Jump to content

Upload script wont recognized file?

Bubblychaz

By Bubblychaz
in PHP Coding Help

 Share

Recommended Posts

Bubblychaz Newbie

Bubblychaz

Posted
Posted

Before I changed host this script worked fine.

 

Infact it still works fine on my old host even though its the same script?

 

I am so confused with this, Please help?

 

It keeps coming back with the error its not an image file

 

<?php


include ($_SERVER['DOCUMENT_ROOT'].'/slorg/header.inc.php');

$pagetitle = "Upload";
$helpfaerie = mysql_fetch_array(mysql_query("SELECT * FROM helpfaerie WHERE page = 'upload'"));
$helpfaerie2 = mysql_fetch_array(mysql_query("SELECT * FROM staff WHERE username = '$username'"));

if ($helpfaerie2[helpfaerie] == 1)
{
echo "<div id=\"helpfaerie\" style=\"overflow: auto; position:fixed; bottom:0; right:0; \"><table width=\"200\" border=\"0\" cellspacing=\"0\" cellpadding=\"4\" style=\"border-top: 1pt solid black;border-bottom: 1pt solid black;border-left: 1pt solid black;border-right: 1pt solid black; background-color:#ffffff;\">
  <tr>
    <td><center><img src=\"http://images.neopets.com/items/toy_faerie_psellia.gif\" border=\"0\"></center></td>
</tr>
  <tr>
    <td><p>$helpfaerie[text]</p></td>
</tr>
  <tr>
    <td style=\"text-align: right;\">[<a href=\"$baseurl/closehelp.pro.php\">x</a>]</td>
</tr>
</table></div>";
}

ECHO <<<END
<center>
<FORM ACTION="upload.pro.php" enctype="multipart/form-data" METHOD=POST>
<table width="366" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td colspan="2"><center>Upload An Image</center></td>
</tr>
  <tr>
    <td>Name of Graphic:</td>
    <td><input type="text" name="name"</td>

</tr>
  <tr>
    <td>Filed Under:</td>
    <td><select name="filedunder">

                <option "avatars">Avatar</option>
        <option "backgrounds">Background</option>
                <option "banners">Banner</option>
        <option "blinkies">Blinkie</option>
        <option "buttons">Button</option>
        <option "gallerys">Gallery Layout</option>
        <option "glitters">Glitter</option>
        <option "guides">Guide Image</option>
       <option "guilds">Guild Layout</option>
        <option "misc"> Miscellaneous</option>
        <option "nbhelp>NeoBoard Help</option>
        <option "petlookups">Pet Lookup</option>
        <option "petpages">PetPage Layout</option>
        <option "shields">Shield</option>
        <option "shops">Shop Layout</option>
         <option "tutorials">Tutorial Image</option>
        <option "userlookups">User Lookup</option>
   </select"></td>
</tr>
  <tr>
    <td>Upload Image:</td>
    <td><input type="file" name="Image"></td>
</tr>

    <tr>
    <td> </td>
    <td> </td>
</tr>
  <tr>
    <td colspan="2"><center><font size="-1"><i>
      <input type="submit" name="go" value="Add">
    </i></font></center></td>
</tr>
</table></FORM>
<p> </p></center>

END;

?>

 

 

Then the 2nd page

 

<?php




include ($_SERVER['DOCUMENT_ROOT'].'/slorg/addon.php');

include ($_SERVER['DOCUMENT_ROOT'].'/dblink.php');

$pagetitle = "Upload";

$name = $_POST['name'];
$filedunder = $_POST['filedunder'];
$filedunder2 = $filedunder.'img';
$Image = $_FILES['Image'];
$directoryName = "$baseurl/images/$filedunder";
if (!file_exists($directoryName)) { mkdir($directoryName, 0777); }
$directoryName2 = "$baseurl/images/$filedunder";
if (!file_exists($directoryName2)) { mkdir($directoryName2, 0777); }
if (!eregi("image/", $_FILES['Image']['type']))
{
               die(header("Location: $baseurl/slorg/upload.php?error=Please+only+use+image+files."));
}
if ((!$name) OR (!$filedunder) OR (!$Image))
{
               die(header("Location: $baseurl/slorg/upload.php?error=Please+do+not+leave+any+info+blank."));
}
else
{
        mysql_query("INSERT INTO $filedunder2 (madeby,name,date,submitted) VALUES ('$username','$name','$timestamp','$username')");
        $insert_id = mysql_insert_id();
        $image = $insert_id . "img.png";
        mysql_query("UPDATE $filedunder2 SET url = '$baseurl/images/$filedunder/$image' WHERE id = '$insert_id' ");
       $file = $_FILES['Image']['tmp_name'];
        $dest = $_SERVER['DOCUMENT_ROOT'].'/images/'.$filedunder.'/'.$insert_id.'img.png';    
        copy($file, $dest);
	header("Location: upload.php?error=Your+graphic+has+been+added!");
}

?>

 

Link to comment
Share on other sites
White_Lily Regular Member

White_Lily

Posted
Posted

I'm assuming what you want is the file in a directory and the file name to be stored in a database where the script will then pull the filename from the database and assuming the file exists in the specified folder will be used as something like a displayed image or a download link (or something similar)?

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Your code isn't checking if the file was successfully uploaded before attempting to use the uploaded file information. Testing the ['type'] element will fail if the file didn't upload successfully.

 

You need to test if a form was even submitted and you must test if the $_FILES array is not empty (exceeding the post_max_size setting will cause the $_FILES array to be empty) and that the ['error'] element is a zero (UPLOAD_ERR_OK) -

 

<?php

// upload form handling
if($_SERVER['REQUEST_METHOD'] == 'POST'){ // the request_method is tested since some of the possible errors leave the $_POST and $_FILES arrays empty
// a post form was submitted, check if a file was successfully uploaded
if(!empty($_FILES) && $_FILES['Image']['error'] == UPLOAD_ERR_OK){
	// a file was successfully uploaded.
	// you can reference the ['name'],['type'],['size'], and ['tmp_name'] elements

	// validate and process the uploaded file information here...

} else {
	// the upload failed, due to one of the following reasons -
	// uploads are not enabled on the server
	// the form is invalid - doesn't have the proper enctype or doesn't have a type='file' field
	// the size of the post data exceeded the post_max_size setting
	// a php detectable upload error occurred - http://php.net/manual/en/features.file-upload.errors.php
	echo "Upload Failed!";
}
}

Link to comment
Share on other sites
Bubblychaz Newbie

Bubblychaz

Posted
  • Author
Posted

I'm assuming what you want is the file in a directory and the file name to be stored in a database where the script will then pull the filename from the database and assuming the file exists in the specified folder will be used as something like a displayed image or a download link (or something similar)?

 

Yes, It needs storing in a directory called Images and needs to be filled under the type of image (Banner, Background etc)

and then in the database it needs noting which user uploaded it

Link to comment
Share on other sites
Bubblychaz Newbie

Bubblychaz

Posted
  • Author
Posted

Your code isn't checking if the file was successfully uploaded before attempting to use the uploaded file information. Testing the ['type'] element will fail if the file didn't upload successfully.

 

You need to test if a form was even submitted and you must test if the $_FILES array is not empty (exceeding the post_max_size setting will cause the $_FILES array to be empty) and that the ['error'] element is a zero (UPLOAD_ERR_OK) -

 

<?php

// upload form handling
if($_SERVER['REQUEST_METHOD'] == 'POST'){ // the request_method is tested since some of the possible errors leave the $_POST and $_FILES arrays empty
// a post form was submitted, check if a file was successfully uploaded
if(!empty($_FILES) && $_FILES['Image']['error'] == UPLOAD_ERR_OK){
	// a file was successfully uploaded.
	// you can reference the ['name'],['type'],['size'], and ['tmp_name'] elements

	// validate and process the uploaded file information here...

} else {
	// the upload failed, due to one of the following reasons -
	// uploads are not enabled on the server
	// the form is invalid - doesn't have the proper enctype or doesn't have a type='file' field
	// the size of the post data exceeded the post_max_size setting
	// a php detectable upload error occurred - http://php.net/manual/en/features.file-upload.errors.php
	echo "Upload Failed!";
}
}

 

Im not sure if I did this right?

 

$pagetitle = "Upload";

$name = $_POST['name'];
$filedunder = $_POST['filedunder'];
$filedunder2 = $filedunder.'img';
$Image = $_FILES['Image'];
$directoryName = "$baseurl/images/$filedunder";
if (!file_exists($directoryName)) { mkdir($directoryName, 0777); }
$directoryName2 = "$baseurl/images/$filedunder";
if (!file_exists($directoryName2)) { mkdir($directoryName2, 0777); }





if($_SERVER['REQUEST_METHOD'] == 'POST'){ die(header("Location: $baseurl/slorg/upload.php?error=Please+do+not+leave+any+info+blank."));}

// the request_method is tested since some of the possible errors leave the $_POST and $_FILES arrays empty
// a post form was submitted, check if a file was successfully uploaded
if(!empty($_FILES) && $_FILES['Image']['error'] == UPLOAD_ERR_OK){
	// a file was successfully uploaded.

        mysql_query("INSERT INTO $filedunder2 (madeby,name,date,submitted) VALUES ('$username','$name','$timestamp','$username')");
        $insert_id = mysql_insert_id();
        $image = $insert_id . "img.png";
        mysql_query("UPDATE $filedunder2 SET url = '$baseurl/images/$filedunder/$image' WHERE id = '$insert_id' ");
       $file = $_FILES['Image']['tmp_name'];
        $dest = $_SERVER['DOCUMENT_ROOT'].'/images/'.$filedunder.'/'.$insert_id.'img.png';    
        copy($file, $dest);
	header("Location: upload.php?error=Your+graphic+has+been+added!");
}

Link to comment
Share on other sites
jcbones Newbie

jcbones

Posted
Posted

This section:

if($_SERVER['REQUEST_METHOD'] == 'POST'){ die(header("Location: $baseurl/slorg/upload.php?error=Please+do+not+leave+any+info+blank."));}

Reads:

If POST data has been send, redirect to upload?error=Please+do+not+leave+any+info+blank, then exit the script.

 

I'm not sure that is what you want (I know it isn't).

 

Most likely it is because the 'eregi' function is depreciated.  Try changing:

if (!eregi("image/", $_FILES['Image']['type']))
{

to:

if(substr($_FILES['Image']['type'],0,5) == 'image' ) {

 

Doing this responded in

Please do not leave any info blank.

 

The quoted section, and the section that gives this error, isn't related to each other.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.