Link to home
Start Free TrialLog in
Avatar of jblayney
jblayneyFlag for Canada

asked on

upload a file then email it

Hello,
I have some code that will send an email with an attachment, but the attachment has to be on the server, So i have tried to merge this code with some I downoaded that is supposed to upload files to the server. But the upload code seems really simple and deoesn't appear to have anything in it that uploads. so i havent been able to get it working, i am going to post both the form page and the email page.
It is sending a file called  /localservices/…pload/phpm008ri      that is empty and telling me it was sent successfully

Hopefully soemone can help me resolve this.

form page:
<FORM ACTION="attachments2.php" METHOD="POST" ENCTYPE="multipart/form-data">
<b>name</b>
<input type="text" name="name" size="40" maxlength="80" >

<b> email : </b> </td>
 <input type=text name="email" size=30>

<p align=right><b>photo to be sent:  </b>
<p><input type=file name="superdat" size=30></p>
 
<b>Message:</b>
<textarea name="message" rows="3" cols="40"></textarea>
<INPUT TYPE=SUBMIT NAME="submit" VALUE="Upload File">

</FORM>


processing page

<?php

$fileatt = "files/$superdat"; // Path to the file                    
$fileatt_type = "application/octet-stream"; // File Type
$fileatt_name = "$superdat"; // Filename that will be used for the file as the attachment

$email_from = "info@cityoftoronto.biz"; // Who the email is from
$email_subject = "$subject"; // The Subject of the email
$email_message = "$message"; // Message that the email has in it

$email_to = "justin@justinblayney.com"; // Who the email is too
 


$headers = "From: ".$email_from;

$superdat = fopen($fileatt,'rb');
$data = fread($superdat,filesize($fileatt));
fclose($superdat);

$semi_rand = md5(time());
$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
 
$headers .= "\nMIME-Version: 1.0\n" .
            "Content-Type: multipart/mixed;\n" .
            " boundary=\"{$mime_boundary}\"";

$email_message = "This is a multi-part message in MIME format.\n\n" .
                 "--{$mime_boundary}\n" .
                 "Content-Type:text/html; charset=\"iso-8859-1\"\n" .
                "Content-Transfer-Encoding: 7bit\n\n" .
$email_message .= "$name\n\n";
$email_message .= "$email\n\n";
$email_message .= "$message\n\n";
$email_message .= "\n\n";

$data = chunk_split(base64_encode($data));

$email_message .= "--{$mime_boundary}\n" .
                   "Content-Type: {$fileatt_type};\n" .
                   " name=\"{$fileatt_name}\"\n" .
                   //"Content-Disposition: attachment;\n" .
                   //" filename=\"{$fileatt_name}\"\n" .
                   "Content-Transfer-Encoding: base64\n\n" .
                   $data . "\n\n" .
                   "--{$mime_boundary}--\n";

$ok = @mail($email_to, $email_subject, $email_message, $headers);


if($ok) {
echo "<font face=verdana size=2>The file was successfully sent!</font> $bcc";
} else {
die("Sorry but the email could not be sent. Please go back and try again!");
}

?>
<br><a href="contact_menu.php">Return to Main Menu</a>
Avatar of jblayney
jblayney
Flag of Canada image

ASKER

Oh, one more thing, I am trying to upload from a macintosh computer, since this is php it shouldn't matter (I have file upload scripts in asp hat only work on microsoft)
Avatar of VGR
VGR

sure not that bad, BUT
(1) you forgot to copy the ~TMP file to the server ;-)
(2) Then this will work only if register_globals=On in php.ini
and last (3) the ENCTYPE should be commented out (the default type is OK theoretically)
(4) usually, one submit button is not enough. You're assuming that the upload occurs only when the other fields are filled in too.
(5) you are NOT sending a MAX_FILE_SIZE field, which IMHO makes your upload fail.

I suggest you try first (5), (3), then check (2) and do (1)

I didn't check the email sending part (I've one looking similar, and which works).

For the upload par, look at this :

if (isset($submit)) { // 'submit' button pressed
//test
//echo "file : $FUserFile <BR>";
//echo "size : $FUserFile_size <BR>";
//echo "type : $FUserFile_type <BR>";
//echo "origin : $FUserFile_name <BR>";
$freeSpace=$MAX_FILE_SIZE;
//echo "espace libre transmis : $freeSpace<BR>";
//
/* exemple :
fichier : C:\DOCUME~1\ATHLON~1\LOCALS~1\Temp\php140.tmp
taille : 40813
type : image/pjpeg
origine : ax1.jpg
*/
if ($freeSpace==0) echo "no space left<BR>";
else { // cas normal
  // le fichier dans le répertoire temporaire doit être déplacé avant son effacement d'office 8-)
  $loctaille=$FUserFile_size;
$realName=$FUserFile_name; // same name
  // mise en place fichier
  if (!copy($FUserFile, "./upload/$realName")) echo ("failed to copy $realName...<br>");
  else { // now update the DB eventually
         //[snip]
         // $query="update $dbTable set nomfichier='$realName', taille=$loctaille where id=$FID;";
         // $result=mysql_query($query,$linkID) or die ("bad query write file to DB . ".mysql_error());
         // echo "added file $realName<BR>";
       } // else NOP
} // if space left
} // submit pressed

// here other stuff : FORM display (the first file for example)
?>

my form is this :
      echo "<FORM METHOD=\"POST\" ACTION=$PHP_SELF ENCTYPE=\"multipart/form-data\">";
      echo "<INPUT TYPE=hidden NAME=FID VALUE=\"$FID\">";
      echo "Upload file <INPUT border=0 TYPE=file NAME=FUserFile>&nbsp;&nbsp;<INPUT border=0 TYPE=submit NAME=sendfile VALUE=\"Load\"><input type=hidden name=MAX_FILE_SIZE value=2000000><BR>";
      echo "</form>";


"sendfile" is your "submit"
Hi,

You can try HtmlMimeMail class which has many more functionalities like sending attachements + html mails etc. (http://www.phpguru.org/downloads/html.mime.mail/)


To upload a file: I hope VGR has explained it very clearly.
Tx, VGR,
this is pretty confusing to me, It appears that you ar putting the file in a db, which i don't need, I just want to upload it to te server the email it, and your comments are in french : (
So where does this code go exactly, does it go on my submit page, or the page that has the form ?

would i put your code betwwen this, that is in my code

<?php

$fileatt = "files/$superdat"; // Path to the file  

well, my comments about DB writing the filename/size in are just comments 8-)
Do as you wish.

as I wrote in the last comment of the script I showed you, I usually handle the upload in the same script as the FDORM offering the type=file button.

But you may do differently, and redirect to somewhere else after the upload/copy completes.

As for you $fileatt = "files/$superdat"; // Path to the file  

I have exactly the same. Except that it's "upload/$file" ;-)

look in my code :
if (!copy($FUserFile, "./upload/$realName"))
becomes
if (!copy($FUserFile, "./files/$realName"))

and that's all 8-)

I've done a quick scan of the above code but have not seen any accurate reference to the uploaded file.

$_FILES['superdat']['tmp_name']
The name of the file when it is uploaded to the server.

$_FILES['superdat']['name']
The original name of the file on the client machine.

$_FILES['superdat']['type']
The mime type of the file, if the browser provided this information. An example would be "image/gif".

$_FILES['superdat']['size']
The size, in bytes, of the uploaded file.


So the copy command should actually read :

if (!copy($_FILES['superdat']['tmp_name'], "./files/$_FILES['superdat']['name']"))
of course you didn't see those silly things 8-)
I use register_globals=On, oeuf corse :D
Naughty naughty, shame on you, turn them off now.

BIG security hole there. Whats to stop me including values in the url to over right your variables?
not at all fangerous. This is urban legen.
Try, it won't work 8-)
if you're not logged in, you'll be redirected to nowhere.
Can't try here at present, developing on another host. Can you give me a sample URL which will redirect me if not logged in and the name of the session variables set and their values when you do login, so I can check it out?

Please see the official PHP website reference on this :
http://www.php.net/manual/en/language.variables.predefined.php
AND
http://www.php.net/manual/en/security.registerglobals.php
I know 8-)

I agree it ***may*** be dangerous, but a lot of things can be dangerous too :
-MD5 for sessions and hash, may be cracked
-DES can be cracked
-IP packets may be forged
-$LOCALS[] access via an include

Anyone peoperly skilled can break any protection, don't you agree ? So it's of no use to try to reach "absolute" security by over-complicated your code ; you'd better protect yourself from the "mistakes" of the 95% normal people rather try to beat the skilled 5% at their own game 8-)

That's why I won't give you an URI ;-)
Ok thanks guys, all i did was modify the form page, I basically are using yours VGR, I can't get the page to display, no errors and no display, this is the code i got slightly modifed from your original

<?php
if (isset($submit)) {

$freeSpace=$MAX_FILE_SIZE;

if ($freeSpace==0) echo "no space left<BR>";
else {
 $loctaille=$FUserFile_size;
$realName=$FUserFile_name;

 if (!copy($FUserFile, "./files/$realName")) echo ("failed to copy $realName...<br>");

}
}

?>
<html>
<head>
<title>upload</title>
</head>

<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#0000ff" alink="#0000ff"
topmargin="0" marginheight="0">

<p>&nbsp;</p>
<FORM METHOD="POST" ACTION=<?php echo"$PHP_SELF"; ?> ENCTYPE="multipart\form-data">
<INPUT TYPE=hidden NAME=FID VALUE="<?php echo"$FID"; ?>">
<INPUT border=0 TYPE=file NAME=FUserFile>
<INPUT border=0 TYPE=submit NAME=sendfile VALUE="Load">
<input type=hidden name=MAX_FILE_SIZE value=2000000><BR>
</form>

</body>
</html>
not bad, BUT :
1) you don't need to pass $FID, it's not set in your case
2) try with $POST['submit'] in stead of $submit in the test at the top (in case you haven't register_globals=On)
3) it should work as is, but also display "file copied successfully" in an "else" to  the "if (!copy..."

so basically :

<?php
if (isset($_POST['submit'])) {

$freeSpace=$MAX_FILE_SIZE;

if ($freeSpace==0) echo "no space left<BR>";
else {
$loctaille=$FUserFile_size;
$realName=$FUserFile_name;

if (!copy($FUserFile, "./files/$realName")) echo ("failed to copy $realName...<br>");
else echo "file $FUserFile copied successfully.<BR>";

}  // space left
} // POST data received

?>
<html>
<head>
<title>upload</title>
</head>

<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#0000ff" alink="#0000ff"
topmargin="0" marginheight="0">

<p>&nbsp;</p>
<FORM METHOD="POST" ACTION=<?php echo"$PHP_SELF"; ?> ENCTYPE="multipart\form-data">
<INPUT border=0 TYPE=file NAME=FUserFile>
<INPUT border=0 TYPE=submit NAME=sendfile VALUE="Load">
<input type=hidden name=MAX_FILE_SIZE value=2000000><BR>
</form>

</body>
</html>
2) try with $POST['submit'] in stead of $submit in the test at the top (in case you haven't register_globals=On)

$_POST ???????

LOL
tx, still page wont display, what do i use to generate the error, it seems to me that we are missing these soemwhere { } around are else's and if's
OF COURSE IT WON'T WORK

you named the type=sumbit buttoin "sendfile" and tested $_POST['submit'] ;-))

chenge the button's name to "submit" ;-)
tested and approved, it works...
yes, I know, it's rather difficult to "assemble" various parts taken here and there, but it's the life of the programmer since some years 8-)

the Art became a Technique 8-)
no, its the php part, when i comment out the php it displays the page fine. what is happening is that I am getting a blank page, no form, no nothing

<?php

if (isset($_POST['submit'])) {
$freeSpace=$MAX_FILE_SIZE;
if ($freeSpace==0) echo "no space left<BR>";
else {
$loctaille=$FUserFile_size;
$realName=$FUserFile_name;
if (!copy($FUserFile, "./files/$realName")) echo ("failed to copy $realName...<br>");
else
echo "file $FUserFile copied successfully.<BR>";
}  // space left
} // POST data received

?>
more specifically, its this part

if (isset($_POST['submit'])) {
$freeSpace=$MAX_FILE_SIZE;

cause if i comment that out the page displays  
(and the closing bracket)
The 100% perfect test I did was with this script
(I think you still haven't modified the "submit vs sendfile" problem)

<?php
if (isset($_POST['submit'])) {

$freeSpace=$MAX_FILE_SIZE;

if ($freeSpace==0) echo "no space left<BR>";
else {
$loctaille=$FUserFile_size;
$realName=$FUserFile_name;

if (!copy($FUserFile, "./files/$realName")) echo ("failed to copy $realName...<br>");
else echo "file $FUserFile copied successfully.<BR>";

}  // space left
} // POST data received

?>
<html>
<head>
<title>upload</title>
</head>

<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#0000ff" alink="#0000ff"
topmargin="0" marginheight="0">

<p>&nbsp;</p>
<FORM METHOD="POST" ACTION=<?php echo"$PHP_SELF"; ?> ENCTYPE="multipart\form-data">
<INPUT border=0 TYPE=file NAME=FUserFile>
<INPUT border=0 TYPE=submit NAME=submit VALUE="Load">
<input type=hidden name=MAX_FILE_SIZE value=2000000><BR>
</form>

</body>
</html>
i did modify it, I have copied and pasted your code, and it still doesn't display, Could it be server settings, register globals is ON
me too, but it has no incidence here.
The script IS working, I used it.
show me your modified script, please
<?php
if (isset($_POST['submit'])) {
$freeSpace=$MAX_FILE_SIZE;
if ($freeSpace==0) echo "no space left<BR>";
else {
$loctaille=$FUserFile_size;
$realName=$FUserFile_name;
if (!copy($FUserFile, "./files/$realName")) echo ("failed to copy $realName...<br>");
else echo "file $FUserFile copied successfully.<BR>";
}  // space left
} // POST data received
?>
<html>
<head>
<title>upload</title>
</head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#0000ff" alink="#0000ff"
topmargin="0" marginheight="0">
<p>&nbsp;</p>
<FORM METHOD="POST" ACTION=<?php echo"$PHP_SELF"; ?> ENCTYPE="multipart\form-data">
<INPUT border=0 TYPE=file NAME=FUserFile>
<INPUT border=0 TYPE=submit NAME=submit VALUE="Load">
<input type=hidden name=MAX_FILE_SIZE value=2000000><BR>
</form>
</body>
</html>
it works... as expected 8-)

1) FORM
2) browse+submit
3) answer :
file I:\\Humour\\coaster2.jpg copied successfully.

+FORM


4) no problemo


your problem is rather surprising, because it's pretty pancake
show me the HTML source that displays (even if the page looks blank ! ) in your browser, and also tell me which browser you use.

If it's IE 6, nothing surprises me any more 8-)
it displays absolutly nothing ( view-source) I am using interent explorer 5 (macintosh)

It isn't my browser, its the server obviously , and the way the php is configured, what do i use to dosplay php info again ?
very strange indeed.

try to do this beginning of your script :

echo "test<BR>";
exit;

save, reload the page

to you see "test" ?

to display php info, use this :

<?
phpinfo();
?>
Ok,  i treid it on 2 different servers, one gives me this error

Parse error: parse error, unexpected '}' in C:\bla/bla\upload\index.php on line 11

which is your second bracket
 and the second gives me this error

Parse error: parse error in /web/jblayney/html/upload/index.php on line 11

so when i remove that closing bracket, I get this error on both servers

Parse error: parse error in /web/jblayney/html/upload/index.php on line 27

But line 27 is the line after </html>

check that you've all the brackets

strange, looks like it doesn't like the comments // ?

try deleting comments or enclosing then between /* and */ in stead of preceded by //

just a stupid idea, but your problem is weird
OH YES GODLY DEAR !!

You stripped a closing bracket !!!

<?php
if (isset($_POST['submit'])) {
$freeSpace=$MAX_FILE_SIZE;
if ($freeSpace==0) echo "no space left<BR>";
// HERE
} else {
//
$loctaille=$FUserFile_size;
$realName=$FUserFile_name;
if (!copy($FUserFile, "./files/$realName")) echo ("failed to copy $realName...<br>");
else echo "file $FUserFile copied successfully.<BR>";
}  // space left
} // POST data received
?>
<html>
<head>
<title>upload</title>
</head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#0000ff" alink="#0000ff"
topmargin="0" marginheight="0">
<p>&nbsp;</p>
<FORM METHOD="POST" ACTION=<?php echo"$PHP_SELF"; ?> ENCTYPE="multipart\form-data">
<INPUT border=0 TYPE=file NAME=FUserFile>
<INPUT border=0 TYPE=submit NAME=submit VALUE="Load">
<input type=hidden name=MAX_FILE_SIZE value=2000000><BR>
</form>
</body>
</html>
forget about the previous comment
this this one right out of a copy-paste

<html>
<head>
<title>upload</title>
</head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#0000ff" alink="#0000ff"
topmargin="0" marginheight="0">
<?php
$DEBUG=1;
if ($DEBUG==1) echo "test: entering<BR>";
if (isset($_POST['submit'])) {
$freeSpace=$MAX_FILE_SIZE;
if ($freeSpace==0) echo "no space left<BR>";
else {
if ($DEBUG==1) echo "test: good, copying file...<BR>";
$loctaille=$FUserFile_size;
$realName=$FUserFile_name;
if (!copy($FUserFile, "./files/$realName")) echo ("failed to copy $realName...<br>");
else echo "file $FUserFile copied successfully.<BR>";
}  // space left
} // POST data received
if ($DEBUG==1) echo "test: getting out to HTML<BR>";
?>
<p>&nbsp;</p>
<FORM METHOD="POST" ACTION=<?php echo"$PHP_SELF"; ?> ENCTYPE="multipart\form-data">
<INPUT border=0 TYPE=file NAME=FUserFile>
<INPUT border=0 TYPE=submit NAME=submit VALUE="Load">
<input type=hidden name=MAX_FILE_SIZE value=2000000><BR>
</form>
</body>
</html>
this time, you CAN'T have a blank HTML page ;-)
Hello, you were right, it doesn't like the comments, So i got it to display, but new errors on upload. for server 1, Server 2 & 3 have errors on load

Server 1(linux redhat)

test: entering
test: good, copying file...
Warning: Unable to open '1S.jpg' for reading: No such file or directory in /web/jblayney/html/upload/index.php on line 17
failed to copy ...
test: getting out to HTML


server 2 ( unknown machine)

completely blank page


server 3 (microsoft machine)


test: entering
test: getting out to HTML
Notice: Undefined variable: PHP_SELF in C:bla\upload\index.php on line 24
ENCTYPE="multipart\form-data">





well, your servers are completely nuts :
- comments // rejected, I didn't knew it was possible (php.ini option, for sure)
- <?php tag not recognized on server2 (has it PHP installed ? Do phpinfo(); ! )
- $PHP_SELF not recognized on server3 : use $_SERVER['PHP_SELF']

I recommend your servers to be configured ALL THE SAME, or you'll have a lot of problems.
well : try first on server1
if the script works,
then we'll try onthe other machines.

This seems reasonable.
<html>
<body>
<?php

if(isset($submit) || isset($_POST["submit"])) {
//means files upload form is submited, so copy it

 if (is_uploaded_file($userfile)) {
     copy($userfile, "/place/to/put/uploaded/file/test.jpg");
/*
     move_uploaded_file ($userfile, "/place/to/put/uploaded/file");
*/

     ///Note: You must have the directory present, it will not be created automatically
 } else {
     echo "Possible file upload attack: filename '$userfile'.";
}

} else {
//Show the form for uploading the file
?>
<FORM ENCTYPE="multipart/form-data" ACTION="" METHOD=POST>
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="1000">
Send this file: <INPUT NAME="userfile" TYPE="file">
<INPUT TYPE="submit" NAME='submit' VALUE="Send File">
</FORM>
<?php
}
?>

</body>
</html>
Hi,

Now some explanation on my above post.

try this code.
I bet! if the copy() does not work, then uncomment the move_uploaded_file() and it will work.


If you have any problem then post the reply,
If you got success then--
1. Increase the points for this question.
2. And ask for explanation.
3. Then i will explain what was wrong.



P.S. I had a similar problem with one of my clients server, and the move_??? thing solved it.

:)
Cheers,
Girish
ok girlish

this is my error

Possible file upload attack: filename 'none'

this is my code

<html>
<body>
<?php
if(isset($submit) || isset($_POST["submit"])) {
if (is_uploaded_file($userfile)) {
    copy($userfile, "files/");

move_uploaded_file ($userfile, "files/");

} else {
echo "Possible file upload attack: filename '$userfile'.";
}
} else {

?>
<FORM ENCTYPE="multipart/form-data" ACTION="" METHOD=POST>
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="1000">
Send this file: <INPUT NAME="userfile" TYPE="file">
<INPUT TYPE="submit" NAME='submit' VALUE="Send File">
</FORM>
<?php
}
?>
</body>
</html>
OK VGR
this is my error

Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or `T_NUM_STRING' in /web/jblayney/html/upload/index.php on line 24

this is my code ( added this
<?php echo"$_SERVER['PHP_SELF']"; ?>
)

<html>
<head>
<title>upload</title>
</head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#0000ff" alink="#0000ff"
topmargin="0" marginheight="0">
<?php
$DEBUG=1;
if ($DEBUG==1) echo "test: entering<BR>";
if (isset($_POST['submit'])) {
$freeSpace=$MAX_FILE_SIZE;
if ($freeSpace==0) echo "no space left<BR>";
else {
if ($DEBUG==1) echo "test: good, copying file...<BR>";
$loctaille=$FUserFile_size;
$realName=$FUserFile_name;
if (!copy($FUserFile, "./files/$realName")) echo ("failed to copy $realName...<br>");
else echo "file $FUserFile copied successfully.<BR>";
}
}
if ($DEBUG==1) echo "test: getting out to HTML<BR>";
?>
<p>&nbsp;</p>
<FORM METHOD="POST" ACTION="<?php echo"$_SERVER['PHP_SELF']"; ?>" ENCTYPE="multipart\form-data">
<INPUT border=0 TYPE=file NAME=FUserFile>
<INPUT border=0 TYPE=submit NAME=submit VALUE="Load">
<input type=hidden name=MAX_FILE_SIZE value=2000000><BR>
</form>
</body>
</html>
also, I dont have control for configuring any of these servers
Hi,

Check these:(Common probs.)

1) Do you have have register_globals = On, else change it for some minutes and check if it is working.
2) Are you having Unix/Linux machine then check for the permissions in the folder in which you were trying to copy.
3) Is the file_upload s are allowed on your server? Check this using <?php phpinfo(); ?> in a page.
4) Check if your hardisk is having some space in it? Is it dying due to shortage of space?

I hope I could find more problems... this may be sufficient.

Cheers,
Girish
@jblaney : don't put double quotes around $_SERVER[] ;-)

echo $_SERVER['PHP_SELF'];

@girish_nair : read the history first 8-)
1)reg_glob is On
2)he said somewhere that permissions were right, but you're right to suggest a check
3) good point here, this could be the cause of all, except that in the beginning he had the message "ok, file copied"
4)to check too
well jblaney, as long as those servers offer the BASIC features of PHP, it should work. Uploading a file is very simple in HTML/PHP.

This includes :
// comments being accepted
$PHP_SELF being recognized as a valid variable name
<?php tag recognized and PHP installed (server2)
One more imp thing, first try with some small files.
In the example I posted the filesize is 1000 bytes, so increase it if you are working with big files.
well, as you can see my code has a max_file_size of less then 2Mo, the usual limit specified in php.ini

jblaney, what does happen on server1 ?

I think you should verify if you specified a valid "temp" directory for file uploads
Hello,
i went back to the original server, because that s th one i'm going to use it on..
This is the code as i have it now, i got the page to display by setting every folder that this file is in to 777 (folder1/folder2/folder3/file) in other words the entire file path....
Their is a folder called files with permissions 777 in the same directory as the upload file

I checked phpinfo and register globals are on, when i try to upload i get this error

test: entering
test: good, copying file...
failed to copy ...
test: getting out to HTML

so what else should i check for in php info ?


<html>
<head>
<title>upload</title>
</head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#0000ff" alink="#0000ff"
topmargin="0" marginheight="0">
<?php
$DEBUG=1;
if ($DEBUG==1) echo "test: entering<BR>";
if (isset($_POST['submit'])) {
$freeSpace=$MAX_FILE_SIZE;
if ($freeSpace==0) echo "no space left<BR>";
else {
if ($DEBUG==1) echo "test: good, copying file...<BR>";
$loctaille=$FUserFile_size;
$realName=$FUserFile_name;
if (!copy($FUserFile, "files/$realName")) echo("failed to copy $realName...<br>");
else echo "file $FUserFile copied successfully.<BR>";
}
}
if ($DEBUG==1) echo "test: getting out to HTML<BR>";
?>
<p>&nbsp;</p>
<FORM METHOD="POST" ACTION="<?php echo$_SERVER['PHP_SELF']; ?>" ENCTYPE="multipart\form-data">
<INPUT border=0 TYPE=file NAME=FUserFile>
<INPUT border=0 TYPE=submit NAME=submit VALUE="Load">
<input type=hidden name=MAX_FILE_SIZE value=10000000><BR>
</form>
</body>
</html>
Now when i am setting permissions, theris 2 ways to do it with "Fetch" (my ftp software)

1. set permissions
2. set upload permissions

I was able to set all permissions to 777 with no. 1

when i try no.2, i get an error

"server response site unmask not understood,"

and i can't do it, but it says that it is 777, so i don't think thats important, I just thought I would mention it
Ok,
If you want to go with the first/second code.

Please try to echo these variables and tell what it shows

$file_name [your filename]
$file_name_name
$file_name_size
$MAX_FILE_SIZE

These values must be correct
$file_name = some unique value
$file_name_name  = The name of   file which you uploaded
$file_name_size =  the file size as shown on your PC
$MAX_FILE_SIZE = max size which you had set

Tell me the output.
and what if you tried to copy the file, not in ./upload, but in . ?
Just to convince yourself that the script works...
this is my output

test: entering
test: good, copying file...
failed to copy ...
test: getting out to HTML
10000000

i added it to the bottom here

if ($DEBUG==1) echo "test: getting out to HTML<BR>";
echo $file_name;
echo $file_name_name;
echo $file_name_size;
echo $MAX_FILE_SIZE;
?>
10 MB ? that's the supposed size of what ?
and add <BR> on each echo line

If you can't upload the file to the current directory, I've no idea why. This (simplified or not) script works fine on any server I have my hands on.

@girish :
$realName=$FUserFile_name;
if (!copy($FUserFile, "files/$realName")) echo("failed to copy $realName...<br>");

as you can see, the echo $file_name is not really needed ...

I don't think you have to use $_SERVER[] as the name of the file is correct... It just won't copy to current directory. Weird.
I'll email the server admin
Hey, You are not able to upload the file because nothing is getting uploaded. If your debug output is correct then
( > test: getting out to HTML )
( > 10000000       )
it means that no file is uploaded.

BTW I think I am talking to a real newbee, please apply some brain....:)
you need to replace the variable name with the original ones :)

So it will be

if ($DEBUG==1) echo "test: getting out to HTML<BR>";
echo "<br>".$file_name; //// This must be the field name
echo "<br>".$file_name_name; // this filedname _name
echo "<br>".$file_name_size; // this fieldname _size
echo "<br>".$MAX_FILE_SIZE;

Get me the output. It will be very much simpler if you can get me the details of the server, so that I can personaly check. mail me at <girishn2003@yahoo.co.in>, or catch me online at the yahoo messenger. I will be happy to talk personaly to you :)

So that we can avoid making any Limca Book of record. (Two geeks trying to identify  a simpler problem)
:)
girish, don't be so pretentious :/

The output clearly states that the $_POST[] was set, that the $_POST['submi'] was set, and that the filecopy was tried (but failed for an unknown reason)

do you always skip the first three lines of output to keep only the last two, then draw conclusions from them ? :D
"test: entering
test: good, copying file...
failed to copy ...
"
Hi,

Please note that
"test: entering
test: good, copying file...
failed to copy ...
"

the script is echoing the fieldname in "faied to copy $fieldname ..."
and the output does not have the fieldname value,
that means the file is not uploaded.

:)

quoting jblainey :

"Server 1(linux redhat)

test: entering
test: good, copying file...
Warning: Unable to open '1S.jpg' for reading: No such file or directory in /web/jblayney/html/upload/index.php on line 17
failed to copy ...
test: getting out to HTML


"

file "1S.jpg" is indeed recognized, transmitted, but apparently not allowed for copy.
that means the file IS uploaded :)
moreover, just test my script on yur server, it will work (of course 8-)
Hi,

Now I modified the script
[first time I tested on my server and It works].

-----------------------------------------------------------
<?php
if (isset($submit)) {

$freeSpace=$MAX_FILE_SIZE;

if ($freeSpace==0) echo "no space left<BR>";
else {
$loctaille=$FUserFile_size;
$realName=$FUserFile_name;


echo "<br>".$FUserFile;
echo "<br>".$FUserFile_name;
echo "<br>".$FUserFile_size;
echo "<br>".$MAX_FILE_SIZE;


if (!copy($FUserFile, "./files/$realName")) echo ("failed to copy $realName...<br>");
else echo "file $FUserFile copied successfully.<BR>";

}  // space left
} // POST data received

?>
<html>
<head>
<title>upload</title>
</head>

<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#0000ff" alink="#0000ff"
topmargin="0" marginheight="0">

<p>&nbsp;</p>
<FORM METHOD="POST" ENCTYPE="multipart/form-data">
<INPUT border=0 TYPE=file NAME=FUserFile>
<INPUT border=0 TYPE=submit NAME=submit VALUE="Load">
<input type=hidden name=MAX_FILE_SIZE value=2000000><BR>
</form>

</body>
</html>

-----------------------------------------------------------

Test it please :)
are you kidding ?
I don't see any difference except that you reverted to if(isset($submit)) in stead of if (isset($_POST['submit']))

(register_globals=On, huh ? :D )
I expected you will not see the most important difference.

Somewhere in yout jblayney has changed  ENCTYPE="multipart/form-data">

to  ENCTYPE="multipart\form-data">

:::---)))
excuse-me , but this "modification" is an error.

MIME-Types are for example :
text/plain
multipart/form-data
image/jpeg

and can't be changed.
Hello guys,
I'm back, i was gone for a gew days, Girlish Nar, yes i am a newbie, but not that much, I did change the vatiable names from your script 3 days ago, and got the exact same output.

But that new code worked perfect, thank you, so lets move unto the main part of the code, which was to send an email with this attachment. i originally had no real use for this code other than for personal interest, but I do have a website that can use this code. I am going to give it a shot first, and then get back to you.


 : )
Hello Guys, Ok i gave it a try, but it has many problems, i incorporated it with some code that inserts businesses into a DB, but when i try to upload the file, It sets off the javascript validations for the text inpput areas and sends the user to the confirm page, and doesn't upload the file, should i put the upload code on th confirm page ? i think i should, this is the ode as it is now

<?php
if (isset($submit)) {
$freeSpace=$MAX_FILE_SIZE;
if ($freeSpace==0) echo "no space left<BR>";
else {
$loctaille=$FUserFile_size;
$busLogo=$FUserFile_name;
if (!copy($FUserFile, "./logo/$busLogo")) echo ("failed to copy $busLogo...<br>");
else echo "file $FUserFile copied successfully.<BR>";
}
}
?>
 <? include ("headerTopSubmit.php"); ?>
 <? include ("buttons.php"); ?>
<table width="100%" height="381" border="0" cellpadding="0" cellspacing="0">

    <td width="150" valign="top">
      <? include ("sideButtons2.php"); ?>
    </td>
    <td align="left" valign="top"> <p><br>
        &nbsp;&nbsp; <img src="images/add.gif"> </p>
      <form method="post" action="addconfirm.php" name="form1" onSubmit="return validate1(this)" ENCTYPE="multipart/form-data">
  <input name="active" type="hidden" id="active" value="0">
  <input name="featured" type="hidden" id="featured" value="0">
 
 
            <table cellspacing="5" cellpadding="0" border="0" width="446" align="center">
 <tr>
      <td colspan="2"><font size="2" face="Arial, Helvetica, sans-serif">
<b>Name and Business Information</b></font><br><br></td>
    </tr>

    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Business Name:</font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <input name="busName" type="text" id="businessName" size="35" maxlength="75">
        </font></td>
    </tr>
    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Owner: </font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <input name="busOwner" type="text" id="Owner" size="35" maxlength="75">
        </font></td>
    </tr>
    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Address: </font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <input name="busAd" type="text" id="Address" size="35" maxlength="75">
        </font></td>
    </tr>
    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">City: </font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <input name="busCity" type="text" id="City" size="35" maxlength="75">
        </font></td>
    </tr>
    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Postal Code:</font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <input name="busPostal" type="text" id="PostalCode" size="10" maxlength="7">
        </font></td>
    </tr>
    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Phone 1: </font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <input name="busPhone" type="text" id="Phone" size="20" maxlength="15">
        </font></td>
    </tr>
    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Phone 2: </font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <input name="busPhone2" type="text" id="busPhone2" size="20" maxlength="15">
        </font></td>
    </tr>
    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Fax: </font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <input name="busFax" type="text" id="busFax" size="20" maxlength="15">
        </font></td>
    </tr>
    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Website:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;http://www.</font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <input name="busUrl" type="text" id="busUrl" size="35" maxlength="100">
        </font></td>
    </tr>
    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Email: </font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <input name="busEmail" type="text" id="Email" size="35" maxlength="100">
        </font></td>
    </tr>
          <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Logo: </font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <INPUT border=0 TYPE=file NAME=FUserFile>
<INPUT border=0 TYPE=submit NAME=submit VALUE="Load">
<input type=hidden name=MAX_FILE_SIZE value=2000000>
        </font></td>
    </tr>
            
    </tr>

    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Keywords: (for searching) </font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
              <textarea name="keyWords" cols="35" rows="5" id="keyWords"></textarea>
        </font></td>
    </tr>
    <tr valign="top" bgcolor="#FFFFFF">
      <td><font size="2" face="Arial, Helvetica, sans-serif">Brief description of your business: (255 characters)</font></td>
      <td> <font size="2" face="Arial, Helvetica, sans-serif">
        <textarea name="busDesc" cols="35" rows="5" id="Description" maxlength="255"></textarea>
        </font></td>
    </tr>

    <tr>
      <td><input type="submit" name="Add contact to system"></td>
      <td>&nbsp;</a>

  </td></tr>
</table>


  </form>


</td>

    <td width="150" height="381" valign="top">
<? include ("advertisments.php"); ?></td>

  </tr>
</table>

<table width="100%" height="70" border="0" cellpadding="0" cellspacing="0">
<tr>
    <td><? include ("footer.php"); ?></td>
  </tr>
</table>
</body>
</html>
no thats not going to work, basically i need to put a fom inside of another form. i tried to do that before and it didnt work. How should i do this ? have the upload occur inside of the other form without setting it off ??
actaully ignore that last 2 posts, I'm doing it another way. Oh, and by the way, i will have points for both of you
ok, this is what is going on. I have decided that the user has the option of inserting their logo into my database and uploading  it after their account has been created, So form the page that confirms that they have been updated I have a link (submit logo here) with busID being sent (busID is the primary key for their entry in DB

If you would like to submit your logo, please click<a href="upload.php" class="buttons2" id="<?php $busID ?>"> here </a>

so on the next page the upload script comes into effect, the logo is getting uploaded, but I'm having trouble with updating the db with the logo name, I am takig realname and converting it to busLogo which is the logo field in the db, But I'm getting this error

Error2 - Unknown column 'busID' in 'where clause'

so i fugure it isn't reading the id being sent from the other page, what do u think

 <?php
if (isset($submit)) {
$freeSpace=$MAX_FILE_SIZE;
if ($freeSpace==0) echo "no space left<BR>";
else {
$loctaille=$FUserFile_size;
$realName=$FUserFile_name;

if (!copy($FUserFile, "./logo/$realName")) echo ("failed to copy $realName...<br>");
else
$db_name = "cot_cityoftoronto_biz";
$table_name = "category";
$connection = @mysql_connect(": )", ": )", ": )") or die("Problems connecting - please try later");
// conenct to database table with error output
$db = mysql_select_db("$db_name", $connection) or die("Error1 - ".mysql_error());
$sql = "UPDATE $table_name
SET
busLogo = '$realName'
WHERE busID = '$_REQUEST[busID]'
";
// do query
$result = mysql_query($sql, $connection) or die("Error2 - ".mysql_error());

}
}
easy : the column "busID" doesn't exist in your table layout.

Check it 8-)

(describe category;)
Doh,
 of course i copied the code from the wong table, but it still isn't updating the table, somehow it isn''t interpreting $realName as busLogo, which is the fiel name in the db
I know whats happening,
busId hasn't been determined, bucause in the page before, It has just been created in database as an autonumber.

So... i tried using busName

id="<?php $busName ?>">

and the upload page is this

$sql = "UPDATE $table_name
SET
busLogo = '$realName'
WHERE busName = '$_REQUEST[id]'
";

So their still is a problem, the file is going up, but the db isn't getting updated, how should I get around this
i also tried thsi

$sql = "UPDATE $table_name
SET
busLogo = '$realName'
WHERE busName = '$_REQUEST[busName]'
yes, it's STILL the same ol' problem.

You CAN'T simply use array references inside strings !!!

write this in stead :

$sql = "UPDATE $table_name
SET
busLogo = '$realName'
WHERE busName = '".$_REQUEST[id]."'";
I would even put single quotes around 'id', but do as you wish : if it works for you, then it's as good.
still no different

$sql = "UPDATE $table_name SET busLogo = '$realName' WHERE busName = '".$_REQUEST['id']."'";

db isn't updated
may I suggest to :
1) PRINTOUT the $sql string via :
echo "trying to perform query '$sql'<BR>";

2) try the very same string on the MySql command line ?

:D
ASKER CERTIFIED SOLUTION
Avatar of girish_nair
girish_nair

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I'm hording them yes, lol,
I'm going to gve these to you girlish, and i will be posting some for VGR as well, actually VGR I'm giving you the points for the other thread I have becuause i just dont have time to mess with it, and I have a uick fix working now.

I'm going out now, i'll try the output soon