Guernica Posted September 30, 2007 Share Posted September 30, 2007 Here is my current php code: $allowed_filetypes = array('.jpg','.gif','.bmp','.png','.rar','.zip','.doc','.mp3','.mpeg','.avi'); $max_filesize = 157286400; $filename = $_FILES['uploadedfile']['name']; $filesize = $_FILES['uploadedfile']['filesize']; $userid = $_SESSION['userid']; $filepass = sha1($_POST['filepass']); $ext = substr($filename, strrpos($filename, '.')); $target_path = "./files/"; $target_path = $target_path . basename( $_FILES['uploadedfile']['name']); $_FILES['uploadedfile']['tmp_name']; if(!in_array($ext,$allowed_filetypes)) { die('The file you attempted to upload is not allowed.'); } if(filesize($_FILES['uploadedfile']['tmp_name']) > $max_filesize) { die('The file you attempted to upload is too large.'); } if(!is_writable($target_path)) { die('You cannot upload to the specified directory, please CHMOD it to 777.'); } if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path . $filename)) { echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded successfully!"; mysql_query("INSERT INTO files (userid, filename, password, filesize) VALUES('$userid', '$filename', '$filepass', '$filesize') ") or die(mysql_error()); if(!($filepass == 0)) { echo "File has been passworded successfully!"; } else { echo "No password specified."; } } else{ echo "There was an error uploading the file, please try again!"; print_r($_FILES); } } The result I get when doing the upload is: The file you attempted to upload is not allowed. It is under the max size and is a .zip file. (allowed) Also, I take out the extension check from php and it says: There was an error uploading the file, please try again!Array ( ) I would really appreciate any help. I have asked a few people and haven't gotten anywhere yet. Thanks! Quote Link to comment Share on other sites More sharing options...
jvrothjr Posted September 30, 2007 Share Posted September 30, 2007 what about checking your ini file there is a max files size set in there as well that maybe limiting it Quote Link to comment Share on other sites More sharing options...
Guernica Posted September 30, 2007 Author Share Posted September 30, 2007 I was able to fix the extension problem. However I get this now: You cannot upload to the specified directory, please CHMOD it to 777. With this code: // Set variables and stuff. $allowed_filetypes = array('.jpg','.gif','.bmp','.png','.rar','.zip','.doc','.mp3','.mpeg','.avi'); $max_filesize = 157286400; $filename = ((int)rand(0,9)).((int)rand(0,9)).$_FILES['uploadedfile']['name']; $filesize = $_FILES['uploadedfile']['filesize']; $userid = $_SESSION['userid']; $filepass = sha1($_POST['filepass']); $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); $target_path = "/home/myoosicn/public_html/upload/files/"; $target_path = $target_path . basename( $_FILES['uploadedfile']['name']); $_FILES['uploadedfile']['tmp_name']; // Run the shit... if(!in_array($ext,$allowed_filetypes)) { print_r($_FILES); die('The file you attempted to upload, ('.$ext.') is not allowed.'); } if(filesize($_FILES['uploadedfile']['tmp_name']) > $max_filesize) { die('The file you attempted to upload is too large.'); } if(!is_writable($target_path)) { die('You cannot upload to the specified directory, please CHMOD it to 777.'); } // If it is moved successfully, woot! if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path . $filename)) { echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded successfully!<br/>"; echo "<b>File Size:</b> $filesize"; echo "<b>File Name:</b> {$_FILES['uploadedfile']['name']}"; mysql_query("INSERT INTO files (userid, filename, password, filesize) VALUES('$userid', '$filename', '$filepass', '$filesize') ") or die(mysql_error()); if(!($filepass == 0)) { echo "File has been passworded successfully!"; } else { echo "No password specified."; } } } else { echo "There was an error uploading the file, please try again!"; print_r($_FILES); } ?> And it is 777 CHMOD. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.