HuggieBear Posted December 14, 2006 Share Posted December 14, 2006 Try something really simple like this, and it will help you to understand the values assigned to each element of the array when it's uploaded.[code]<?phpecho <<<HTML <form name="upload" method="POST" action="{$_SERVER['PHP_SELF']}" enctype="multipart/form-data"> <input type="file" name="image"><br> <input type="submit" name="submit" value="Upload"><br><br> </form>HTML;if (isset($_FILES)){ echo "<pre>\n"; print_r($_FILES); echo "</pre>\n";}?>[/code]Huggie Quote Link to comment https://forums.phpfreaks.com/topic/30631-file-extensions-and-overwriting-existing-files/page/2/#findComment-141162 Share on other sites More sharing options...
Accurax Posted December 14, 2006 Author Share Posted December 14, 2006 i understand the different parts of the $_FILES array .... i just have never used the erro part before, the upload itself works... the problem seems to be with the checking of file types :( Quote Link to comment https://forums.phpfreaks.com/topic/30631-file-extensions-and-overwriting-existing-files/page/2/#findComment-141164 Share on other sites More sharing options...
HuggieBear Posted December 14, 2006 Share Posted December 14, 2006 OK, got to do some work now.I'll review your whole code this evening and correct it for you.RegardsHuggie Quote Link to comment https://forums.phpfreaks.com/topic/30631-file-extensions-and-overwriting-existing-files/page/2/#findComment-141168 Share on other sites More sharing options...
Accurax Posted December 14, 2006 Author Share Posted December 14, 2006 ok mate thanks i really appreciate your help :) Quote Link to comment https://forums.phpfreaks.com/topic/30631-file-extensions-and-overwriting-existing-files/page/2/#findComment-141170 Share on other sites More sharing options...
HuggieBear Posted December 14, 2006 Share Posted December 14, 2006 OK, I've read the code and I've been a complete muppet.Try this:[code]<?phpsession_start();include("Vars.inc");if ( $_SESSION['login'] != "true" ) { header("location: hacker.php"); }else{ if ($_FILES['filename']['type'] != "image/jpeg" && $_FILES['filename']['type'] != "image/pjpeg" && $_FILES['filename']['type'] != "image/gif") { echo "Sorry you must upload only files of the type .jpg .jpeg or .gif, Click <a href='picturemanager.php'>Here</a> to try again"; } else { $filetype = $_FILES['filename']['type']; $username = $_SESSION['username']; $filename = $_FILES['filename']['name']; preg_match('/\.\w{3,4}$/', $filename, $matches); $new_filename = $username."1".$matches[0]; $myFile = $new_filename; unlink("pictures/".$myFile); $filepath = "pictures/".$new_filename; echo "<h1 align = 'center'>Your File has been uploaded. Click <a href='picturemanager.php'>Here</a>to Return</h1>"; $source = "pictures"; move_uploaded_file($_FILES['filename']['tmp_name'], "../xxx/xxx/$source/".$new_filename); // this line is for local host /*"../xxx/$source/".$_FILES['filename']['name']);*/ //this line is for remote server $connection=mysql_connect($host, $user, $passwd) or die ("Could not connect !"); $db = mysql_select_db($database, $connection) or die ("Could not connect to Database"); $username = $_SESSION['username']; $query = "UPDATE members SET picture = '$filepath' WHERE user_name='$username'"; $result = mysql_query($query) or die ("could not add picture.");}}?>[/code]The || (or) was producing a true result everytime. We needed && (and) to produce a negative result and output the correct details.My work here is done, incidently, you could cut your code down by removing duplicate values, like this:[code]<?phpsession_start();include("Vars.inc");if ( $_SESSION['login'] != "true" ){ header("location: hacker.php");}else { if ($_FILES['filename']['type'] != "image/jpeg" && $_FILES['filename']['type'] != "image/pjpeg" && $_FILES['filename']['type'] != "image/gif"){ echo "Sorry you must upload only files of the type .jpg .jpeg or .gif, Click <a href='picturemanager.php'>Here</a> to try again"; } else{ preg_match('/\.\w{3,4}$/', $_FILES['filename']['name'], $matches); $new_filename = $_SESSION['username']."1".$matches[0]; unlink("pictures/".$new_filename); $filepath = "pictures/".$new_filename; echo "<h1 align = 'center'>Your File has been uploaded. Click <a href='picturemanager.php'>Here</a>to Return</h1>"; $source = "pictures"; move_uploaded_file($_FILES['filename']['tmp_name'], "../xxx/xxx/$source/".$new_filename); // this line is for local host /*"../xxx/$source/".$_FILES['filename']['name']);*/ //this line is for remote server $connection=mysql_connect($host, $user, $passwd) or die ("Could not connect !"); $db = mysql_select_db($database, $connection) or die ("Could not connect to Database"); $query = "UPDATE members SET picture = '$filepath' WHERE user_name='{$_SESSION['username']}'"; $result = mysql_query($query) or die ("could not add picture."); }}?>[/code]RegardsHuggie Quote Link to comment https://forums.phpfreaks.com/topic/30631-file-extensions-and-overwriting-existing-files/page/2/#findComment-141451 Share on other sites More sharing options...
Accurax Posted December 15, 2006 Author Share Posted December 15, 2006 Omg ... That is some seriously perverted logic ..... Huggie you are an absolute superstar mate.... Im having real problems getting my head around ifelse statements, and i really cant thankyou enough.I really appreciate it Huggie... Thankyou :) Quote Link to comment https://forums.phpfreaks.com/topic/30631-file-extensions-and-overwriting-existing-files/page/2/#findComment-141658 Share on other sites More sharing options...
HuggieBear Posted December 15, 2006 Share Posted December 15, 2006 No problem, I was looking at some similar code that I've got and then I realised the difference, you were saying.... if file isn't equal to something or file isn't equal to something else, when I looked at my code it was saying if file IS equal to something or file IS equal to something else. So you were testing for negative and me for positive, hence the change from OR to AND.RegardsHuggie Quote Link to comment https://forums.phpfreaks.com/topic/30631-file-extensions-and-overwriting-existing-files/page/2/#findComment-141666 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.