Need a PHP Code for a Form

[Mesden]

I'm pretty new to PHP, I just followed directions on a website and got command line error and everything.. So here's the code I used..

<?php
$target = "upload/";
$target = $target . basename( $_FILES['uploaded']['name']) ;
$ok=1;

//This is our limit file type condition
if ($uploaded_type =="text/php")
{
echo "File extension has been rejected by the Administrator.<br>";
$ok=0;
}

if ($uploaded_type =="text/html")
{
echo "File extension has been rejected by the Administrator.<br>";
$ok=0;
}

if ($uploaded_type =="text/cgi")
{
echo "File extension has been rejected by the Administrator.<br>";
$ok=0;
}

//Here we check that $ok was not set to 0 by an error
if ($ok==0)
{
Echo "Your Game Guide did not process correctly.";
}

//If everything is ok we try to upload it
else
{
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "Your Game Guide ".
basename( $_FILES['uploadedfile']['name']). " has submitted!";
}
else
{
echo "Your Game Guide did not process correctly.";
}
}
?>

[b]That didn't work... Wasn't what I was trying to do.[/b]
So what I basically need to do, if you'll take a look at this page... http://www.a21guides.com/host.html...

When someone fills out the form on that page, they hit "Upload". I need it to send the file in an attachment to Aaron21 (at) A21Guides (dot) com. (Don't worry, I got Anti-Virus and E-mail protection and all that.) As well as the information they provided in the form, like the Additional Details, their E-mail Address, etc.

Can someone fix up the code for me? Cuz I don't know the first thing about PHP...

[Mesden]

Either that, or letting someone publicly upload their file to a specific folder on the FTP.

[swatisonee]

Many posts here on uploading email attachments - if thats what you want. just do an advanced search. will also see if i can find those links.

[SharkBait]

To clean up your code a bit, change:

[code]
<?php
//This is our limit file type condition
if ($uploaded_type =="text/php")
{
echo "File extension has been rejected by the Administrator.
";
$ok=0;
}

if ($uploaded_type =="text/html")
{
echo "File extension has been rejected by the Administrator.
";
$ok=0;
}

if ($uploaded_type =="text/cgi")
{
echo "File extension has been rejected by the Administrator.
";
$ok=0;
}
?>
[/code]

To
[code]
<?php

if($uploaded_type == "text/html" || $uploaded_type == "text/php" || $uploaded_type == "text/cgi") {
  echo "File extension has been rejected by the Administrator.";
  $ok = 0;
}
?>
  [/code]

[Mesden]

Hmm.. Now I'm experiencing something else. I fixed up the coding a bit, but I'm getting the following error:

[b]Parse error: parse error, unexpected T_ELSE in /hsphere/local/home/aaron21/a21guides.com/upload_file.php on line 31[/b]

Here's the code that I'm using.

[code]<?php
if ($_FILES["file"]["error"] > 0)
  {
  echo "Error: " . $_FILES["file"]["error"] . "<br />";
  }
else
  {
  echo "Upload: " . $_FILES["file"]["name"] . "<br />";
  echo "Type: " . $_FILES["file"]["type"] . "<br />";
  echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
  echo "Stored in: " . $_FILES["file"]["tmp_name"];
  }
?> // Does this need to be here?

<?php  //Does this need to be here?

if($uploaded_type == "text/html" || $uploaded_type == "text/php" || $uploaded_type == "text/cgi" || $upload_type == "image/gif" || $upload_type == "image.jpeg") {
   echo "File extension has been rejected by the Administrator.";
   $ok = 0;
}
    if (file_exists("upload/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"],
      "upload/" . $_FILES["file"]["name"]);
      echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
      }
else    //This is Line 31
  {
  echo "Invalid file";
  }
?>[/code]

Any ideas as to what needs to be added / removed from the code? I've set up a form at http://www.a21guides.com/host.html. If you try to upload a file, you'll get the same error. It shows that there's something wrong with T_ELSE on Line 31, but I don't see no T_ELSE, I just see "else" on Line 31. What's going wrong here?

[speedy33417]

It would help you posted your source code in a code bracket. Like [ code ] and close it with [ /code ] (no spaces!)

Which is line 31 in your code?

[Mesden]

[quote author=speedy33417 link=topic=115498.msg470712#msg470712 date=1163979999]
It would help you posted your source code in a code bracket. Like [ code ] and close it with [ /code ] (no spaces!)

Which is line 31 in your code?
[/quote]

I modified the post above yours to add the code brackets and indicated on line 31 "//This is Line 31". Take a look at the post above.

[Stooney]

here's a working upload script for you to look at:  (it will make sure the filename name is unique before it's stored and also add data into a mysql database)

[code]
$uploaddir = "users/".$_SESSION['username']."/";
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

if (file_exists($uploadfile))
{
$tmpVar = 1;
while(file_exists(basename($uploaddir . $tmpVar . '-' . $_FILES['userfile']['name'])))
{
  $tmpVar++;
  }
$uploadfile= $uploaddir . $tmpVar . '-' . $_FILES['userfile']['name'];
  }

if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile))
{
$uid=$_SESSION['userid'];
$put="insert into filehost_files (uid, name, link, size, date) values ('$uid', '$name', '$uploadfile', '$size', NOW())";
$result=@mysql_query($put);
header("Location: $_SESSION[url] ?loc=upload");
}

else
{
"Possible file upload attack!\n\n";
echo "More info:";
print_r($_FILES);
}
[/code]

[Mesden]

Where do I start that code from, and where does it end in the existing script?
Meaning what do I replace or remove in the PHP Code to fit that one in?

[Stooney]

in response to an msn conversation: (just fyi to other people reading)

the upload form (must sit in same folder as upload_file.php)
[code]
<form enctype="multipart/form-data" action="upload_file.php" method="post">
Your Name:  <input type="text" name="name"><br>
Email:  <input type="text" name="email"><br>
File Name:  <input type="text" name="fname"><br>
Version #:  <input type="text" name="version"><br>
Other:  <textarea name="other"></textarea><br>
File: <input name="userfile" type="file">
<input type="submit" value="Upload">
</form>
[/code]



the upload script (uploadfile.php)
[code]
<?php
$uploaddir = "upload/";
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

if (file_exists($uploadfile))
{
$tmpVar = 1;
while(file_exists(basename($uploaddir . $tmpVar . '-' . $_FILES['userfile']['name'])))
{
  $tmpVar++;
  }
$uploadfile= $uploaddir . $tmpVar . '-' . $_FILES['userfile']['name'];
  }

if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile))
{
        $email="[email protected]";
        $message="Name: ".$name."\n"."File Name: ".$fname."\n"."Version Number: ".$version."\n"."Other Details: ".$other."\n"."Email: ".$email;
        mail($email, 'A21guides.com File Upload', $message);
echo " Upload was successful.  <a href=http://a21guides.com>Click Here</a> to continue...";
}

else
{
"Possible file upload attack!\n\n";
echo "More info:";
print_r($_FILES);
}
?>
[/code]