$_FILES as undefined index

[paddy_fields]

Hi, I'm trying to create an upload script for just .doc, .docx, and .pdf files

 

I'm getting an Notice: Undefined index: file in /Users/pat/Sites/recruitment/RecruitSmart/upload/uploader.php on line 7 for each time I use $_FILES ?

$path = "CV/".$_FILES['file']['name'];
$allowedExts = array("pdf", "doc", "docx");
$extension = end(explode(".", $_FILES["file"]["name"]));
if (($_FILES["file"]["type"] == "application/pdf") || ($_FILES["file"]["type"] == "application/msword") || ($_FILES["file"]["type"] == "application/vnd.openxmlformats-officedocument.wordprocessingml.document") && ($_FILES["file"]["size"] < 20000000) && in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Error";
}
else
{
copy($_FILES['file']['tmp_name'], $path);
echo "Success";
}
}
else
{
echo "Wrong file type";
}

[requinix]

If the field named "file"? Have you already submitted the form?

 

By the way, you can't trust the "type". It's provided by the browser which means I could upload any type of file I wanted.

Figure out the file type yourself, like with the finfo extension, but know that .docx files look like (they actually are) .zip files.

[ryanmetzler3]

Try this

if isset(($_FILES["file"]["error"] > 0)){
echo"Error"}

[mac_gyver]

@ryanmetzler3, the point of programming help is to find what is causing the problem and fix it. the line of code you posted, besides being invalid php, is just slapping a band-aid over the top of the problem.

 

you would use isset() (it requires a variable as a parameter, not an expression) to test for an optional variable, one that may or may not exist during normal program execution. in this case the variable is expected to exist if the form has been submitted (even if no file was selected) and the problem is one of a half-dozen things that could cause the expected index to not exist.

[paddy_fields]

 

By the way, you can't trust the "type". It's provided by the browser which means I could upload any type of file I wanted.

Figure out the file type yourself, like with the finfo extension, but know that .docx files look like (they actually are) .zip files.

 

In that case I'll just read up on finfo. There's no point in me using the current method if it is unsafe.

 

Thank you.

[paddy_fields]

I'm going to use finfo to check the MIME of the document, but for now I still can't seem to stop getting 'Undefined Index' errors?

 

cvupload.php

<form action="uploader.php" method="post">

<p>File Upload<p>

<p>Select file <input name="cv" type="file" size="50" /></p>

<input type="submit" value="Upload" />

uploader.php

<?php

error_reporting(E_ALL);
ini_set('display_errors', 1);
	
	$target = "CV/";
	$target = $target . basename( $_FILES['cv']['name']) ;
	
	if(move_uploaded_file($_FILES['cv']['tmp_name'], $target))
	{
		echo "Your CV named  ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
	}
	else 
	{
		echo "Sorry, your CV could not be uploaded.";
	} 
?>

I can't see why?

[Ch0cu3r]

For file uploads to work you need to add the   enctype="multipart/form-data" attribute to your <form> tag.

<form action="uploader.php" method="post" enctype="multipart/form-data">

<p>File Upload<p>

<p>Select file <input name="cv" type="file" size="50" /></p>

<input type="submit" value="Upload" />

[scootstah]

You need to put enctype="multipart/form-data" in your form tag.

[paddy_fields]

That's great, thank you both.