I built a parsial uploading in PHP and Client-Side Javascript.
The Flow
Convert the file to base64 so I get the base64 string
Slice the base64 string into some pieces
Post every piece and the position to upload handler
The upload handler make the post data as a single file in one same folder
If the iteration stop, the JS tell the upload handler to build the code
Then the upload handler make all files as a single file then decode the base64 to a new file
The problem
When the build finished, I can't read the result file as same as the $_FILES in file uploading. So I can't get:
Original size
Original extension
I wonder can PHP read the information about the file?
I expect some function like this (not the actual function)
$file = read_the_file('/path/to/file');
$metas = read_meta_file($file);
and then you can get what type of file and some others data.
Note
Currently, the file that I work with is a video file.
You can get the information about the file with the help of php function named pathinfo
How to use pathinfo:
print_r(pathinfo("/path_of_file/123.txt"));
It will return .....
Array ( [dirname] => /path_of_file [basename] => 123.txt [extension] => txt )
2. You can get the size of the file with the help of php function named filesize
How to use filesize:
echo filesize("123.txt");
It will return the size of file in bytes.
I hope, This will help you.
Good Luck.
You can use pathinfo php function
For file size you can use filesize function
To get extension from base_64 then you can use finfo_buffer function
echo finfo_buffer(finfo_open(), $base64, FILEINFO_MIME_TYPE);
But you would need to store somewhere that extension - in video files for example in ID3 tags (and use the lib https://github.com/JamesHeinrich/getID3/ to extract it). That is most likely NOT what you want to do as you would need to edit the file on the frontend.
Another option is to use mime_content_type(after you file has finished uploading) - for a "mp4" file, even without extension, it will give you "video/mp4", for mkv "video/x-matroska". Etc. based on the mime-type you can build the extension again - for example:
$exts = [
"video/x-matroska" => "mkv",
"video/mp4" => "mp4"
];
and then:
$extension = $exts[mime_content_type("..path..to..file")];
(of course first with checking if the entry exists there).
Extension itself is NOT stored in any metadata so you cannot simply extract it.
While having the mime-type you can also use any popular libs - like:
https://github.com/ralouphie/mimey
to convert mime-type to extension.
To get the file size it is best to simply use the filesize function.
Another option would be to simply send the original file name with the last post (the one which tells the backend that the file has finished): probably the most reliable one.
Related
I recently had a asked a question very similar to this one, however after evaluating that I did not explain it in the best way I have come back once again explaining it in a greater manner.
So, I am creating a system that will gather data from a MySQL database and use a unique id to download a file, however depending on the value of a column within that database called type, this file could be anything from a png file to an xml file. What I am currently doing is trying to download these files WITHOUT any extension.
As an example to maybe make this easier to understand, a file named image.png would be converted to just image and then downloaded.
With this you could rename the file to image.png again on the local machine and view the image.
This may seem very inefficient to most reading this but for my current situation it's all that will work.
How could I remove a files extension and then download it? (in php)
Thank you in advance.
Just use headers to specify response type.
$filepath = '/wherever/the/file/is.png';
$filename = 'new-cool-name';
header('Content-Type: whatever/content-type-is');
header("Content-disposition: attachment;filename=$filename");
readfile($filepath);
This basically sends a response with specified content-type as an attachment and the body of the attachment contains the file contents. If you never sure what's the content type is, then just use application/octet-stream
Usually when you set out to push a file for downloading from a serverside script, you do so by utilizing http headers like https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition
The filename of the downloadable file is specified in that header
Okay so to remove an extention from a file you could do is
$withoutExtion = preg_replace('/\\.[^.\\s]{3,4}$/', '', $youfilename);
...followed by your file download code
I have an upload form which allowed most of file types to be uploaded.
Here they are:
Image: jpg/jpeg/png/gif ...
Video: mp4/avi/wmv ...
another files: doc/pdf/rar/zip/mp3/...
For image file, I know I can use PHP function getimagesize() or something else to make sure it's the real image. But how about the other files such as Video, and documentation ? Is it a real file without faking the extension ?
How to do that?
Thank you! I need your help.
every file has it's own type, it called mime type , so u can check the mime type , do some things like that :
if (mime_content_type($FILES['file']['tmp'])== "image/png"))
{
// do upload
}else{
die('file type not supported');}
u can put all the mime type into an array the check the type with in_array function
u can find all the mime type here : http://www.freeformatter.com/mime-types-list.html
Any client-side check (even the browser mime-type detection) is doomed to fail because user has access to it. You'd better let the upload begin and complete, then perform a serious server side check. You simply discard the file if that is not what you expected to be.
On top of the server-side check you can of course implement the client-side check just for a neater user experience
The only way to fully secure a file upload is to attempt parsing the uploaded file with PHP or some other extension/tool that expects a specific valid file type. In other words:
Images: use GD functions to parse the file, they'll return false if it isn't a valid image.
Videos: could probably validate using ffmpeg on the command line and check the output or use the ID3 extension as suggested here: https://stackoverflow.com/a/134893 (credit to Zathrus Writer's comment on the question linking to this question)
Documents: Attempt loading the file with PHPExcel/Word/PowerPoint although I'm not sure that these would support just any format of those documents as it works on OpenXML.
From looking at the getID3 extension this might be the best bet as it seems to parse a wide variety of content types.
In any case, what you essentially need is for PHP or some other 3rd party library/extension to determine that the binary data of a file corresponds with its MIME content type.
Hope this helps :)
I'm working on a project where I upload an image (jpg) and manipulate it using the PHP GD library.
I know that I can use GD functions to edit an image resource (created from imagecreatefromjpeg()) but I was wondering if there was a way I could use the file uploaded in the $_FILES array directly with the GD library. One solution I thought of was saving the uploaded file, pushing it into imagecreatefromjpeg, then deleting it afterwards.
This seems cluinky though, is there a more efficient solution?
I'm still a bit new to PHP so I'm not sure as to how files are stored in the $_FILES array. I hope I'm making sense here. Thanks.
You can simply do this:
$img = imagecreatefromjpeg($_FILES['image']['tmp_name']);
// do gd operations on $img
imagejpeg($img, '/path/to/target');
You'll have to use imagecreatefrom in some form or another, and you can use it directly on the uploaded file. Then just save the result of your manipulations using imagejpeg. The uploaded file in tmp_name will we thrown away automatically.
Having said that, you should save the original somewhere. It's always good to have it around for later use.
I am using plupload to do an upload of multiple files to my server. Using this, there is a parameter 'url : 'upload.php'. upload.php catches the files as they are received, and might recombine them if they get chunked. Once the full file is received, it sends a response back to the original page, displaying a green checkbox icon.
I have added some code to this page, after all the main code to manipulate the photos I have uploaded. My plan is to create three copies of my full size image, lg, med, and small. I got this part working, but then decided to first rename the original file to match my naming scheme.
I now get a corrupted renamed file, and thus my three smaller images also get corrupted.
//get the original file info
$filepath = $_SERVER['DOCUMENT_ROOT'].'/uploads/';
$filepathinfo = pathinfo($filepath.$fileName);//fileName is used previously in the file
//rename original file to a unique name
$finding_id = 'xyz';
$file_name_new = uniqid($client_id . '-' . $finding_id . '-', true); //doesn't include extension
//rename($filepath.$fileName, $filepath.$file_name_new.'.'.$ext);
//copy($filepath.$fileName, $filepath.$file_name_new.'.'.$ext);
As is, I get my one file, or how ever many I uploaded, byte size matches original exactly, and name stays the same (except for removal of certain characters).
If I uncomment only the rename function, I actually get two files. The byte sizes total the original photo. The larger file displays with a section of gray at the bottom. The smaller file doesn't display at all.
If I uncomment only the copy function, I get an exact renamed copy of my original file, my original file, and another file, the same size and corruption as the larger file doing a rename.
Any ideas? Seems like it should be pretty straightforward.
if the file was currently uploaded by HTTP POST use move_uploaded_file
if you fopen() somewhere in this request the same file make sure to call fclose()
I forgot I had the chunking feature turned on. Must have turned it on to test something. For whatever reason, when the script was running the last chunk of the file hadn't been fully appended yet. Thanks for all the input anyway!
Are you writing to the file yourself? If so, the problem might be that you're missing a call to fflush or fclose. (The last chunk of the file not getting written and the file no longer being there when PHP gets round to writing it. This shouldn't happen if you're using Linux or some other Unix, but I could envisage it on Windows.)
Simple question. Is there a way to only allow txt files upon uploading? I've looked around and all I find is text/php, which allows PHP.
$uploaded_type=="text/php
When you upload a file with PHP its stored in the $_FILES array. Within this there is a key called "type" which has the mime type of the file EG $_FILES['file']['type']
So to check it is a txt file you do
if($_FILES['file']['type'] == 'text/plain'){
//Do stuff with it.
}
It's explained very well here. Also, don't rely on file extentions it's very unreliable.
Simply put: there's no way. Browsers don't consistently support type limiters on file upload fields (AFAIK that was planned or even is integrated into the HTML standard, but barely implemented at best). Both the file extension and mime-type information are user supplied and hence can't be trusted.
You can really only try to parse the file and see if it validates to whatever format you expect, that's the only reliable way. What you need to be careful with are buffer overflows and the like caused by maliciously malformed files. If all you want are text files, that's probably not such a big deal though.
You could check the mime type of the uploading file. In codeIgniter, this code is used in the upload library:
$this->file_type = preg_replace("/^(.+?);.*$/", "\\1", $_FILES[$field]['type']);
The variable $this->file_type then used to check the upload configuration, to see if the uploaded file is in allowed type or not. You can see the complete code in the CodeIgniter upload library file.
You need to check the file extension of the uploaded file.
There is Pear HttpUpload, it supports this.