Can you please describe all that this code does?

[Chrisj]

Can you please explain ALL that this code does?

if (isset($_POST['form_submitted'])):

    // $randomString needed regardless of passing tests so put outside error condition
    $randomString = time();

    if((isset($_FILES) && $_FILES['file']['error'] != 0) || !isset($_FILES)){

        //Unable to upload file to temp
        //Set variable for final move/copy condtion with no message
        $error = '';

    }else{

        $allowedExts = array("doc", "gif", "jpeg", "jpg", "txt", "pdf", "png", "txt");
        $temp = explode(".", $_FILES['file']['name']);
        $extension = strtolower( end($temp) );

        if(!in_array($extension,$allowedExts)){

            $error = '<div id="errorMessage">>> Error: Invalid File Name </div>';

        }elseif($_FILES['file']['size'] >= 100000){

            $error = '<div class="errorMessage1">>> Error: Image File Size Exceeds Limit</div>';

        }
    }

        if(!isset($error)){
            $uploadedFile = $_FILES['file']['tmp_name'];
            $thumbnail = $_SESSION['user_id'] . '-' . $randomString . "." . $extension;
            move_uploaded_file($uploadedFile, "upload/" . $thumbnail);
        }else{
            //Make sure NoInfo image has png extension
            $thumbnail = $_SESSION['user_id'] . '-' . $randomString . ".png";
            copy("upload/NoInfoAvailable1.png", "upload/" . $thumbnail);
        }
            $_SESSION['thumbnail'] = $thumbnail;
            $file_location = '<a href="http://www....com/upload/' . $thumbnail . '">' . $thumbnail . '</a>';

endif;
if(isset($error)){echo $error;}

Thank you. I look forward to being enlightened.

 

[NotionCommotion]

It uploads a file.  Which parts are you having problems with?

[Chrisj]

Thanks for your reply.

Can you describe what's going on here, please?:

        if(!isset($error)){
            $uploadedFile = $_FILES['file']['tmp_name'];
            $thumbnail = $_SESSION['user_id'] . '-' . $randomString . "." . $extension;
            move_uploaded_file($uploadedFile, "upload/" . $thumbnail);
        }else{
            //Make sure NoInfo image has png extension
            $thumbnail = $_SESSION['user_id'] . '-' . $randomString . ".png";
            copy("upload/NoInfoAvailable1.png", "upload/" . $thumbnail);
        }

And here:

 

 

 

if(isset($error)){echo $error;}

Thanks

[rwhite35]

L1 creates a condition where if the variable $error is not set, run the code block that follows

L2 assign the temporary file name (stored in /tmp) to a local variable $uploadFile

L3 concatinates (joins together) several variables to make a machine generated name for the thumbnail

L4 moves the file from /tmp to /uploads and assigns the file the $thumbnail name, just created.

L5 - L8 is only run if an $error is set.

L8 copies an image file already on the server and into the upload folder.  This is so there is some image if the $_FILES upload process fail

 

Check out conditional statement, which is a construct of PHP (actually every programming language).  Hope that helps.

Edited February 27, 2015 by rwhite35

[Chrisj]

Thank you for your reply.

 

Regarding L8 "copies an image file already on the server and into the upload folder.  This is so there is some image if the $_FILES upload process fail".

Is it possible to SHOW the image already on the server, instead of creating a COPY of it each time "if the $_FILES upload process fail"?

[NotionCommotion]

Change

if(!isset($error)){
    $uploadedFile = $_FILES['file']['tmp_name'];
    $thumbnail = $_SESSION['user_id'] . '-' . $randomString . "." . $extension;
    move_uploaded_file($uploadedFile, "upload/" . $thumbnail);
}else{
    //Make sure NoInfo image has png extension
    $thumbnail = $_SESSION['user_id'] . '-' . $randomString . ".png";
    copy("upload/NoInfoAvailable1.png", "upload/" . $thumbnail);
}
$_SESSION['thumbnail'] = $thumbnail;
$file_location = '<a href="http://www....com/upload/' . $thumbnail . '">' . $thumbnail . '</a>';

to
 

if(!isset($error)){
    $uploadedFile = $_FILES['file']['tmp_name'];
    $thumbnail = $_SESSION['user_id'] . '-' . $randomString . "." . $extension;
    move_uploaded_file($uploadedFile, "upload/" . $thumbnail);
    $_SESSION['thumbnail'] = $thumbnail;
    $file_location = '<a href="http://www....com/upload/' . $thumbnail . '">' . $thumbnail . '</a>';
}else{
    //Make sure NoInfo image has png extension
    $file_location = '<a href="http://www....com/somedirectory/NoInfoAvailable1.png/">missing</a>';
}

[Chrisj]

Thanks for your reply/code, however it did not work successfully.

 

I'm using a PHP script where this Form ultimately uploads a video. It has been modified so that the user, while filling in the Form, can optional add an image file to his Form info, then upon selecting the Submit button the image is renamed and uploads the Form info and (optional) image, after Submit the next page is where the user selects a video file to upload (and the image is linked to the video). When the video is searched a link appears next to the video thumbnail image. The link is for viewing the (optional) image file. When am image file has not been uploaded via the Form, the link showed only "Access Forbidden", until the NoInfoAvailable1.png code was added (successfully)(to show something more informative than "Access Forbidden"). However, now using your new code provided in the posting, upon not uploading an image, via the Form, I now again see "Access Forbidden" instead of NoInfoAvailable1.png. Any additional help will be appreciated.

[NotionCommotion]

Obviously, http://www....com/somedirectory/NoInfoAvailable1.png needs to be an accessible resource.   Maybe I misunderstand.

[Chrisj]

Thanks for your reply.

Any additional help will be appreciated.