I have 2 php files that display uploaded picture.
first is form_upload.php
<html>
<head><title>File Upload</title></head>
<body>
<ol>
<li>Enter the file name of the product picture you want to upload or the the browse button to navigate to the picture file</li>
<li>when the path to the picture file shpws in the text field, click the upload picture</li>
</ol>
<form enctype="multipart/form-data" action="uploadFile.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="500000"/>
<input type="file" name="pix" size="60"/>
<p><input type='submit' name="Upload" value="Upload picture"/></p>
</form>
</body>
</html>
second is uploadedFile.php
<?php
if(!isset($_POST['Upload']))
{
include("form_upload.php");
}
else
{
if($_FILES['pix']['tmp_name']=="") //check wether the file is larger than 2mb or not
{
echo "file did not successfully upload. Check the file size. File must be less than 500K";
include("form_upload.php");
exit();
}
if(!preg_match("/image\/jpeg/",$_FILES['pix']['type']))
{
echo "only jpg files are allowed. Please try another file";
include("form_upload.php");
exit();
}
else
{
$destination='C:\xampp\htdocs\test\hinh\ '.$_FILES['pix']['name'];
$temp_file=$_FILES['pix']['tmp_name'];
move_uploaded_file($temp_file,$destination);
echo "<p>the file has successfully uploaded :{$_FILES['pix']['name']} {$_FILES['pix']['type']} ({$_FILES['pix']['size']}) </p>";
echo "<img src='C:\\xampp\\htdocs\\test\hinh\\{$_FILES['pix']['name']}' alt='picture'><br/>";
echo "C:\\xampp\\htdocs\\test\hinh\\{$_FILES['pix']['name']}";
}
}
?>
I can not display the image after uploading. I checked the path is correct. But when i put
it in tag it doesn't display the picture here is my syntax:
echo "<img src='C:\\xampp\\htdocs\\test\hinh\\{$_FILES['pix']['name']}' alt='picture'><br/>";
You should not reference the file with a filesystem path on drive "C". You should instead use a HTTP link, preferredly a relative link, like so:
echo "<img src='/path/to/upload/{$_FILES['pix']['name']}' alt='picture'><br/>";
I don't know how that path is named on your webserver. You have to find out yourself what is right. I guess it might be /test/hinh/.
Related
I have just started to code in PHP and i have a problem with the code of the uploader: I use xampp and when I upload the file the result is
File uploaded in C:xampp\htdocs\myfile.php
but the file does not exist.
Code Snippet below:
<form action="sys.php" method="POST" ectype="multipart/form-data">
<c size=6>FILE TO UPLOAD</c><br>
<input type="file" name="sys"><br><br>
<input type="submit" value="UPLOAD" name="upload"><br><br>
<?php
$path = "C:xampp\htdocs";
if (isset($_POST["upload"])){
move_uploaded_file($_FILES["sys"]["tmp_name"], $path);
echo "File Uploaded in $path\YOURFILE";
}
else{
echo "[-]ERROR the uploader doesn't work";
}
?>
</html>
change double quote to single and also set name for uploaded image.example code are added below . Please put this inside if (isset($_POST["upload"])) condition
$path = 'C:\xampp\htdocs\\'.$_FILES["sys"]["name"];
Re asking how to check if $_POST[FILE] isset
I have a file input and if I submit my form without an image I want something to happen if I uploaded a file in the input I want something different to happen.
if (!isset($_POST[image])) { }
seems to trigger regardless of whether or not I have uploaded a file in the input or not.
<label>
<p>Profile Picture:</p>
<input type="file" name="image" value="" />
</label>
My last question was marked as a duplicate of this answer Check whether file is uploaded however
if (!file_exists($_FILE['image'])) { }
didn't work either it is still showing truthy even when an image is uploaded. So not the answer I need.
To check if there is a file uploaded is you need to check the size of the file.
Then to check if its an image or not is you need to use the getimagesize() function. See my script below:
HTML:
<form action="index.php?act=s" method="post" enctype="multipart/form-data">
<input type="file" name="image" value=""/>
<input type="submit">
</form>
PHP:
<?php
if(isset($_GET['act'])){
// Check if there is a file uploaded
if($_FILES["image"]["size"]>0){
echo "There is a file uploaded<br>";
// Check if its an image
$check_if_image = getimagesize($_FILES["image"]["tmp_name"]);
if($check_if_image !== false) {
echo "Image = " . $check_if_image["mime"] . ".";
} else {
echo "Not an image";
}
}
else{
echo "There is NO file uploaded<br>";
}
}
?>
I am trying to upload a video and save it in a folder as well as savings its path in the database, but the videos are not inserting into the specific folder.
I have searched a lot and found some code. The code is working for images. I have done some modifications from images to videos, but that didn't work.
Here is the parts of my code.
<form action="" method="post" enctype="multipart/form-data">
<div class="form_search">
<label>Upload Video Profile:</label>
<span class="form_input">
<input type="file" name="uploadvideo" />
</span>
</div>
<div class="form_search">
<label> </label>
<span class="form_input">
<input type="submit" name="submitdetails" value="Upload" class="button"/>
</span>
</div>
</form>
and my php code to upload video is
<?php
if(isset($_POST['submitdetails']))
{
$name=$_FILES['uploadvideo']['name'];
$type=$_FILES['uploadvideo']['type'];
//$size=$_FILES['uploadvideo']['size'];
$cname=str_replace(" ","_",$name);
$tmp_name=$_FILES['uploadvideo']['tmp_name'];
$target_path="company_profile/";
$target_path=$target_path.basename($cname);
if(move_uploaded_file($_FILES['uploadvideo']['tmp_name'],$target_path))
{
echo "hi";
echo $sql="UPDATE employer_logindetails SET (video) VALUES('".$cname."')";
$result=mysql_query($sql);
echo "Your video ".$cname." has been successfully uploaded";
}
}
?>
Please help me where I am going wrong.
All my php.ini modifications are done, and video size is only 7mb.
Step-1
This script will allow you to upload files from your browser to your hosting, using PHP. The first thing we need to do is create an HTML form that allows people to choose the file they want to upload.
<form enctype="multipart/form-data" action="upload.php" method="POST">
Please choose a file: <input name="uploaded" type="file" /><br />
<input type="submit" value="Upload" />
</form>
This form sends data to the file "upload.php", which is what we will be creating next to actually upload the file.
Step-2
The actual file upload is very simple:
<?php
$target = "upload/";
$target = $target . basename( $_FILES['uploaded']['name']) ;
$ok=1;
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
}
else {
echo "Sorry, there was a problem uploading your file.";
}
?>
This very small piece of code will upload files sent to it by your HTML form.
The first line $target = "upload/"; is where we assign the folder that files will be uploaded to. As you can see in the second line, this folder is relative to the upload.php file. So for example, if your file was at www.yours.com/files/upload.php then it would
upload files to www.yours.com/files/upload/yourfile.gif. Be sure you remember to create
this folder! with 777 rights
Step-3
if ($uploaded_size > 350000)
{
echo "Your file is too large.<br>";
$ok=0;
}
Assuming that you didn't change the form field in our HTML form (so it is still named uploaded), this will check to see the size of the file. If the file is larger than 350k, they are given a file too large error, and we set $ok to equal 0.
You can change this line to be a larger or smaller size if you wish by changing 350000 to a different number. Or if you don't care about file size, just leave these lines out
We are not using $ok=1; at the moment but we will later in the tutorial.
We then move the uploaded file to where it belongs using move_uploaded_file (). This places it in the directory we specified at the beginning of our script. If this fails the user is given an error message, otherwise they are told that the file has been uploaded.
Putting All Together
<?php
$target = "upload/";
$target = $target . basename( $_FILES['uploaded']['name']) ;
$ok=1;
//This is our size condition
if ($uploaded_size > 350000)
{
echo "Your file is too large.<br>";
$ok=0;
}
//This is our limit file type condition
if ($uploaded_type =="text/php")
{
echo "No PHP files<br>";
$ok=0;
}
//Here we check that $ok was not set to 0 by an error
if ($ok==0)
{
Echo "Sorry your file was not uploaded";
}
//If everything is ok we try to upload it
else
{
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
}
else
{
echo "Sorry, there was a problem uploading your file.";
}
}
?>
Obviously if you are allowing file uploads you are leaving yourself open to people uploading lots of undesirable things. One precaution is not allowing them to upload any php, html, cgi, etc. files that could contain malicious code. This provides more safety but is not sure fire protection.
Try this: $_FILES['userfile'] in place of $_FILES['uploadvideo'] everywhere.
I don'e see any name with uploadvideo in your form.
But in php you are using $_FILES['uploadvideo']
Try giving the exact name of the file input
e.g.:
<input type="file" name="uploadvideo">
Below is my code where the user can upload a file. What I want to know is that is there a way so that via server side is there a way to first of all restrict the file formats of the files to jpeg and png only and then when the user clicks on the submit button, if the file format is correct then display an alert on the same page stating "File is correct" else display an alert stating "File is incorrect".
Can somebody please provide coding if they know how to do this. Thank you and any help will be much appreciated :)
<form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>
A code for a total check of file uploads, you'll have to change $allowedtypes though. (Copied instead of linking because it was from a non-English site)
<?php
if(isset($_POST["submit"])){
$allowedtypes=array("jpg"=>true,"png"=>true,"gif"=>true,"txt"=>true);
$filename = $_FILES['file1']['name'];
$source = $_FILES['file1']['tmp_name'];
$file_size=$_FILES['file1']['size'];
$saveloc = "uploads/" . $filename;
$maxfilesize=1024*1024*10;
$nameext=explode(".",$filename);
if(preg_match('/^[A-Za-z0-9\-\_]{1,}\.[a-zA-Z0-9]{0,4}$/',$filename)){
if(!empty($allowedtypes[strtolower($nameext[1])]) && $allowedtypes[strtolower($nameext[1])]===true){
if($file_size<=$maxfilesize){
if(!file_exists($saveloc)){
if(move_uploaded_file($source, $saveloc)) {
chmod($saveloc,644);
echo "Successful upload. <a href='".$saveloc."'>Fájl megtekintése</a>";
}
else echo "Cannot move";
}
else echo "Existing file";
}
else echo "Too big file";
}
else echo "Not allowed extension";
}
else echo "Only alphanumeric files allowed";
}
else echo "<form method='post' enctype='multipart/form-data' action='secureupload.php'> File: <input type='file' name='file1' /><br /><input
name='MAX_FILE_SIZE' type='hidden' value='10485760' /> <input type='submit' value='Upload' name='submit' /></form>";
?>
You are talking about server side handler and write 'alert'...khm...
If u want to do stuff via server-side, then use php handler
http://php.net/manual/en/features.file-upload.post-method.php
If u want to do stuff via client-side, use javascript events, e.g on change event
<script>
function check() {
var file = document.getElementById('file').value;
var temp = file.split(/\.+/).pop();
alert(temp);
}
</script>
<input type="file" name="file" id="file" onchange="check();" />
You have file extension in temp var.
There are PHP functions to do this. You want to look at mime_content_type and finfo_file. These are built-in PHP commands that allow you to interpret that actual file type of a file being uploaded. You can then filter the mime types to only .gif/.jpg/etc. You want to check the mime types over the file name because the file name can be changed to mask the actual file type. If you want code samples, there are plenty on those pages as well as some excellent user-provided alternatives.
Something like this at the top of your file should work:
<?php
foreach ($_FILES as $file)
{
$tmp = explode(".", $file["tmp_name"]);
if (!in_array($tmp[count($tmp)-1], array("jpeg", "png"), true))
die("<script>alert('File is incorrect');</script>");
}
echo "<script>alert('File is correct');</script>";
?>
I can't get any files to upload successfully, it's just going to echo 'error';
HTML:
<form enctype="multipart/form-data" action="upload.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value = "2000000">
Upload this file: <input name ="userfile" type="file">
<input type="submit" value="Send File">
</form>
PHP:
<?php
if ($_FILES['userfile']['error']>0)
{
echo 'Problem.';
exit;
}
$upfile='/uploads/'.$_FILES['userfile']['name'];
if (is_uploaded_file($_FILES['userfile']['name']))
{
if (!move_uploaded_file($_FILES['userfile']['tmp_name'], $upfile))
{
echo 'Problem: could not move file';
exit;
}
}
else
{
echo 'Error';
exit;
}
echo 'File uploaded successfully.';
?>
I'm sure it's something simple I'm messing up, but I've spent about an hour trying to find it. Thanks.
if (is_uploaded_file($_FILES['userfile']['tmp_name']))
tmp_name instead of name
$_FILES['userfile']['tmp_name'] is the name of the uploaded file. $_FILES['userfile']['name'] is just the name that the file had when it was on the computer of the user.
For proper working, the function is_uploaded_file() needs an argument like $_FILES['userfile']['tmp_name'], - the name of the uploaded file on the client's machine $_FILES['userfile']['name'] does not work.