Question About $_Files

[programming.name]

Hi, there.

 

As far as I know the POST method holds the value if it is submitted consistently.

 

But unlike the POST, $_files does not hold the value all along; when I click the submit button for the first time it DOES hold the value as I want,

 

but if I click the submit once again the value it contains is just gone.

 

Could you explain what's going on and how to prevent this from happening?

 

thanks in advance.

Edited November 9, 2012 by programming.name

[AyKay47]

In order to help you, you will need to show us the form you are using and the relevant back-end code to go along with the form.

[programming.name]

This is somewhat simplifed codes in html.

<form id="form" name="form" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post" enctype="multipart/form-data" >

<input id="image" name="image" type="file" />

<input id="normal_post_var" name="normal_post_var" type="text" />

</form>

 

and in the php file

 

 

if(empty($_FILES['image']['name'])) $_FILES['image']['name'] = '';

 

if(empty($_POST['normal_post_var'])) $_POST['normal_post_var'] ='';

 

echo $_FILES['image']['name'];

echo '<br />';

echo $_POST['normal_post_var'];

 

When the page is first loaded nothing wil be displayed. Once the page is fully loaded I choose an image file named 'image.png' and I input the value 'It is Cool' in the normal_post_var field.

 

And I submit it and the result of course will be:

image.png

It is Cool

 

And then I do nothing but clicking the submit button again will display the following:

 

It is Cool

 

the $_files value is gone.

 

could you explain what's going on please?

Edited November 9, 2012 by programming.name

[JonnoTheDev]

The value is reset. You cannot give a file type input a value. If you could do then I could upload any file from your computer just by you visiting my website and submitting a form without you even browsing for a file. I could simply hide the field and use a fixed value in the input element. If a form is submitted the file input will be reset once the form processing script has completed.

Edited November 9, 2012 by neil.johnson

[Zoombat]

Neil is right, also I suggest to analyze this code snippet.

The form must be on a seperate file, after this code you can put HTML to echo the $errorMsg or display a link to te file if it's succesfully uploaded.

Description:

Code:
<?
/* --- HTML CODE FOR UPLOAD FORM ---
<form enctype="multipart/form-data" action="uploadHandler.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="number of bytes" />
<label for="fileInput">Label text</label><input name="fileInput" type="file" /><br />
<input type="submit" value="Upload" />
</form>
*/
// Max file size
$maxSize = (number of bytes);
$uploadRequired = true;
// Declaring the variables for the upload directory and page.
$uploadDir = null;
$uploadPage = null;

// Only php version 5.3.0 and bigger support '__DIR__'.
if(version_compare(PHP_VERSION, '5.3.0', '>='))
{
$uploadDir = (__DIR__.'/directory_to_be_uploaded_to/');
$uploadPage = (__DIR__.'/url_to_upload_page');
}
else
{
$uploadDir = (dirname(__FILE__).'/directory_to_be_uploaded_to/');
$uploadPage = (dirname(__FILE__).'/url_to_upload_page');
}

// Defining error messages
define('ERR_SIZE', 'Error, file size limit exceeded.');
define('ERR_NO_SEL', 'Error, no file selected.');
define('ERR_PARTIAL', 'Error occured during the file upload.');
define('ERR_UNKNOWN', 'Unknown error occured during file upload, retry <a href=\'{ $uploadPage }\'>by clicking here.</a>');
define('ERR_MIME', 'Error, unallowed mime type of file, retry <a href=\'{ $uploadPage }\'>by clicking here.</a>');
define('ERR_REPL', 'Error occured during file translocation');

// Array containing allowed MIME types.
$allowedTypes = array(
'image/jpeg', 'image/pjpeg', 'image/png', ..., ...
)
// Error message: This variable($) will contain the error message.
$errMsg = null;
// This variable will contain the file information collected from the form.
$fileInput = null;
// Start the loop first, because we want to break it before we start uploading.
// Loop keeps on repeating during upload.
do {
if(!isset ($_FILES['fileInput'])) {
$errMsg = ERR_NO_SEL;
break; // Break the loop, we don't want to go any further now..
} else {
// Store the POST data from $_FILES['file_loaded'] into a variable.
$fileInput = $_FILES['fileInput'];
}

// The index 'error' will return any error during upload.
switch($fileInput['error'])
{
case UPLOAD_ERR_INI_SIZE: $errMsg = ERR_SIZE; break 2;
case UPLOAD_ERR_PARTIAL: $errMsg = ERR_PARTIAL; break 2;
case UPLOAD_ERR_NO_FILE: $errMsg = ERR_NO_SEL; break 2;
case UPLOAD_ERR_FORM_SIZE: $errMsg = ERR_SIZE; break 2;
case UPLOAD_ERR_OK: {
if($fileInput['size'] > $maxSize) {
$errMsg = ERR_SIZE;
}
break 2;
}
default: $err_msg = ERR_UNKNOWN; break 2;
}
// Check if file input has allowed mime type.
if(isset(allowedTypes))
{
if(!in_array($fileInput['type'], allowedTypes))
{
$errMsg = ERR_MIME;
break;
}
}
} while(0);
$randPrec = rand(0,255);
$newFilename = $uploadDir.$randPrec.'_'.$fileInput['name'];
if(!$errMsg)
{
if(!move_uploaded_file($fileInput['tmp_name'], $newFilename))
$errMsg = ERR_REPL;
}
?>

Edited November 10, 2012 by Zoombat