php file uploader?

I'm trying to make a simple php file uploader..
Would have 5 file upload places...
in the script a way to limit file size, file type and uploads allowed per ip, per day.

perfered when submited a window pops-up and says uplaoding then when done the popup closes and the user is redirected to X page.


I have tried and tried to make this baby but have failed...


thanks,
Caiapfas
LVL 2
CaiapfasAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
youngad6Connect With a Mentor Commented:
I cleaned up the code a lot and tested it. This one will work for any number/name of files. Enjoy:
<?
define("MAX_FILE_SIZE", "20000");                      //max file size in bytes
define("VALID_EXTENSIONS","gif,jpg,php,txt,zip");  //acceptable file ext
define("SAVE_DIR", "./uploads/");                  //directory to save to

if (isset($_POST['submit'])) {
      if (!isset($_FILES)) $error_msg = "Please upload a file";

      foreach($_FILES as $key=>$value) {
            if ($_FILES[$key]['error'] == 4) continue; //if file DNE
            if ($_FILES[$key]['error'] == 2) {                //if file is too big
                  $error_msg .= "<b><font color=red>ERROR: ".$_FILES[$key]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE." bytes</font></b><br>";
                  continue;
            }
            $ext = substr(strrchr($_FILES[$key]['name'], '.'), 1);
            if (!stristr(VALID_EXTENSIONS,$ext)) {
                 $error_msg .= "<b><font color=red>ERROR: ".$_FILES[$key]['name'] .": INVALID FILE EXTENSION. Valid extensions are: ".VALID_EXTENSIONS."</font></b><br>";
                 continue;
            }
            move_uploaded_file($_FILES[$key]['tmp_name'], SAVE_DIR . $_FILES[$key]['name']);
      }
      if (!$error_msg) header("Location: http://www.msn.com/"); //redirect if no errors
      echo $error_msg;
}
?>

<form enctype="multipart/form-data" action="<? echo $_SERVER['PHP_SELF']; ?>" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="<? echo MAX_FILE_SIZE; ?>" />
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Upload your files..</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Just click browse find your file and click open...</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    then click &quot;Send Files&quot;</font></p>
    <p><font face="Verdana"><font size="2">File 1: </font>
    <input name="file1" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 2: </font>
    <input name="file2" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 3: </font>
    <input name="file3" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 4: </font>
    <input name="file4" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 5: </font>
    <input name="file5" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p>
    <input type="submit" name="submit" value="Send Files" /> </p>
</form>
0
 
youngad6Commented:
Here's an example form:

<form enctype="multipart/form-data" action="[YOUR URL]" method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="[YOUR MAX FILE SIZE IN BYTES]" />
    <!-- Name of input element determines name in $_FILES array -->
    Send this file: <input name="userfile" type="file" />
    <input type="submit" value="Send File" />
</form>

Set this variable in your php.ini:
upload_tmp_dir=/path/you/want/to/store/them/in/temporarily

Then your script (from the other question- http://www.experts-exchange.com/Programming/Q_21171295.html) could call:
$tempFileName = $_FILES['userfile']['tmp_name'];

 to get the temporary name of the file that was uploaded and you already know the location based on the upload_tmp_dir that you added to your php.ini. Passing this file location to the script I linked you to in your other question it could then mail the file. Tomorrow I have to do something similiar and will work on a complete solution to your questions if time permits.
0
 
CaiapfasAuthor Commented:
yes, i dont want the file emailed, but uploaded to the server and a option to email would be good.


i await your solution..!!
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
youngad6Commented:
config.php:
<?
define("MAX_FILE_SIZE", "20000"); //max file size in bytes
define("FILE_TYPE", "image/gif");   //acceptable file type
define("SAVE_DIR", "./files/");        //directory to save to
?>

uploadfiles.php:
<?
require('config.php');
?>
<form enctype="multipart/form-data" action="upload.php" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="<? echo MAX_FILE_SIZE; ?>" />
    File 1: <input name="file1" type="file" />
    File 2: <input name="file2" type="file" />
    File 3: <input name="file3" type="file" />
    File 4: <input name="file4" type="file" />
    File 5: <input name="file5" type="file" />
    <input type="submit" value="Send Files" />
</form>

upload.php:
<?
require('config.php');
for ($i=1; $i<6; $i++) {
if ($_FILES['file'.$i]['type'] != FILE_TYPE) continue;
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) continue;
move_uploaded_file($_FILES['file'$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
?>
0
 
CaiapfasAuthor Commented:
can we make it so that I allow file types but ext. ex. .exe|.php|.jpg
also
after file is uploaded I can redirect them to a certian page?


MUCH thanks
0
 
youngad6Commented:
define("INVALID_EXTENSIONS","php,exe,jpg");

upload.php:
<?
require('config.php');
for ($i=1; $i<6; $i++) {
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (stristr(INVALID_EXTENSIONS,$ext)) continue;
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) continue;
move_uploaded_file($_FILES['file'$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
?>
0
 
youngad6Commented:
Forgot- at the bottom of upload.php add this:
header("Location: http://www.domain.com/"); //redirect
0
 
CaiapfasAuthor Commented:
I get this error when I try to upload a txt file...which isnt allowed
Parse error: parse error, expecting `']'' in upload.php on line 7
...no error handleing?

and a question

1. how can I make this
define("SAVE_DIR", "./uploads/");    
pathto.....so if I want to save the files 2 directories down and a few up...
ex. the script is in www.me.com/upload/ I want to save the file in www.me.com/james/brown/uploads

0
 
youngad6Commented:
../ moves you up a directory so for your example it'd be:
define("SAVE_DIR","../james/brown/uploads/");

I missed a . on this line so replace it w/ the similiar one above:
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
0
 
CaiapfasAuthor Commented:
ok that worked....


last issue.....when a user tries to upload a file ext. thats not allowed.or break the file size limit....i want it to give an error about it on same page in bold /red at the top

ex.
File type not allowed only $file_types are...

also if the file size is broken

ex.
Error : the file size limit is $file_size...

with no redirect..
0
 
CaiapfasAuthor Commented:
and for some reason it allowed a disalloed file type?
0
 
youngad6Commented:
It's not allowing anything it shouldn't over here.
-Did you put define("INVALID_EXTENSIONS","php,exe,jpg"); inside config.php?
-Has it blocked other files and just that one is getting through?
-What was the filename?

As for the bold, red:
<?
require('config.php');

for ($i=1; $i<6; $i++) {
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (stristr(INVALID_EXTENSIONS,$ext)) {
      $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": INVALID FILE EXTENSION. Invalid extensions are: ".INVALID_EXTENSIONS."</font></b><br>";
      continue;
}
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) {
   $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE."</font></b><br>";
   continue;
}
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
if (!$error_msg) header("Location: http://www.domain.com/"); //redirect
echo $error_msg;
?>
0
 
CaiapfasAuthor Commented:
ok last thing I SWEAR. we had a misunderstanding...

instead of it being upacceptable file types..
can it be acceptable ext.

REASON: adding all the not accept file ext.s will take forever..
also, need to change the error. to read nNot accepted file type...these are the accepted $types


much thanks and sorry
0
 
CaiapfasAuthor Commented:
then error handling for no input...={}
0
 
youngad6Commented:
I'm not sure what this comment means:
then error handling for no input...={}

but as for the one above it, here's the fix:
define("VALID_EXTENSIONS","gif,jpg,etc");

<?
require('config.php');

for ($i=1; $i<6; $i++) {
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (!stristr(VALID_EXTENSIONS,$ext)) {
     $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": INVALID FILE EXTENSION. Valid extensions are: ".VALID_EXTENSIONS."</font></b><br>";
     continue;
}
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) {
   $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE."</font></b><br>";
   continue;
}
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
if (!$error_msg) header("Location: http://www.domain.com/"); //redirect
echo $error_msg;
?>
0
 
CaiapfasAuthor Commented:
thanks...what i mean is when i hit go with noting in the upload boxes i get error city
0
 
youngad6Commented:
Try adding this line:
if (!$_FILES['file'.$i]) continue;

right after:
for ($i=1; $i<6; $i++) {
0
 
CaiapfasAuthor Commented:
Warning: Empty Delimiter in upload.php on line 6

for EVERY box that doesnt have input

so 5 times?
0
 
CaiapfasAuthor Commented:
plus under that

: INVALID FILE EXTENSION. Valid extensions are: gif,jpg,php

for each empty box
0
 
CaiapfasAuthor Commented:
you code didnt fix it
0
 
CaiapfasAuthor Commented:
Warning: Empty Delimiter in upload.php on line 7
0
 
CaiapfasAuthor Commented:
and the error for each empty box
0
 
youngad6Commented:
if (!$_FILES['file'.$i]['name']) continue;

should work instead
0
 
CaiapfasAuthor Commented:
ThaT did it


but if the user doesnt input something they get redirected..? can it give error msg stating please upload a file

and lastly VERY lastly (unless errors which wont happen) can we make the error msg load on the upload page

$error_msg

so all they have to do it try again?


0
 
youngad6Commented:
Add this to the top:
if (!isset($_FILES)) $error_msg = "Please upload a file";


and replace this:
if (!$error_msg) header("Location: http://www.domain.com/"); //redirect
echo $error_msg;

with this:
if ($error_msg) header("Location: uploadfiles.php?error_msg=".$error_msg); //redirect to uploadfiles.php again
header("Location: http://www.domain.com/"); //redirect if no errors

then at the top of uploadfiles.php add this:
echo $error_msg;
0
 
CaiapfasAuthor Commented:
I didnt make it work
and it seems the file size limit doesnt work...but it doesnt upload..it just redirects

<?
require('config.php');

if (!isset($_FILES)) $error_msg = "Please upload a file";

for ($i=1; $i<6; $i++) {
if (!$_FILES['file'.$i]['name']) continue;
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (!stristr(VALID_EXTENSIONS,$ext)) {
     $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": INVALID FILE EXTENSION. Valid extensions are: ".VALID_EXTENSIONS."</font></b><br>";
     continue;
}
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) {
   $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE."</font></b><br>";
   continue;
}
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
if ($error_msg) header("Location: index.php?error_msg=".$error_msg); //redirect to index.php again
header("Location: http://www.msn.com/"); //redirect if no errors
?>

==================

<?
require('config.php');
?>
<?
echo $error_msg;
?>
<form enctype="multipart/form-data" action="upload.php" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="<? echo MAX_FILE_SIZE; ?>" />
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Upload your files..</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Just click browse find your file and click open...</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    then click &quot;Send Files&quot;</font></p>
    <p><font face="Verdana"><font size="2">File 1: </font>
    <input name="file1" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 2: </font>
    <input name="file2" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 3: </font>
    <input name="file3" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 4: </font>
    <input name="file4" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 5: </font>
    <input name="file5" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p>
    <input type="submit" value="Send Files" /> </p>
</form>
0
All Courses

From novice to tech pro — start learning today.