Jump to content

PHP File Upload


Go to solution Solved by CroNiX,

Recommended Posts

Hello, I'm trying to make a file upload script and i am getting the following errors

 

Errors when the script it on localhost:


Notice: Undefined variable: FILES in C:\xampp\htdocs\upload.php on line 4

Notice: Undefined variable: FILES in C:\xampp\htdocs\upload.php on line 10

Warning: getimagesize(): Filename cannot be empty in C:\xampp\htdocs\upload.php on line 10
The file you are trying to upload is not a valid iamge.Sorry, We only allow jpg, png, jpeg and gif file types to be uploaded. Please try again with a valid file.Your file was not uploaded. 


Sorry, There was an error uploading your file. 

And the errors on an actual web server: 

Warning: getimagesize() [function.getimagesize]: Filename cannot be empty in /home/thegekon/public_html/test/upload.php on line 10
The file you are trying to upload is not a valid iamge.Sorry, We only allow jpg, png, jpeg and gif file types to be uploaded. Please try again with a valid file.Your file was not uploaded. 


Sorry, There was an error uploading your file. 

Here is my html page code where the users select a file

<html lang="en"><head></head><meta charset="utf-8">

<title>PHP File Upload</title>

<body>

	<form action="upload.php" method="POST">
		
		<input type="file" name="FileToUpload" enctype="multipart/form-data" /> <BR> <BR>
		<input type="submit" name="submit" value="Upload Image" />

	</form>

</body>

</html>

And here's my upload.php page

<?php

$target_dir = "uploads/";
$target_file = $target_dir .basename($FILES["FileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);
//Check if the image is a real image or even an image at all
if(isset($_POST['submit'])) {

	$check = getimagesize($FILES["FileToUpload"]["tmp_name"]);

	if($check !== false) {

		$uploadOk = 1;
	} else {

		echo "The file you are trying to upload is not a valid iamge.";
	}

	//Restrict File Type
	if($imageFileType !== "jpg" && $imageFileType !== "png" && $imageFileType !== "jpeg" && $imageFileType !== "gif") {

		echo "Sorry, We only allow jpg, png, jpeg and gif file types to be uploaded. Please try again with a valid file.";
		$uploadOk = 0;
	}

	if($uploadOk == 0) {

		echo "Your file was not uploaded. <br><br><br>";
	}

	if(move_uploaded_file($target_file, $target_dir)) {

		echo "Your file<font color='red'>" . basename($FILES["FileToUpload"]["name"]) ."</font> has been uploaded. <br><br><br>"; 
		$uploadOk = 1;
	} else {

		echo "Sorry, There was an error uploading your file. <br><br><br>";
		$uploadOk = 0;
	}
}

?>
Link to comment
https://forums.phpfreaks.com/topic/294243-php-file-upload/
Share on other sites

I got rid of the undefined variable error, but i'm still getting

Notice: Undefined index: FileToUpload in C:\xampp\htdocs\uploadtut\upload.php on line 4

Notice: Undefined index: FileToUpload in C:\xampp\htdocs\uploadtut\upload.php on line 10

Warning: getimagesize(): Filename cannot be empty in C:\xampp\htdocs\uploadtut\upload.php on line 10
The file you are trying to upload is not a valid iamge.Sorry, We only allow jpg, png, jpeg and gif file types to be uploaded. Please try again with a valid file.Your file was not uploaded. 


Sorry, There was an error uploading your file. 
Link to comment
https://forums.phpfreaks.com/topic/294243-php-file-upload/#findComment-1504245
Share on other sites

It's also not good to rely on checking the image extension to tell what kind of file it is. What if I just renamed "dangerous_script.php" to "pretty_picture.jpg" and uploaded it to your server? Since you just check to see if "jpg" is the file extension, it will accept it.

Link to comment
https://forums.phpfreaks.com/topic/294243-php-file-upload/#findComment-1504246
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.