I am trying to upload a .qif file in php codeigniter but it returns an error
The filetype you are attempting to upload is not allowed.
When I try to upload another type file (PDF, CSV, docs, etc.) they upload successfully.
Here is my code:
function do_upload($field_name, $files, $folder_path,$save_name="",$prefix="bk_"){
$ci = & get_instance();
//create upload folder if not exists
if (!is_dir($folder_path)) {
mkdir($folder_path, 0777, TRUE);
}
$save_name = $prefix.time()."_".$files['name'];
$data = array();
$config = array();
$config['upload_path'] = $folder_path;
//$config['max_size'] = 0;
$config['allowed_types'] = 'csv|CSV|txt|TXT|pdf|PDF|zip|ZIP|doc|DOC|docx|DOCX|xlsx|xls|XLS|XLSX|QIF|qif';
$config['file_name'] = $save_name;
$ci->load->library('upload');
$ci->upload->initialize($config);
// echo "hello 1"; die;
if ($ci->upload->do_upload($field_name)){
$data = $ci->upload->data();
$data['status'] = 1;
}
else{
$data['status'] = 0;
$data['error'] = $ci->upload->display_errors();
}
return $data;
}
You get the "filetype is not allowed" error, because the original Codeigniter mime-type configuration file doesn't list an qif entry:
in your config/mimes.php file add to the $mimes array this line:
'qif' => 'application/qif'
and eventually
'qif' => 'image/x-quicktime'
mime-type source: http://fileformats.archiveteam.org/wiki/Ext:qif
the native php move_uploaded_file method without checking for mime-types can turn into a security problem
I got a solution after lot of searches
I just use move_uploaded_file function and it's work
move_uploaded_file($_FILES["file"]["tmp_name"], $path);
if someone have a better answer answer please share that.
thanks
Related
i'm new in phbp and yii and i have a pronblem with sendind file, i'm using kartik\file\FileInput widget without model and i send to yii controller, where i can get my file from $POST and in first time i used move_uploaded_file with linkt to my file on tmp. The first idea with move doesnt work, i wouldnt find my file on disk, i know is systemd, but i change my tmp folder in php.ini but the file from form doesnt show in this place. This is my conbtroller
$output = "";
$modelZalaczniki = new DelegacjeZalacznikiSearch();
$modelZalaczniki->d_add = date('Y-m-d H:i:s');
$modelZalaczniki->u_add = Yii::$app->user->identity->id;
if (empty($_FILES['file'])){
echo json_encode(['error'=>'Nie znaleziono plik.w.']);
return;
}
$files = $_FILES['file'];
$success = null;
$paths = [];
$fileNames = $files['name'];
if(!file_exists('uploads')){
mkdir('uploads', 0750, true);
}
if(!file_exists('uploads'.DIRECTORY_SEPARATOR.'delegacje')){
mkdir('uploads'.DIRECTORY_SEPARATOR.'delegacje', 0750, true);
}
if(!file_exists('uploads'.DIRECTORY_SEPARATOR.'delegacje'.DIRECTORY_SEPARATOR.'pliki')){
mkdir('uploads'.DIRECTORY_SEPARATOR.'delegacje'.DIRECTORY_SEPARATOR.'pliki', 0750, true);
}
if(!file_exists('uploads'.DIRECTORY_SEPARATOR.'delegacje'.DIRECTORY_SEPARATOR.'pliki'.DIRECTORY_SEPARATOR.$delegacja_id)){
mkdir('uploads'.DIRECTORY_SEPARATOR.'delegacje'.DIRECTORY_SEPARATOR.'pliki'.DIRECTORY_SEPARATOR.$delegacja_id, 0750, true);
}
for($i = 0; $i < count($fileNames); $i++){
$ext = explode('.', basename($fileNames[$i]));
$hashName = md5($fileNames[$i]);
$target = 'uploads'.DIRECTORY_SEPARATOR.'delegacje'.DIRECTORY_SEPARATOR.'pliki'.DIRECTORY_SEPARATOR.$delegacja_id.DIRECTORY_SEPARATOR.$hashName;
// if(file_exists($target)){
// $success = true;
// break;
// }
if(move_uploaded_file($files['tmp_name'][$i], $target)){
$success = true;
$paths[] = $target;
$modelZalaczniki = new DelegacjeZalaczniki();
$modelZalaczniki->delegacja_id = $delegacja_id;
$modelZalaczniki->d_add = date('Y-m-d H:i:s');
$modelZalaczniki->u_add = Yii::$app->user->identity->id;
$modelZalaczniki->sciezka = $target;
$modelZalaczniki->nazwa = $fileNames[$i];
$modelZalaczniki->typ = $ext[1];
$modelZalaczniki->size = $files['size'][$i];
if ($modelZalaczniki->validate()){
$modelZalaczniki->save();
}
}else{
$success = false;
break;
}
Every things work fine but i cant move file to my folder, aha, file is create but in this file is linkt to yii documentation.
Yii 2.0 is great at uploading files. No need for move_uploaded_file.
Take a look at the documentation, and specifically the UploadedFile::getInstance() method.
Useful examples which are relevant to what you're doing are here:
https://www.yiiframework.com/doc/guide/2.0/en/input-file-upload
In the above code, when the form is submitted, the yii\web\UploadedFile::getInstance() method is called to represent the uploaded file as an UploadedFile instance. We then rely on the model validation to make sure the uploaded file is valid and save the file on the server.
In my Laravel project I created a page to upload the files and I use the $file of laravel it works fine for some system only but for some system it shows an error as shown in image below.
Function I am using to upload files in model
public function add_document_sub_cert($req)
{
$subcontractor_id = $req['subcontractor_id'];
$reference_id = $req['reference_id'];
$files = $req->file("uploaded_doc0");
$i = 0;
foreach($files as $file){
$i++;
$ext = $file->guessClientExtension();
$name = $file->getClientOriginalName();
$file_name_1 = str_replace(".".$ext,"",$name);
$path = $file->storeAs('subcontractor/','avc'.$i.'.jpg');
if($path){
$document = new Document();
$document->doc_name = 'avc.jpg';
$document->module = 'subcontractor';
$document->reference_id = $reference_id;
$document->save();
}
}
}
Your error says that you didn't specify a filename. I see that your variable $file_name_1 is never used. Haven't you forgotten to use it somewhere?
Without knowing how your class Document works, it's impossible to tell you exactly where is the bug.
I have a really weird problem. I'm using the CodeIgniter Upload Class for managing the upload of a simple jpg image. If I upload a file with extension .JPG, even if I set the property file_ext_tolower to TRUE, my file gets uploaded with the .JPG extension. Which is something that I don't want! Here is some code..
$this->load->library('upload');
$config['upload_path'] = './resources/img/content';
$config['allowed_types'] = 'jpg';
$config['overwrite'] = FALSE;
$config['file_ext_tolower'] = TRUE;
$config['remove_spaces'] = TRUE;
$this->upload->initialize($config, true);
if ( ! $this->upload->do_upload('cover')) {
$this->session->set_flashdata('message','Cover: ' . $this->upload->display_errors());
redirect('admin');
break;
} else {
// Whatever
}
Problem is, this doesn't run even on localhost. It always goes ahead and uploads the file with the .JPG. I just cannot understand. I'm using CodeIgniter 3.1.0 on both the server and the localhost. Any thoughts? On the server I've also enabled the fileinfo extension in the php.ini.
Another thing that this brings is that..if I have a file named myfile.JPG and myfile.jpg, CodeIgniter isn't able to see that they're the same file..which is ultimately what would be likely it does if only file_ext_tolower was working properly.
On server, myfile.JPG gets saved as myfile.JPG. I think that, when file_ext_tolower is set to TRUE, it should save as myfile.jpg...and eventually, before doing that, actually search for another file with this name..if file with this name is already on the server, it should follow the overwrite setting: either overwrite it or rename with a progressive number.
I have solution for you :)
Create file: application/libraries/MY_Upload.php
<?php
class MY_Upload extends CI_Upload
{
/**
* Force filename to lowercase
*
* #var string
*/
public $file_name_tolower = FALSE;
function _prep_filename($filename)
{
if ($this->mod_mime_fix === FALSE OR $this->allowed_types === '*' OR ($ext_pos = strrpos($filename, '.')) === FALSE)
{
return $filename;
}
$ext = substr($filename, $ext_pos);
$filename = substr($filename, 0, $ext_pos);
//change ext tolower
$filename = ($this->file_name_tolower)?strtolower($filename):$filename;
//change ext tolower
$ext = ($this->file_ext_tolower)?strtolower($ext):$ext;
return str_replace('.', '_', $filename).$ext;
}
}
I modyfication file_ext_tolower and add file_name_tolower
Example for file: coVEr.JPG
...
$config['file_ext_tolower'] = TRUE;
$config['file_name_tolower'] = TRUE;
...
Result: cover.jpg
...
$config['file_ext_tolower'] = TRUE;
$config['file_name_tolower'] = FALSE;
...
Result: coVEr.jpg
...
$config['file_ext_tolower'] = FALSE;
$config['file_name_tolower'] = TRUE;
...
Result: cover.JPG
...
$config['file_ext_tolower'] = FALSE;
$config['file_name_tolower'] = FALSE;
...
Result: coVEr.JPG
I have the same problem. It is silly mistake, no matter how much code i edit on this file also no effect on result. So I start guess I refer to wrong file :
maybe member-site file but I edit admin-site file.
maybe order-model file but I edit invoice-model file.
After echo "alert("abc");" to find the correct file, then i edit the code then finally I get the result output perfectly.
I am having a spot of trouble with Codeigniter and getting files to rename within the upload process from the Upload Library it has to offer. Now before anyone says it, I am not looking for "encrypted" file names.
My Problem is in uploading images you have a good handful of types you could be dealing with. So how does one change the file name using the file_name config option to a specific schema (which I already have the schema part up and working). But maintain the same file type?
Right now I am attempting
$upload_config['file_name'] = $generated_filename_from_schema
Only problem is $generated_filename_from_schema doesnt have a file extension, and leaving the file extension out of the equation CI seems to ignore it altogether and just takes the file and append_1, _2, _3 as it goes up if the files have the same name, otherwise it just leaves the name intact.
Now I have to pass the $config to CI so it will upload the file, but how can I determin what kind of file I am working with before it trys to upload so I can use my name generation schema.
*edit*
$upload_config['upload_path'] = realpath(APPPATH.'../images/');
$upload_config['allowed_types'] = 'gif|jpg|png';
$upload_config['max_size'] = 0;
$upload_config['max_width'] = 0;
$upload_config['max_height'] = 0;
$upload_config['remove_spaces'] = true;
$upload_config['file_name'] = $this->genfunc->genFileName($uid);
if($this->input->post('uploads'))
{
$this->load->library('upload');
$this->upload->initialize($upload_config);
if (!$this->upload->do_upload())
{
//echo 'error';
echo $config['upload_path'];
$this->data['errors'] = $this->upload->display_errors();
}
else
{
//echo 'uploaded';
$this->data['upload_data'] = $this->upload->data();
}
}
You can use $_FILES array to get original name of file.
Extract extension of original file.Then, append to your new file name.
Try as below
$ext = end(explode(".", $_FILES[$input_file_field_name]['name']));
$upload_config['file_name'] = $this->genfunc->genFileName($uid).'.'.$ext;
Personally, I find CodeIgniter's file uploading class to be somewhat cumbersome. If you want a vanilla PHP solution:
function submit_image(){
$f = $_FILES['image'];
$allowedTypes = array(IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF);
$detectedType = exif_imagetype($f['tmp_name']);
if(in_array($detectedType, $allowedTypes)){
$pi = pathinfo($f['name']);
$ext = $pi['extension'];
$target = $this->genfunc->genFileName($uid) "." . $ext;
if(move_uploaded_file($f['tmp_name'], $target)){
/*success*/
}
else {/*couldn't save the file (perhaps permission error?*/}
}
else {/*invalid file type*/}
}
I'm using the following CodeIgniter function to upload files which works fine:
function uploadFiles(){
$this->load->library('upload');
$error = 0;
$projectName = $_POST['projectname'];
$projectID = $_POST['maxid'];
$folderName = $this->config->item('upload_dest')."/".$projectName."_".$projectID;
if(!file_exists ($folderName)){
$aa = mkdir($folderName);
}
$config['upload_path'] = $folderName;
$config['allowed_types'] = 'xml';
//$config['allowed_types'] = '*';
$config['max_size'] = '0';
$config['overwrite'] = TRUE;
$this->upload->initialize($config);
for($i=0; $i<count($_FILES['files']['name']); $i++)
{
$_FILES['userfile']['name'] = $_FILES['files']['name'][$i];
$_FILES['userfile']['type'] = $_FILES['files']['type'][$i];
$_FILES['userfile']['tmp_name'] = $_FILES['files']['tmp_name'][$i];
$_FILES['userfile']['error'] = $_FILES['files']['error'][$i];
$_FILES['userfile']['size'] = $_FILES['files']['size'][$i];
if($this->upload->do_upload())
{
$error += 0;
}else{
$error += 1;
}
}
if($error > 0){
$this->upload->display_errors();
return FALSE;
}
else{
return TRUE;
}
}
What I need to do is - check to make sure that at least one of the files which are being uploaded is named "etl". If there's no such a file in the file list the user chosen - stop the action, don't upload anything and return a form validation error. Could anybody advise over this?
Thanks.
Firstly, from php there is no way to get the name of the file(s) before uploading, you must upload to get the properties of the file. So, the options available are:
(1) Allow the files to be uploaded, then get the names and check if any contains "etl". If non contains what you are looking for, then delete the just uploaded files, and set a custom error message yourself.
This approach have a very large overhead cost of allowing you to first upload what is not need, then deleting it. Very poor but solves the problem.
(2) On the otherhand, is the javascript solution. Give the upload fields a common class name
e.g "userfile1", "userfile2", .......
then from your javascript and using jquery, intercept the submission of the form, then use a for loop to get the values of each of the file upload field, from which you can get the full name and extension of the file and then do your "etl" comparison.
i.e
<script type="text/javascript" >
$("#formname").submit(function(){
$(".classname").each(function(){
if($(this).val().indexOf("etl") != -1 ){
return true;
}
});
/*
*whatever makes it finish executing that loop and the execution of code gets
*to this point, then the string "etl" was not found in any of the names.
*/
// write a piece of code to show an hidden error field
$("#hidden_error_div").text("Your error message").show();
return false; //makes sure the form is not submitted.
});
</script>
Hope this helps.
Oyekunmi gives a good javascript solution to intercept before it actually gets to the server. As Oyekunmi points out, once it gets there, it gets there as a package, so you could then store and process it in a temporary directory, eval each file there and process accordingly.