Issue with file uploads

Hi all;

I am trying to add a file submission aspect to a submission form, but I cannot get uploads to confirm they are uploaded:

---------------FORM-----------------------

<input type="hidden" name="MAX_FILE_SIZE" value="2048">
<input name="File" type="file" size="50">

----------------/FORM----------------------

---------------CODE------------------------

 if (isset($_FILES['File']['name']))
                        {
                                echo("File Uploaded\n");
                                print_r($_FILES['File']);
                        }
                        else
                        {
                                echo("no File Uploaded\n");
                                print_r($_FILES);
                        }

---------------/CODE---------------------------

-------------OUTPUT---------------------------
no File Uploaded
Array ( )
--------------/OUTPUT------------------------

Now I am new to file uploading, so maybe I am checking the wrong thing.
PHP is 4.2.2 on Apache 2, I will also need to check that the file is a zip file, not interested in uploads of anything else and will want to reject non-zip uploads.

Thanks all, big points cause I want a quick answer.
LVL 17
SqueebeeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

FendrinCommented:
instead of checking $_FILES['File']['name'], check the value of $_FILES['File']['error']. If it is anything other than 0, there is some sort of problem. the complete list of possible values is here:
http://us3.php.net/manual/en/features.file-upload.errors.php
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SqueebeeAuthor Commented:
Ok, so far so good, I can check against error being 0 and I get a "File Uploaded" report. Now how can I check if the upload was a zip file?
0
red010knightCommented:
Well the later is easy enough
To check for zip file - do
$filename=$FILES['File']['name'];
$fileType=$substr($filename,-3);
if($fileType==='zip'){
  $isZip=true;
}else{
  $isZip=false;
}

if($isZip){
  download file
}else{
  display error
}

Also when you upload a file, you need to verify that the file doesn't currently exist in the location you are uploading to, if it does you'll definately have errors.

As to verifying the file is uploaded why not just check the folder you are uploading to with file_exists and is_file to make sure your system wasn't tricked when uploading a file.

So let me know, thanks
Red010Knght
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

SqueebeeAuthor Commented:
Hmm, any way to avoid an extension spoof there? Ie can we check for a zip file by a method other then trusting the extension?
0
helloAmericaCommented:
of course you can.

it's call "using magic numbers" (in clear, analysing the header of the binary file, like "PDF", "JPG" etc to deduce the real datafile type)
0
helloAmericaCommented:
and I think you should RTFM about "uploading files" in the PHP online manual
0
SqueebeeAuthor Commented:
I actually will just go with the extension check for now, as I have to approve posts anyway. Thanks for your help Fendrin and Red.
0
FendrinCommented:
No Problem, I like to help. Thanks for the A! btw, for type checking, try $FILES['file']['type'] to get the mime type.

btw, all of my answers are right in the manual: http://www.php.net/features.file-upload
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.