For some reason the image type displays as "application/png" in IE 7 and Edge but "image/png" in Chrome and Firefox. I've tried several different images, jpegs do the same thing. Is this normal? Should I include an or statement to account for the "application/png"? Or am I doing something wrong?
if ((($screenshot_type == 'image/gif') || ($screenshot_type == 'image/jpeg') ||
($screenshot_type == 'image/pjpeg') || ($screenshot_type == 'image/png')) &&
(($screenshot_size > 0) && ($screenshot_size <= GW_MAXFILESIZE))) {
if ($_FILES['screenshot']['error'] == 0) {
// Move the file to the targe upload folder
$target = GW_UPLOADPATH . $screenshot;
if (move_uploaded_file($_FILES['screenshot']['tmp_name'], $target)) {
// Connect to the database
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME)
or die('Unable to connect to databse');
// Write the data to the database
$query = "INSERT INTO guitarwars VALUES (0, NOW(), '$name', '$score', '$screenshot')";
mysqli_query($dbc, $query)
or die('Unable to complete query');
// Confirm success with the user
echo '<p>Thanks for adding your new high score!</p>';
echo '<p><strong>Name:</strong> ' . $name . '<br>';
echo '<strong>Score:</strong> ' . $score . '</p>';
echo '<img src="' . GW_UPLOADPATH . $screenshot . '" alt="Score image" /></p>';
echo '<p><< Back to high scores</p>';
// Clear the score data to clear the form
$name = "";
$score = "";
$screenshot = "";
mysqli_close($dbc);
}
else {
echo '<p class="error">Sorry, there was a problem uploading your screen shot image.</p>';
}
}
}
else {
echo '<p class="error">The screen shot must be a GIF, JPEG, or PNG image file no ' .
'greater than ' . (GW_MAXFILESIZE / 1024) . ' KB in size.<br>' . $screenshot_size . '<br>' . $screenshot_type . '</p>';
}
Different browsers and operating systems supply different mime-types. You should perhaps instead just use http://php.net/getimagesize on the uploaded file, and switch on $getimagesizeresult[2] with cases for IMG_PNG, IMG_JPG, IMG_GIF and apply an appropriate mime type on your own.
I have included an upload script, which currently ONLY checks the upload folder to make sure that the file isn't there, which works just fine. However, I would like to somehow silently include a search function to see if it is already in one of the other directories.
The process: User uploads a prl, it checks upload folder if its there. This works. I need it to check another directory (recursively) to see if it is in any subdirectory already, and then list them out.
Just a note: $carrier is an existing subdirectory. I would like it to check the parent directory and all of its subs for the filename minus the extension, and if it exists, Error: this file already exists for "this" carrier.
<?php
$allowedExts = array("prl");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp);
$carrier = $_POST['carrier'];
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
if (file_exists("./prls/" . $carrier . "/" . $_FILES["file"]["name"])){
echo "<h2><u>Error:</u></h2>";
echo $_FILES["file"]["name"] . " is already listed in the " . $carrier . " directory. ";
echo "<hr><br />If you feel this PRL is listed incorrectly, please let us know.";
die;
}
if (file_exists("upload/" . $_FILES["file"]["name"] . "-" .$carrier)) {
echo "<h2><u>Error:</u></h2>";
echo $_FILES["file"]["name"] . " for <b>" . $carrier . "</b> has already beeb submitted for approval. ";
die;
}
if ($_FILES["file"]["error"] == 0 && in_array($extension, $allowedExts))
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"] . "-" . $carrier);
echo "<h2><u>Submitted for approval:</u></h2>";
echo $_FILES["file"]["name"] . " for " . $carrier . ". <b>Thank you</b>.";
}
else
{
echo "Invalid file. Please choose a PRL with a \".prl\" extension.";
}
?>
You want to use RecursiveIteratorIterator. Here's a function that will behave like file_exists():
function file_exists_recursive($dir, $filename) {
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir), RecursiveIteratorIterator::SELF_FIRST );
foreach($iterator as $path) {
if (!$path->isDir()) {
if(file_exists($filename.$path->__toString()))
return true;
}
return false;
}
}
Then call this function in your file:
if (file_exists_recursive("upload/", $_FILES["file"]["name"] . "-" .$carrier)) {
echo "<h2><u>Error:</u></h2>";
echo $_FILES["file"]["name"] . " for <b>" . $carrier . "</b> has already beeb submitted for approval. ";
die;
}
so I am editing some code that was already there and I can't figure how to add additional extensions to it so that files other than PDF can be uploaded, any clues? I would like to add jpeg, docx, doc, xls, and wps.
<?php
$lastname=$_POST['mylastname'];
$firstname=$_POST['myfirstname'];
$asuid=$_POST['#'];
$ftype=$_POST['ftype'];
$dkServerConn = mysql_connect("#", "#", "#") or die("no way");
mysql_select_db("#", $dkServerConn) or die("Cannot connect to the DB!");
$sql1 = "SELECT * FROM scholnumber";
$dkResultSet1 = mysql_query($sql1,$dkServerConn) or die(mysql_error());
$checkIt=0;
while ($dkROWrecord1 = mysql_fetch_array($dkResultSet1,MYSQL_BOTH))
{
$checkIt=$dkROWrecord1['filenumber'];
}
$checkIt2=$checkIt+1;
$sql2="Update scholnumber set filenumber='".$checkIt2."'";
$dkResultSet2 = mysql_query($sql2,$dkServerConn) or die(mysql_error());
echo "<html>
<head>
<title>Uploading Information</title>
<style> body { font-family:arial; font-size:14px } </style>
</head>
<body><table cellpadding='5' align='center' width='55%'><tr><td><p> </p>
<img src='#'><br />
<img src='#'><br />
<span style='font-family:arial;font-size:14pt'> 2013-2014 Privately Funded Scholarship Application</span>
<h3><br/>";
// File validation -->
$allowedExts = array("pdf","docx","doc","wps");
$extension = end(explode(".", $_FILES["file"]["name"]));
if (($_FILES["file"]["type"] == "application/pdf")
&& in_array($extension, $allowedExts)){
if ($_FILES["file"]["error"] > 0){
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
else{
echo "<p />Submission successful.<p />
Your submission has been received. If you have loaded all of your documents, you can close this browser. Your scholarship application is complete.<p />";
echo "Upload: " . $_FILES["file"]["name"] . "<br>";
echo "Type: " . $_FILES["file"]["type"] . "<br>";
if (file_exists("upload/" . $_FILES["file"]["name"])){
echo $_FILES["file"]["name"] . " already exists. ";
}
else{
$ext = substr($_FILES['file']['name'], strpos($_FILES['file']['name'],'.'), strlen($_FILES['file']['name'])-1);
$docName = $checkIt.$ext;
move_uploaded_file($_FILES["file"]["tmp_name"],"upload/" . $docName);
// echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
}
elseif($_FILES["file"]["type"] == "application/pdf"){
}
else{
echo "<hr> <p /> >>>>>> INVALID FILE <<<<<<<< <p /> <p />";
}
// End of the validation
$sql3="insert into scholfile (filename, lastname, firstname, asuid, ftype) values ('$checkIt', '$lastname', '$firstname', '$asuid', '$ftype')";
$dkResultSet3 = mysql_query($sql3,$dkServerConn) or die(mysql_error());
$sql6="select * from scholarships where asuid='".$asuid."'";
$dkResultSet6 = mysql_query($sql6,$dkServerConn) or die(mysql_error());
while ($dkROWrecord6 = mysql_fetch_array($dkResultSet6,MYSQL_BOTH))
{
$email=$dkROWrecord6['email'];
}
$from="Scholarships";
$fromem="scholarships##.edu";
$subjectStudent = "Thank you for your supporting documentation.";
$messageStudent="Hello, ".$firstname. " -<p />
We have received your ".$ftype.". <p />
<hr />
If you have any questions, please contact the Financial Aid and Scholarships Office at 870-972-2310 or reply to this email.
<p />
Thank you for your submission.<br />Financial Aid and Scholarships Office";
//Email Information
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "To:" .$firstname. "<" . $email. ">\r\n";
$headers .= "From:" . $from . "<". $fromem . ">\r\n";
mail($email, $subjectStudent, $messageStudent, $headers);
?>
<p /> <p />
If you have another document to submit, please <a href='fileupload.php'>click here.</a><p />
Thank you!<p /></body></html>
I am not certain that my answer is correct because I haven't done this myself yet, but here is something for you to try. (Untested)
Your code restricts the file type for upload documents here:
if (($_FILES["file"]["type"] == "application/pdf") && in_array($extension, $allowedExts)){
Change the File Validation part of your code to:
// File validation -->
$allowedExts = array("pdf","docx","doc","wps","jpg"); //Added jpg
//Get Filename Extension into var (your code - unchanged)
$extension = end(explode(".", $_FILES["file"]["name"]));
//Create array of acceptable file types:
// Sources: (1) http://filext.com/file-extension/DOC and (2) http://php.net/manual/en/function.mime-content-type.php
$doctype = array("application/msword","application/doc","appl/text","application/vnd.msword","application/vnd.ms-word","application/winword","application/word","application/x-msw6","application/x-msword");
$xltype = array("application/vnd.ms-excel","application/msexcel","application/x-msexcel","application/x-ms-excel","application/vnd.ms-excel","application/x-excel","application/x-dos_ms_excel","application/xls");
$jpgtype = array("image/jpeg","image/jpg","image/jp_","application/jpg","application/x-jpg","image/pjpeg","image/pipeg","image/vnd.swiftview-jpeg","image/x-xbitmap");
$wpstype = array("application/vnd.ms-works","application/x-msworks-wp","zz-application/zz-winassoc-wps","text/plain");
//Combine them into one array:
$allowedFT = array_merge($doctype, $xltype, $jpgtype, $wpstype);
//Get this file's file type into var
$ft = $_FILES["file"]["type"];
//NOW DO THE BIG TEST
if (in_array($ft, $allowedFT) && in_array($extension, $allowedExts)){
I don't know about others but from my point of view, you code seems to only allow pdf uploads.
First I would add to the allowed extensions array:
$allowedExts = array("pdf","docx","doc","wps", "jpeg", "xls");
I would then change this line:
if (($_FILES["file"]["type"] == "application/pdf")
to:
$allowedMIMETypes = array(
"application/pdf", //for pdf
"application/vnd.openxmlformats-officedocument.wordprocessingml.document", //for docx
"application/msword", //for doc
"application/vnd.ms-works", //for wps, I think you should also paste the other in the link to
"image/jpeg", //for jpeg, again, there are other mime-types to add to
"application/excel", //for xls, again there are other mime-types to add from the sources
);
//then check if the type is in the array
if (in array($_FILES["file"]["type"],$allowedMIMETypes)) {
The sources for the file types:
http://hul.harvard.edu/ois/systems/wax/wax-public-help/mimetypes.htm
What is a correct mime type for docx, pptx etc?
http://lwp.interglacial.com/appc_01.htm
http://dotwhat.net/wps/32
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 9 years ago.
i have a php form, i'm trying to get an image from it as an attachment, i did some fixing to my code
1. i'm not sure if it will send the image (because i had some problams with it)..
2. the problam is that noting is even shown in the page when i open it in the server as index.php
not even the button...
here is the code:
<?php
include_once("functions.php");
// Process
$action = isset($_POST["action"]) ? $_POST["action"] : "";
if (empty($action))
{
// Send back the contact form HTML
$output = "<form action='#' style='display:none'>
<input type='file' id='image' name='image' maxlength=50>";
}
require("class.phpmailer.php");
$Email_to = "someone#gmail.com"; // the one that recieves the email
$email_from = "someone#someone.net";
$dir = "uploads/$filename";
chmod("uploads",0777);
function uploadImage($image)
{
if ((($_FILES["image"]["type"] == "image/gif")
|| ($_FILES["image"]["type"] == "image/jpeg")
|| ($_FILES["image"]["type"] == "image/pjpeg")
|| ($_FILES["image"]["type"] == "image/jpg")
|| ($_FILES["image"]["type"] == "image/png"))
&& ($_FILES["image"]["size"] < 2097152)
&& (strlen($_FILES["image"]["name"]) < 51))
{
if ($_FILES["image"]["error"] > 0)
{
echo "Return Code: " . $_FILES["image"]["error"];
}
else
{
echo "Upload: " . $_FILES["image"]["name"] . "<br />";
echo "Type: " . $_FILES["image"]["type"] . "<br />";
echo "Size: " . ($_FILES["image"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["image"]["tmp_name"] . "<br />";
if (file_exists("images/" . $_FILES["image"]["name"]))
{
echo $_FILES["image"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["image"]["tmp_name"],
"images/" . $_FILES["image"]["name"]);
}
}
}
else
{
echo "Invalid file";
}
$filename = $_FILES["image"]["type"];
$dir = "uploads/$filename";
chmod("uploads",0777);
$success = copy($_FILES[images][tmp_name], $dir);
if ($success)
{
echo " Files Uploaded Successfully<BR>";
SendIt();
}
}//end of upload func'
function SendIt() {
//
global $attachments,$Email_to,$Email_msg,$email_subject,$email_from;
$mail = new PHPMailer();
$mail->IsSMTP();// send via SMTP
$mail->Host = "localhost"; // SMTP servers
$mail->SMTPAuth = false; // turn on/off SMTP authentication
$mail->From = $email_from;
$mail->AddAddress($Email_to);
$mail->AddReplyTo($email_from);
$mail->WordWrap = 50;// set word wrap
//now Attach all files submitted
$mail->AddAttachment("uploads"."/".$_FILES["image"]["type"]);
$mail->IsHTML(false);// send as HTML
}
?>
Thank you in advance!
To join an image to an e-mail, you need to create a MIME e-mail, a simple mail() won't suffice. Gazillions of modules handle that, but PEAR's Mail_Mime would typically be already available in your environment.
I have an application designed in a local install (PHP4/MySQL) and it works perfectly. Since I moved it to a live install (PHP5/MySQL) I have had nothing but issues! I fixed any global variable issues (lead me to learn PDOs so not a bad thing!) without turning global variables on, so the only issue I have is with file uploads. I tried an isset test for $_file and it looks like the variable was never set? Any ideas?
Here is the form data:
<form enctype="multipart/form-data" method="post" action="script_add_product.php" >
<input class="cp_forms_upload" type="file" name="full_image" />
<input class="cp_formsButton" type="submit" name="submit_button" value="Add Product" /></form>
And here is the PHP:
$full_image_url = $_FILES["full_image"]["name"];
if ((($_FILES["full_image"]["type"] == "image/gif")
|| ($_FILES["full_image"]["type"] == "image/jpeg")
|| ($_FILES["full_image"]["type"] == "image/pjpeg")
|| ($_FILES["full_image"]["type"] == "image/png"))
&& ($_FILES["full_image"]["size"] < 400000))
{
if ($_FILES["full_image"]["error"] > 0)
{
echo "Return Code: " . $_FILES["full_image"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["full_image"]["name"] . "<br />";
echo "Type: " . $_FILES["full_image"]["type"] . "<br />";
echo "Size: " . ($_FILES["full_image"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["full_image"]["tmp_name"] . "<br />";
if (file_exists("../Uploads/" . $_FILES["full_image"]["name"]))
{
echo $_FILES["full_image"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["full_image"]["tmp_name"],
"../Uploads/" . $_FILES["full_image"]["name"]);
echo "Stored in: " . "../Uploads/" . $_FILES["full_image"]["name"];
echo "<br /><br /><br />" . $full_image_url;
}
}
}
else
{
echo "Invalid file";
}
Thanks folks :)
Could you check in your php.ini for if file_uploads is set to On.
; Whether to allow HTTP file uploads.
; http://ph .net/file-uplollow HTTP file uploads.
; http://php.net/file-uploads
file_uploads = On
See php.ini config.
;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;
; Whether to allow HTTP file uploads.
; http://php.net/file-uploads
file_uploads = On
; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
; http://php.net/upload-tmp-dir
upload_tmp_dir = "...../tmp"
; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 128M
Also it might be useful memory_limit and max_execution_time config params in php.ini.
more: Handling file Uploads -> Common Pitfalls
Make sure that folder "../Uploads/" exists and has permissions to write for user under apache/nginx work (www_data or some like)
Could this be the problem? An additional '(' bracket in this section:
if (($_FILES["full_image"]["type"] == "image/gif")
|| ($_FILES["full_image"]["type"] == "image/jpeg")
|| ($_FILES["full_image"]["type"] == "image/pjpeg")
|| ($_FILES["full_image"]["type"] == "image/png"))
&& ($_FILES["full_image"]["size"] < 400000))