I'm currently trying to use the cURL executable to upload mp4 Files to a php script using the POST method. In the PHP file I'm checking the File format and all that kind of stuff. Here's the PHP file:
<?php
$allowedExts = array("jpg", "jpeg", "gif", "png", "mp3", "mp4", "wma");
$extension = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
if (($_FILES["file"]["type"] == "video/mp4") && ($_FILES["file"]["size"] < 2000000) && in_array($extension, $allowedExts)) {
if ($_FILES["file"]["error"] > 0) {
echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
} else {
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
if (file_exists("upload/" . $_FILES["file"]["name"])) {
echo $_FILES["file"]["name"] . " already exists. ";
} else {
move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]);
echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
} else {
echo "Invalid file";
}
?>
When I upload files using a normal HTML form it works properly. This is the HTML form i used:
<!DOCTYPE html>
<head>
<title></title>
</head>
<body>
<form action="upload_file.php" method="post" enctype="multipart/form-data" name="uploadedfile">
<label for="file"><span>Filename:</span></label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>
But when I now try it using the cURL Client using this command:
"curl -F file=#test.mp4 http://localhost:1337/upload_file.php"
It displays me "Invalid File" in the console, which is normally shown when the file doesnt match the attributes im checking in PHP(for example not fitting the file type).
I hope you guys understand my problem and can help me! :)
Greets Steven
Your $_FILES["file"]["type"] check is failing because cURL doesn't make any guesses to the type and won't send that automatically in the POST request.
This is easily spoofed so it's not a great check anyway.
But to make your example work, try specifying the content type with the file parameter:
curl -F file=#test.mp4;type=video/mp4 http://localhost:1337/upload_file.php
Further to what drew010 wrote (I'd write a comment but don't have the reputation yet), trusting those values passed in may actually be a security risk and has been used to hack sites in the past so be careful.
Related
I've been trying to do a photo upload using Php. What I am seeing when I do a submit is, the page keeps loading infinitely.
End result the photo is not being uploaded to the directory.
Here is the HTML Code :
<!DOCTYPE html>
<html>
<head>
<title>Photo Upload</title>
</head>
<body>
<form action="upload.php" method="post" enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file"><br>
<input type="submit" name="submit" value="Submit">
</form>
</body>
</html>
Php Script :
<style>
.sucess{
color:#088A08;
}
.error{
color:red;
}
</style>
<?php
$file_exts = array("jpg", "bmp", "jpeg", "gif", "png");
$upload_exts = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 2000000)
&& in_array($upload_exts, $file_exts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br>";
echo "Type: " . $_FILES["file"]["type"] . "<br>";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";
// Enter your path to upload file here
if (file_exists("uploads/" .
$_FILES["file"]["name"]))
{
echo "<div class='error'>"."(".$_FILES["file"]["name"].")".
" already exists. "."</div>";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"uploads/" . $_FILES["file"]["name"]);
echo "<div class='sucess'>"."Stored in: " .
"uploads/" . $_FILES["file"]["name"]."</div>";
}
}
}
else
{
echo "<div class='error'>Invalid file</div>";
}
?>
I've taken this code sample from Here.
I cannot understand what is going wrong here, but I think it has something to do with the path, but I am not sure.
Some help will be appreciated.
*I've edited the code and changed it to 'uploads/' .
It now works!
I checked it out use Relative Path Instead of absolute path then there will be no problem which ever environment you are working in local or server
eg:Instead of this C:\Users\Priyabrata\PhpstormProjects\FileUpload/uploads/
Use uploads/
It will work
when you host it on server some hosting providers will not provide the access so you have to change the folder permissions to writable and it will work cheers
See you are reffering like C:\\Users\\Priyabrata\\PhpstormProjects\\FileUpload/uploads/.Maybe this leads to the problem.
Replace it with the actual server link you use ..
I have tried your code and it works fine for me (I used different path since I am on Ubuntu). Try specifying your path without double slashes. (Like in the sample link you provided). Also make sure the folder exists ;)
In PHP, is it possible to upload files to the server? If so, then how can I create an upload form and insert the files to a specific page? Any extension images: .jpeg .gif or files: .txt .pdf etc. I am using XAMPP (localhost to view my website).
I have tried many tutorials, but there are lot of errors.
This is this HTML file:
<form action="fileupload.php" method="post" enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>
And here is the PHP script:
if ($_FILES["file"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Stored in: " . $_FILES["file"]["tmp_name"];
}
The result is shown like this:
Upload: (file here)
Type: image/jpeg
Size: 757.521484375 Kb
Stored in: (temp file in C:)
But whenever I find my file in the tmp folder. It's nowhere to be found.
function getExtension($str)
{
$i = strrpos($str,".");
if (!$i)
{
return "";
}
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
$extension = getExtension($filename);
$extension = strtolower($extension);
if($extension=="jpg" || $extension=="jpeg" || $extension=="gif" || $extension=="txt" || $extension=="pdf" ){
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
move_uploaded_file($_FILES["file"]["tmp_name"],"upload/" .date("d_m_h_i_s"). $_FILES["file"]["name"]);
}
The getExtension function helps to get the extension of the file. The files will be uploaded to the upload folder.
I would so appreciate some help here please. I have been struggling without success for a full day to upload images to a shared host running Zeus (rather than apache--yes I know, they are changing!). The host blames the code yet wont tell me why "as they are not programmers" I have tried so many different version of the form script I am out of options. I have of course checked the upload limits on the php ini file configs (which I am not allowed to change by the host) and they are both 128meg. So it looks unlikely that is the cause. The outcome of the scripts is that we get to the final ''successfully loaded the file'' message but the files size loaded is zero (so there is nothing new in the target directory). I am relatively new to php so please do go easy on the jargon. Thank you.
Here are the two files>> First the form...
<form enctype="multipart/form-data" action="anewupload.php" method="POST">
Please choose a file: <input name="uploaded" type="file" /><br />
<input type="submit" value="Upload" />
</form>
and the php file refered to by the form...
<?php
$target = "uploads/";
$target = $target . basename( $_FILES['uploaded']['name']) ;
$ok=1;
//This is our size condition
if ($uploaded_size >350000)
{
echo "Your file is too large.<br>";
$ok=0;
}
//This is our limit file type condition
if ($uploaded_type =="text/php")
{
echo "No PHP files<br>";
$ok=0;
}
//Here we check that $ok was not set to 0 by an error
if ($ok==0)
{
Echo "Sorry your file was not uploaded";
}
//If everything is ok we try to upload it
else
{
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded to..";
echo $target;
echo "..The uploaded file size is $uploaded_size";
}
else
{
echo "Sorry, there was a problem uploading your file.";
}
}
?>
First make sure the uploads folder exists and that is has write permissions set to either 755 or 777
Plus, you have two unassigned variables, $uploaded_size and $uploaded_type, so that will fail.
You would need to use something like if ($_FILES["file"]["size"] <350000) etc. probably another reason why it's failing.
Give this a try, see if this works for you, it's what I use:
Modify $allowedExts = array("gif", "jpeg", "jpg", "png"); for permitted file extensions.
It will upload only if size is less than 350000
NOTE: Change <input name="uploaded" type="file" /> to <input name="file" type="file" /> see form under handler code.
<?php
$allowedExts = array("gif", "jpeg", "jpg", "png");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/png"))
&& ($_FILES["file"]["size"] < 350000)
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br>";
echo "Type: " . $_FILES["file"]["type"] . "<br>";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";
if (file_exists("uploads/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"uploads/" . $_FILES["file"]["name"]);
echo "Stored in: " . "uploads/" . $_FILES["file"]["name"];
}
}
}
else
{
echo "Invalid file";
}
?>
Also change your form to this to reflect the PHP handler:
<form enctype="multipart/form-data" action="anewupload.php" method="POST">
Please choose a file: <input name="file" type="file" /><br />
<input type="submit" value="Upload" />
</form>
I am trying to allow users to upload videos via this form
<form method='POST' name='uploadform' enctype='multipart/form-data' action=''>
Video: <input type='file' name='filename' /><br/>
<input type='submit' name='cmdSubmit' value='Upload' />";
Then with this php script I am trying to move the videos into another folder for storage.
if($_POST['cmdSubmit']){
$filename = basename($_FILES['filename']['name']);
move_uploaded_file($_FILES['filename']['tmp_name'], "videos/" . $filename);
}
The problem I am having is the video's are not being moved to my folder. I have done research on how to do this and have try many error solving methods but nothing is seeming to work so if you have any idea on what my problem is any help is appreciated. The form works perfectly. Thanks....
I have searched google and youtube and can't find any really good articles on this if you know any that would be awesome too.
I tried to do troubleshooting by using this code..
if(move_uploaded_file($_FILES['filename']['tmp_name'], "videos/" . $filename)){
echo "This worked Successfully";
}else{
echo "Error";
}
}
and it did not echo either statement....
Try the below PHP code
in this code you can have some Restrictions on Upload
you can set the Exts that you need to allow in upload..
HTML FORM CODE
<html>
<body>
<form action="upload_file.php" method="post" enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>
PHP CODE BELOW
<?php
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 20000)
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"]);
echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
}
else
{
echo "Invalid file";
}
?>
For Any Other Reference kindly Check Here http://w3schools.com/php/php_file_upload.asp Or Post A Comment
In php.ini Find and update as following:
post_max_size = 8M
upload_max_filesize = 2M
max_execution_time = 30
max_input_time = 60
memory_limit = 8M
Change to:
post_max_size = 750M
upload_max_filesize = 750M
max_execution_time = 5000
max_input_time = 5000
memory_limit = 1000M
I am trying to use PHP to upload a CSV file (type:application/vnd.ms-excel) to my Unix box. And then FTP it to Mainframes.
The problem occurs in uploading when extra blank lines are added to the uploaded file at the end of each line, i can see this when i download the uploaded CSV file using ftp Command in cmd prompt.
No Extra lines appear in the CSV while viewing in Unix box.
When it FTPs it to mainframe i can see a dot added to each line. Hex Dec x'0D'
Could you please help me out in truncating this extra character while uploading?
My HTML File
<html>
<body>
<form action="upload_file.php" method="post" enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>
My PHP Code "upload_file.php"
<?php
$allowedExts = array("csv", "CSV");
$extension = end(explode(".", $_FILES["file"]["name"]));
if (($_FILES["file"]["type"] == "application/vnd.ms-excel")
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"]);
$conn = ftp_connect("a.b.c.com") or die("Could not connect");
ftp_login($conn,"login","pass");
echo ftp_put($conn,"'dataset.name'","upload/" . $_FILES["file"]["name"],FTP_ASCII);
ftp_close($conn);
echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
}
else
{
echo "Invalid file";
}
?>
You might want to take a look at the http://at2.php.net/manual/en/function.trim.php method.
You can open the file after storing it, iterating over each line and trim() them. You can print them back to the file (or just load everything, iterante and do a file_put_contents()). This should remove any whitespace from the beginning and the end before you upload it.
If you just want to remove it from the end, you can also use rtrim() or if you want to be more flexible you can do it with preg_replace() and something like /\s*$/.