Can't upload some files.

[Ram_Saw]

Hi, guys. I have some problems. I have an html code:

<html>
    <head>
        <title>TODO supply a title</title>
        <meta charset="UTF-8">
        <meta name="viewport" content="width=device-width">
    </head>
    <body>
        <form enctype="multipart/form-data" action="upload_check.php" method="post">
            <input type="hidden" name="MAX_FILE_SIZE" value="30000">
            <input type="file" min="0" max="100" name="userfile[]" multiple="true" /><br />
            <input type="submit" value="Post">
        </form>
    </body>
</html>

So to check if I received some files:

echo $_FILES['userfile']['size'][0];
echo $_FILES['userfile']['type'][0];
echo $_FILES['userfile']['size'][1];
echo $_FILES['userfile']['type'][1];
echo $_FILES['userfile']['size'][2];
echo $_FILES['userfile']['type'][2];
echo $_FILES['userfile']['size'][3];
echo $_FILES['userfile']['type'][3];

It's just for example. And what I see? I chose these first file(I attached) and the size was 0.

But! When I chose the second file, it printed: 1005image/gif

 

I don't see the difference betweet them. *.pdf files it doesn't want to receive too. But I took the system image with extension - .png one more time and PHP-script printed NOT 0 size.

So I decided that it's because of Apache settings. I changed the upload_file_size from 2Mb(it's too much for pictures anyway) to 20Mb.

It didn't help.

 

So I'm asking you for help!

Thanks!

[jazzman1]

There is no problem with the png file. 

 

Result:

 

Array(    [name] => Array        (            [0] => post-166984-0-70704700-1388876256.png        )    [type] => Array        (            [0] => image/png        )    [tmp_name] => Array        (            [0] => /tmp/phpS1XWUr        )    [error] => Array        (            [0] => 0        )    [size] => Array        (            [0] => 33601        ))

 

Maybe, you have something wrong in your script, but the file is fine.

[Ram_Saw]

Then Idk what I have wrong in my script. Can you check the code which I gave 'cause I think it's because of PHP5 or Apache configuration.

[jazzman1]

Change the position of the hidden filed to be under the file in the form. Why this happens with .jpg, .png and .pdf files? I don't know the answer There is no such thing as a problem with mp3 for instance. 

<?php

if(isset($_POST['MAX_FILE_SIZE']) and $_POST['MAX_FILE_SIZE'] == 30000) {
    
  echo "<pre>".print_r($_POST,true)."</pre>";
 
  echo "<pre>".print_r($_FILES['userfile'],true).'</pre>';
}

?>
<form enctype="multipart/form-data" action="upload_check.php" method="post">

            <input type="file" min="0" max="100" name="userfile[]" multiple="true" /><br />
            <input type="hidden" name="MAX_FILE_SIZE" value="30000">
            <input type="submit" value="Post">
</form>

Result:

 

Array(    [MAX_FILE_SIZE] => 30000)

Array(    [name] => Array        (            [0] => post-166984-0-70704700-1388876256.png        )    [type] => Array        (            [0] => image/png        )    [tmp_name] => Array        (            [0] => /tmp/phpHGR5vV        )    [error] => Array        (            [0] => 0        )    [size] => Array        (            [0] => 33601        ))

[Ram_Saw]

Strange...but i tried to delete the row with max file size in general and it dint help.

I'll try this code when I'll return home. Thanks.

[mac_gyver]

a) the hidden MAX_FILE_SIZE form field goes before any type='file' fields if you want php to use it to test the size of the uploaded files.

 

b) the size of your test file is greater than the 30000 specified in the MAX_FILE_SIZE hidden field, resulting in a upload error value of 2.

 

you must always test for errors at any step that can fail before you can use the data you expected from that step. in this case your upload is failing with a non-zero error number.

 

test if the ['error'] element isset and is equal to a zero before trying to use any of the ['size'], ['type'], ['name'], or ['tmp_name'] values.

[Ram_Saw]

Yeah, its clear. I think in point of fact we don't need this hidden input 'cause we will check the size in PHP and we will be able to put the value direct there, in PHP code. Or I'm not right?

[jazzman1]

No, you are right! Don't trust it! The hidden field's value can be overriden from some malicious user very easy. For that reason the size of the file must be checked on the server as well.

[Ram_Saw]

It's a miracle ahah. Yeah, now when I changed the rows all is ok. Thanks very much!