Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

php file uploader?

Posted on 2004-10-18
26
Medium Priority
?
383 Views
Last Modified: 2010-04-17
I'm trying to make a simple php file uploader..
Would have 5 file upload places...
in the script a way to limit file size, file type and uploads allowed per ip, per day.

perfered when submited a window pops-up and says uplaoding then when done the popup closes and the user is redirected to X page.


I have tried and tried to make this baby but have failed...


thanks,
Caiapfas
0
Comment
Question by:Caiapfas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 15
  • 11
26 Comments
 
LVL 2

Expert Comment

by:youngad6
ID: 12342464
Here's an example form:

<form enctype="multipart/form-data" action="[YOUR URL]" method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="[YOUR MAX FILE SIZE IN BYTES]" />
    <!-- Name of input element determines name in $_FILES array -->
    Send this file: <input name="userfile" type="file" />
    <input type="submit" value="Send File" />
</form>

Set this variable in your php.ini:
upload_tmp_dir=/path/you/want/to/store/them/in/temporarily

Then your script (from the other question- http://www.experts-exchange.com/Programming/Q_21171295.html) could call:
$tempFileName = $_FILES['userfile']['tmp_name'];

 to get the temporary name of the file that was uploaded and you already know the location based on the upload_tmp_dir that you added to your php.ini. Passing this file location to the script I linked you to in your other question it could then mail the file. Tomorrow I have to do something similiar and will work on a complete solution to your questions if time permits.
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12342668
yes, i dont want the file emailed, but uploaded to the server and a option to email would be good.


i await your solution..!!
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12354749
config.php:
<?
define("MAX_FILE_SIZE", "20000"); //max file size in bytes
define("FILE_TYPE", "image/gif");   //acceptable file type
define("SAVE_DIR", "./files/");        //directory to save to
?>

uploadfiles.php:
<?
require('config.php');
?>
<form enctype="multipart/form-data" action="upload.php" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="<? echo MAX_FILE_SIZE; ?>" />
    File 1: <input name="file1" type="file" />
    File 2: <input name="file2" type="file" />
    File 3: <input name="file3" type="file" />
    File 4: <input name="file4" type="file" />
    File 5: <input name="file5" type="file" />
    <input type="submit" value="Send Files" />
</form>

upload.php:
<?
require('config.php');
for ($i=1; $i<6; $i++) {
if ($_FILES['file'.$i]['type'] != FILE_TYPE) continue;
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) continue;
move_uploaded_file($_FILES['file'$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
?>
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 2

Author Comment

by:Caiapfas
ID: 12355012
can we make it so that I allow file types but ext. ex. .exe|.php|.jpg
also
after file is uploaded I can redirect them to a certian page?


MUCH thanks
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12359517
define("INVALID_EXTENSIONS","php,exe,jpg");

upload.php:
<?
require('config.php');
for ($i=1; $i<6; $i++) {
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (stristr(INVALID_EXTENSIONS,$ext)) continue;
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) continue;
move_uploaded_file($_FILES['file'$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
?>
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12359534
Forgot- at the bottom of upload.php add this:
header("Location: http://www.domain.com/"); //redirect
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12360154
I get this error when I try to upload a txt file...which isnt allowed
Parse error: parse error, expecting `']'' in upload.php on line 7
...no error handleing?

and a question

1. how can I make this
define("SAVE_DIR", "./uploads/");    
pathto.....so if I want to save the files 2 directories down and a few up...
ex. the script is in www.me.com/upload/ I want to save the file in www.me.com/james/brown/uploads

0
 
LVL 2

Expert Comment

by:youngad6
ID: 12361413
../ moves you up a directory so for your example it'd be:
define("SAVE_DIR","../james/brown/uploads/");

I missed a . on this line so replace it w/ the similiar one above:
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12362047
ok that worked....


last issue.....when a user tries to upload a file ext. thats not allowed.or break the file size limit....i want it to give an error about it on same page in bold /red at the top

ex.
File type not allowed only $file_types are...

also if the file size is broken

ex.
Error : the file size limit is $file_size...

with no redirect..
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12362057
and for some reason it allowed a disalloed file type?
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12362432
It's not allowing anything it shouldn't over here.
-Did you put define("INVALID_EXTENSIONS","php,exe,jpg"); inside config.php?
-Has it blocked other files and just that one is getting through?
-What was the filename?

As for the bold, red:
<?
require('config.php');

for ($i=1; $i<6; $i++) {
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (stristr(INVALID_EXTENSIONS,$ext)) {
      $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": INVALID FILE EXTENSION. Invalid extensions are: ".INVALID_EXTENSIONS."</font></b><br>";
      continue;
}
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) {
   $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE."</font></b><br>";
   continue;
}
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
if (!$error_msg) header("Location: http://www.domain.com/"); //redirect
echo $error_msg;
?>
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12362842
ok last thing I SWEAR. we had a misunderstanding...

instead of it being upacceptable file types..
can it be acceptable ext.

REASON: adding all the not accept file ext.s will take forever..
also, need to change the error. to read nNot accepted file type...these are the accepted $types


much thanks and sorry
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12362894
then error handling for no input...={}
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12363001
I'm not sure what this comment means:
then error handling for no input...={}

but as for the one above it, here's the fix:
define("VALID_EXTENSIONS","gif,jpg,etc");

<?
require('config.php');

for ($i=1; $i<6; $i++) {
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (!stristr(VALID_EXTENSIONS,$ext)) {
     $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": INVALID FILE EXTENSION. Valid extensions are: ".VALID_EXTENSIONS."</font></b><br>";
     continue;
}
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) {
   $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE."</font></b><br>";
   continue;
}
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
if (!$error_msg) header("Location: http://www.domain.com/"); //redirect
echo $error_msg;
?>
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363158
thanks...what i mean is when i hit go with noting in the upload boxes i get error city
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12363189
Try adding this line:
if (!$_FILES['file'.$i]) continue;

right after:
for ($i=1; $i<6; $i++) {
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363198
Warning: Empty Delimiter in upload.php on line 6

for EVERY box that doesnt have input

so 5 times?
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363233
plus under that

: INVALID FILE EXTENSION. Valid extensions are: gif,jpg,php

for each empty box
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363252
you code didnt fix it
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363258
Warning: Empty Delimiter in upload.php on line 7
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363264
and the error for each empty box
0
 
LVL 2

Expert Comment

by:youngad6
ID: 12363283
if (!$_FILES['file'.$i]['name']) continue;

should work instead
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363356
ThaT did it


but if the user doesnt input something they get redirected..? can it give error msg stating please upload a file

and lastly VERY lastly (unless errors which wont happen) can we make the error msg load on the upload page

$error_msg

so all they have to do it try again?


0
 
LVL 2

Expert Comment

by:youngad6
ID: 12363423
Add this to the top:
if (!isset($_FILES)) $error_msg = "Please upload a file";


and replace this:
if (!$error_msg) header("Location: http://www.domain.com/"); //redirect
echo $error_msg;

with this:
if ($error_msg) header("Location: uploadfiles.php?error_msg=".$error_msg); //redirect to uploadfiles.php again
header("Location: http://www.domain.com/"); //redirect if no errors

then at the top of uploadfiles.php add this:
echo $error_msg;
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12363477
I didnt make it work
and it seems the file size limit doesnt work...but it doesnt upload..it just redirects

<?
require('config.php');

if (!isset($_FILES)) $error_msg = "Please upload a file";

for ($i=1; $i<6; $i++) {
if (!$_FILES['file'.$i]['name']) continue;
$ext = substr(strrchr($_FILES['file'.$i]['name'], '.'), 1);
if (!stristr(VALID_EXTENSIONS,$ext)) {
     $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": INVALID FILE EXTENSION. Valid extensions are: ".VALID_EXTENSIONS."</font></b><br>";
     continue;
}
if ($_FILES['file'.$i]['size'] > MAX_FILE_SIZE) {
   $error_msg .= "<b><font color=red>".$_FILES['file'.$i]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE."</font></b><br>";
   continue;
}
move_uploaded_file($_FILES['file'.$i]['tmp_name'], SAVE_DIR . $_FILES['file'.$i]['name']);
}
if ($error_msg) header("Location: index.php?error_msg=".$error_msg); //redirect to index.php again
header("Location: http://www.msn.com/"); //redirect if no errors
?>

==================

<?
require('config.php');
?>
<?
echo $error_msg;
?>
<form enctype="multipart/form-data" action="upload.php" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="<? echo MAX_FILE_SIZE; ?>" />
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Upload your files..</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Just click browse find your file and click open...</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    then click &quot;Send Files&quot;</font></p>
    <p><font face="Verdana"><font size="2">File 1: </font>
    <input name="file1" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 2: </font>
    <input name="file2" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 3: </font>
    <input name="file3" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 4: </font>
    <input name="file4" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 5: </font>
    <input name="file5" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p>
    <input type="submit" value="Send Files" /> </p>
</form>
0
 
LVL 2

Accepted Solution

by:
youngad6 earned 2000 total points
ID: 12364746
I cleaned up the code a lot and tested it. This one will work for any number/name of files. Enjoy:
<?
define("MAX_FILE_SIZE", "20000");                      //max file size in bytes
define("VALID_EXTENSIONS","gif,jpg,php,txt,zip");  //acceptable file ext
define("SAVE_DIR", "./uploads/");                  //directory to save to

if (isset($_POST['submit'])) {
      if (!isset($_FILES)) $error_msg = "Please upload a file";

      foreach($_FILES as $key=>$value) {
            if ($_FILES[$key]['error'] == 4) continue; //if file DNE
            if ($_FILES[$key]['error'] == 2) {                //if file is too big
                  $error_msg .= "<b><font color=red>ERROR: ".$_FILES[$key]['name'] .": FILE SIZE TOO LARGE. Maximum size is: ".MAX_FILE_SIZE." bytes</font></b><br>";
                  continue;
            }
            $ext = substr(strrchr($_FILES[$key]['name'], '.'), 1);
            if (!stristr(VALID_EXTENSIONS,$ext)) {
                 $error_msg .= "<b><font color=red>ERROR: ".$_FILES[$key]['name'] .": INVALID FILE EXTENSION. Valid extensions are: ".VALID_EXTENSIONS."</font></b><br>";
                 continue;
            }
            move_uploaded_file($_FILES[$key]['tmp_name'], SAVE_DIR . $_FILES[$key]['name']);
      }
      if (!$error_msg) header("Location: http://www.msn.com/"); //redirect if no errors
      echo $error_msg;
}
?>

<form enctype="multipart/form-data" action="<? echo $_SERVER['PHP_SELF']; ?>" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="<? echo MAX_FILE_SIZE; ?>" />
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Upload your files..</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    Just click browse find your file and click open...</font></p>
    <p style="margin-top: 0; margin-bottom: 0"><font face="Verdana" size="2">
    then click &quot;Send Files&quot;</font></p>
    <p><font face="Verdana"><font size="2">File 1: </font>
    <input name="file1" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 2: </font>
    <input name="file2" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 3: </font>
    <input name="file3" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 4: </font>
    <input name="file4" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p><font face="Verdana"><font size="2">File 5: </font>
    <input name="file5" type="file" size="20" /><font size="2"> </font></font>
    </p>
    <p>
    <input type="submit" name="submit" value="Send Files" /> </p>
</form>
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will learn how to make Android Gesture Tutorial and give different functionality whenever a user Touch or Scroll android screen.
What do responsible coders do? They don't take detrimental shortcuts. They do take reasonable security precautions, create important automation, implement sufficient logging, fix things they break, and care about users.
Simple Linear Regression
Progress

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question