Jump to content

Why Not Getting The Write Error Message Based On The IF Condition ?


phpsane

Recommended Posts

Hi,

I have written a file upload script.

The way it works is that, it creates a folder under the user's (uploader's) Username and uploads the file to it. Like in this path:

Line 29-36.

	//Feed Id Verification Video File Upload Directory path. 
            $directory_path = "uploads/videos/id_verifications/"; 
            //Make Directory under $user in 'uploads/videos/id_verifications' Folder. 
            if(!is_dir("$directory_path" . "user")) 
            { 
                $mode = "0777"; 
                mkdir("$directory_path" . "$user", $mode, TRUE); 
            } 
	

 

So that means, if the User's name is "Requinix" then the script would first check if the folder/directory under that name exists or not. If it exists, then it won't create the folder and just upload the new file to it.

But, if it does not exist, then it will create that folder before uploading the new file to it that the user "Requinix" is trying to upload.

I am trying to make sure that, the same User is not uploading the same file over and over again. Hence, wrote the script to check the file name to see if it already exists in the folder or not. Wrote like this:

Line 52-56:

	if(file_exists("$directory_path" . "$user/" . "$file_name")) 
            { 
                $Errors[] = "Error: You have already uploaded a video file to verify your ID!"; 
                exit(); 
            } 
	

Anyway, the folder is getting created under the Username as expected. Good.

I uploaded a file and it got uploaded to the directory under the Username. Again, good.

Then, for testing purpose, I tried uploading the same file again to see if I get this error or not (according to line 54):

Line 54:

	"Error: You have already uploaded a video file to verify your ID!"; 
	

Instead, I get this error:

Warning: mkdir(): File exists in C:\xampp\htdocs\test\upload.php on line 35

Why am I not getting the right error message ?

Full script:

	<?php 
	//Required PHP Files. 
include 'config.php'; 
include 'header.php'; 
include 'account_header.php'; 
	if (!$conn) 
{ 
    $error = mysqli_connect_error(); 
    $errno = mysqli_connect_errno(); 
    print "$errno: $error\n"; 
    exit(); 
} 
	if($_SERVER["REQUEST_METHOD"] == "POST") 
    { 
        //Check whether the file was uploaded or not without any errors. 
        if(!isset($_FILES["id_verification_video_file"]) && $_FILES["id_verification_video_file"]["Error"] == 0) 
        { 
            $Errors = Array(); 
            $Errors[] = "Error: " . $_FILES["id_verification_video_file"] ["ERROR"]; 
            print_r($_FILES); ?><br><?php 
            print_r($_ERRORS); 
            exit(); 
        } 
        else 
        { 
            //Feed Id Verification Video File Upload Directory path. 
            $directory_path = "uploads/videos/id_verifications/"; 
            //Make Directory under $user in 'uploads/videos/id_verifications' Folder. 
            if(!is_dir("$directory_path" . "user")) 
            { 
                $mode = "0777"; 
                mkdir("$directory_path" . "$user", $mode, TRUE); 
            } 
            else 
            {
                
            } 
            
            //Grab uploading File details. 
            $Errors = Array(); 
            $file_name = $_FILES["id_verification_video_file"]["name"]; 
            $file_tmp = $_FILES["id_verification_video_file"]["tmp_name"]; 
            $file_type = $_FILES["id_verification_video_file"]["type"]; 
            $file_size = $_FILES["id_verification_video_file"]["size"]; 
            
            //Grab Uploading File Extension details. 
            $file_extension = pathinfo($file_name, PATHINFO_EXTENSION); 
            
            if(file_exists("$directory_path" . "$user/" . "$file_name")) 
            { 
                $Errors[] = "Error: You have already uploaded a video file to verify your ID!"; 
                exit(); 
            } 
            else 
            { 
                //Feed allowed File Extensions List. 
                $allowed_file_extensions = array("mp4" => "video/mp4"); 
                
                //Feed allowed File Size. 
                $max_file_size_allowed_in_bytes = 1024*1024*100; //Allowed limit: 100MB. 
                $max_file_size_allowed_in_kilobytes = 1024*100; 
                $max_file_size_allowed_in_megabytes = 100; 
                
                $max_file_size_allowed = "$max_file_size_allowed_in_bytes"; 
                
                //Verify File Extension. 
                if(!array_key_exists($file_extension, $allowed_file_extensions)) die("Error: Select a valid video file format. Select an Mp4 file."); 
                //Verify MIME Type of the File. 
                elseif(!in_array($file_type, $allowed_file_extensions)) 
                { 
                    $Errors[] = "Error: There was a problem uploading your file $file_name! Make sure your file is an MP4 video file. You may try again."; 
                } 
                //Verify File Size. Allowed Max Limit: 100MB. 
                elseif($file_size>$max_file_size_allowed) die("Error: Your Video File Size is larger than the allowed limit of: $max_file_size_allowed_in_megabytes."); 
                    //Move uploaded File to newly created directory on the server. 
                    move_uploaded_file("$file_tmp", "$directory_path" . "$user/" . "$file_name"); 
                    //Notify user their Id Verification Video File was uploaded successfully. 
                    echo "Your Video File \"$file_name\" has been uploaded successfully!"; 
                    exit(); 
            } 
        } 
    } 
?> 
	<form enctype="multipart/form-data" ACTION="" METHOD="POST"> 
    <fieldset> 
    <p align="left"><h3><?php $site_name ?> ID Video Verification Form</h3></p> 
    <div class="form-group"> 
        <p align="left"<label>Video File: </label> 
        <input type="file" name="id_verification_video_file" id="id_verification_video_file" value="uploaded 'Id Verification Video File.'"></p> 
    </div> 
    </fieldset> 
    <p align="left"><button type="submit" class="btn btn-default" name="id_verification_video_file_submit">Submit!</button></p> 
</form> 
</body> 
</html>
	

Error Reporting is in one of the included files like so:

	<?php 
	//ERROR REPORTING CODES.
declare(strict_types=1);
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
	?>
	

Are there anything else wrong with the code ? If so, where ? Which particular lines and how can I fix them ? Care to show some example codes  to how it should have been on this and that line ?

 

Thanks

Link to comment
Share on other sites

11 minutes ago, requinix said:

Find the line with the mkdir. You've posted it so that should be very easy to do.

Then look three lines up. And keep looking until you see the problem.

Mmm.

Ok, here are the lines:

	//Feed Id Verification Video File Upload Directory path. 
            $directory_path = "uploads/videos/id_verifications/"; 
            //Make Directory under $user in 'uploads/videos/id_verifications' Folder. 
            if(!is_dir("$directory_path" . "user")) 
            { 
                $mode = "0777"; 
                mkdir("$directory_path" . "$user", "$mode", TRUE); 
            } 
	

3 lines above is this line:

	if(!is_dir("$directory_path" . "user")) 
	

What is wrong there ?

You mean, it should be like this:

	if(!is_dir("$directory_path" . "$user", "$mode", TRUE)); 
	

That doesn't look right, though. 

1 min later ... Nope! That causes more problem and errors!

Sorry mate, I did not understand your hint. Going in the wrong direction now.

 

Link to comment
Share on other sites

53 minutes ago, ginerjm said:

Not to stop Requinix's fun, but just to close out your post:

     if(!is_dir("$directory_path" . "user")) 

See anything wrong here?

$$$$$$$$

 

Lol! Now really laughing. I get you, mate!

Should be:

 if(!is_dir("$directory_path" . "$user")) 

 

Thanks!

But hold on, this thread ain't finished yet!

Link to comment
Share on other sites

Reading these now ...

http://php.net/manual/en/features.file-upload.errors.php

http://php.net/manual/en/features.file-upload.post-method.php

http://php.net/manual/en/function.move-uploaded-file.php

If you really must know. The error array I copied from a tutorial. Was about to get rid of it out of my code as I really did not know how it works. But finding the link mentioned above, I am now really gonna learn how it works and not rid the error array. ;)

Even though I understand my code which I grabbed from tutorials and edited to my needs. I really did not understand that error array. Now gonna get to the bottom of it and learn it than do guess work.

And yes, I still copy and paste and try to learn from the copying. :D

That is how I learn. Copy others' codes and learn from them and change whatever I do not like or whatever I do not need. :D

 

Link to comment
Share on other sites

Folks,

Look at these 2 lines:

	if(!array_key_exists($file_extension,$allowed_file_extensions)) die("Error: Select a valid video file format. Select an MP4 or WAV file."); 
	elseif(!in_array($file_type,$allowed_file_extensions)) 
	

Do they not do the same thing ? Which one must i keep and which one to ditch ?

Context of the code ...

	//Verify File Extension. 
                if(!array_key_exists($file_extension, $allowed_file_extensions)) die("Error: Select a valid video file format. Select an Mp4 file."); 
                //Verify MIME Type of the File. 
                elseif(!in_array($file_type, $allowed_file_extensions)) 
                { 
                    $Errors[] = "Error: There was a problem uploading your file $file_name! Make sure your file is an MP4 video file. You may try again."; 
                } 
	

 

Do not forget to reply to my previous posts.

Link to comment
Share on other sites

1 hour ago, Barand said:

Why do keep putting single string variables, like "$directory_path" inside double quotes? There is no need for it and all you are doing is masking  errors and making the code less efficient.

You mean, I should not do it like this ...

	if(file_exists("$directory_path" . "$user/" . "$file_name")) 
	

But should do it like this ...

1.

	if(file_exists($directory_path . $user/. $file_name)) 
	

Or, like this:

2.

	if(file_exists('$directory_path' . '$user/' . '$file_name')) 
	

Right ?

EDITED a min later ...

Mind you. I thought number 1 would work and not number 2. But the opposite is working!!!

I thought the single quote would turn it into a string. Eg. '$directory_path'.

But now, I have learnt single quotes don't always do that. Guessing, single quotes also define inputs to parameters and so inputs as function parameters can be done with single quotes and anything inside the single quotes will not be taken into account by php to be a string. Can someone confirm this ? Barand, Requinix, MacGuyver, anyone else!

But, I still want to learn Barand, what is really wrong using dbl quotes as the param inputs here ...

	if(file_exists("$directory_path" . "$user"' . "$file_name")) 
	

Teach me something you think I do not know.

 

 

Link to comment
Share on other sites

2 hours ago, Barand said:

Why do keep putting single string variables, like "$directory_path" inside double quotes? There is no need for it and all you are doing is masking  errors and making the code less efficient.

Awwe c'mon, phpsane/forumcoder/uniqueideaman/uiman has only been at this for over two years. You cant expect him to know the basics yet. :anim_reading:

Link to comment
Share on other sites

20 minutes ago, gizmola said:

You really need to read the page on PHP Strings

This is the closest to being correct, yet includes a glaring problem and would actually produce a syntax error.

You are right!

Parse error: syntax error, unexpected '.' in ...

I get you folks now. The params have to be inside sngle quotes. Gotcha! (Got you!). Btw, incase you westies (westerners) don't know, "got you" = I understand you, NOW!

 

PS - I invented a new word now: "Westies". Lol! ;)

How-about, 'Westers' ?

Check if domain names are available or not under those words. Lol! ;) You never know, they might sell for $m!

Link to comment
Share on other sites

3 hours ago, Barand said:

Why do keep putting single string variables, like "$directory_path" inside double quotes? There is no need for it and all you are doing is masking  errors and making the code less efficient.

Shall I change all these 3 lines to sngl quotes too ?

	if(!is_dir("$directory_path" . "$user")) 
            { 
                $mode = "0777"; 
                mkdir("$directory_path" . "$user", "$mode", TRUE); 
            } 
	

Link to comment
Share on other sites

Barand,

I got this error:

Warning: mkdir() expects parameter 2 to be integer, string given

When I changed this:

	if(!is_dir("$directory_path" . "$user")) 
            { 
                $mode = "0777"; 
                mkdir("$directory_path" . "$user", "$mode", TRUE); 
            } 
	

to this: 

	if(!is_dir('$directory_path' . '$user')) 
            { 
                $mode = '0777'; 
                mkdir('$directory_path' . '$user', '$mode', TRUE); 
            } 
	

Line 35 is:

 mkdir('$directory_path' . '$user', '$mode', TRUE); 

 

This is a mystery to me now. Why am I getting this error here when I do not get the error there ...

When I change line 52 from this ..

	if(file_exists("$directory_path" . "$user/" . "$file_name")) 
	

to this ..

	if(file_exists('$directory_path' . '$user/' . '$file_name')) 
	

 

Strange! Right, Benanamen ?

Requinix, Barand or Mac Guyver, throw your torch light this way as I am now swimming in the dark pool total blind!

And Benanamen! Don;t just criticise, shed some light in your criticism. Then, I will get somewhere. Atleast! ;)

Link to comment
Share on other sites

UIMan, I am seriously trying to have patience with you even after all these years, but c'mon man.

Error message says it is expecting an integer. The error message is more than clear what is wrong,  STRING GIVEN. Do you really not know how to create a variable with an integer as a value? Even a blind man can see the answer to this VERY simple first day in Php problem.

Link to comment
Share on other sites

@phpsane, @benanamen is right - you should know the difference between single and double quotes by now. For review, please read this: http://php.net/manual/en/language.types.string.php#language.types.string.parsing.

In case it's still confusing, please note this line:

 

When a string is specified in double quotes or with heredoc, variables are parsed within it.

 

Link to comment
Share on other sites

Quote

if(file_exists($directory_path . $user/. $file_name)) 

I linked you to the manual page, and you clearly didn't read it.  I don't know how you went from my comment to the assumption that the solution was to turn all your variables into string constants.

Here's what the line should be:

if (file_exists($directory_path . $user . '/' . $file_name)) 

I leave it to you to look at these two lines, and determine why one actually parses and the other doesn't.  

// Run this somewhere and play with it until you understand

$name = 'Dorothy';

echo 'Hello Toto, my name is $name' . PHP_EOL;

echo "Hello Toto, my name is $name" . PHP_EOL;


$basePath = "/var/www/mysite/";

$picDirName = "pictures";


$fullPath1 = $basePath . $name . '/' . $picDirName;
echo $fullPath1 . PHP_EOL;

$fullPath2 = "$basePath$name/$picDirName";
echo $fullPath2 . PHP_EOL;

$wrongPath = '$basePath' . '$name' . '/' . '$picDirName';
echo $wrongPath . PHP_EOL;

 

 

 

Link to comment
Share on other sites

<?php

$foo = "Foobar";

echo "$foo";  // Foobar.
echo $foo;    // Foobar.  Functionally equivalent to above, no quotes needed.
echo '$foo';   // $foo.  A literal string, and not what we wanted.

$foo = "/home/dalecosp/php";

file_put_contents($foo . "/" . 'bar', "This is file content");  // writes the given sentence into /home/dalecosp/php/bar.
file_put_contents("$foo/" . "bar", "This is file content");   // does the same thing; because of double-quote variable interpolation, the trailing slash is added to /home/dalecosp/php (it was not given when $foo was assigned).
file_put_contents("$foo" . "/bar", "This is file content");   // does the same thing.  The slash is still in the string.
file_put_contents("$foo/" . '/bar', "This is file content");   // does the same thing, because we literally want '/bar' to be appended to the path given by $foo.
file_put_contents('$foo' . '/bar', "This is file content");    // will almost certainly fail, "no such directory $foo/bar".



Single quotes are a literal string.
Double quotes do variable interpolation.  They aren't needed if the variable is all that's required; it's an easy way to concatenate strings or insert a variable into a string.

Link to comment
Share on other sites

On 9/3/2018 at 3:23 AM, benanamen said:

UIMan, I am seriously trying to have patience with you even after all these years, but c'mon man.

Error message says it is expecting an integer. The error message is more than clear what is wrong,  STRING GIVEN. Do you really not know how to create a variable with an integer as a value? Even a blind man can see the answer to this VERY simple first day in Php problem.

No. No. No. I meant, why is it expecting param 2 to be an integer ?

Link to comment
Share on other sites

On 9/3/2018 at 10:07 AM, gizmola said:

I linked you to the manual page, and you clearly didn't read it.  I don't know how you went from my comment to the assumption that the solution was to turn all your variables into string constants.

Here's what the line should be:


if (file_exists($directory_path . $user . '/' . $file_name)) 

I leave it to you to look at these two lines, and determine why one actually parses and the other doesn't.  


// Run this somewhere and play with it until you understand

$name = 'Dorothy';

echo 'Hello Toto, my name is $name' . PHP_EOL;

echo "Hello Toto, my name is $name" . PHP_EOL;


$basePath = "/var/www/mysite/";

$picDirName = "pictures";


$fullPath1 = $basePath . $name . '/' . $picDirName;
echo $fullPath1 . PHP_EOL;

$fullPath2 = "$basePath$name/$picDirName";
echo $fullPath2 . PHP_EOL;

$wrongPath = '$basePath' . '$name' . '/' . '$picDirName';
echo $wrongPath . PHP_EOL;

 

 

 

Giz,

I know that dbl quotes show the value of the variable and don't show "as is".

While single quotes show as is (literal).

	$name = "gizmolo";
	echo "My name is $name"; //Correct as the variable value would be shown as the name
	echo 'My name is' .  "$name"; //Correct as the variable value would be shown as the name
	echo 'My name is $name'; //Wrong as it will show literally the variable name as the name
	echo "My name is '$name' "; //Wrong as it will show literally the variable name as the name
	

Look at the 4 different types of ways I did the above and look how I understood what is right and what is wrong. I learnt all this through trial & error or experimenting as you would put it.

I already know this.

 

My point was ...

In my opinion this is correct as the params are inside dbl quotes and not sngl:

	if(file_exists("$directory_path" . "$user/" . "$file_name") 
	

 

And, in my opinion this following code should have been incorrect showing error as the params are inside sngl quotes (literal strings). Note the $variables inside sngl quotes. Variables should not be inside sngl quotes. Therefore, the following should have been incorrect ...

	if(file_exists('$directory_path' . '$user/' . '$file_name')) 
	

But for some reason I get no error here. Why is that ?

Therefore, I had no choice but to come to a conclusion or assumption. And, I started assuming that, paramater inputs can be inside sngl quotes even if the params are variables. 

Q1. Did I assume right or wrong here ? That is the big question to me.

I am assuming that, you can input params inside sngl quotes even if the param inputs are variables. Why am I assuming this ? It is because I am getting no errors here.

But if my assumption is correct, then my next big question to you guys was, why is the following showing error ? It to has it's param inputs (which are variables) inside sngl quotes.

	mkdir('$directory_path' . '$user' .'$mode', TRUE); 
	

I get error:

Warning: mkdir() expects parameter 2 to be integer, string given in 

And so, from my 2nd example experiment, I am now going against my first assumption that the param inputs (which are variables) can be inside sngl quotes.

 

So, is my 1st assumption correct or the 2nd assumption that goes against the 1st assumption ?

 

Link to comment
Share on other sites

Ooops!

I now understand why this was showing error:

mkdir('$directory_path' . '$user' .'$mode', TRUE); 
	

The 2nd param is '$mode' here and that is being fed as a string and not an integer. Silly me! I guess sleep was in my eyes!

Both these are working now in my experiment ...Working means I get no errors.

	$mode = "0777"; 
 mkdir('$directory_path' . '$user', "$mode", TRUE);  // $mode is dbl quoted
	
	$mode = "0777"; 
 mkdir('$directory_path' . '$user', $mode, TRUE); // $mode is not quoted
	

However, I think the both codes are wrong as the directory path are being fed as a literal $directory_path & username as a literal $user and not being fed the actual value of the variables. Right boys ?

Therefore, in my experiment, I now come to the conclusion to what I originally believed in. And that is, param inputs cannot be inside sngl quotes but can be inside dbl quotes or no quotes atall. Right boys ?

Or, am I going the wrong direction again ? I get the feeling the param inputs should not be inside any quotes atall. Is my gut feeling correct here, Requinix/GinerJm/Benanamen ?

 

Link to comment
Share on other sites

Which one of these 2 I should stick to ?

mkdir("$directory_path" . "$user", "$mode", TRUE);  //Originally I had it like this. That param inputs should be inside dbl quotes.

mkdir($directory_path . $user . $mode, TRUE);  // I now reckon, I should stick to this. Param inputs should not be quoted atall. be it sngl quote or dbl. What you say ?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.