Jump to content

PHP Upload link problem


graphxsman
Go to solution Solved by requinix,

Recommended Posts

Thanks for looking at my problem. First of all, I am a new comer to PHP, so if you get frustrated quickly with assisting someone, please don't trouble yourself with helping me. I'm saying this as nice as text can express it :happy-04:.

 

Like all of us, learning something new takes time and a few "stupid" questions are in order. I have attempted to incorporate many tips and suggestions from other php coders, but I am still having quite the time getting my code to work.

 

Here is the background for my project:

 

I am designing a web page (career.html) and I want to include a simple upload link on it so that people can upload their resumé and their cover letter to the server, but I'd really like to have it sent directly to HR's email. But for now, I'd just lie to get a grasp on the upload issue.

 

Here is the FORM code:

 

<form action="upload9.php" method="post" enctype="multipart/form-data">
    <div id="upload"><input type="file" name="file" /></div>
  <div id="submit"><input type="submit" value="Upload" /></div>
</form>
 
This is embedded in the body of the career.html.
 
I worked through some php tutorial stuff from Wc3 tutorials and found this php upload code, which I am trying to use:
 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Upload 9</title>
</head>
 
<body>
<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
 
$allowedExts = array("doc", "pdf", "dotx", "rtf", "txt");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp);
if ((($_FILES["file"]["type"] == "doc")
|| ($_FILES["file"]["type"] == "pdf")
|| ($_FILES["file"]["type"] == "dotx")
|| ($_FILES["file"]["type"] == "rtf")
|| ($_FILES["file"]["type"] == "txt"))
&& ($_FILES["file"]["size"] < 5242880)
&& in_array($extension, $allowedExts))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br>";
    echo "Type: " . $_FILES["file"]["type"] . "<br>";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";
 
    if (file_exists("uploads/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"], 
 "uploads/" . $_FILES["file"]["name"]);
      echo "Stored in: " . "uploads/" . $_FILES["file"]["name"];
      }
    }
  }
else
  {
  echo "Invalid file.";
  }
 
?>
</body>
</html>
 
I added this  ini_set('display_errors', 1); error_reporting(E_ALL);  code as per a php developer's suggestion for error checking, but all I get when I run this code is "Invalid file."
 
PHP 5.3 is installed on the server. I have the "career.html",  the "upload9.php" and the "uploads" folder all in the same directory.
 
I can not get a file to upload to the "uploads" folder and I just get the "Invalid file" echo.
 
If anyone would be willing to help me, I would be very grateful.
 
Thank you.

 

Link to comment
Share on other sites

  • Solution

Take what you find at w3schools.com with a grain of salt: some of their information is good but some of it is not, and if you're new to PHP you might not be able to tell which is which.

 

The problem is in

if ((($_FILES["file"]["type"] == "doc")
|| ($_FILES["file"]["type"] == "pdf")
|| ($_FILES["file"]["type"] == "dotx")
|| ($_FILES["file"]["type"] == "rtf")
|| ($_FILES["file"]["type"] == "txt"))
&& ($_FILES["file"]["size"] < 5242880)
&& in_array($extension, $allowedExts))
{
The "type" will actually be something like "application/pdf" or "text/plain" - not the file extension. And in fact you can't even rely on those values either: they're provided by the browser (not PHP) and it can claim the file is any type it wants.

 

Ideally you should be checking the type of file yourself. I don't mean the extension (which is important) but looking at the contents of the file to determine what it is. You don't have to do that yourself manually though (unless you wanted to) so it's not so bad. But since this project is just for your own sake of learning, I'd say just keep that fact in mind and not worry about it for now.

 

Just check the file size and extension.

if (($_FILES["file"]["size"] < 5242880)
&& in_array($extension, $allowedExts))
  {
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.