Solved

Uploading Files in PHP

Posted on 2006-06-16
9
1,419 Views
Last Modified: 2012-08-14
Another day, another question about PHP. Right now I am trying to make a feature that allows special users upload PDF files to the website I am building. I have found some file uploading scripts on the Internet but I do not like how they work. So my question is, how can I create a form with a dialogue Open window that only supports PDF files, the PHP checks that its a PDF file and it gets uploaded to a specified folder. Code would be a great help.

Thank you for the help.

EDIT: my PHP version is 4.3.10
0
Comment
Question by:Linky
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 3

Expert Comment

by:jmar_click
ID: 16921511
What don't you like about the scripts you've found on the internet? We can start from there.
Also, as far as I know, I don't think you can make the file select dialog box only accept PDF files, but after the file is selected, you can check to make sure that the file extension is one that you permit.
0
 
LVL 2

Author Comment

by:Linky
ID: 16921896
The thing I don't like is how some of them upload files but are incomplete. For example, this is one I found:

that is in a file called, upload.php

<?php
      $target = "upload/";
      $target = $target . basename( $_FILES['uploaded']['name']);
      $ok=1;

      //This is our size condition
      if ($uploaded_size > 350000)
      {
            echo "Your file is too large.<br>";
            $ok=0;
      }

      //This is our limit file type condition
      if ($uploaded_type == "text/php")
      {
            echo "No PHP files<br>";
            $ok=0;
      }

      //Here we check that $ok was not set to 0 by an error
      if ($ok==0)
      {
            echo "Sorry your file was not uploaded";
      }

      //If everything is ok we try to upload it
      else
      {
            if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
            {
                  echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
            }
            else
            {
                  echo "Sorry, there was a problem uploading your file.";
            }
      }
?>

Here is the form in the other PHP file

<form enctype="multipart/form-data" action="upload.php" method="POST">
Please choose a file: <input name="uploaded" type="file" /><br />
<input type="submit" value="Upload" />
</form>

Here are the errors i get:


Notice: Undefined variable: uploaded_size in c:\program files\easyphp1-8\www\cebatech\upload.php on line 7

Notice: Undefined variable: uploaded_type in c:\program files\easyphp1-8\www\cebatech\upload.php on line 14

Notice: Undefined index: uploadedfile in c:\program files\easyphp1-8\www\cebatech\upload.php on line 31

And finally the site I got it from: http://php.about.com/od/advancedphp/ss/php_file_upload.htm
0
 
LVL 16

Accepted Solution

by:
dr_dedo earned 250 total points
ID: 16921944
you can always do a type check on the uploaded file to detect its type and allow only pdf files

echo $_FILES['FILE_NAME']['type'] and this will print the file type,

you can filter uploaded files

if ($_FILES['FILE_NAME']['type']== "application/pdf"){
  ok with upload
}else {
abort upload and delete the temp file
}
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 16

Expert Comment

by:dr_dedo
ID: 16921958
note that these notices are because you got register global off (for security reasons)
instead of uploaded_type use $_FILES['FILE_NAME']['type']

etc...
0
 
LVL 2

Author Comment

by:Linky
ID: 16922068
Alright so using $_FILES['uploaded']['type'] == whatever works. Is there a similiar thing for size aswell? Because I would rather not have those Notice: errors or enable register globals.
0
 
LVL 2

Author Comment

by:Linky
ID: 16922276
Alright the script I wrote seems to be working fine without any Notice: or globals. Thanks for the help guys, I'll divide up the points.
0
 
LVL 2

Author Comment

by:Linky
ID: 16922286
Never mind. Only one person helped answer. Thanks dr dedo.
0
 
LVL 3

Expert Comment

by:jmar_click
ID: 16922347
yep yep...I could've fixed it, but ya know ;)

jk, good job dr_dedo , I think i've seen your posts in other questions.
0
 

Expert Comment

by:cgustaf
ID: 24445373
OK  I've got a problem with the same script.  It must be in the area addressed by dr_dedo because the script runs through the first part fine, but the final error message, "Sorry, there was a problem uploading your file.";  appears.

I tried to implement the fix by dr_dedo but could not make it work.

If I could have exact and explicit help with the piece of code needed to be fixed, I'd appreciate it -- i.e. if I could avoid having to guess what you mean.  Here is the script as I have it now :

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
<style type="text/css">
<!--
body,td,th {
      font-family: Geneva, Arial, Helvetica, sans-serif;
      font-size: 12px;
}
-->
</style></head>

<body>
<table width="800" align="center">
  <tr>
    <td>&nbsp;</td>
  </tr>
  <tr>
    <td><?php
$target = "upload/";
$target = $target . basename( $_FILES['uploaded']['name']) ;
$ok=1;

//This is our size condition
if ($uploaded_size > 350000)
{
echo "Your file is too large.<br>";
$ok=0;
}

//This is our limit file type condition
if ($uploaded_type =="text/php")
{
echo "No PHP files<br>";
$ok=0;
}

//This is the only file type allowed
if (!($uploaded_type=="application/pdf")) {
echo "You may only upload PDF files.<br>";
$ok=0;
}


//Here we check that $ok was not set to 0 by an error
if ($ok==0)
{
Echo "Sorry your file was not uploaded";
}

//If everything is ok we try to upload it
else
{
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
}
else
{
echo "Sorry, there was a problem uploading your file.";
}
}
?> &nbsp;</td>
  </tr>
  <tr>
    <td>&nbsp;</td>
  </tr>
</table>
</body>
</html>

The form, and upload.php are in the same directory, and the uploaded file shold go to that directory as well.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question