Solved

php file uploader?

Posted on 2004-10-18
26
372 Views
Last Modified: 2010-04-17
I'm trying to make a simple php file uploader..
Would have 5 file upload places...
in the script a way to limit file size, file type and uploads allowed per ip, per day.

perfered when submited a window pops-up and says uplaoding then when done the popup closes and the user is redirected to X page.


I have tried and tried to make this baby but have failed...


thanks,
Caiapfas
0
Comment
Question by:Caiapfas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 15
  • 11
26 Comments
 
LVL 2

Expert Comment

by:youngad6
ID: 12342464
Here's an example form:

<form enctype="multipart/form-data" action="[YOUR URL]" method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="[YOUR MAX FILE SIZE IN BYTES]" />
    <!-- Name of input element determines name in $_FILES array -->
    Send this file: <input name="userfile" type="file" />
    <input type="submit" value="Send File" />
</form>

Set this variable in your php.ini:
upload_tmp_dir=/path/you/want/to/store/them/in/temporarily

Then your script (from the other question- http://www.experts-exchange.com/Programming/Q_21171295.html) could call:
$tempFileName = $_FILES['userfile']['tmp_name'];

 to get the temporary name of the file that was uploaded and you already know the location based on the upload_tmp_dir that you added to your php.ini. Passing this file location to the script I linked you to in your other question it could then mail the file. Tomorrow I have to do something similiar and will work on a complete solution to your questions if time permits.
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12342668
yes, i dont want the file emailed, but uploaded to the server and a option to email would be good.


i await your solution..!!
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12354749
config.php:
<?
define("MAX_FILE_SIZE", "20000"); //max file size in bytes
define("FILE_TYPE", "image/gif");   //acceptable file type
define("SAVE_DIR", "./files/");        //directory to save to
?>

uploadfiles.php:
<?
require('config.php');
?>
<form enctype="multipart/form-data" action="upload.php" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="<? echo MAX_FILE_SIZE; ?>" />
    File 1: <input name="file1" type="file" />
    File 2: <input name="file2" type="file" />
    File 3: <input name="file3" type="file" />
    File 4: <input name="file4" type="file" />
    File 5: <input name="file5" type="file" />
    <input type="submit" value="Send Files" />
</form>

upload.php:
<?
require('config.php');
for ($i=1; $i<6; $i++) {
if ($_FILES['file'.$i]['type'] != FILE_TYPE) continue;
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) continue;
move_uploaded_file($_FILES['file'$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
?>
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Author Comment

by:Caiapfas
ID: 12355012
can we make it so that I allow file types but ext. ex. .exe|.php|.jpg
also
after file is uploaded I can redirect them to a certian page?


MUCH thanks
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12359517
define("INVALID_EXTENSIONS","php,exe,jpg");

upload.php:
<?
require('config.php');
for ($i=1; $i<6; $i++) {
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (stristr(INVALID_EXTENSIONS,$ext)) continue;
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) continue;
move_uploaded_file($_FILES['file'$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
?>
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12359534
Forgot- at the bottom of upload.php add this:
header("Location: http://www.domain.com/"); //redirect
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12360154
I get this error when I try to upload a txt file...which isnt allowed
Parse error: parse error, expecting `']'' in upload.php on line 7
...no error handleing?

and a question

1. how can I make this
define("SAVE_DIR", "./uploads/");    
pathto.....so if I want to save the files 2 directories down and a few up...
ex. the script is in www.me.com/upload/ I want to save the file in www.me.com/james/brown/uploads

0
 
LVL 2

Expert Comment

by:youngad6
ID: 12361413
../ moves you up a directory so for your example it'd be:
define("SAVE_DIR","../james/brown/uploads/");

I missed a . on this line so replace it w/ the similiar one above:
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12362047
ok that worked....


last issue.....when a user tries to upload a file ext. thats not allowed.or break the file size limit....i want it to give an error about it on same page in bold /red at the top

ex.
File type not allowed only $file_types are...

also if the file size is broken

ex.
Error : the file size limit is $file_size...

with no redirect..
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12362057
and for some reason it allowed a disalloed file type?
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12362432
It's not allowing anything it shouldn't over here.
-Did you put define("INVALID_EXTENSIONS","php,exe,jpg"); inside config.php?
-Has it blocked other files and just that one is getting through?
-What was the filename?

As for the bold, red:
<?
require('config.php');

for ($i=1; $i<6; $i++) {
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (stristr(INVALID_EXTENSIONS,$ext)) {
      $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": INVALID FILE EXTENSION. Invalid extensions are: ".INVALID_EXTENSIONS."</font></b><br>";
      continue;
}
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) {
   $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE."</font></b><br>";
   continue;
}
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
if (!$error_msg) header("Location: http://www.domain.com/"); //redirect
echo $error_msg;
?>
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12362842
ok last thing I SWEAR. we had a misunderstanding...

instead of it being upacceptable file types..
can it be acceptable ext.

REASON: adding all the not accept file ext.s will take forever..
also, need to change the error. to read nNot accepted file type...these are the accepted $types


much thanks and sorry
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12362894
then error handling for no input...={}
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12363001
I'm not sure what this comment means:
then error handling for no input...={}

but as for the one above it, here's the fix:
define("VALID_EXTENSIONS","gif,jpg,etc");

<?
require('config.php');

for ($i=1; $i<6; $i++) {
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (!stristr(VALID_EXTENSIONS,$ext)) {
     $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": INVALID FILE EXTENSION. Valid extensions are: ".VALID_EXTENSIONS."</font></b><br>";
     continue;
}
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) {
   $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE."</font></b><br>";
   continue;
}
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
if (!$error_msg) header("Location: http://www.domain.com/"); //redirect
echo $error_msg;
?>
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363158
thanks...what i mean is when i hit go with noting in the upload boxes i get error city
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12363189
Try adding this line:
if (!$_FILES['file'.$i]) continue;

right after:
for ($i=1; $i<6; $i++) {
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363198
Warning: Empty Delimiter in upload.php on line 6

for EVERY box that doesnt have input

so 5 times?
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363233
plus under that

: INVALID FILE EXTENSION. Valid extensions are: gif,jpg,php

for each empty box
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363252
you code didnt fix it
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363258
Warning: Empty Delimiter in upload.php on line 7
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363264
and the error for each empty box
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12363283
if (!$_FILES['file'.$i]['name']) continue;

should work instead
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363356
ThaT did it


but if the user doesnt input something they get redirected..? can it give error msg stating please upload a file

and lastly VERY lastly (unless errors which wont happen) can we make the error msg load on the upload page

$error_msg

so all they have to do it try again?


0
 
LVL 2

Expert Comment

by:youngad6
ID: 12363423
Add this to the top:
if (!isset($_FILES)) $error_msg = "Please upload a file";


and replace this:
if (!$error_msg) header("Location: http://www.domain.com/"); //redirect
echo $error_msg;

with this:
if ($error_msg) header("Location: uploadfiles.php?error_msg=".$error_msg); //redirect to uploadfiles.php again
header("Location: http://www.domain.com/"); //redirect if no errors

then at the top of uploadfiles.php add this:
echo $error_msg;
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363477
I didnt make it work
and it seems the file size limit doesnt work...but it doesnt upload..it just redirects

<?
require('config.php');

if (!isset($_FILES)) $error_msg = "Please upload a file";

for ($i=1; $i<6; $i++) {
if (!$_FILES['file'.$i]['name']) continue;
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (!stristr(VALID_EXTENSIONS,$ext)) {
     $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": INVALID FILE EXTENSION. Valid extensions are: ".VALID_EXTENSIONS."</font></b><br>";
     continue;
}
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) {
   $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE."</font></b><br>";
   continue;
}
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
if ($error_msg) header("Location: index.php?error_msg=".$error_msg); //redirect to index.php again
header("Location: http://www.msn.com/"); //redirect if no errors
?>

==================

<?
require('config.php');
?>
<?
echo $error_msg;
?>
<form enctype="multipart/form-data" action="upload.php" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="<? echo MAX_FILE_SIZE; ?>" />
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Upload your files..</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Just click browse find your file and click open...</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    then click &quot;Send Files&quot;</font></p>
    <p><font face="Verdana"><font size="2">File 1: </font>
    <input name="file1" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 2: </font>
    <input name="file2" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 3: </font>
    <input name="file3" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 4: </font>
    <input name="file4" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 5: </font>
    <input name="file5" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p>
    <input type="submit" value="Send Files" /> </p>
</form>
0
 
LVL 2

Accepted Solution

by:
youngad6 earned 500 total points
ID: 12364746
I cleaned up the code a lot and tested it. This one will work for any number/name of files. Enjoy:
<?
define("MAX_FILE_SIZE", "20000");                      //max file size in bytes
define("VALID_EXTENSIONS","gif,jpg,php,txt,zip");  //acceptable file ext
define("SAVE_DIR", "./uploads/");                  //directory to save to

if (isset($_POST['submit'])) {
      if (!isset($_FILES)) $error_msg = "Please upload a file";

      foreach($_FILES as $key=>$value) {
            if ($_FILES[$key]['error'] == 4) continue; //if file DNE
            if ($_FILES[$key]['error'] == 2) {                //if file is too big
                  $error_msg .= "<b><font color=red>ERROR: ".$_FILES[$key]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE." bytes</font></b><br>";
                  continue;
            }
            $ext = substr(strrchr($_FILES[$key]['name'], '.'), 1);
            if (!stristr(VALID_EXTENSIONS,$ext)) {
                 $error_msg .= "<b><font color=red>ERROR: ".$_FILES[$key]['name'] .": INVALID FILE EXTENSION. Valid extensions are: ".VALID_EXTENSIONS."</font></b><br>";
                 continue;
            }
            move_uploaded_file($_FILES[$key]['tmp_name'], SAVE_DIR . $_FILES[$key]['name']);
      }
      if (!$error_msg) header("Location: http://www.msn.com/"); //redirect if no errors
      echo $error_msg;
}
?>

<form enctype="multipart/form-data" action="<? echo $_SERVER['PHP_SELF']; ?>" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="<? echo MAX_FILE_SIZE; ?>" />
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Upload your files..</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Just click browse find your file and click open...</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    then click &quot;Send Files&quot;</font></p>
    <p><font face="Verdana"><font size="2">File 1: </font>
    <input name="file1" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 2: </font>
    <input name="file2" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 3: </font>
    <input name="file3" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 4: </font>
    <input name="file4" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 5: </font>
    <input name="file5" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p>
    <input type="submit" name="submit" value="Send Files" /> </p>
</form>
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?
The SignAloud Glove is capable of translating American Sign Language signs into text and audio.
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question