I am trying to upload images via CKEditor 5, the image is uploaded fine but CKEditor shows this error: "cannot upload file" and removes the image from the editor
cannot upload file
This is my controller:
public function uploadCkeditor()
{
$config['upload_path'] = './assets/admin/img/uploads';
$config['allowed_types'] = 'gif|jpg|png|jpg';
$config['max_size'] = 2000;
$new_name = 'blog-'.date("Y-m-d").'-'.time();
$config['file_name'] = $new_name;
$this->load->library('upload', $config);
if(!$this->upload->do_upload('upload')){
echo json_encode(array('error'=> $this->upload->display_errors()));
} else {
$uploadData = $this->upload->data();
echo json_encode(array('file_name'=> $uploadData['file_name']));
}
}
This is CKEditor script:
<script src="<?= base_url();?>assets/admin/js/ckeditor.js"></script>
<script>
var myEditor;
ClassicEditor.create(document.getElementById('detail'),
{
ckfinder: {
uploadUrl: 'uploadCkeditor'
}}).then( editor => {
console.log( 'Editor was initialized', editor );
myEditor = editor;} ).catch( err => {
console.log( err );} );</script>
I ran into the same issue, and fixed it by returning the following json response at the end of my upload handling function:
return new JsonResponse([
'uploaded' => true,
'fileName' => $image,
'url' => $url
], 200);
It seems like you can also include an error, with a number and a message key, if needed.
Note that I ran into this issue in a Symfony project, rather than a Codeigniter project, but It should work the same way. My answer is based on this answer.
Related
I am trying to upload a .qif file in php codeigniter but it returns an error
The filetype you are attempting to upload is not allowed.
When I try to upload another type file (PDF, CSV, docs, etc.) they upload successfully.
Here is my code:
function do_upload($field_name, $files, $folder_path,$save_name="",$prefix="bk_"){
$ci = & get_instance();
//create upload folder if not exists
if (!is_dir($folder_path)) {
mkdir($folder_path, 0777, TRUE);
}
$save_name = $prefix.time()."_".$files['name'];
$data = array();
$config = array();
$config['upload_path'] = $folder_path;
//$config['max_size'] = 0;
$config['allowed_types'] = 'csv|CSV|txt|TXT|pdf|PDF|zip|ZIP|doc|DOC|docx|DOCX|xlsx|xls|XLS|XLSX|QIF|qif';
$config['file_name'] = $save_name;
$ci->load->library('upload');
$ci->upload->initialize($config);
// echo "hello 1"; die;
if ($ci->upload->do_upload($field_name)){
$data = $ci->upload->data();
$data['status'] = 1;
}
else{
$data['status'] = 0;
$data['error'] = $ci->upload->display_errors();
}
return $data;
}
You get the "filetype is not allowed" error, because the original Codeigniter mime-type configuration file doesn't list an qif entry:
in your config/mimes.php file add to the $mimes array this line:
'qif' => 'application/qif'
and eventually
'qif' => 'image/x-quicktime'
mime-type source: http://fileformats.archiveteam.org/wiki/Ext:qif
the native php move_uploaded_file method without checking for mime-types can turn into a security problem
I got a solution after lot of searches
I just use move_uploaded_file function and it's work
move_uploaded_file($_FILES["file"]["tmp_name"], $path);
if someone have a better answer answer please share that.
thanks
I want to upload image in my codeigniter 3 , and I want to show the uploaded image to my users (this is in register level and users is inputing his profile data)
I should showe the uploaded image to him.
I have read this :
Moving it outside of the public_html is a good idea, also try to
rename the file and just add the extension to it.
and another :
Do not move uploaded file to directory which is accessible from URL
but I don't know how can I have show the picture which is not directory which is accessible from URL ! .
I don't have any idea it's really important for me the security I have used codeigniter upload class and I don't you know what kind of security other operations should I do
this is my controller :
public function do_resize($img_name ,$image_original_width , $image_original_height )
{
// $nesbat = $image_original_height / $image_original_width ;
$config_manip = array(
'image_library' => 'gd2',
'source_image' => '../uploads/'.$img_name,
'new_image' => '../uploads/'.$img_name,
'maintain_ratio' => TRUE,
'create_thumb' => TRUE,
'thumb_marker' => '_thumb',
'width' => 150,
'height' => 150
);
$this->load->library('image_lib', $config_manip);
if (!$this->image_lib->resize()) {
// echo $this->image_lib->display_errors();
return false ;
}
else
{
return true ;
}
// clear //
$this->image_lib->clear();
}
function do_upload()
{
$file_name = $this->input->post("file_name") ;
$config['upload_path'] = '../uploads/';
$config['allowed_types'] = 'gif|jpg|png';
$config['max_size'] = '10000';
$config['max_width'] = '1024';
$config['max_height'] = '768';
$config['file_name'] = $file_name;
// delete if .gif image exists before
if ( is_file('./uploads/'.$file_name.".gif") )
{
unlink("./uploads/".$file_name.".gif");
unlink("./uploads/".$file_name."_thumb.gif");
}
// delete if .gif image exists before
if ( is_file('./uploads/'.$file_name.".jpg") )
{
unlink("./uploads/".$file_name.".jpg");
unlink("./uploads/".$file_name."_thumb.jpg");
}
// delete if .gif image exists before
if ( is_file('./uploads/'.$file_name.".png") )
{
unlink("./uploads/".$file_name.".png");
unlink("./uploads/".$file_name."_thumb.png");
}
$this->load->library('upload', $config);
if ( ! $this->upload->do_upload())
{
$error = array('error' => $this->upload->display_errors());
echo "<div id='upload_status'>fail</div>";
echo "<div id='error_mesage'>".$this->upload->display_errors()."</div>";
}
else
{
$data = array('upload_data' => $this->upload->data());
$upload_data = $this->upload->data();
$uploaded_file_name = $upload_data['file_name'];
$resize = $this->do_resize($uploaded_file_name , $upload_data['image_width'] , $upload_data['image_height'] ) ;
if ($resize == true )
{
echo "<div id='upload_status'>success</div>";
echo "<div id='uploaded_image_link' >".$upload_data['file_name']."</div> ";
$thumb_link = str_replace($file_name,$file_name."_thumb",$upload_data['file_name']);
echo "<div id='uploaded_image_thumb_link' >".$thumb_link."</div> ";
}
//if $resize == true , nabashe -> uploade koli fail eleam mishe ta dobare anjam beshe
else
{
echo "<div id='upload_status'>fail</div>";
}
}
}
Images are generally a public asset but you can protect them in a few ways.
Put an index.html or index.php file in your images directory.
Turn off directory listing in your .htaccess file
Rewrite the file name (will obfuscate orginal name)
To view the image after it's uploaded will require AJAX, or a page refresh. A page refresh is easier to code, simply upload the file and show that file on the preceeding page.
You can protect the folder to make sure a particular page has access to displaying an image. This makes things more complicated but working with some kind of resource access system might help you achieve this.
Once the page is loaded though - the image will be available to that user and once downloaded there.
I am not sure on what youre protecting exactly (profile pics, adult content..) but images, like CSS files are public assets.
Rich
Using this way, we can prevent Image call from other server.
Prevent image hotlinking (IMP)
- Image hotlinking is the process/technique of using someone else’s Image URL in our Website and using their bandwidth. In order to prevent this mystery, we can prevent access for external server by adding following line in htaccess.
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
Just create a blank index.html file and put the index.html file on all other public folders except application/system folders (they already have it).
This is a simple security technique to restrict viewers to view your files on public folders.
I'm new to Codeigniter's Upload library, but I am familiar with the standard form library. My aim is to instead of use the standard upload library error messages (example: The file you are attempting to upload is larger than the permitted size.) use my own error messages.
In the standard form validation I could use the following code:
$this->form_validation->set_message('required', 'The %s is a required field. Please ensure this field contains the relevant data before continuing.');
However this method for the Upload Library doesn't seem to be the same as i'm attempting to instead of outputting the standard 'max_size' (upload form config rule) error message i want to use my own that actually includes the max size.
I was unable to find anything on this through Codeigniter's documentation, I will show you the code i am using in both my controller and view incase it is of any help:
controller:
$this->form_validation->set_rules('userfile', 'New Image', 'trim|callback_valid_upload');
$config['upload_path'] = './uploads/';
$config['allowed_types'] = 'gif|jpg|png';
$config['max_size'] = '1';
$config['max_width'] = '1024';
$config['max_height'] = '768';
$config['encrypt_name'] = TRUE;
$this->load->library('upload', $config);
$this->upload->initialize($config);
$data['upload_data'] = '';
if (!$this->upload->do_upload('userfile')) {
$this->data['error'] = $this->upload->display_errors('<p>', '</p>');
} else { //else, set the success message
$this->data['success'] = "Upload success!";
$this->data['upload_data'] = $this->upload->data();
}
view (to output errors):
if (isset($upload_data)) {
foreach($upload_data as $key => $value) { ?>
<li><?=$key?>: <?=$value?></li>
<?php
}
}
So in short where i have my config items such as $config['max_size'] = '1'; in my controller i would like to set and error message for it and this doesn't seem to work: $this->form_validation->set_message('max_size', 'The file you have uploaded exceeds the %s MB file size.');
Thanks
You could try and example some thing like this for custom error messages.
if(file_exists(dirname(FCPATH) . '/install/index.php')) {
$data['error_install'] = $this->lang->line('error_install');
} else {
$data['error_install'] = '';
}
//uploading product movie or image?
if($this->input->post('upload_360') == "Upload") {
$config['upload_path'] = './media/images/products/360s';
$config['allowed_types'] = 'swf';
$this->load->library('upload', $config);
$this->upload->initialize($config);
if (!$this->upload->do_upload('film')) {
$this->data['product_error'] = $this->upload->display_errors();
$this->template->build('/admin/products/create', $this->data);
} else {
$this->data['data_360'] = $this->upload->data();
$this->session->set_userdata(array('360_film' => $this->data['data_360']));
$this->template->build('/admin/products/create', $this->data);
}
$this->session->set_userdata(array('advantages' => $this->input->post('product_advantages')));
$this->data['session_advantages'] = $this->session->userdata('advantages');
}
//upload the product image, if successful the user will be
//notified if the image is too high or wide, and will be offered,
//the chance to crop the image. All cropping takes place in the media
//controller.
if($this->input->post('product_image') == "Upload") {
$config['upload_path'] = './media/images/products/';
$config['allowed_types'] = 'gif|jpg|jpeg|png';
$this->load->library('upload', $config);
$this->upload->initialize($config);
if (!$this->upload->do_upload('image_upload')) {
//die("!");
$this->data['image_error'] = $this->upload->display_errors();
$this->template->build('/admin/products/create', $this->data);
} else {
$this->data['image_data'] = $this->upload->data();
$this->session->set_userdata(array('image' => $this->data['image_data']));
$this->data['session_image'] = $this->session->userdata('image');
$this->template->build('/admin/products/create', $this->data);
}
$this->session->set_userdata(array('advantages' => $this->input->post('product_advantages')));
$this->data['session_advantages'] = $this->session->userdata('advantages');
}
if($this->input->post('screenshot_upload') == "Upload") {
$config['upload_path'] = './media/images/products/360s/screenshots/';
$config['allowed_types'] = 'gif|jpg|jpeg|png';
$this->load->library('upload', $config);
$this->upload->initialize($config);
if (!$this->upload->do_upload('screenshot')) {
//die("!");
$this->data['screenshot_error'] = $this->upload->display_errors();
$this->template->build('/admin/products/create', $this->data);
} else {
$this->data['screenshot_data'] = $this->upload->data();
$this->session->set_userdata(array('screenshot' => $this->data['screenshot_data']));
$this->data['session_screenshot'] = $this->session->userdata('screenshot');
$this->template->build('/admin/products/create', $this->data);
}
$this->session->set_userdata(array('advantages' => $this->input->post('product_advantages')));
$this->data['session_advantages'] = $this->session->userdata('advantages');
}
On my form I have the user choose a file and the click an upload button dependent on which button is clicked the file gets uploaded and the upload data gets saved in a session.
The session is then used to get data from to save to a database, the upload_360 session works, the product_image session works fine but the screenshot_upload session only has data when with the if statement (3rd one in the code) if I try and acccess it outside of the code then that portion of the session is empty?
Is there a reason for this?
Why are you storing data in a session before inserting it into the db?
Cookies can only hold 4KB of data...
but the screenshot_upload session only has data when with the if statement (3rd one in the code) if I try and acccess it outside of the code then that portion of the session is empty?
I don't understand that part of your question. Do you mean it only has data when only using the 3rd if statement? i.e. when only trying to do screenshot_upload and not product_image or 360_upload`? If so, that might speak to the cookie size limit.
Instead of
$this->session->set_userdata(array('screenshot' => $this->data['screenshot_data']));
$this->data['session_screenshot'] = $this->session->userdata('screenshot');
why don't you
$this->uploads_model->insert_screenshot_data($this->data['screenshot_data']);//send screenshot upload_data to model to be inserted into db
$this->data['screenshot_data'] = $this->data['screenshot_data'];//if you want to pass screenshot upload_data to template/view
?
It looks like you are sending output to the user before setting the session (I'm inferring this from the $this->template->build, which is custom code.)
The session, like headers, cannot be modified after anything (ANYTHING) has been sent to output. This is because the session itself is sent in the header.
I'm trying to do something very simple but I can't see to make it work. For what it's worth, I'm currently testing on my MAMP dev machine, but get the same results from staging server (GoDaddy GridHost).
Here's what I want to do:
Upload an image specified by the user from a form.
Create a thumbnail of the uploaded image.
There is some extra database code in my example, but the script "errors" at the if( ! $this->image_lib->resize()) call. However, it causes the entire application to exit, rendering a blank page. The code never actually enters the if{} block.
function _upload_image(&$location, &$image = NULL)
{
// Configure the initial full-sized image upload
$upload_config = array(
'upload_path' => "./uploads/users/{$this->viewer->id}/locations/{$location->id}/",
'allowed_types' => 'jpg|jpeg|gif|bmp|png',
'max_size' => 8192 // 8mb
);
$this->load->library('upload', $upload_config);
// Upload failed
if( ! $this->upload->do_upload('image'))
{
$this->errors = strip_tags($this->upload->display_errors());
return FALSE;
}
// Get the uploaded file's metadata
$data = $this->upload->data();
// Change permissions of the uploaded file so that the image library can copy and resize it
if(is_file($config['upload_path'] . $data['file_name']))
{
chmod($config['upload_path'] . $data['file_name'], 0777);
}
// If no existing image object was passed to this function, we are creating a brand new image
if(is_null($image))
{
$image = new Image();
$thumbnail = new Thumbnail();
}
else
{
$thumbnail = $image->thumbnail->get(); // Get the existing thumbnail
}
// Set the image object fields to save to the db
$image->name = $data['file_name'];
$image->mime_type = $data['file_type'];
$image->extension = $data['file_ext'];
$image->file_path = $data['file_path'];
$image->full_path = $data['full_path'];
$image->size = $data['file_size'];
$image->width = $data['image_width'];
$image->height = $data['image_height'];
// Failed to save the image to the db
if( ! $image->save())
{
$this->errors = array_merge($this->errors, array($image->error->string));
return FALSE;
}
// Failed to save the location/image relationship in the db
if( ! $location->save($image))
{
$this->errors = array_merge($this->errors, array($location->error->string));
return FALSE;
}
// Configure options for the thumbnail
$thumb_config = array(
'image_library' => 'GD2',
'source_image' => "./uploads/users/{$this->viewer->id}/locations/{$location->id}/{$image->name}",
'create_thumb' => TRUE,
'width' => 400,
'height' => 300
);
$this->load->library('image_lib');
$this->image_lib->initialize($thumb_config);
// Failed to create the image thumbnail
if( ! $this->image_lib->resize())
{
$this->errors = array_merge($this->errors, array($this->image_lib->display_errors()));
return FALSE;
}
// Set the thumbnail object fields to save to the db
$thumbnail->name = $data['raw_name'] . '_thumb' . $data['file_ext'];
$thumbnail->file_path = $image->file_path;
$thumbnail->full_path = $image->file_path . $thumbnail->name;
// Failed to save the thumbnail to the db
if( ! $thumbnail->save())
{
$this->errors = array_merge($this->errors, array($thumbnail->error->string));
return FALSE;
}
// Failed to save the image/thumbnail relationship in the db
if( ! $image->save($thumbnail))
{
$this->errors = array_merge($this->errors, array($image->error->string));
return FALSE;
}
// Everything worked
return TRUE;
}
The database interaction is handled by the DataMapper ORM, which I included for completeness, but I don't feel it is necessarily relevant to this issue. The function clearly fails at the call:
if( ! $this->image_lib->resize())
Have you set your application environment in the index.php bootstrap? It's worth setting it to development if you haven't already, this may make errors visible that would be hidden if set to testing/production.
define('ENVIRONMENT', 'development');
If that doesn't help diagnose the issue, in MAMP, go to the Server tab, click PHP and then View Log. This will open up the PHP error log file which will hopefully give you an idea of what's up.