I have a recursive function which generates about 200.txt files. I am running this application on a local server.
Basically, the front end just has a file upload field, which you just choose a .csv, which it then generates all the .txt files from that, but rather than saving them on the wamp server, is it possible to save them in a specific location?
Example, if I put another field in my front end called 'fileLocation', and the user types in the pathname.
Obviously i'd have to check if it's a directory etc, but is this possible to say save all the files on:
/Volumes/computer/Users/username/Desktop/test/
I'm not sure where to proceed with this.
No, is not possible to access computer files this way by using a localhost. You could zip all files and make the browser download them. Like is described here
Related
I want to know whether there is anyway to get the client side absolute path of selected file!
$_FILES['xml_file']['tmp_name']; This also provides path of selected file but its server side path... Its result is something like this C:\xampp\tmp\php2679.tmp
I want C:\Users\Sami\Desktop\data\myfile.xml where my actual file is placed.
Because I want this actual path to use again for fetching and saving etc automatically (by code).
you may try echo realpath($_FILES['xml_file']['name']); on your php.
then the output will be:
C:\Users\Sami\Desktop\data\myfile.xml
When you click the browse button it chooses the file. When you click the submit button, the entire file is being sent from the browser to the web server, and PHP is indeed putting the entire file in the php servers temp directory. Then, your script gets called.
So when you try to get absolute path from $_FILES['xml_file']['name'] or $_FILES['xml_file']['tmp_name'] or realpath($_FILES['xml_file']['name']) you will get the path on server.
The solution to this problem would be to simply copy the file somewhere, and not ask for the file upload again. You'll need to be sure that where ever you copy it to on your web server, that the server has permissions to do so. Usually that involves giving write permissions for the user which the web server runs as (usually user 'apache' or 'nobody' for apache based servers) to a special directory you've created for the purpose.
Copy is available in PHP. http://us3.php.net/manual/en/function.copy.php
Your only trick will be what to name it so you can find it again for the second request, and deciding what directory to put it into.
I'm developing a very simple PHP upload feature in my site to permit users to upload JUST images. Apart from checking the mime-type through php I wanted a .htaccess file to rule what can be uploaded and what can't.
I want to insert the .htaccess in my root folder and from there writing the rules for all the folders I need to be ruled.
It's the first time I work with .htaccess and from the internet I was able to find this:
http://pastebin.com/0KNHEbw0
But it doesn't work. I'm testing it locally with my xampp on win7 and I see that I can upload any type of files in the "oggetti" folder.
What's that is wrong?
And then, to rule other folders should I write something like this?
http://pastebin.com/dFMUu1g0
Thank you in advance!
You can't control what files are uploaded through a .htaccess file: Apache, the web server parsing those commands, deals with serving the files only.
You will need to do these checks in the PHP script that handles the upload process. Note that checking the MIME type sent with the file is not a reliable method to determine a file's type! The value sent can be manipulated by an attacker. To ensure a file is an image file, you could e.g. use getimagesize().
This cannot be accomplished using .htaccess. I'm guessing what you're trying to do is prevent malicious scripts from accidentally being executed on the server. The way I normally handle file uploads like this is:
Insert filename, mime-type, etc., into a database with an auto_increment ID.
Use the ID as the file name - no extension, and place the file in a directory outside of your webroot. This way you're certain nobody can execute the file.
When a file is requested, query the database for filename mime-type and id, and send the file to the user with readfile() (follow the link for an example).
Is there any way to upload multiple files using a single file?...basically i want to upload multiple pdf files at once, using one single file that contains the path to each one of the pdf files...and store the information to mysql database...
PS: i dont want to merge all the files into 1 huge pdf...i want each 1 of pdf file to be uploaded to server dir at once and then store the file info to database eg. path, file info, filename for later use..
In order for a file to be uploaded, the user has to select that file manually. It's a security measure (otherwise websites could examine arbitrary files on your computer without your knowledge, which would be bad).
No - Because it would break the Javascript sandbox model (i.e. would be a security problem).
For security concern, it's hard to do this by javascript, which means you will have the access to others local files.
Why not just pack them up into a zip file then unzip on the sever side?
Not sure if this is possible or not?
I need contents of a file directory from another server in order to make a photogallery on another server.
Let's say I have a Folder on server1 named "folderName1" and the contents in the folder are images, like:
2005-14-05-this-that.jpg
2005-14-06-this-that.jpg
2005-14-07-this-that.jpg
2005-14-08-this-that.jpg
2005-14-09-this-that.jpg....
In order to make use this gallery script, I need to get a text file with this information on it.. Some folders I have 1000's of photos in them and it takes to long to write them all down..
Wondering if there is a shortcut to GET all contents from a folder and spit them out in a text file??
Thanks!!
http://php.net/manual/en/function.readdir.php
place a script on server1 (perhaps in each directory that has photo's) called 'imagelist.php'. This script loops all files according to the function I placed above and echoes every image on it's own line.
Then server2 could request this file using file_get_contents() and loop everyline and use the filenames to create a gallery.
If the server containing the images is in your control, you can have a PHP script list out all the image names by using readdir() function. Then you call this script from the other server and read/parse all the files names.
If you dont control the server hosting the files then this is not really possible unless they have directory listing enabled on that images directory.
I have read the following tutorial "Uploading Files To the Server Using PHP"
and have several questions related to the topics.
Q1> The tutorial mentions that
"Note that PHP must have write access
to $uploadDir or else the upload will
fail"
For me, I only allow the user to upload the file after the user has login to the website.
If we set that $uploadDir permission as 777, then everyone can have written permission to that folder. How to avoid this problems?
Also I am using WAMP as my testing bed, can I simulate the same case as a real web server?
Q2> In order to prevent Preventing direct access, the tutorial mentions:
"A better approach is to move the
upload directory away from your web
root. For example, the web root for
this site is:
/home/arman198/public_html/ to prevent
direct listing i can set the upload
directory to /home/arman198/upload/."
Now my problem is that how can I display the uploaded images on other website pages. Since, the upload is not accessible directly anymore? I need to display the uploaded image save personal headshot dynamically on other website page. Is it possible?
Thank you
It's a common problem.
All modern computers have a temporary files directory. On Linux/Unix it's /tmp, on Windows it's usually c:\temp. The OS install will have set permissions on that directory so that anyone can write files there but only privileged users can delete files that don't belong to them. This is where PHP will want to put an uploaded file; your application then has to move it elsewhere (this is the purpose of the move_uploaded_file() function). PHP under Windows may need upload_tmp_dir actually set in the php.ini file.
Once you have an uploaded file, you can shift it whereever you like, including to where the webserver can read it to serve it. The biggest problem with that it is awfully easy to put this directory inside your codebase. Don't do that. As soon as you do anything beyond editing the files inside the directory they are served from, it will be problematic. Trust me: I've dealt with a few times this in code I've inherited. It's easy to let your webserver load files from a location outside your codebase.
The other alternative is to produce a download script. That way the file need not be servable by the webserver at all. One disadvantage is that you don't get to leverage the web server's MIME translation, but then, that lets you control which types of image files are permitted.
For the second question, you can use a PHP script intead of direct access to the directory. Lets name it image.php. Lets assume that it can take a parameter id, like image.php?id=image_id. In that file you can get the id using superglobal array $_GET. Then you can search for images with that Id and just send it as response.
First one I'm not sure, but maybe play with .htaccess file.
And for the first question, try setting your permissions to 775. That should allow PHP to write the file to the directory without giving the general public write access.