I want let user upload their resume on the server,these file can be every suffix,then i will zip these file and put them for other users to download by a link,is it safe enough???!!!
here is my code
$nameFile = $_FILES['file']['name'];
$tmpName = $_FILES['file']['tmp_name'];
$download_folder = "/download/";
$zip = new ZipArchive;
$fileconpress = $download_folder.$nameFile.".zip";
$conpress = $zip->open($fileconpress, ZIPARCHIVE::CREATE);
if ($conpress === true)
{
$zip->addFile($tmpName);
$zip->close();
echo $fileconpress."<br/>";exit();
//return $name;
}
else echo " Oh No! Error";
and above code apparently does not work,please help me to have safe app,thanks
Related
I try using function to upload different kind of file by giving it variables. As shown below:
<?
function fn_fileUpload($data,$dir,$uid){
include_once($_SERVER['DOCUMENT_ROOT']."/cgi-bin/connect.php");
if(isset($data) && $data['error'] === UPLOAD_ERR_OK){
$fileTmpPath = $data['tmp_name'];
$fileName = $data['name'];
$fileSize = $data['size'];
$fileType = $data['type'];
$fileNameCmps = explode(".", $fileName);
$fileExt = strtolower(end($fileNameCmps));
$newFileName = $uid . '.' . $fileExt;
//check file ext
$okEXT = array('jpg', 'jpeg', 'png','doc','docx','pdf');
if (in_array($fileExt, $okEXT)) {
$fileDir = '/'.$dir.'/';
$dest_path = $fileDir.$newFileName;
if(move_uploaded_file($fileTmpPath, $dest_path)){
try{
$stmt2=$mysqli->prepare("insert into job_file (jfile_id, job_id, jfile_name, jfile_size, jfile_type, jfile_ext) valies(?,?,?,?,?,?)");
$stmt2->bind_param('iisiss',$zero,$uid,$newFileName,$fileSize,$fileType,$fileExt);
$stmt2->execute();
$result = 'ok';
}catch(mysqli_sql_exception $err){
$result=$err;
}
}else{
$result = 'Cannot upload file!';
}
}//in_array
}//if(isset
return $result;
}
?>
And this is how to use:
//upload file
$job_file=fn_fileUpload($_FILES['job_file'],'uploads',$_POST['passport_id']);
//upload photo
$job_img=fn_fileUpload($_FILES['job_img'],'photos',$_POST['passport_id']);
From here, the function always return : Cannot upload file!. At first I think. It might have something to do with move_uploaded_file but the file was there in /uploads directory but not with /photos. Both directories CHMOD 755 (tried 777 but no luck).
The db went through correctly. Is there any idea how to fix this?
You can only use move_uploaded_file() ONCE on a temporary file that has been uploaded through a form. This function destroys the temporary file after it has been moved, so the for the first upload in the uploads directory you can do it well but in for the second one no.
files are being uploaded and added to zip the only problem is to move the zip to desired location.the permission is OK i have moved single file. Now i want to create a zip containing multiple files and then moving that zip to folder.
$uploaddir = 'upload/page/';
if($_FILES['image_file_holder']['name'] != '')
{
$total = count($_FILES['image_file_holder']['name']);
echo $total;
$imagarr = explode(".", "myserver.zip");
$newimgfile = $imagarr[0]."_".mt_rand().'.'.$imagarr[1];
$zipname = $newimgfile;
$upload = $uploaddir . $newimgfile;
$zip = new ZipArchive;
$zip->open($zipname, ZipArchive::CREATE);
for($i=0; $i<$total; $i++) {
//Get the temp file path
$tmpFilePath = $_FILES['image_file_holder']['name'][$i];
if ($tmpFilePath != ""){
$zip->addFile($tmpFilePath);
}
}
$zip->close();
echo "moving";
if(move_uploaded_file($zipname,$upload))
{
echo "done";
}
}
I am trying to unzip an uploaded file and rename and upload it in my server
here is my code
PHP
$fname = md5(rand()).'.csv';
$full_path = Config::get('filesystems.disks.local.root');
$zip = new ZipArchive;
if ($zip->open($excel_file) === TRUE)
{
$zip->renameName($zip->getNameIndex(0),$fname);
$zip->extractTo($full_path. '/exceluploads/');
$zip->close();
} else {
return redirect()->back()->withErrors('File is not zipped');
}
But this is not working , I am sure I am doing some mistake since I am using the ZipArchive for the first time .
You are changing the zip file's content, so you need to specify what you want to extract.
<?php
$fname = md5(rand()).'.csv';
$full_path = Config::get('filesystems.disks.local.root');
$zip = new ZipArchive;
if ($zip->open($excel_file) === TRUE) {
$zip->renameName($zip->getNameIndex(0), $fname);
// Please notice the $fname, passed as a parameter for extractTo
$zip->extractTo($full_path . 'exceluploads/', $fname);
$zip->close();
} else {
return redirect()->back()->withErrors('File is not zipped');
}
I am generating dynamic images from API.
And on button click i want to download a zip file with images .
I tried many solution, but still not able to download zip file with images
$zip = new ZipArchive();
$zip_name = time().".zip"; // Zip name
$zip->open($zip_name, ZipArchive::CREATE);
foreach ($files as $file) {
echo $path = "uploadpdf/".$file;
if(file_exists($path)){
$zip->addFromString(basename($path),file_get_contents($path));
}else {
echo"file does not exist";
}
}
$zip->close()
I'm trying to upload a file using an html form. The upload method is via FTP to a FileZilla server. I have successfully uploaded the file but it seem like only it's file extension and file name are the ones that get uploaded. The file is always corrupted and doesn't display it's file size when viewing the transferred file in windows explorer. This is my code. Please help.
include 'Connections/ftpgangconnect.php';
ini_set("upload_max_filesize", "250M");
ini_set("post_max_size", "250M");
if (isset($_POST['upload'])) {
$name = $_FILES['myfile'] ['name'];
$size = $_FILES['myfile'] ['size'];
$type = $_FILES['myfile'] ['type'];
$temp = $_FILES['myfile'] ['tmp_name'];
$error = $_FILES['myfile'] ['error'];
$content = $_FILES['myfile']['content'];
$temp = $_FILES['myfile'] ['tmp_name'];
$name = $_FILES['myfile']['name'];
$dest_file ="/".$name;
// upload the file
$upload = ftp_nb_put($ftp, $dest_file, $temp, FTP_BINARY);
// check upload status
if (!$upload) {
echo "FTP upload has failed!";
} else {
echo "Uploaded $name";
ftp_close($ftp);
}
}
Check the examples for the ftp_nb_put function. You should be calling the ftp_nb_continue in a loop, until the upload is finished:
// upload the file
$upload = ftp_nb_put($ftp, $dest_file, $temp, FTP_BINARY);
while ($upload == FTP_MOREDATA)
{
// Continue uploading...
$upload = ftp_nb_continue($ftp);
}
Though unless you need to do anything else in the loop, its pointless to use ftp_nb_put. Just use a simple ftp_put instead:
$upload = ftp_put($ftp, $dest_file, $temp, FTP_BINARY);