phpsane Posted September 2, 2018 Share Posted September 2, 2018 (edited) Hi, I have written a file upload script. The way it works is that, it creates a folder under the user's (uploader's) Username and uploads the file to it. Like in this path: Line 29-36. //Feed Id Verification Video File Upload Directory path. $directory_path = "uploads/videos/id_verifications/"; //Make Directory under $user in 'uploads/videos/id_verifications' Folder. if(!is_dir("$directory_path" . "user")) { $mode = "0777"; mkdir("$directory_path" . "$user", $mode, TRUE); } So that means, if the User's name is "Requinix" then the script would first check if the folder/directory under that name exists or not. If it exists, then it won't create the folder and just upload the new file to it. But, if it does not exist, then it will create that folder before uploading the new file to it that the user "Requinix" is trying to upload. I am trying to make sure that, the same User is not uploading the same file over and over again. Hence, wrote the script to check the file name to see if it already exists in the folder or not. Wrote like this: Line 52-56: if(file_exists("$directory_path" . "$user/" . "$file_name")) { $Errors[] = "Error: You have already uploaded a video file to verify your ID!"; exit(); } Anyway, the folder is getting created under the Username as expected. Good. I uploaded a file and it got uploaded to the directory under the Username. Again, good. Then, for testing purpose, I tried uploading the same file again to see if I get this error or not (according to line 54): Line 54: "Error: You have already uploaded a video file to verify your ID!"; Instead, I get this error: Warning: mkdir(): File exists in C:\xampp\htdocs\test\upload.php on line 35 Why am I not getting the right error message ? Full script: <?php //Required PHP Files. include 'config.php'; include 'header.php'; include 'account_header.php'; if (!$conn) { $error = mysqli_connect_error(); $errno = mysqli_connect_errno(); print "$errno: $error\n"; exit(); } if($_SERVER["REQUEST_METHOD"] == "POST") { //Check whether the file was uploaded or not without any errors. if(!isset($_FILES["id_verification_video_file"]) && $_FILES["id_verification_video_file"]["Error"] == 0) { $Errors = Array(); $Errors[] = "Error: " . $_FILES["id_verification_video_file"] ["ERROR"]; print_r($_FILES); ?><br><?php print_r($_ERRORS); exit(); } else { //Feed Id Verification Video File Upload Directory path. $directory_path = "uploads/videos/id_verifications/"; //Make Directory under $user in 'uploads/videos/id_verifications' Folder. if(!is_dir("$directory_path" . "user")) { $mode = "0777"; mkdir("$directory_path" . "$user", $mode, TRUE); } else { } //Grab uploading File details. $Errors = Array(); $file_name = $_FILES["id_verification_video_file"]["name"]; $file_tmp = $_FILES["id_verification_video_file"]["tmp_name"]; $file_type = $_FILES["id_verification_video_file"]["type"]; $file_size = $_FILES["id_verification_video_file"]["size"]; //Grab Uploading File Extension details. $file_extension = pathinfo($file_name, PATHINFO_EXTENSION); if(file_exists("$directory_path" . "$user/" . "$file_name")) { $Errors[] = "Error: You have already uploaded a video file to verify your ID!"; exit(); } else { //Feed allowed File Extensions List. $allowed_file_extensions = array("mp4" => "video/mp4"); //Feed allowed File Size. $max_file_size_allowed_in_bytes = 1024*1024*100; //Allowed limit: 100MB. $max_file_size_allowed_in_kilobytes = 1024*100; $max_file_size_allowed_in_megabytes = 100; $max_file_size_allowed = "$max_file_size_allowed_in_bytes"; //Verify File Extension. if(!array_key_exists($file_extension, $allowed_file_extensions)) die("Error: Select a valid video file format. Select an Mp4 file."); //Verify MIME Type of the File. elseif(!in_array($file_type, $allowed_file_extensions)) { $Errors[] = "Error: There was a problem uploading your file $file_name! Make sure your file is an MP4 video file. You may try again."; } //Verify File Size. Allowed Max Limit: 100MB. elseif($file_size>$max_file_size_allowed) die("Error: Your Video File Size is larger than the allowed limit of: $max_file_size_allowed_in_megabytes."); //Move uploaded File to newly created directory on the server. move_uploaded_file("$file_tmp", "$directory_path" . "$user/" . "$file_name"); //Notify user their Id Verification Video File was uploaded successfully. echo "Your Video File \"$file_name\" has been uploaded successfully!"; exit(); } } } ?> <form enctype="multipart/form-data" ACTION="" METHOD="POST"> <fieldset> <p align="left"><h3><?php $site_name ?> ID Video Verification Form</h3></p> <div class="form-group"> <p align="left"<label>Video File: </label> <input type="file" name="id_verification_video_file" id="id_verification_video_file" value="uploaded 'Id Verification Video File.'"></p> </div> </fieldset> <p align="left"><button type="submit" class="btn btn-default" name="id_verification_video_file_submit">Submit!</button></p> </form> </body> </html> Error Reporting is in one of the included files like so: <?php //ERROR REPORTING CODES. declare(strict_types=1); ini_set('display_errors', '1'); ini_set('display_startup_errors', '1'); error_reporting(E_ALL); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); ?> Are there anything else wrong with the code ? If so, where ? Which particular lines and how can I fix them ? Care to show some example codes to how it should have been on this and that line ? Thanks Edited September 2, 2018 by phpsane Quote Link to comment Share on other sites More sharing options...
requinix Posted September 2, 2018 Share Posted September 2, 2018 Find the line with the mkdir. You've posted it so that should be very easy to do. Then look three lines up. And keep looking until you see the problem. Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 2, 2018 Author Share Posted September 2, 2018 (edited) 11 minutes ago, requinix said: Find the line with the mkdir. You've posted it so that should be very easy to do. Then look three lines up. And keep looking until you see the problem. Mmm. Ok, here are the lines: //Feed Id Verification Video File Upload Directory path. $directory_path = "uploads/videos/id_verifications/"; //Make Directory under $user in 'uploads/videos/id_verifications' Folder. if(!is_dir("$directory_path" . "user")) { $mode = "0777"; mkdir("$directory_path" . "$user", "$mode", TRUE); } 3 lines above is this line: if(!is_dir("$directory_path" . "user")) What is wrong there ? You mean, it should be like this: if(!is_dir("$directory_path" . "$user", "$mode", TRUE)); That doesn't look right, though. 1 min later ... Nope! That causes more problem and errors! Sorry mate, I did not understand your hint. Going in the wrong direction now. Edited September 2, 2018 by phpsane Quote Link to comment Share on other sites More sharing options...
requinix Posted September 2, 2018 Share Posted September 2, 2018 You started going in the right direction but instead of stopping you went on past it. That is the correct line. Go back to what you had before, then keep looking at it until you figure it out. Reading the code aloud to yourself might help. Quote Link to comment Share on other sites More sharing options...
ginerjm Posted September 2, 2018 Share Posted September 2, 2018 Not to stop Requinix's fun, but just to close out your post: if(!is_dir("$directory_path" . "user")) See anything wrong here? $$$$$$$$ Quote Link to comment Share on other sites More sharing options...
Barand Posted September 2, 2018 Share Posted September 2, 2018 (edited) Why do keep putting single string variables, like "$directory_path" inside double quotes? There is no need for it and all you are doing is masking errors and making the code less efficient. Edited September 2, 2018 by Barand Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 2, 2018 Author Share Posted September 2, 2018 53 minutes ago, ginerjm said: Not to stop Requinix's fun, but just to close out your post: if(!is_dir("$directory_path" . "user")) See anything wrong here? $$$$$$$$ Lol! Now really laughing. I get you, mate! Should be: if(!is_dir("$directory_path" . "$user")) Thanks! But hold on, this thread ain't finished yet! Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 2, 2018 Author Share Posted September 2, 2018 (edited) Reading these now ... http://php.net/manual/en/features.file-upload.errors.php http://php.net/manual/en/features.file-upload.post-method.php http://php.net/manual/en/function.move-uploaded-file.php If you really must know. The error array I copied from a tutorial. Was about to get rid of it out of my code as I really did not know how it works. But finding the link mentioned above, I am now really gonna learn how it works and not rid the error array. Even though I understand my code which I grabbed from tutorials and edited to my needs. I really did not understand that error array. Now gonna get to the bottom of it and learn it than do guess work. And yes, I still copy and paste and try to learn from the copying. That is how I learn. Copy others' codes and learn from them and change whatever I do not like or whatever I do not need. Edited September 2, 2018 by phpsane Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 2, 2018 Author Share Posted September 2, 2018 (edited) Folks, Look at these 2 lines: if(!array_key_exists($file_extension,$allowed_file_extensions)) die("Error: Select a valid video file format. Select an MP4 or WAV file."); elseif(!in_array($file_type,$allowed_file_extensions)) Do they not do the same thing ? Which one must i keep and which one to ditch ? Context of the code ... //Verify File Extension. if(!array_key_exists($file_extension, $allowed_file_extensions)) die("Error: Select a valid video file format. Select an Mp4 file."); //Verify MIME Type of the File. elseif(!in_array($file_type, $allowed_file_extensions)) { $Errors[] = "Error: There was a problem uploading your file $file_name! Make sure your file is an MP4 video file. You may try again."; } Do not forget to reply to my previous posts. Edited September 2, 2018 by phpsane Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 2, 2018 Author Share Posted September 2, 2018 (edited) 1 hour ago, Barand said: Why do keep putting single string variables, like "$directory_path" inside double quotes? There is no need for it and all you are doing is masking errors and making the code less efficient. You mean, I should not do it like this ... if(file_exists("$directory_path" . "$user/" . "$file_name")) But should do it like this ... 1. if(file_exists($directory_path . $user/. $file_name)) Or, like this: 2. if(file_exists('$directory_path' . '$user/' . '$file_name')) Right ? EDITED a min later ... Mind you. I thought number 1 would work and not number 2. But the opposite is working!!! I thought the single quote would turn it into a string. Eg. '$directory_path'. But now, I have learnt single quotes don't always do that. Guessing, single quotes also define inputs to parameters and so inputs as function parameters can be done with single quotes and anything inside the single quotes will not be taken into account by php to be a string. Can someone confirm this ? Barand, Requinix, MacGuyver, anyone else! But, I still want to learn Barand, what is really wrong using dbl quotes as the param inputs here ... if(file_exists("$directory_path" . "$user"' . "$file_name")) Teach me something you think I do not know. Edited September 2, 2018 by phpsane Quote Link to comment Share on other sites More sharing options...
benanamen Posted September 2, 2018 Share Posted September 2, 2018 2 hours ago, Barand said: Why do keep putting single string variables, like "$directory_path" inside double quotes? There is no need for it and all you are doing is masking errors and making the code less efficient. Awwe c'mon, phpsane/forumcoder/uniqueideaman/uiman has only been at this for over two years. You cant expect him to know the basics yet. Quote Link to comment Share on other sites More sharing options...
gizmola Posted September 2, 2018 Share Posted September 2, 2018 You really need to read the page on PHP Strings 1 hour ago, phpsane said: if(file_exists($directory_path . $user/. $file_name)) This is the closest to being correct, yet includes a glaring problem and would actually produce a syntax error. Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 2, 2018 Author Share Posted September 2, 2018 (edited) 20 minutes ago, gizmola said: You really need to read the page on PHP Strings This is the closest to being correct, yet includes a glaring problem and would actually produce a syntax error. You are right! Parse error: syntax error, unexpected '.' in ... I get you folks now. The params have to be inside sngle quotes. Gotcha! (Got you!). Btw, incase you westies (westerners) don't know, "got you" = I understand you, NOW! PS - I invented a new word now: "Westies". Lol! How-about, 'Westers' ? Check if domain names are available or not under those words. Lol! You never know, they might sell for $m! Edited September 2, 2018 by phpsane Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 2, 2018 Author Share Posted September 2, 2018 3 hours ago, Barand said: Why do keep putting single string variables, like "$directory_path" inside double quotes? There is no need for it and all you are doing is masking errors and making the code less efficient. Shall I change all these 3 lines to sngl quotes too ? if(!is_dir("$directory_path" . "$user")) { $mode = "0777"; mkdir("$directory_path" . "$user", "$mode", TRUE); } Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 2, 2018 Author Share Posted September 2, 2018 (edited) Barand, I got this error: Warning: mkdir() expects parameter 2 to be integer, string given When I changed this: if(!is_dir("$directory_path" . "$user")) { $mode = "0777"; mkdir("$directory_path" . "$user", "$mode", TRUE); } to this: if(!is_dir('$directory_path' . '$user')) { $mode = '0777'; mkdir('$directory_path' . '$user', '$mode', TRUE); } Line 35 is: mkdir('$directory_path' . '$user', '$mode', TRUE); This is a mystery to me now. Why am I getting this error here when I do not get the error there ... When I change line 52 from this .. if(file_exists("$directory_path" . "$user/" . "$file_name")) to this .. if(file_exists('$directory_path' . '$user/' . '$file_name')) Strange! Right, Benanamen ? Requinix, Barand or Mac Guyver, throw your torch light this way as I am now swimming in the dark pool total blind! And Benanamen! Don;t just criticise, shed some light in your criticism. Then, I will get somewhere. Atleast! Edited September 2, 2018 by phpsane Quote Link to comment Share on other sites More sharing options...
benanamen Posted September 2, 2018 Share Posted September 2, 2018 (edited) UIMan, I am seriously trying to have patience with you even after all these years, but c'mon man. Error message says it is expecting an integer. The error message is more than clear what is wrong, STRING GIVEN. Do you really not know how to create a variable with an integer as a value? Even a blind man can see the answer to this VERY simple first day in Php problem. Edited September 2, 2018 by benanamen Quote Link to comment Share on other sites More sharing options...
maxxd Posted September 2, 2018 Share Posted September 2, 2018 @phpsane, @benanamen is right - you should know the difference between single and double quotes by now. For review, please read this: http://php.net/manual/en/language.types.string.php#language.types.string.parsing. In case it's still confusing, please note this line: When a string is specified in double quotes or with heredoc, variables are parsed within it. Quote Link to comment Share on other sites More sharing options...
ginerjm Posted September 3, 2018 Share Posted September 3, 2018 Why can't you RTFM? Any Manual!! Quote Link to comment Share on other sites More sharing options...
gizmola Posted September 3, 2018 Share Posted September 3, 2018 Quote if(file_exists($directory_path . $user/. $file_name)) I linked you to the manual page, and you clearly didn't read it. I don't know how you went from my comment to the assumption that the solution was to turn all your variables into string constants. Here's what the line should be: if (file_exists($directory_path . $user . '/' . $file_name)) I leave it to you to look at these two lines, and determine why one actually parses and the other doesn't. // Run this somewhere and play with it until you understand $name = 'Dorothy'; echo 'Hello Toto, my name is $name' . PHP_EOL; echo "Hello Toto, my name is $name" . PHP_EOL; $basePath = "/var/www/mysite/"; $picDirName = "pictures"; $fullPath1 = $basePath . $name . '/' . $picDirName; echo $fullPath1 . PHP_EOL; $fullPath2 = "$basePath$name/$picDirName"; echo $fullPath2 . PHP_EOL; $wrongPath = '$basePath' . '$name' . '/' . '$picDirName'; echo $wrongPath . PHP_EOL; Quote Link to comment Share on other sites More sharing options...
Barand Posted September 4, 2018 Share Posted September 4, 2018 On 9/2/2018 at 5:45 PM, phpsane said: PS - I invented a new word now: "Westies". Let me bust one of your many delusions... Quote Link to comment Share on other sites More sharing options...
dalecosp Posted September 7, 2018 Share Posted September 7, 2018 (edited) <?php $foo = "Foobar"; echo "$foo"; // Foobar. echo $foo; // Foobar. Functionally equivalent to above, no quotes needed. echo '$foo'; // $foo. A literal string, and not what we wanted. $foo = "/home/dalecosp/php"; file_put_contents($foo . "/" . 'bar', "This is file content"); // writes the given sentence into /home/dalecosp/php/bar. file_put_contents("$foo/" . "bar", "This is file content"); // does the same thing; because of double-quote variable interpolation, the trailing slash is added to /home/dalecosp/php (it was not given when $foo was assigned). file_put_contents("$foo" . "/bar", "This is file content"); // does the same thing. The slash is still in the string. file_put_contents("$foo/" . '/bar', "This is file content"); // does the same thing, because we literally want '/bar' to be appended to the path given by $foo. file_put_contents('$foo' . '/bar', "This is file content"); // will almost certainly fail, "no such directory $foo/bar". Single quotes are a literal string. Double quotes do variable interpolation. They aren't needed if the variable is all that's required; it's an easy way to concatenate strings or insert a variable into a string. Edited September 7, 2018 by dalecosp punctuation. Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 8, 2018 Author Share Posted September 8, 2018 On 9/3/2018 at 3:23 AM, benanamen said: UIMan, I am seriously trying to have patience with you even after all these years, but c'mon man. Error message says it is expecting an integer. The error message is more than clear what is wrong, STRING GIVEN. Do you really not know how to create a variable with an integer as a value? Even a blind man can see the answer to this VERY simple first day in Php problem. No. No. No. I meant, why is it expecting param 2 to be an integer ? Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 8, 2018 Author Share Posted September 8, 2018 (edited) On 9/3/2018 at 10:07 AM, gizmola said: I linked you to the manual page, and you clearly didn't read it. I don't know how you went from my comment to the assumption that the solution was to turn all your variables into string constants. Here's what the line should be: if (file_exists($directory_path . $user . '/' . $file_name)) I leave it to you to look at these two lines, and determine why one actually parses and the other doesn't. // Run this somewhere and play with it until you understand $name = 'Dorothy'; echo 'Hello Toto, my name is $name' . PHP_EOL; echo "Hello Toto, my name is $name" . PHP_EOL; $basePath = "/var/www/mysite/"; $picDirName = "pictures"; $fullPath1 = $basePath . $name . '/' . $picDirName; echo $fullPath1 . PHP_EOL; $fullPath2 = "$basePath$name/$picDirName"; echo $fullPath2 . PHP_EOL; $wrongPath = '$basePath' . '$name' . '/' . '$picDirName'; echo $wrongPath . PHP_EOL; Giz, I know that dbl quotes show the value of the variable and don't show "as is". While single quotes show as is (literal). $name = "gizmolo"; echo "My name is $name"; //Correct as the variable value would be shown as the name echo 'My name is' . "$name"; //Correct as the variable value would be shown as the name echo 'My name is $name'; //Wrong as it will show literally the variable name as the name echo "My name is '$name' "; //Wrong as it will show literally the variable name as the name Look at the 4 different types of ways I did the above and look how I understood what is right and what is wrong. I learnt all this through trial & error or experimenting as you would put it. I already know this. My point was ... In my opinion this is correct as the params are inside dbl quotes and not sngl: if(file_exists("$directory_path" . "$user/" . "$file_name") And, in my opinion this following code should have been incorrect showing error as the params are inside sngl quotes (literal strings). Note the $variables inside sngl quotes. Variables should not be inside sngl quotes. Therefore, the following should have been incorrect ... if(file_exists('$directory_path' . '$user/' . '$file_name')) But for some reason I get no error here. Why is that ? Therefore, I had no choice but to come to a conclusion or assumption. And, I started assuming that, paramater inputs can be inside sngl quotes even if the params are variables. Q1. Did I assume right or wrong here ? That is the big question to me. I am assuming that, you can input params inside sngl quotes even if the param inputs are variables. Why am I assuming this ? It is because I am getting no errors here. But if my assumption is correct, then my next big question to you guys was, why is the following showing error ? It to has it's param inputs (which are variables) inside sngl quotes. mkdir('$directory_path' . '$user' .'$mode', TRUE); I get error: Warning: mkdir() expects parameter 2 to be integer, string given in And so, from my 2nd example experiment, I am now going against my first assumption that the param inputs (which are variables) can be inside sngl quotes. So, is my 1st assumption correct or the 2nd assumption that goes against the 1st assumption ? Edited September 8, 2018 by phpsane Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 8, 2018 Author Share Posted September 8, 2018 (edited) Ooops! I now understand why this was showing error: mkdir('$directory_path' . '$user' .'$mode', TRUE); The 2nd param is '$mode' here and that is being fed as a string and not an integer. Silly me! I guess sleep was in my eyes! Both these are working now in my experiment ...Working means I get no errors. $mode = "0777"; mkdir('$directory_path' . '$user', "$mode", TRUE); // $mode is dbl quoted $mode = "0777"; mkdir('$directory_path' . '$user', $mode, TRUE); // $mode is not quoted However, I think the both codes are wrong as the directory path are being fed as a literal $directory_path & username as a literal $user and not being fed the actual value of the variables. Right boys ? Therefore, in my experiment, I now come to the conclusion to what I originally believed in. And that is, param inputs cannot be inside sngl quotes but can be inside dbl quotes or no quotes atall. Right boys ? Or, am I going the wrong direction again ? I get the feeling the param inputs should not be inside any quotes atall. Is my gut feeling correct here, Requinix/GinerJm/Benanamen ? Edited September 8, 2018 by phpsane Quote Link to comment Share on other sites More sharing options...
phpsane Posted September 8, 2018 Author Share Posted September 8, 2018 Which one of these 2 I should stick to ? mkdir("$directory_path" . "$user", "$mode", TRUE); //Originally I had it like this. That param inputs should be inside dbl quotes. mkdir($directory_path . $user . $mode, TRUE); // I now reckon, I should stick to this. Param inputs should not be quoted atall. be it sngl quote or dbl. What you say ? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.