oz11 Posted January 2 Share Posted January 2 (edited) For some reason, my file upload is not running. Could someone glance over this code for me... I'm having trouble POSTING (or whatever) the $_FILES array information. Never used this type much in the past. proceed_2.php (goto: from form) <?php include 'includes/config.php'; session_start(); date_default_timezone_set('Europe/London'); ?> <div id='main'> <?php $err = 0; if(isset($_POST["submit"])) { if(empty($_POST['title'])){ echo "Missing title"; $err=1; } if(empty($_POST['tags'])){ echo "Missing tags"; $err=1; } if(empty($_POST['descr'])){ echo "Missing description"; $err=1; } if( empty($_POST['descr']) OR empty($_POST['tags']) OR empty($_POST['title'])){ echo "Eror missing values"; exit(); } } if (isset($_POST['title']) AND isset($_POST['descr']) AND $_POST['tags']){ $newDate = date('Y-m-d H:i:s', strtotime($expired. ' +1 minutes')); $sql = "UPDATE `users` SET `expired` = ? WHERE `users`.`user_id` = ?;"; $stmt= $pdo->prepare($sql); $stmt->execute([$newDate, $_SESSION['userID']]); echo "<b>Submitted thanks!</b>"; $le_random_string = bin2hex ( random_bytes ( 2 )); // ------------ INSERT INTO DB - START ---------------- $sql = "INSERT INTO pending (url, title, terms, user_id, description, is_upload) VALUES (?,?,?,?,?,?)"; $stmt= $pdo->prepare($sql); $stmt->execute([$_POST['fileuploadname'], $_POST['title'], $_POST['tags'], $_SESSION['userID'], $_POST['descr'], 1]); // ------------ INSERT INTO DB - END ---------------- // -- FILE OPERATION -START $target_dir = "data/pending/"; if(isset($_FILES["fileToUpload"]["name"])){ $target_file = $target_dir . "11".$le_random_string.basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION)); // Check if image file is a actual image or fake image if(isset($_POST["submit"])) { $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if($check !== false) { //echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { //echo "File is not an image."; //$uploadOk = 0; // $uploadOk = 1; // <-- } } // Check if file already exists if (file_exists($target_file)) { echo "Sorry, file already exists."; $uploadOk = 0; } // Check file size if (isset($_FILES["fileToUpload"]["size"]) AND $_FILES["fileToUpload"]["size"] > 500000) { echo "Sorry, your file is too large."; $uploadOk = 0; } // Allow certain file formats if($imageFileType != "pdf" && $imageFileType != "txt") { echo "Sorry, only PDF & TXT files are allowed."; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { echo "Sorry, your file was not uploaded."; // if everything is ok, try to upload file } else { if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) { echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded."; echo "<br><br><b>Hash:</b><br>".hash_file('md5', 'data/pending/'.$_FILES["fileToUpload"]["name"]); } else { echo "Sorry, there was an error uploading your file."; } }} // -- FILE OPERATION -END*/ header ("location: submit.php?back=201"); // SUBMITTED AND RETURNED TO MESSAGE include 'includes/top_bottom/footer.php'; exit(); } ?> //echo $status; <form name="form" method="post" action=""> <input type="hidden" name="randcheck" value="<?php echo $_POST['randcheck']; ?>"> <input type="hidden" name="title" value="<?php echo $_POST['title']; ?>"> <input type="hidden" name="tags" value="<?php echo $_POST['tags']; ?>"> <input type="hidden" name="descr" value="<?php echo $_POST['descr']; ?>"> <input type="hidden" name="fileuploadname" value="<?php echo basename($_FILES['fileToUpload']['name']); ?>"> } upload_file.php (form) <form action="proceed_2.php" method="post" enctype="multipart/form-data"> <div class="boxer"> <div class="box-row"> <div class="box" style="padding: 10px; border: 0px;">Document title: </div> <div class="box" style="padding: 10px; border: 0px;"><input type="text" name="title" style="width:400px;" value="<?php if(isset( $_POST['title'])) echo $_POST['title']; ?>"><br></div> </div> <div class="box-row"> <div class="box" style="padding: 10px; border: 0px;">Descriptive tags: </div> <div class="box" style="padding: 10px; border: 0px;"><input type="text" name="tags" placeholder="tag1, tag2, tag3, etc." style="width:400px;" value="<?php if(isset($_POST['tags'])) echo $_POST['tags']; ?>"><br><small>Sperate by comma or space</small></div> </div> <div class="box-row"> <div class="box" style="padding: 10px; border: 0px;">Description: </div> <div class="box" style="padding: 10px; border: 0px;"><textarea name="descr" style="width:400px; height: 100px;" placeholder="(Optional)" ><?php if(isset($_POST['descr'])) echo $_POST['descr']; ?></textarea></div> </div> <div class="box-row"> <div class="box" style="padding: 10px; border: 0px;">Published year: </div> <div class="box" style="padding: 10px; border: 0px;"><input type="text" name="tags" placeholder="Year, eg: '2028'" style="width:400px;" value="<?php if(isset($_POST['publ_date'])) echo $_POST['publ_date']; ?>"><br><small></small></div> </div> </div> <div style="background-color: white; border: 1px solid black; padding: 20px; margin: 10px; border-radius: 20px;"> <input type="file" name="fileToUpload" id="fileToUpload"> <input style="padding: 10px;" type="submit" value="Upload Document" name="submit"> </form> I just keep an eye on the upload folder and nothing gets written. :S I chopped up the code abit to be posted, if it fails then I can post the whole thing.. note: some mistakes here, because the code was chopped up to e shown here. But, generally, the question is still relevant. What me doing wrong :S I thought it would just work like any POST value..?.. ... Everything works fine.. just not getting the data into this [extract]... // -- FILE OPERATION -START $target_dir = "data/pending/"; if(isset($_FILES["fileToUpload"]["name"])){ $target_file = $target_dir . "11".$le_random_string.basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION)); // Check if image file is a actual image or fake image if(isset($_POST["submit"])) { $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if($check !== false) { //echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { //echo "File is not an image."; //$uploadOk = 0; // $uploadOk = 1; // <-- } } // Check if file already exists if (file_exists($target_file)) { echo "Sorry, file already exists."; $uploadOk = 0; } // Check file size if (isset($_FILES["fileToUpload"]["size"]) AND $_FILES["fileToUpload"]["size"] > 500000) { echo "Sorry, your file is too large."; $uploadOk = 0; } // Allow certain file formats if($imageFileType != "pdf" && $imageFileType != "txt") { echo "Sorry, only PDF & TXT files are allowed."; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { echo "Sorry, your file was not uploaded."; // if everything is ok, try to upload file } else { if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) { echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded."; echo "<br><br><b>Hash:</b><br>".hash_file('md5', 'data/pending/'.$_FILES["fileToUpload"]["name"]); } else { echo "Sorry, there was an error uploading your file."; } }} // -- FILE OPERATION -END*/ ..where is $_FILES["fileToUpload"]? Is it reaching? .. Quote if(isset($_FILES["fileToUpload"]["name"])){ Edited January 2 by oz11 slight alt to code 3 Quote Link to comment https://forums.phpfreaks.com/topic/317597-php-_files-operation-problem/ Share on other sites More sharing options...
oz11 Posted January 2 Author Share Posted January 2 Could it be down to the naming of my fields, particularly "fileToUpload" ? Quote Link to comment https://forums.phpfreaks.com/topic/317597-php-_files-operation-problem/#findComment-1613906 Share on other sites More sharing options...
Solution mac_gyver Posted January 2 Solution Share Posted January 2 don't attempt to test if a submit button is set. there are cases where it won't be. one of these cases is if the total size of the form data exceeds the post_max_size setting on the server, both the $_POST and $_FILES arrays will be empty. you should instead test if a post method form was submitted - if($_SERVER['REQUEST_METHOD'] === 'POST'), then test if there is $_POST and/or $_FILES data, before referencing any of the form data. after you have tested that there is data in $_FILES, you must test the ['error'] element to make sure that the file upload was successful. there's a list of the possible error values in the documentation - https://www.php.net/manual/en/features.file-upload.errors.php after you have determined that the file uploaded without any error, you can test/use the uploaded file information. Quote Link to comment https://forums.phpfreaks.com/topic/317597-php-_files-operation-problem/#findComment-1613907 Share on other sites More sharing options...
oz11 Posted January 2 Author Share Posted January 2 (edited) Hey! Thanks! I updated a bit of codeRendition: $err = 0; if($_SERVER['REQUEST_METHOD'] === 'POST'){ if(isset($_POST["submit"])) { if(empty($_POST['title'])){ echo "Missing title"; $err=1; } if(empty($_POST['tags'])){ echo "Missing tags"; $err=1; } if(empty($_POST['descr'])){ echo "Missing description"; $err=1; } if( empty($_POST['descr']) OR empty($_POST['tags']) OR empty($_POST['title'])){ echo "Eror missing values"; exit(); } if(empty($_FILES["fileToUpload"]["name"])){ echo "Eror missing upload"; exit(); } if($_FILES["fileToUpload"]["error"]!='0'){ echo "Eror in upload --"; echo $_FILES["fileToUpload"]["error"]; echo "--"; exit(); } }} It checks through without problem , echos name and error (which was zero/0).. but when the captcha form at the bottom of the page is run then the $_FILE goes blank.. ("form after form") help. Maybe my code is just really problem'd. ? Sure,it looks troubled but, what do i do ? How do i make it persist...? I normally just shove them (like now) in hidden inputs.. security problem? Edited January 2 by oz11 Quote Link to comment https://forums.phpfreaks.com/topic/317597-php-_files-operation-problem/#findComment-1613908 Share on other sites More sharing options...
oz11 Posted January 2 Author Share Posted January 2 (edited) Nevermind I think if i rejigg the parts of the code i can get it to "fit" better. Thanks again. I know the limitations of the code i posted especially with the capacha part and order. Edited January 2 by oz11 Quote Link to comment https://forums.phpfreaks.com/topic/317597-php-_files-operation-problem/#findComment-1613909 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.