• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 200
  • Last Modified:

Whats wrong with this PHP upload?

Hello,
So I have a problem. My php upload code doesnt work reliably. It works for SOME images, but not all and I cant figure out for the life of me why. Heres the scenario: php5 has a max upload size of 2048M set in the ini.

The user is simply uploading a gif/jpg/png image. Some images work fine, others do not upload. In fact the $_FILES never even gets set with the upload value, so my code never progresses to processing the upload.

I have been beating my head on this for 2 days now, and I have tried everything on google. Can someone tell me what Im missing here?

Fix worth 500 points.

Thanks,
Rick
<html><body><?php
/* 
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
include("../classes/customer2.php");
session_start();

#echo ini_get('post_max_size');

var_dump($_FILES);

if (isset($_FILES["file"]))
{
    echo "file received";
    if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/PNG") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/JPG") || ($_FILES["file"]["type"] == "image/jpg") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 1000000))
    {
        if ($_FILES["file"]["error"] > 0)
            echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
        else
        {
            echo "Upload: " . $_FILES["file"]["name"] . "<br />";
            echo "Type: " . $_FILES["file"]["type"] . "<br />";
            echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
            echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";

            if (file_exists("upload/" . $_FILES["file"]["name"]))
                echo $_FILES["file"]["name"] . " already exists. ";
            else
            {
                move_uploaded_file($_FILES["file"]["tmp_name"], "/var/www/vhosts/mycashquiz.mediagiantdesign.com/httpdocs/images/guests/" . $_FILES["file"]["name"]);
                echo "Stored in: " . "images/guests/" . $_FILES["file"]["name"];

                #update the profiles image record
                $_SESSION['customer']->image = "images/guests/" . $_FILES["file"]["name"];

                include_once("../classes/MyPDO.php");
                $db=new MyPDO();
                $db->DB_MAIN();

                $sql = "update customers set image = '{$_SESSION['customer']->image}' where id = {$_SESSION['customer']->id}";

                echo $sql;
                
                $db->Query($sql);
                $db->deconnect();

                echo "<font color=red><small>Avatar Uploaded!</small></font><br>";

                echo "<script type=\"text/javascript\">top.location.reload(true);</script>";
            }
        }
    }
    else
        echo "Invalid file";
}
else
    echo "no Upload.";
?>

        <table border="0" width="100%">
            <tr>
                <td>
                <FORM METHOD=POST ENCTYPE="multipart/form-data" ACTION="uploadimage.php">
                <INPUT TYPE=FILE NAME="file" accept="image/jpeg,image/JPG,image/JPEG,image/jpg,image/gif,image/png"><BR>
                <INPUT TYPE=SUBMIT VALUE="Submit">
                </FORM>
                <small>Maximum size of 1024kb. JPG, GIF, PNG files only.</small>
                </td>
                <td>
                    <img src="../<?PHP echo $_SESSION['customer']->image;?>" border="0" height="100" width="75">
                </td>
            </tr>
        </table>
    </body></html>

Open in new window

0
richardsimnett
Asked:
richardsimnett
1 Solution
 
m4trixCommented:
I've noticed a few things.

1) "session_start()" should be before any other content... in other words, the top of your page should look something like:
 
<?php
session_start();
echo "<html><body>\n";
....

Open in new window


2) line 16 is kind of messy... maybe something like the following? Also your max size shown below the form says 1024 Kb, so you should show that in your code as well (1024 kb = 1048576 b). I suggest:
 
if (in_array(strtolower($_FILES["filename"]["type"]), array("image/png","image/jpg","image/jpeg","image/gif")) && $_FILES["filename"]["size"] < 1048576)

Open in new window


3) your "file_exists" in line 27 is looking for web address of the image. it should be looking for the local path of the image. I believe it should be:
 
if (file_exists("/var/www/vhosts/mycashquiz.mediagiantdesign.com/httpdocs/images/guests/" . $_FILES["filename"]["name"]))

Open in new window


4) line 57 reloads the page. I'm not sure why you're doing that, because when that happens it actually resubmits the post, so first it will upload the image, store it, then reload and give you a message back that the file already exists...  I don't think you need that. Perhaps I'm missing something

5) last but not least, also a suggestion, you should include the following line in your form:
 
<input type="hidden" name="MAX_FILE_SIZE" value="1048576" />

Open in new window



Once you do all those things, it should work every time (it is on my machine anyway)
0
 
richardsimnettAuthor Commented:
Excellent!
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now