Jump to content

Help with the 'checkbox' to agree to terms prior to upload


Recommended Posts

I'm using an upload script (I did not write it) that works successfully.

 

I'm trying to add the function where you 'must check box to agree to terms' prior to uploading a file.

 

I've added lines 67 thru 75, and lines 88 thru 92, but it is missing something, because, whether the box is checked or not, a file can still be uploaded.

 

Any guidance will be appreciated.

<?php
session_start();
require_once 'phps3integration_lib.php';
$message = "";
if (@$_POST['submit'] != "") {
$allowed_ext = array("gif", "jpeg", "jpg", "png", "pdf", "doc", "docs", "zip", "mov", "MOV", "flv", "mp4", "3gp", "3GP");
$extension = end(explode(".", $_FILES["file"]["name"]));
if (($_FILES["file"]["size"] < 10485760000) && in_array($extension, $allowed_ext)) {
if ($_FILES["file"]["error"] > 0) {
//$message.="There is some error in upload, see: " . $_FILES["file"]["error"] . "<br>";//Enable this to see actual error
$message.="There is some error in upload. Please try after some time.";
} else {
$uploaddir = '../Upload/';
$uploadfile = $uploaddir . basename($_FILES['file']['name']);
$uploaded_file = false;
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile))
{
$uploaded_file = $_FILES['file']['name'];
}
if ($uploaded_file != FALSE) {
$user_name = @$_POST['user_name'] != "" ? @$_POST['user_name'] : "Anonymous";
$form_data = array(
'file' => $uploaded_file,
'user_name' => $user_name,
'type' => 'file'
);
mysql_query("INSERT INTO `phps3files` (`id`, `file`, `user_name`, `type`) VALUES (NULL, '" . $uploaded_file . "', '" . $user_name . "', 'file')") or die(mysql_error());
$message.= "File Successfully Uploaded";
} else {
$message.="There is some error in upload. Please try after some time.";
}
}
} else {
$message.= "Invalid file, Please upload a gif/jpeg/jpg/png/pdf/doc/docs/zip/mov/flv/mp4/3gp file of maximum size 25 MB.";
}
}
?>

<?php
require_once 'header.php';
?>
<head>

<script>
var ids = ['input', 'message', 'button'];
var obj = {};

ids.forEach(function (v) {
    obj[v] = document.getElementById(v);
});

obj.input.style.display = 'none';
obj.button.style.display = 'block';

obj.input.addEventListener('change', function () {
    obj.message.innerText = this.value;
    obj.message.style.display = 'block';
});

obj.button.addEventListener('click', function (e) {
    e.preventDefault();

    obj.input.click();
});
</script>

<script type="text/javascript">
function validate()
{
if(false == document.getElementById("agree").checked)
{
alert("If you agree with the terms, check the Agree check box");
}
}
</script>

</head>
<html>
<fieldset>
<form action="" method="post" enctype="multipart/form-data">

<div class="control-group">
<label for="file" class="control-label"><font size="6" color="#454545"><b>Choose a file to upload:</b></font></label><br /><br />
<input id="input" name="file" type="file" /></input>
<button id="button"><font size="3" color="#454545">Click To<br /> Select File</font></button>
<div id="message"><font size="3" color="#454545">No File Chosen</font></div>
</div>
<div>
<input type="checkbox" name="agree" id="agree" value="agree" /> <label for='agree'>
<a href="../Terms1.php" target="_blank"><span style="color: #454545; font-size: 10px">By uploading a file here, you agree to these <u>Upload Terms/Agreement</u></a></span>
</label>
</div>
<div class="control-group">
<div class='controls'>
<label class="myLabel1">
<input type="submit" name="submit" value="Submit" class="btn" style="opacity: 0">
</label><
</div>
</form>
</fieldset>

<script>
var ids = ['input', 'message', 'button'];
var obj = {};

ids.forEach(function (v) {
    obj[v] = document.getElementById(v);
});

obj.input.style.display = 'none';
obj.button.style.display = 'inline-block';

obj.input.addEventListener('change', function () {
    var filename = this.value.replace(/^.*[\\\/]/, '');
		obj.message.innerHTML  = filename;
    obj.message.style.display = 'inline-block';
});

obj.button.addEventListener('click', function (e) {
    e.preventDefault();

    obj.input.click();
});

</script>
<?php
if ($message != "" || @$_SESSION['message'] != "") {
    ?>
    <div class="alert alert-success">
    <?php echo $message; ?>
    <?php
    echo @$_SESSION['message'];
    @$_SESSION['message'] = '';
    ?>
    </div>
    <?php
}
?>
<div>
</div>

<?php require_once 'footer.php'; ?>


Edited by Chrisj

What a mess of code! Didn't even try to figure out what you are attempting to do here but did search for how you handled the checkbox.

 

You have a JS function that is trying to check the checkbox being checked. You have no php code trying to do that. Personally that would be the first thing I would do in the script - look for the checkbox being set (!!!) since if it is not checked it won't show up in your $_POST array. Currently you do all the file upload logic without checking if your "requirements" have been met. That is backwards.

 

So - the real problem. Where do you call the 'validate()' function? I couldn't find the word 'validate' in your entire script(s) so that means it is not being used.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.