p>
<?php
    if(sizeof($messages) != 0)
    {
        foreach($messages as $err)
        {
            echo $err.'<br />';
        }
    }
?>
</p>
<form enctype="multipart/form-data" action="upload3.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>" />
<?php
    $num = 0;
    while($num < $num_uploads)
    {
        echo '<div><input name="userfile[]" type="file" /></div>';
        $num++;
    }
?>

<input type="submit" value="Upload" />
</form>

</body>
</html>

Link to comment
Share on other sites

Let's intentionally introduce an error to make sure you have error reporting set up properly. Add this line near the beginning of your code and see if it generates a notice.

 

echo "Undefined variable: $undefined_variable";

Link to comment
Share on other sites

OK, well that seems to be working. Let's see what exactly in the data being passed by the form. Add these right after the opening <?php tag:

 

echo 'INCOMING ARRAYS:<br>$_POST:<pre>';
print_r($_POST);
echo '</pre>$_FILES:<pre>';
print_r($_FILES);
echo '</pre>';

Link to comment
Share on other sites

first part of script this cam up

 

INCOMING ARRAYS:

$_POST:

Array

(

    [company] => test

    [nouploads] => 1

    [submit] => Submit

)

$_FILES:

Array

(

)

 

Then when I submit the file I this

 

INCOMING ARRAYS:

$_POST:

Array

(

    [MAX_FILE_SIZE] => 2000000

)

$_FILES:

Array

(

    [userfile] => Array

        (

            [name] => Array

                (

                    [0] => test 2.JPG

                )

 

            [type] => Array

                (

                    [0] => image/jpeg

                )

 

            [tmp_name] => Array

                (

                    [0] => /Applications/XAMPP/xamppfiles/temp/phprNKfX2

                )

 

            [error] => Array

                (

                    [0] => 0

                )

 

            => Array

                (

                    [0] => 409173

                )

 

        )

 

)

Link to comment
Share on other sites

I think I see what's going here. It wasn't clear what the flow of this was, but it looks like you're submitting a form with part of the information, then selecting files to upload and resubmitting, is that about right? You'll need to pass the data from the first form submission along with the second form submission, either via hidden form elements, or session variables or it isn't available to the script after the second submission. That will make some of your variables lose their values, but I'm surprised that isn't generating some error notices.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.