psychowolvesbane Posted January 8, 2008 Share Posted January 8, 2008 I have a simple form for uploading an image file and placing it into a image folder on my host server and the file has the same name as the text obtained from an text input field. But I don't know what is wrong with the code for the validation. I get good output for the text field but once I get to the image file any file that is uploaded (correct or not) is scanned by the first if statement and just skips to echo "6". Can anyone see what is wrong here? <?php include "connect_details.php"; $Submit = $_POST['SubmitB']; $ColourName = $_POST['ColourName']; $ColourImage = $_FILES['ColourImage']; $Max_Size = $_POST['MAX_FILE_SIZE']; $Img_Dimensions = getimagesize($file['tmp_name']); $dirupload = "images/colours/"; $NotExec = true; if ($_POST['SubmitB'] == "Submit") { $Valid_Form = true; $Valid_ColourName = true; $Valid_ColourImage = true; echo"1<br>"; if (empty($ColourName)) { ?> <div style="position:absolute; top:20px; left:200px; width:550px"> <span class="errmsg">Please Enter a Colour Name</span> </div> <?php $Valid_Form = false; $Valid_ColourName = false; echo"2<br>"; } //File upload validation here if (($_FILES['ColourImage']['type'] == "image/gif") && filesize($ColourImage['tmp_name']) > $Max_Size && ($Img_Dimensions[0] > 50) || ($Img_Dimensions[1] > 50)) { echo"3<br>"; if(move_uploaded_file($ColourImage['tmp_name'], $dirupload.$ColourImage['name'])) { $Valid_ColourImage = false; echo"4<br>"; } else { $Valid_ColourImage = false; $valid_Form = false; echo"5<br>"; ?> <div style="position:absolute; top:40px; left:200px; width:550px"> <span class="errmsg">Image could not be uploaded!</span> </div> <?php } } else { $Valid_ColourImage = false; $valid_Form = false; ?> <div style="position:absolute; top:40px; left:200px; width:550px"> <span class="errmsg">Please Select a .gif image that is no more than 50x50 pixels or less than 10kb in size</span> </div> <?php echo "6<br>"; } //File Upload validation ends here if($Valid_Form == true && $Valid_ColourImage == true && $Valid_ColourName == true) { echo"7<br>"; $conn = mysql_connect($Host,$Username,$Password) or die(mysql_error()); //Select the MySQL database $db = mysql_select_db($Dbname, $conn); $sqlNew = "INSERT INTO Colours (AvailableColours) VALUES('$ColourName')"; $rsNew = mysql_query($sqlNew,$conn)or die('Problem with query: ' . $sqlNew . '<br />' . mysql_error()); if(mysql_affected_rows($conn) == "1") { $Added = true; $NotExec = false; } elseif(mysql_affected_rows($conn) =="0") { $Added = false; $NotExec = true; ?> <div style="position:absolute; top:250px; left:200px; width:550px"> <span class="errmsg">Could not be added, <?php echo "$ColourName";?> may already exist!</span> </div> <?php } mysql_close($conn); } } ?> <html> <head> <title>New Product Colour Form</title> <link href="stylesheetCL.css" rel="stylesheet"> <?php require('jscript.inc') ?> <?php if($NotExec == false && $Added == true) { ?> ..redirect feature goes here once complete.. <?php } ?> </head> <body> <?php require('menu.inc') ?> <div style="position:absolute; top:75px; left:200px; width:550px"> <span class="head3">New Product Colour Form</span> <br> <br> <form method="post" enctype="multipart/form-data" action='add_product_colour_form.php'/> <?php if($_POST['SubmitB'] == "Submit") { if($Valid_ColourName == false) { ?> <span class="errmsg">! </span> <?php } ?> Colour Name: <br> <input type="text" name="ColourName" value="<?php echo $_POST['ColourName']?>"/> <br> <br> <?php if($Valid_ColourImage == false) { ?> <span class="errmsg>"! </span> <?php } ?> Colour Image (Must be .gif image type, 50x50 pixels in dimensions and less than 10Kb in size) <br> <input type="file" name="ColourImage" value="<?php echo $_FILES['ColourImage']['tmp_name']?>"/> <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $_POST['MAX_FILE_SIZE']?>"/> <br> <br> <?php } elseif($_POST['SubmitB'] != "Submit") { ?> Colour Name: <br> <input type="text" name="ColourName" value=""/> <br> <br> Colour Image (Must be .gif image type, 50x50 pixels in dimensions and less than 10Kb in size) <br> <input type="file" name="ColourImage"> <input type="hidden" name="MAX_FILE_SIZE" value="10240"/> <?php } ?> <br> <input type="submit" name="SubmitB" value="Submit"/> </form> <br> <br> <br> <br> <a href="admin.php">Back to the Admin Menu</a> </div> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/85064-form-file-upload-validation-problem/ Share on other sites More sharing options...
Cazrin Posted January 8, 2008 Share Posted January 8, 2008 It's a problem with your if() statement I think <?php if (($_FILES['ColourImage']['type'] == "image/gif") && filesize($ColourImage['tmp_name']) > $Max_Size && ($Img_Dimensions[0] > 50) || ($Img_Dimensions[1] > 50)) ?> Try adding some extra brackets in to make sure: <?php if (($_FILES['ColourImage']['type'] == "image/gif") && (filesize($ColourImage['tmp_name']) > $Max_Size) && ($Img_Dimensions[0] > 50) || ($Img_Dimensions[1] > 50)) ?> Quote Link to comment https://forums.phpfreaks.com/topic/85064-form-file-upload-validation-problem/#findComment-433809 Share on other sites More sharing options...
psychowolvesbane Posted January 8, 2008 Author Share Posted January 8, 2008 Okay I've got that sorted out, I had the wrong dimensions I was after. Anyway I now can't upload the file properly: Warning: move_uploaded_file(images/colours/White.gif) [function.move-uploaded-file]: failed to open stream: No such file or directory in /home/www/psychowolvesbane.freehostia.com/admin/add_product_colour_form.php on line 40 Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/phpnaYEu7' to 'images/colours/White.gif' in /home/www/psychowolvesbane.freehostia.com/admin/add_product_colour_form.php on line 40 It currently is: Lines 36-68 if (($_FILES['ColourImage']['type'] == "image/gif") && (filesize($ColourImage['tmp_name']) > $Max_Size) && ($Img_Dimensions[0] <= 25) || ($Img_Dimensions[1] <= 25)) { echo"3<br>"; if(move_uploaded_file($ColourImage['tmp_name'], $dirupload.$ColourImage['name'])) //Line 40 { $Valid_ColourImage = false; echo"4<br>"; } else { $Valid_ColourImage = false; $valid_Form = false; echo"5<br>"; ?> <div style="position:absolute; top:40px; left:200px; width:550px"> <span class="errmsg">Image could not be uploaded!</span> </div> <?php } } else { $Valid_ColourImage = false; $valid_Form = false; ?> <div style="position:absolute; top:40px; left:200px; width:550px"> <span class="errmsg">Please Select a .gif image that is no more than 50x50 pixels or less than 10kb in size</span> </div> <?php echo "6<br>"; } P.S. It echoes "3". Quote Link to comment https://forums.phpfreaks.com/topic/85064-form-file-upload-validation-problem/#findComment-433821 Share on other sites More sharing options...
psychowolvesbane Posted January 8, 2008 Author Share Posted January 8, 2008 Okay I have the main upload working, but now it accepts any file type regardless, it should only be .gif (not .GIF): Line 36 is the If statement responsible. <?php include "connect_details.php"; $Submit = $_POST['SubmitB']; $ColourName = $_POST['ColourName']; $ColourImage = $_FILES['ColourImage']; $Max_Size = $_POST['MAX_FILE_SIZE']; $Img_Dimensions = getimagesize($file['tmp_name']); $dirupload = "../images/colours/"; $NotExec = true; if ($_POST['SubmitB'] == "Submit") { $Valid_Form = true; $Valid_ColourName = true; $Valid_ColourImage = true; echo"1<br>"; if (empty($ColourName)) { ?> <div style="position:absolute; top:20px; left:200px; width:550px"> <span class="errmsg">Please Enter a Colour Name</span> </div> <?php $Valid_Form = false; $Valid_ColourName = false; echo"2<br>"; } //Line 36 if (($_FILES['ColourImage']['type'] == "image/gif") && (filesize($ColourImage['tmp_name']) > $Max_Size) && ($Img_Dimensions[0] <= 25) || ($Img_Dimensions[1] <= 25)) { echo"3<br>"; if(move_uploaded_file($ColourImage['tmp_name'], $dirupload.$ColourName.".gif")) { $Valid_ColourImage = true; echo"4<br>"; } else { $Valid_ColourImage = false; $valid_Form = false; echo"5<br>"; ?> <div style="position:absolute; top:40px; left:200px; width:550px"> <span class="errmsg">Image could not be uploaded!</span> </div> <?php } } else { $Valid_ColourImage = false; $valid_Form = false; ?> <div style="position:absolute; top:40px; left:200px; width:550px"> <span class="errmsg">Please Select a .gif image that is no more than 25x25 pixels or less than 10kb in size</span> </div> <?php echo "6<br>"; } if($Valid_Form == true && $Valid_ColourImage == true && $Valid_ColourName == true) { echo"7<br>"; $conn = mysql_connect($Host,$Username,$Password) or die(mysql_error()); //Select the MySQL database $db = mysql_select_db($Dbname, $conn); $sqlNew = "INSERT INTO Colours (AvailableColours) VALUES('$ColourName')"; $rsNew = mysql_query($sqlNew,$conn)or die('Problem with query: ' . $sqlNew . '<br />' . mysql_error()); if(mysql_affected_rows($conn) == "1") { $Added = true; $NotExec = false; } elseif(mysql_affected_rows($conn) =="0") { $Added = false; $NotExec = true; ?> <div style="position:absolute; top:20px; left:200px; width:550px"> <span class="errmsg">Could not be added, <?php echo "$ColourName";?> may already exist!</span> </div> <?php } mysql_close($conn); } Quote Link to comment https://forums.phpfreaks.com/topic/85064-form-file-upload-validation-problem/#findComment-433967 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.