[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1930
  • Last Modified:

Problems with my upload.php script! HELP!!!

Hello, i am a beta tester for a torrent trading software, and i have been trying to get this to work, when i run the script it keeps comming back with "no form data found" when i imput all the information, i cannot understand why, it seems like its not letting the file information transfer to the mysql database.  

When you put in all the information then click the "upload" button its not working.

help

michael



<?

require_once("include/benc.php");
require_once("include/bittorrent.php");

hit_start();

ini_set("upload_max_filesize",$max_torrent_size);

function bark($msg) {
      genbark($msg, "Upload failed!");
}

dbconn();

hit_count();

loggedinorreturn();

if (get_user_class() < UC_UPLOADER)
  die;

foreach(explode(":","descr:type:name") as $v) {
      if (!isset($_POST[$v]))
            bark("missing form data(POST)");
}

if (!isset($_FILES["file"]))
      bark("missing form data (FILES)");

$f = $_FILES["file"];
$fname = unesc($f["name"]);
if (empty($fname))
      bark("Empty filename!");

//$nfofile = $_FILES['nfo'];
//if ($nfofile['name'] == '')
  bark("No NFO!");

//if ($nfofile['size'] == 0)
//  bark("0-byte NFO");

//if ($nfofile['size'] > 65535)
//  bark("NFO is too big! Max 65,535 bytes.");

//$nfofilename = $nfofile['tmp_name'];

//if (@!is_uploaded_file($nfofilename))
//  bark("NFO upload failed");

$descr = unesc($_POST["descr"]);
if (!$descr)
  bark("You must enter a description!");

$catid = (0 + $_POST["type"]);
if (!is_valid_id($catid))
      bark("You must select a category to put the torrent in!");

if (!validfilename($fname))
      bark("Invalid filename!");
if (!preg_match('/^(.+)\.torrent$/si', $fname, $matches))
      bark("Invalid filename (not a .torrent).");
$shortfname = $torrent = $matches[1];
if (!empty($_POST["name"]))
      $torrent = unesc($_POST["name"]);

$tmpname = $f["tmp_name"];
if (!is_uploaded_file($tmpname))
      bark("eek");
if (!filesize($tmpname))
      bark("Empty file!");

$dict = bdec_file($tmpname, $max_torrent_size);
if (!isset($dict))
      bark("What the hell did you upload? This is not a bencoded file!");

function dict_check($d, $s) {
      if ($d["type"] != "dictionary")
            bark("not a dictionary");
      $a = explode(":", $s);
      $dd = $d["value"];
      $ret = array();
      foreach ($a as $k) {
            unset($t);
            if (preg_match('/^(.*)\((.*)\)$/', $k, $m)) {
                  $k = $m[1];
                  $t = $m[2];
            }
            if (!isset($dd[$k]))
                  bark("dictionary is missing key(s)");
            if (isset($t)) {
                  if ($dd[$k]["type"] != $t)
                        bark("invalid entry in dictionary");
                  $ret[] = $dd[$k]["value"];
            }
            else
                  $ret[] = $dd[$k];
      }
      return $ret;
}

function dict_get($d, $k, $t) {
      if ($d["type"] != "dictionary")
            bark("not a dictionary");
      $dd = $d["value"];
      if (!isset($dd[$k]))
            return;
      $v = $dd[$k];
      if ($v["type"] != $t)
            bark("invalid dictionary entry type");
      return $v["value"];
}

list($ann, $info) = dict_check($dict, "announce(string):info");
list($dname, $plen, $pieces) = dict_check($info, "name(string):piece length(integer):pieces(string)");

if (!in_array($ann, $announce_urls, 1))
      bark("invalid announce url! must be <b>" . $announce_urls[0] . "</b>");

if (strlen($pieces) % 20 != 0)
      bark("invalid pieces");

$filelist = array();
$totallen = dict_get($info, "length", "integer");
if (isset($totallen)) {
      $filelist[] = array($dname, $totallen);
      $type = "single";
}
else {
      $flist = dict_get($info, "files", "list");
      if (!isset($flist))
            bark("missing both length and files");
      if (!count($flist))
            bark("no files");
      $totallen = 0;
      foreach ($flist as $fn) {
            list($ll, $ff) = dict_check($fn, "length(integer):path(list)");
            $totallen += $ll;
            $ffa = array();
            foreach ($ff as $ffe) {
                  if ($ffe["type"] != "string")
                        bark("filename error");
                  $ffa[] = $ffe["value"];
            }
            if (!count($ffa))
                  bark("filename error");
            $ffe = implode("/", $ffa);
            $filelist[] = array($ffe, $ll);
      }
      $type = "multi";
}

$infohash = pack("H*", sha1($info["string"]));


// Replace punctuation characters with spaces

$torrent = str_replace("_", " ", $torrent);

$nfo = sqlesc(str_replace("\x0d\x0d\x0a", "\x0d\x0a", @file_get_contents($nfofilename)));
$ret = mysql_query("INSERT INTO torrents (search_text, filename, owner, visible, info_hash, name, size, numfiles, type, descr, ori_descr, category, save_as, added, last_action, nfo) VALUES (" .
            implode(",", array_map("sqlesc", array(searchfield("$shortfname $dname $torrent"), $fname, $CURUSER["id"], "no", $infohash, $torrent, $totallen, count($filelist), $type, $descr, $descr, 0 + $_POST["type"], $dname))) .
            ", '" . get_date_time() . "', '" . get_date_time() . "', $nfo)");
if (!$ret) {
      if (mysql_errno() == 1062)
            bark("torrent already uploaded!");
      bark("mysql puked: ".mysql_error());
}
$id = mysql_insert_id();

@mysql_query("DELETE FROM files WHERE torrent = $id");
foreach ($filelist as $file) {
      @mysql_query("INSERT INTO files (torrent, filename, size) VALUES ($id, ".sqlesc($file[0]).",".$file[1].")");
}

move_uploaded_file($tmpname, "$torrent_dir/$id.torrent");

write_log("Torrent $id ($torrent) was uploaded by " . $CURUSER["username"]);



$res = mysql_query("SELECT name FROM categories WHERE id=$catid") or sqlerr();
$arr = mysql_fetch_assoc($res);
$cat = $arr["name"];
$res = mysql_query("SELECT email FROM users WHERE enabled='yes' AND notifs LIKE '%[cat$catid]%'") or sqlerr();
$uploader = $CURUSER['username'];

$size = mksize($totallen);
$description = ($html ? strip_tags($descr) : $descr);

$body = <<<EOD
A new torrent has been uploaded.

Name: $torrent
Size: $size
Category: $cat
Uploaded by: $uploader

Description
-------------------------------------------------------------------------------
$description
-------------------------------------------------------------------------------

You can use the URL below to download the torrent (you may have to login).

$DEFAULTBASEURL/details.php?id=$id&hit=1

--
$SITENAME
EOD;
$to = "";
$nmax = 100; // Max recipients per message
$nthis = 0;
$ntotal = 0;
$total = mysql_num_rows($res);
while ($arr = mysql_fetch_row($res))
{
  if ($nthis == 0)
    $to = $arr[0];
  else
    $to .= "," . $arr[0];
  ++$nthis;
  ++$ntotal;
  if ($nthis == $nmax || $ntotal == $total)
  {
    if (!mail("Multiple recipients <$SITEEMAIL>", "New torrent - $torrent", $body,
    "From: $SITEEMAIL\r\nBcc: $to", "-f$SITEEMAIL"))
        stderr("Error", "Your torrent has been been uploaded. DO NOT RELOAD THE PAGE!\n" .
          "There was however a problem delivering the e-mail notifcations.\n" .
          "Please let an administrator know about this error!\n");
    $nthis = 0;
  }
}

header("Location: $BASEURL/details.php?id=$id&uploaded=1");

hit_end();

?>








0
emilbus20
Asked:
emilbus20
  • 23
  • 14
  • 5
  • +1
2 Solutions
 
hernst42Commented:
try addind err_reporting(E_ALL) at the top of your script so you might get notices which might help you to find your problem. Which error-do you get?
0
 
hernst42Commented:
it should be

error_reporting(E_ALL);

e.g.

<?php

require_once("include/benc.php");
require_once("include/bittorrent.php");

error_reporting(E_ALL);
hit_start();
0
 
emilbus20Author Commented:
Upload failed!
missing form data (FILES)

^^thats the error...

0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
emilbus20Author Commented:
Notice: Undefined index: HTTP_CLIENT_IP in /home/admin/domains/teknomassif.com/public_html/include/bittorrent.php on line 63

Notice: Undefined index: HTTP_X_FORWARDED_FOR in /home/admin/domains/teknomassif.com/public_html/include/bittorrent.php on line 64

Warning: Cannot modify header information - headers already sent by (output started at /home/admin/domains/teknomassif.com/public_html/takeupload.php:2) in /home/admin/domains/teknomassif.com/public_html/include/bittorrent.php on line 266


thats the error...


0
 
hernst42Commented:
Try adding mor debug-output for that case like this, so you can get a clue where the problem might be. WHich php-version are you using?

if (!isset($_FILES["file"])) {
     echo "<pre>";
     var_dump($_FILES);
     bark("missing form data (FILES)");
     die(1);
}
0
 
emilbus20Author Commented:
v 4.3.9
0
 
hernst42Commented:
ok 4.3.9 should have defined the $_FILES superglobal. What does the output of the var_dump show? Can you post that output ?
0
 
emilbus20Author Commented:
array(0) {
}


is comming at the top
0
 
hernst42Commented:
Do you have a link to that form where the user can input that data so I can look at the HTML-source of that code? Maybe there is a problem with that form.
0
 
emilbus20Author Commented:
<?

require_once("include/bittorrent.php");
hit_start();

dbconn(false);

hit_count();

loggedinorreturn();

stdhead("Upload");

if (get_user_class() < UC_UPLOADER)
{
  stdmsg("Sorry...", "You are not authorized to upload torrents.");
  stdfoot();
  exit;
}

?>
<div align=Center>
<form enctype="multipart/form-data" action="takeupload.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="<?=$max_torrent_size?>" />
<p>The tracker's announce url is <b><?= $announce_urls[0] ?></b></p>
<p>Please read the <b><a href=ulguide.php>uploading rules and guidelines</a><!-- <font color=red>[Updated 21/9]</font>--></b></p>
<!--<p><b>Only upload torrents you're going to seed!</b> Uploaded torrents won't be visible on the main page until you start seeding them.</p>-->
<table width="90%" border="1" cellspacing="0" cellpadding="10" class="stats">
<?

tr("Torrent file", "<input class=upload type=file name=file size=70>\n", 1);
tr("Torrent name", "<input class=upload type=\"text\" name=\"name\" size=\"80\" /><br />(Taken from filename if not specified. <b>Please use descriptive names.</b>)\n", 1);
//tr("NFO file", "<input type=file name=nfo size=80><br>(<b>Required.</b> Can only be viewed by power users.)\n", 1);
tr("Description", "<textarea class=upload name=\"descr\" rows=\"10\" cols=\"80\"></textarea>" .
  "<br>(HTML is not allowed. <a href=tags.php>Click here</a> for info on available tags.)", 1);

$s = "<select name=\"type\">\n<option value=\"0\">(choose one)</option>\n";

$cats = genrelist();
foreach ($cats as $row)
      $s .= "<option value=\"" . $row["id"] . "\">" . htmlspecialchars($row["name"]) . "</option>\n";

$s .= "</select>\n";
tr("Type", $s, 1);

?>
<tr><td align="center" colspan="2"><input type="submit" class=btn value="Do it!" /></td></tr>
</table>
</form>
<?

stdfoot();

hit_end();

?>
0
 
emilbus20Author Commented:
if there is any other part of the source u want me to post please ask...

0
 
hernst42Commented:
Hm also the form looks good. Maybe there are special settings in php.ini / httpd.conf that prevent file-uploading. Can you post a link where the output of the phpinfo() can be viewed?

Maybe the setting "file_uploads" is deactivated

info.php
----------------
<?php phpinfo();
0
 
emilbus20Author Commented:
0
 
hernst42Commented:
Hm the only thing is see is that register_globals is set to ON.

Add the following in that check-part to see if the information is defined anywhere else.

if (!isset($_FILES["file"])) {
     echo "<pre>";
     var_dump($_FILES);
     var_dump($file);
     var_dump($GLOBALS['HTTP_POST_FILES']);
     bark("missing form data (FILES)");
     die(1);
}

Hopefull one of those variables contain the values you expect. If all contain array (0) .. I have no glue where the problem might be. Is that file you are uploading bigger than 2MB?
0
 
emilbus20Author Commented:
No torrent files are VERY small... like 8k or less

array(0) {
}
NULL
array(0) {
}


is what comes back...
0
 
emilbus20Author Commented:
if u want i will give u an account on the site so u can see it in action

http://www.teknomassif.com/index.php  log in and make an account

i need this fixed
0
 
emilbus20Author Commented:
did mean to come across snappy, sorry. just been pulling my hair out for the last 3 days with this error...
0
 
hernst42Commented:
Can you remove the line
ini_set("upload_max_filesize",$max_torrent_size);
from you upload-script, maybe this causes problems.

For debuggin it you might put those lines at he beginning:

<?php

var_dump($_FILES);
die(1);

So the script will only output what is set so far. If you get the values there, some those values might be unseted. If those also don't show anything im out of an idea :-(
0
 
emilbus20Author Commented:
array(0) { }  

comes up on a blank white page...
0
 
emilbus20Author Commented:
the difference now is its showing on this page
http://www.teknomassif.com/takeupload.php

which is the second upload page
0
 
hernst42Commented:
The only thing to try is to set the
register_globals to off (via .htaccess or over your webserver adminstration panel) and see if $_FILES gets populated then.

0
 
emilbus20Author Commented:
i just switched the registers globals off...
0
 
emilbus20Author Commented:
nope. still the array errors up top, and this Upload failed!missing form data (FILES) in the main menu...

0
 
emilbus20Author Commented:
The service 'named' on server teknomassif.com is currently down  keeps comming up as an error on the server, would that be it?
0
 
hernst42Commented:
Does not seem to help :-(
Very strange. Sorry don't have any other idea in this case, as the post-data seem to come to the script, but no files.

Keep this question open, perhaps another expert has an idea.

I used your form, saved it to disk, modified the post-url to post the information to one of my servers and the $_FILES array got populated. But I can't find any difference between your php.ini settings and those on my server. Very strange.

Its the same php-version.
0
 
emilbus20Author Commented:
i am running a virtual dedicated server. would this have anything to do with it?
0
 
hernst42Commented:
no I don't think so. For the apache and the php it shouldn't matter. Why the hell is it not poppulating the $_FILES array. No more ideas, sorry.
0
 
php-webdesignCommented:
is your form enctype set to:

enctype="multipart/form-data"
0
 
hernst42Commented:
Yup thats in
<form enctype="multipart/form-data" action="takeupload.php" method="post">

was also one of my guesses. It works perfect if I submit that form to one of my servers. But on his side the $_FILES-array is not present.
0
 
gruntarCommented:
Since enctype is fine and server still doesn't return uploaded file I would remove that line from your code
<input type="hidden" name="MAX_FILE_SIZE" value="<?=$max_torrent_size?>" />

And remove DTD otherwise browser might not parse HTML without quotes (Check XHTML 1.0 standard for more info)

tr("Torrent file", "<input class=upload type=file name=file size=70>\n", 1);
should be
tr('Torrent file', '<input class="upload" type="file" name="file" size="70">', 1);

or change doctype to something less strict

<!DOCTYPE html
    PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "DTD/xhtml1-strict.dtd">

Hope that helps..
0
 
hernst42Commented:
I don't think is a Browser/Client issue as the form works, when the same data is send to one of my servers, but when sending the form to his server the $_FILES array does not get populated, $_POST contains the correct information. It think it must be a server-side issue.
0
 
emilbus20Author Commented:
Is there another setting on my server that should be set?
0
 
php-webdesignCommented:
thinking off that atm... but not that i could think off this fast...

MAYBE

your upload or temp directory...
0
 
emilbus20Author Commented:
http://www.teknomassif.com/phpinfo.php

tell me what to change...
0
 
gruntarCommented:
you must set path for your tmp dir.

Check upload_tmp_dir in phpinfo. This variable should contain a path to tmp dir
0
 
emilbus20Author Commented:
i am sorry, i am new at the ssh deal, what is the command i hit from the line to do that?

thanks

emil
0
 
gruntarCommented:
Just edit php.ini file. find the line upload_tmp_dir and set path to dir with read/write permissions.
0
 
emilbus20Author Commented:
gruntar, not 100% sure how to do that...  im so newbie it hurts.
0
 
gruntarCommented:
Are you on shared hosting? In that case you don't have root access and you can't change that file yourself. You will have to raise a support ticket.


0
 
emilbus20Author Commented:
No i do have root access, i am in the putty console right now...

im looking around, not sure where it will be or what command i use to edit it...

emil
0
 
gruntarCommented:
Try to upload a file with this script. If still no luck, you will have to raise a support ticket.
Don't forget to change a upload destination..





<?php

// change path to upload dir
$upload_dir = $_SERVER['DOCUMENT_ROOT'] . '/uploads/';
$upload_file = $upload_dir . $_FILES['dat']['name'];



if(empty($_POST['add']))
{
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data">
  <table width="100%" border="0" cellspacing="5" cellpadding="0">

     <tr>
      <td width="28%" align="right">File:</td>
      <td width="72%">       <input type="file" name="dat">
      </td>
    </tr>
    <tr>
      <td width="28%">&nbsp;</td>
      <td width="72%">
      <input type="submit" name="add" value="Upload">
      </td>
    </tr>
  </table>
</form>

<?php
      
} else {
      

       if (move_uploaded_file($_FILES['dat']['tmp_name'], $upload_file))
       {
            echo 'File ' . $_FILES['dat']['name'] . ' uploaded!';  
       }
       else
       {
            echo "Error: Can't upload file " . $_FILES['dat']['name'];  
       }

}

?>
0
 
emilbus20Author Commented:
Error: Can't upload file

i opened a support ticket....

0
 
emilbus20Author Commented:
Ok Problem Solved,  It was the permissions with the temp dir. they were not set correctly.

Moderators if possible please give 300 Points to hernst42 for the initial help,

and 200 points to gruntar for helping out also...

thanks you all!
0
 
hernst42Commented:
You can do it by your own, see http:help.jsp#hi19
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 23
  • 14
  • 5
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now