Jump to content

[SOLVED] Help Limiting File Uploads


cs1h

Recommended Posts

Hi,

 

I have a script to upload information from a form to a databse and also to upload an image to the server and reference it to the database. I just tried to put limits in it so that the file upload size is limited and also the file type is limited to .jpg but is hasn't worked the file still uploads.

 

When tested I get this message

You may only upload GIF files.

Sorry your file was not uploadedThe file has been uploaded, and your information has been added to the directory click here to continue.

 

The script is,

<?php 

// Generate a random number
$newname = rand(10,100);
//This is the directory where images will be saved 
$target = "mgs/";  

//This is our size condition 
if ($uploaded_size > 35) 
{ 
echo "Your file is too large.<br>"; 
$ok=0; 
} 

if (!($uploaded_type=="image/gif")) {
echo "You may only upload GIF files.<br>";
$ok=0;
} 

//Here we check that $ok was not set to 0 by an error 
if ($ok==0) 
{ 
Echo "Sorry your file was not uploaded"; 
} 

if ($_FILES['photo']['tmp_name']) {
           $target = $target . basename( $_FILES['photo']['name']);
} else {
           $target = $target . "dfxfd.jpg";
}
$target = str_replace(' ', $newname, $target); // <--- then add the random number in here to replace any spaces
$target = str_replace('o', $newname, $target);
$target = str_replace('a', $newname, $target);
$target = str_replace('e', $newname, $target);
$target = str_replace('0', $newname, $target);
$target = str_replace('i', $newname, $target);
$target = str_replace('u', $newname, $target);

$targetb = $_POST['menuFilesDMA'];
$targetb = str_replace(' ','_', $targetb);

$targetc = $_POST['menuSubjectsDMA'];
$targetc = str_replace(' ','_', $targetc);

//This gets all the other information from the form 
$name=$_POST['name'];
$continent=($targetc);
$country=($targetb);
$town=$_POST['title2']; 
$type=$_POST['Catagory'];
$Email=$_POST['Email']; 
$Title=$_POST['title']; 
$Abstract=$_POST['message'];
$Article=$_POST['messagetwo'];  
$pic=($target); 

// Connects to your Database 
mysql_connect("localhost", "yyy", "xxx") or die(mysql_error()) ; 
mysql_select_db("real") or die(mysql_error()) ; 

//Writes the information to the database 
mysql_query($sql = "insert into `items` (`name`, `Continent`, `country`, `town`, `type`, `alltype`, `Email`, `Title`, `Abstract`, `Article`, `photo`) values ('$name', '$continent', '$country', '$town', '$type', 'all', '$Email', '$Title', '$Abstract', '$Article', '$pic')"); 

//Writes the photo to the server 
if(move_uploaded_file($_FILES['photo']['tmp_name'], $target)) 
{ 

//Tells you if its all ok 
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory click <a href=expage.php>here</a> to continue."; 

} 
else { 

//Gives and error if its not 
echo "Sorry, there was a problem uploading your file. Click <a href=add.php>here</a> to try again"; 
} 
?>

 

Does anyone know how I could solve this, all help is much appriciated.

 

Cheers,

Colin

Link to comment
Share on other sites

Thanks for your responce, I made some changes but it didn't work.

 

I know this is a tall order but does anyone know how I would edit the following script so that it only accepts .jpg files and also has a size limit (preferally in pixels). I am still new to php and don't know what else to try.

 

The script is,

<?php 

// Generate a random number
$newname = rand(10,100);
//This is the directory where images will be saved 
$target = "mgs/";  



if ($_FILES['photo']['tmp_name']) {
           $target = $target . basename( $_FILES['photo']['name']);
} else {
           $target = $target . "dfxfd.jpg";
}
$target = str_replace(' ', $newname, $target); // <--- then add the random number in here to replace any spaces
$target = str_replace('o', $newname, $target);
$target = str_replace('a', $newname, $target);
$target = str_replace('e', $newname, $target);
$target = str_replace('0', $newname, $target);
$target = str_replace('i', $newname, $target);
$target = str_replace('u', $newname, $target);

$targetb = $_POST['menuFilesDMA'];
$targetb = str_replace(' ','_', $targetb);

$targetc = $_POST['menuSubjectsDMA'];
$targetc = str_replace(' ','_', $targetc);

//This gets all the other information from the form 
$name=$_POST['name'];
$continent=($targetc);
$country=($targetb);
$town=$_POST['title2']; 
$type=$_POST['Catagory'];
$Email=$_POST['Email']; 
$Title=$_POST['title']; 
$Abstract=$_POST['message'];
$Article=$_POST['messagetwo'];  
$pic=($target); 

// Connects to your Database 
mysql_connect("localhost", "xxx", "xxx") or die(mysql_error()) ; 
mysql_select_db("real") or die(mysql_error()) ; 

//Writes the information to the database 
mysql_query($sql = "insert into `items` (`name`, `Continent`, `country`, `town`, `type`, `alltype`, `Email`, `Title`, `Abstract`, `Article`, `photo`) values ('$name', '$continent', '$country', '$town', '$type', 'all', '$Email', '$Title', '$Abstract', '$Article', '$pic')"); 

//Writes the photo to the server 
if(move_uploaded_file($_FILES['photo']['tmp_name'], $target)) 
{ 

//Tells you if its all ok 
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory click <a href=expage.php>here</a> to continue."; 

} 
else { 

//Gives and error if its not 
echo "Sorry, there was a problem uploading your file. Click <a href=add.php>here</a> to try again"; 
} 
?>

 

Any help would be much appriciated,

 

Thanks

Colin

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.