Josparky Posted December 28, 2012 Share Posted December 28, 2012 Can some tell me how to make this script check for the password before it starts the upload process instead of after the file is uploaded? Some of the files I need uploaded are big and it sucks to wait till the file is uploaded before it tells me that the password was wrong. Thanks for any help you can provide. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en"> <head> <title>ES Simple Uploader</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="generator" content="handmade" /> <style type="text/css"> <!-- body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; background-color: #DDDDDD; } .cnt { text-align: center; } .cnt_welcome { font-size: 16px; font-weight: bold; text-align: center; } .cnt_powered { font-size: 14px; font-weight: bold; text-align: center; } .cnt_small { font-size: 12px; text-align: center; padding-top: 50px; } .head_line { background-color: #BBBBBB; } .main_table { border: solid 1px #9D9992; font-size: 13px; } h4 { font-size: 12px; color: #DD0000; text-align: center; } .button { border: 1px solid #55555; font-weight: bold; } --> </style> </head> <body> <? include("config.php"); function path_options() { global $upload_dirs; $option = ""; foreach ($upload_dirs as $path => $pinfo) { $option .= '<option value="'.$path.'">'.$pinfo["name"].'</option>'; } return $option; } function check_vals() { global $upload_dirs, $err; if (!ini_get("file_uploads")) { $err .= "HTTP file uploading is blocked in php configuration file (php.ini). Please, contact to server administrator."; return 0; } $pos = strpos(ini_get("disable_functions"), "move_uploaded_file"); if ($pos !== false) { $err .= "PHP function move_uploaded_file is blocked in php configuration file (php.ini). Please, contact to server administrator."; return 0; } if (!isset($_POST["path"]) || (strlen($_POST["path"]) == 0)) { $err .= "Please fill out path"; return 0; } if (!isset($upload_dirs[$_POST["path"]])) { $err .= "Incorrect path"; return 0; } if (!isset($_POST["pwd"]) || (strlen($_POST["pwd"]) == 0)) { $err .= "Please fill out password"; return 0; } elseif ($_POST["pwd"] != $upload_dirs[$_POST["path"]]["password"]) { $err .= "The upload password is incorrect"; return 0; } if (!isset($_FILES["userfile"])) { $err .= "Empty file"; return 0; } elseif (!is_uploaded_file($_FILES['userfile']['tmp_name'])) { $err .= "Empty file"; return 0; } return 1; } $err = ""; $status = 0; if (isset($_POST["upload"])) { if (check_vals()) { if (filesize($_FILES["userfile"]["tmp_name"]) > $max_file_size) $err .= "Maximum file size limit: $max_file_size bytes"; else { if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $upload_dirs[$_POST["path"]]["dir"].$_FILES["userfile"]["name"])) { $status = 1; } else $err .= "There are some errors!"; } } } if (!$status) { if (strlen($err) > 0) echo "<h4>$err</h4>"; } else { echo "<h4>"".$_FILES["userfile"]["name"]."" was successfully uploaded.</h4>"; } ?> <p class="cnt_welcome">Welcome to ES Simple Uploader v 1.1.</p> <p class="cnt">« <a href="http://www.energyscripts.com/Products/product2.html">Back to Product page</a> «</p> <p class="cnt">(Select folder, set it's password, then select a file to upload and click "Upload" button). <br />Note: Folder: "Images folder", Password: "images"; Folder: "Docs", Password: "docs"; Folder: "Common files", Password: "common"; Maximum file size: <?=$max_file_size/1024?> Kb.</p><br /> <form enctype="multipart/form-data" action="index.php" method="POST"> <input type="hidden" name="MAX_FILE_SIZE" value="<?=$max_file_size?>" /> <table class="main_table" align="center"> <tr> <td colspan="2" class="head_line"> </td> </tr> <tr> <td>Folder:</td> <td><select name="path"><?=path_options()?></select></td> </tr> <tr> <td>Password:</td> <td><input type="password" name="pwd" style="width: 217px;" /></td> </tr> <tr> <td>Choose file:</td> <td><input type="file" name="userfile" style="width: 222px;" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="upload" value="Upload" class="button" /></td> </tr> </table> </form> </p> <p class="cnt_powered">Powered by <a href="http://www.energyscripts.com" target="_blank">EnergyScripts</a></p> <p class="cnt_small">Find more power solution: <a href="http://www.energyscripts.com/Products/product1.html" target="_blank">ES File Upload & Download Manager</a></p> </body> </html> Quote Link to comment Share on other sites More sharing options...
trq Posted December 28, 2012 Share Posted December 28, 2012 You would need to move it so that it is behind a password protected area. Quote Link to comment Share on other sites More sharing options...
Josparky Posted December 28, 2012 Author Share Posted December 28, 2012 I am just learning php can you show me what you mean? Quote Link to comment Share on other sites More sharing options...
Josparky Posted January 11, 2013 Author Share Posted January 11, 2013 Anybody?? Please?? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 11, 2013 Share Posted January 11, 2013 Both the upload form and the form processing code would check that the current visitor is logged in before doing anything. This of course assumes you have a user authentication system in place that accepts the login credentials as a separate step (or uses AJAX on the upload form) to authenticate the visitor and remembers that the current visitor is logged in using a session. Quote Link to comment Share on other sites More sharing options...
quasiman Posted January 11, 2013 Share Posted January 11, 2013 Josparky, Did you set the password in the config.php file? $upload_dirs = array( "images" => array( "dir" =>"uploads/images/", "name" =>"Images folder", "password"=>"images", ), "docs" => array( "dir" =>"uploads/docs/", "name" =>"Docs", "password"=>"docs", ), "common" => array( "dir" =>"uploads/common/", "name" =>"Common files", "password"=>"common", ), ); Quote Link to comment Share on other sites More sharing options...
Josparky Posted January 11, 2013 Author Share Posted January 11, 2013 Thanks for your replies. Yes I set the password it is letting me log in the problem is after logging in and browsing to the file to upload it starts the upload and begins uploading the file. But if you mistakenly put the password in wrong it doesn't tell you till after you the file has tried to upload then it will say the password you entered was incorrect and makes you do it all over again? This is a real problem if it's a b ig file. Here is a link to the scripts page I hope someone can help me out with this. http://www.energyscripts.com/Products/product2.html Thanks for any help Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 11, 2013 Share Posted January 11, 2013 We know what you are asking. Someone told you the structure changes that would be needed to accomplish it. If you cannot take the statement of what is needed and produce the code (which is what programming is, i.e. writing code to get a computer to do what you want), you should just hire someone to do this for you or find another script that requires the login to be submitted before the upload form will be displayed. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 13, 2013 Share Posted January 13, 2013 Here are some specific hints - 1) You would add a session based login check to the start of your index.php code. If the current user is not logged in, redirect to a login page. 2) The login page would have a form with the path and password. Once the the correct password is entered for the selected path, you would set a session variable to indicate that the visitor is logged in. Since the index.php page needs to know the selected path, you could store that value and use it as the logged in flag. After logging in, redirect to the index.php page. 3) On the index.php page, use the path that was saved in a session variable in place of the $_POST['path'] value. The form would only need the type='file' field. You should probably display the path, something like - "You can upload a file to the images folder.", so that the visitor knows that they can upload a file and where it will be put. 4) After successfully uploading one file, you would probably want to clear the logged in flag so that someone must select a new path and enter the password again to upload more files. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.