I'm very new to php but worked a lot with javascript and html before. I'm hosting a server with apache on my own computer just for testing php. I installed php as cgi on it and everything worked fine. I did some testing with php just to get a feel for how it works, but when I tried to make a file upload form and read the file with php:
//uploadFile.php
<html>
<head>
</head>
<body>
<form action="uploadFile.php" id="form" method="POST" enctype="multipart/form-data">
<input type="file" name="uploadFile">
<input name="submit" value="upload" type="submit">
</form>
<?php
echo $_FILES["uploadFile"]["name"];
?>
</body>
</html>
I suddenly got the message:
No input file specified
Only that! It didn't even said it was an error. I tried this very simple php script that worked before:
<?php
echo "Working";
?>
But I still got "No input file specified". Every php file I try gives me this error, wich indcates that the problem is't in my code. When I tried a normal .html file without php it worked. I have tried researching it and it seams like peaple hosting on godaddy gets this message, but I found no solution for me.
Do anyone know the solution or have any tips on how to go about solving this problem.
As per your originally posted code/question where you changed your question after this answer has been submitted:
PHP is case sensitive when it comes to POST/FILES variables, or any variables for that matter.
You have name="uploadfile" and then $_FILES["uploadFile"]
Change it to $_FILES["uploadfile"]
F is not the same as f.
Or keep $_FILES["uploadFile"] and change name="uploadfile" to name="uploadFile".
Either way, they both much match in letter-case.
Read the manual on uploading files:
http://php.net/manual/en/function.move-uploaded-file.php
Edit: (example)
Sidenote:
Make sure the folder exists and has proper write permissions. You may need to adjust the way the $uploads_dir = 'uploads'; is, depending on where you are executing the code from.
<html>
<head>
</head>
<body>
<form action="" id="form" method="POST" enctype="multipart/form-data">
<input type="file" name="uploadFile">
<input name="submit" value="upload" type="submit">
</form>
<?php
if(isset($_POST['submit'])){
$uploads_dir = 'uploads';
foreach ($_FILES["uploadFile"]["error"] as $key => $error) {
if ($error == UPLOAD_ERR_OK) {
$tmp_name = $_FILES["uploadFile"]["tmp_name"][$key];
$name = $_FILES["uploadFile"]["name"][$key];
move_uploaded_file($tmp_name, "$uploads_dir/$name");
}
}
}
?>
</body>
</html>
"When I tried a normal .html file without php it worked."
Make sure that the code in my answer is used as a .php file and not .html.
You should also contact GoDaddy's technical support regarding this matter, and to see if PHP is indeed available for you to use.
Add error reporting to the top of your file(s) which will help find errors.
error_reporting(E_ALL);
ini_set('display_errors', 1);
Sidenote: Error reporting should only be done in staging, and never production.
Related
I am using the following code to save the e-mails entered in the form. But on clicking on "Submit", it is giving an internal server error. Please help in rectifying it.
Code for form.php:
<html>
<body>
<form action="email_script.php" method="POST">
<p> Email Address: <input type="text" name="email" size="30"/> </p>
<input type="submit" name="submit" value="Submit"/>
</body>
</html>
Code for email_script.php:
<? php
$email = $_POST('email');
$file = "file.html"
file_put_contents($file, $email . PHP_EQL, FILE_APPEND);
print("...");
?>
You have a gap between <? and php. This should be <?php.
Also, $email = $_POST('email'); should be $email = $_POST['email']; (with square brackets)
Also, as pointed out below, the second line needs a semi colon at the end.
Also, I have never heard of PHP_EQL. Perhaps you mean PHP_EOL?
If you are working in a local environment, consider putting error_reporting(-1); at the top of your php file (after the <?php). This will give more detailed errors than just 'Internal Server Error'. BUT REMEMBER to remove the line before putting the script in a live environment.
ALSO - be aware that just adding data from a form into a file on the server, without validating or cleaning, is very very dangerous. I won't go into more detail as that's not what your question asked, but maybe look into that a little as well.
I know this is an old question and I have found lots of tutorial on SO however, they cannot solve my problem.
I use my mac to set up a localhost for web programming and I try to upload a jpg file to my localhost directory "/Library/WebServer/Documents". But it gives hint unable to move.
my front end code is:
<form action="upload_file.php" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file"><br>
<input type="submit" name="submit" value="Submit">
</form>
The php(upload_file.php) code is(there is some other checking codes for php file, copied from w3school):
move_uploaded_file($_FILES["file"]["tmp_name"] , "/Library/WebServer/Documents" . $_FILES["file"]["name"]);
And after I click the submit button, there is sth wrong printed on the screen.
Moreover, I did not find any tmp file in the file "/private/var/tmp", in which should be a tmp file...
make sure your php file has enough rights to write into the directory.
check if print_r($_FILES); lists anything, especially the size is important.
I've made a basic looking PHP file load system, so far I can upload any file type, I haven't add any parameters just yet.
But what I want to know is with the method I'm using, what steps should I take to make the system secure? Is there another, more secure way of doing things, and any guides, tips or suggestions that may help with this system?
This is my code so far:
$upload_to = "img/company_logos/";
if($_POST)
{
if(!empty($_POST['upload']))
{
$upload_to = $upload_to . $_FILES['file']['name'];
move_uploaded_file($_FILES['file']['tmp_name'], $upload_to);
echo "Uploaded!";
}
}
?>
<html>
<body>
<form method="post" enctype="multipart/form-data">
<input type="hidden" id="upload" name="upload" value="1" />
<input type="file" id="file" name="file" />
<input type="submit" value="Submit" />
</form>
</body>
</html>
One of the major things I've seen is the upload directory permissions are set to 777 this means anyone can read/write/execute this dir.
Thanks for the help.
Check the referrer
Restrict file types
Rename files
Change permissions
Login and Moderate
http://php.about.com/od/advancedphp/qt/upload_security.htm
And see this one
PHP Upload file enhance security
So i made use of this guide and was able to come up with this:
<html>
<head></head>
<body>
<form action="process.php" method="get">
<input type="text" name="image"/>
<input type="submit"/>
</form>
</body>
</html>
and process.php i came up with:
<?php
include("SimpleImage.php");
$imgName = $_GET["image"]; //assuming you used GET request and form submits to http://url/script.php?image=something.jpg
$image = new SimpleImage();
$image->load($imgName);
$image->resizeToWidth(250);
$image->save($imgName);
echo $imgName;
?>
However something's wrong. It's not saving the image :( I'm completely a PHP noob so i hope you can give some newbie friendly solutions. Thank YOu :)
check your folder/file permission if you are able to read/write on that directory.
If you have not set a path on where to save the new image, usually it writes to the same directory where your process.php is located.
I want to upload the files to this address: http://chusmix.com/Imagenes/grupos and I'm trying with this simple this code but it doesn't work:
<form enctype="multipart/form-data" method="post" action="http://chusmix.com/Imagenes/grupos">
Please specify a file:<br>
<input type="file" name="datafile" size="40">
</p>
<div>
<input type="submit" value="Send">
</div>
</form>
Oddly enough, the first result of a Google search yielded this rather helpful tutorial. Why not read it?
Read the PHP manual chapter "Handling file uploads":
http://php.net/manual/en/features.file-upload.php
The way you think uploads work is not the way they work. The form posts to the script you want to handle the request, not the location you want the uploads to be. When you upload a file to Apache, it places that file in the temporary directory of the computer (in Linux, that's /tmp by default).
Your script has to move the file from the temp directory to wherever you want it to be. The manual has plenty of code showing you how.
Make sure the form is loaded via
http://chusmix.com/Imagenes
The browsers wont you allow to upload to a unkown website (Same origin policy).
Edit your form
<form enctype="multipart/form-data" method="post" action="/grupos">