Solved

What did I do wrong with this upload script?

Posted on 2001-06-26
9
197 Views
Last Modified: 2006-11-17
I got a sample script off of a website, and changed the directory name to the desired upload directory name as instructed in the example.  I changed it, and it didn't work!  I see PHP upload forms all over the place and want to be able to use one myself.

Here is the script for "sender.php"

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
<FORM ENCTYPE="multipart/form-data" ACTION="send.php" METHOD=POST>
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="1000">
Send this file: <INPUT NAME="userfile" TYPE="file">
<INPUT TYPE="submit" VALUE="Send File">
</FORM>
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

and here is the "send.php" script

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
<?php
if (is_uploaded_file($userfile)) {
    copy($userfile, "d:\webspace\theheadgamester\gamesteronline.com\www\uploads\");
} else {
    echo "Possible file upload attack: filename '$userfile'.";
}
/* ...or... */
move_uploaded_file($userfile, "d:\webspace\theheadgamester\gamesteronline.com\www\uploads\");
?>
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
0
Comment
Question by:theheadgamester
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 1

Expert Comment

by:katyan
ID: 6230120
what's the error message u got. have u checked for write permission in the directory.
0
 
LVL 14

Expert Comment

by:DragonSlayer
ID: 6230122
Hi, I don't use PHP in Windows, but I suppose you need to ensure that the backslashes in your directories are escaped?

i.e., change "D:\webspace\theheadgamester\gamesteronline.com\www\uploads" to "D:\\webspace\\theheadgamester\\gamesteronline.com\\www\\uploads"

Never have that problem in Linux... we use '/' instead of '\'


:)
0
 
LVL 1

Expert Comment

by:anupkarade
ID: 6230188
Hi ..
Actually you PHP code runs on the server
no doubts about it but the path given
for the file to be uploaded should
be relative not absolute as in you case

instead of
D:\webspace\theheadgamester\gamesteronline.com\www\uploads
try this..

copy("$userfile","./Destination_Directory/$userfile_name")

the ./Destination_Directory --> folder to which the file is to be uploaded ..it should be inside your virtual directory( i.e where your pages are)

the ./ or ../ depends upon where the folder is
./ if the folder is inside the folder where you page id
../ if it is outside the folder where your page is

                 Anup
0
Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

 

Author Comment

by:theheadgamester
ID: 6230206
Could you re-write the script for me?  I know almost no PHP but learn from mistakes and examples.
0
 

Author Comment

by:theheadgamester
ID: 6230280
I have an updated script that was sent to me, and it looks like it sends the file, but when I go to my uploads directory, it isn't there...

This is the script in full


<HTML><BODY>
<?php
if ($userfile) {
move_uploaded_file($userfile, "d:\\webspace\\theheadgamester\\gamesteronline.com\\www\\uploads\\$userfile_name");
?>
<p>Thank you for uploading your file :).
<p>Go back to Gamester Online.
<?php
} else {
?>
<FORM ENCTYPE="multipart/form-data" ACTION="fileupload.php" METHOD=POST>
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="10000000">
Send this file: <INPUT NAME="userfile" TYPE="file">
<INPUT TYPE="submit" VALUE="Send File">
</FORM>
<?php
}
?>
</BODY></HTML>
0
 
LVL 1

Expert Comment

by:katyan
ID: 6230329
the script u posted above is working. i've modified the path and i'm getting it. why don't u check the script to 1st upload in a tem directory, say d:\\tmp\\$userfile_name

i don't think there is any problem with the code.

<HTML><BODY>
<?php
if ($userfile) {
move_uploaded_file($userfile, "c:\\user\\katy\\$userfile_name");
?>
<p>Thank you for uploading your file :).
<p>Go back to Gamester Online.
<?php
} else {
?>
<FORM ENCTYPE="multipart/form-data" ACTION="upload.php" METHOD=POST>
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="10000000">
Send this file: <INPUT NAME="userfile" TYPE="file">
<INPUT TYPE="submit" VALUE="Send File">
</FORM>
<?php
}
?>
</BODY></HTML>
0
 
LVL 8

Expert Comment

by:us111
ID: 6230352
be careful in your first form, you have
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="1000">
it means that you will able to send a file of 1Ko max so...
0
 
LVL 1

Accepted Solution

by:
anupkarade earned 75 total points
ID: 6231028
Here is the sample scripts for you
I am using it in one of my project it works smooth

Just Copy paste this code make the relevant changes as instructed in the commented portion and you have

the answer here


<--! The First Page where the image is browsed for uploading--->

<HTML>
<HEAD>
<TITLE>Upload example</TITLE>
</HEAD>
<BODY>

<FORM METHOD="post" ACTION="resultUpload.php" ENCTYPE="multipart/form-data">

<p><strong>File</strong><br>
<INPUT TYPE="file" NAME="img1" SIZE="30"></p>

<P><INPUT TYPE="submit" NAME="submit" VALUE="Send"></p>

</FORM>

</BODY>
</HTML>




/*resultupload.php*/
<? php

$ImgArr=array("image/pjpeg","image/gif","image/png");
$i=0;

if ($img1_name!="") {

  if($img1_size > 2000000) {
      echo "File size is bigger than 20kb!";
            exit;
    }

    while($i<3){
/* Change the relative path where you want to load images but the folder should be within the virtual

folder and put ./Yourfolder if it is in the same direcory where your page is currently located or ../yourfolder

if it is outside the folder   */
     if($ImgArr[$i]==$img1_type){
        copy("$img1","./Images/$img1_name")
      or die("No copy!");
      echo "File name : $img1_name <BR>";
      echo "File size :$img1_size <br>";
      echo "File Type :$img1_type <br>";
      exit;

     }

     $i++;
    }

  echo "Not A Image file!!!";
}

else
{

 die("No input file!");

}

?>



                      Anup
0
 

Author Comment

by:theheadgamester
ID: 6232396
Well anupkrade, I will use your form, and will let everyone here know how stupid I feel now...my host just sent me an ASP form that works super great.  http://www.gamesteronline.com/upload.asp
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
This article discusses four methods for overlaying images in a container on a web page
The viewer will learn how to dynamically set the form action using jQuery.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question