For some reason the image type displays as "application/png" in IE 7 and Edge but "image/png" in Chrome and Firefox. I've tried several different images, jpegs do the same thing. Is this normal? Should I include an or statement to account for the "application/png"? Or am I doing something wrong?
if ((($screenshot_type == 'image/gif') || ($screenshot_type == 'image/jpeg') ||
($screenshot_type == 'image/pjpeg') || ($screenshot_type == 'image/png')) &&
(($screenshot_size > 0) && ($screenshot_size <= GW_MAXFILESIZE))) {
if ($_FILES['screenshot']['error'] == 0) {
// Move the file to the targe upload folder
$target = GW_UPLOADPATH . $screenshot;
if (move_uploaded_file($_FILES['screenshot']['tmp_name'], $target)) {
// Connect to the database
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME)
or die('Unable to connect to databse');
// Write the data to the database
$query = "INSERT INTO guitarwars VALUES (0, NOW(), '$name', '$score', '$screenshot')";
mysqli_query($dbc, $query)
or die('Unable to complete query');
// Confirm success with the user
echo '<p>Thanks for adding your new high score!</p>';
echo '<p><strong>Name:</strong> ' . $name . '<br>';
echo '<strong>Score:</strong> ' . $score . '</p>';
echo '<img src="' . GW_UPLOADPATH . $screenshot . '" alt="Score image" /></p>';
echo '<p><< Back to high scores</p>';
// Clear the score data to clear the form
$name = "";
$score = "";
$screenshot = "";
mysqli_close($dbc);
}
else {
echo '<p class="error">Sorry, there was a problem uploading your screen shot image.</p>';
}
}
}
else {
echo '<p class="error">The screen shot must be a GIF, JPEG, or PNG image file no ' .
'greater than ' . (GW_MAXFILESIZE / 1024) . ' KB in size.<br>' . $screenshot_size . '<br>' . $screenshot_type . '</p>';
}
Different browsers and operating systems supply different mime-types. You should perhaps instead just use http://php.net/getimagesize on the uploaded file, and switch on $getimagesizeresult[2] with cases for IMG_PNG, IMG_JPG, IMG_GIF and apply an appropriate mime type on your own.
I have included an upload script, which currently ONLY checks the upload folder to make sure that the file isn't there, which works just fine. However, I would like to somehow silently include a search function to see if it is already in one of the other directories.
The process: User uploads a prl, it checks upload folder if its there. This works. I need it to check another directory (recursively) to see if it is in any subdirectory already, and then list them out.
Just a note: $carrier is an existing subdirectory. I would like it to check the parent directory and all of its subs for the filename minus the extension, and if it exists, Error: this file already exists for "this" carrier.
<?php
$allowedExts = array("prl");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp);
$carrier = $_POST['carrier'];
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
if (file_exists("./prls/" . $carrier . "/" . $_FILES["file"]["name"])){
echo "<h2><u>Error:</u></h2>";
echo $_FILES["file"]["name"] . " is already listed in the " . $carrier . " directory. ";
echo "<hr><br />If you feel this PRL is listed incorrectly, please let us know.";
die;
}
if (file_exists("upload/" . $_FILES["file"]["name"] . "-" .$carrier)) {
echo "<h2><u>Error:</u></h2>";
echo $_FILES["file"]["name"] . " for <b>" . $carrier . "</b> has already beeb submitted for approval. ";
die;
}
if ($_FILES["file"]["error"] == 0 && in_array($extension, $allowedExts))
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"] . "-" . $carrier);
echo "<h2><u>Submitted for approval:</u></h2>";
echo $_FILES["file"]["name"] . " for " . $carrier . ". <b>Thank you</b>.";
}
else
{
echo "Invalid file. Please choose a PRL with a \".prl\" extension.";
}
?>
You want to use RecursiveIteratorIterator. Here's a function that will behave like file_exists():
function file_exists_recursive($dir, $filename) {
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir), RecursiveIteratorIterator::SELF_FIRST );
foreach($iterator as $path) {
if (!$path->isDir()) {
if(file_exists($filename.$path->__toString()))
return true;
}
return false;
}
}
Then call this function in your file:
if (file_exists_recursive("upload/", $_FILES["file"]["name"] . "-" .$carrier)) {
echo "<h2><u>Error:</u></h2>";
echo $_FILES["file"]["name"] . " for <b>" . $carrier . "</b> has already beeb submitted for approval. ";
die;
}
so I am editing some code that was already there and I can't figure how to add additional extensions to it so that files other than PDF can be uploaded, any clues? I would like to add jpeg, docx, doc, xls, and wps.
<?php
$lastname=$_POST['mylastname'];
$firstname=$_POST['myfirstname'];
$asuid=$_POST['#'];
$ftype=$_POST['ftype'];
$dkServerConn = mysql_connect("#", "#", "#") or die("no way");
mysql_select_db("#", $dkServerConn) or die("Cannot connect to the DB!");
$sql1 = "SELECT * FROM scholnumber";
$dkResultSet1 = mysql_query($sql1,$dkServerConn) or die(mysql_error());
$checkIt=0;
while ($dkROWrecord1 = mysql_fetch_array($dkResultSet1,MYSQL_BOTH))
{
$checkIt=$dkROWrecord1['filenumber'];
}
$checkIt2=$checkIt+1;
$sql2="Update scholnumber set filenumber='".$checkIt2."'";
$dkResultSet2 = mysql_query($sql2,$dkServerConn) or die(mysql_error());
echo "<html>
<head>
<title>Uploading Information</title>
<style> body { font-family:arial; font-size:14px } </style>
</head>
<body><table cellpadding='5' align='center' width='55%'><tr><td><p> </p>
<img src='#'><br />
<img src='#'><br />
<span style='font-family:arial;font-size:14pt'> 2013-2014 Privately Funded Scholarship Application</span>
<h3><br/>";
// File validation -->
$allowedExts = array("pdf","docx","doc","wps");
$extension = end(explode(".", $_FILES["file"]["name"]));
if (($_FILES["file"]["type"] == "application/pdf")
&& in_array($extension, $allowedExts)){
if ($_FILES["file"]["error"] > 0){
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
else{
echo "<p />Submission successful.<p />
Your submission has been received. If you have loaded all of your documents, you can close this browser. Your scholarship application is complete.<p />";
echo "Upload: " . $_FILES["file"]["name"] . "<br>";
echo "Type: " . $_FILES["file"]["type"] . "<br>";
if (file_exists("upload/" . $_FILES["file"]["name"])){
echo $_FILES["file"]["name"] . " already exists. ";
}
else{
$ext = substr($_FILES['file']['name'], strpos($_FILES['file']['name'],'.'), strlen($_FILES['file']['name'])-1);
$docName = $checkIt.$ext;
move_uploaded_file($_FILES["file"]["tmp_name"],"upload/" . $docName);
// echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
}
elseif($_FILES["file"]["type"] == "application/pdf"){
}
else{
echo "<hr> <p /> >>>>>> INVALID FILE <<<<<<<< <p /> <p />";
}
// End of the validation
$sql3="insert into scholfile (filename, lastname, firstname, asuid, ftype) values ('$checkIt', '$lastname', '$firstname', '$asuid', '$ftype')";
$dkResultSet3 = mysql_query($sql3,$dkServerConn) or die(mysql_error());
$sql6="select * from scholarships where asuid='".$asuid."'";
$dkResultSet6 = mysql_query($sql6,$dkServerConn) or die(mysql_error());
while ($dkROWrecord6 = mysql_fetch_array($dkResultSet6,MYSQL_BOTH))
{
$email=$dkROWrecord6['email'];
}
$from="Scholarships";
$fromem="scholarships##.edu";
$subjectStudent = "Thank you for your supporting documentation.";
$messageStudent="Hello, ".$firstname. " -<p />
We have received your ".$ftype.". <p />
<hr />
If you have any questions, please contact the Financial Aid and Scholarships Office at 870-972-2310 or reply to this email.
<p />
Thank you for your submission.<br />Financial Aid and Scholarships Office";
//Email Information
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "To:" .$firstname. "<" . $email. ">\r\n";
$headers .= "From:" . $from . "<". $fromem . ">\r\n";
mail($email, $subjectStudent, $messageStudent, $headers);
?>
<p /> <p />
If you have another document to submit, please <a href='fileupload.php'>click here.</a><p />
Thank you!<p /></body></html>
I am not certain that my answer is correct because I haven't done this myself yet, but here is something for you to try. (Untested)
Your code restricts the file type for upload documents here:
if (($_FILES["file"]["type"] == "application/pdf") && in_array($extension, $allowedExts)){
Change the File Validation part of your code to:
// File validation -->
$allowedExts = array("pdf","docx","doc","wps","jpg"); //Added jpg
//Get Filename Extension into var (your code - unchanged)
$extension = end(explode(".", $_FILES["file"]["name"]));
//Create array of acceptable file types:
// Sources: (1) http://filext.com/file-extension/DOC and (2) http://php.net/manual/en/function.mime-content-type.php
$doctype = array("application/msword","application/doc","appl/text","application/vnd.msword","application/vnd.ms-word","application/winword","application/word","application/x-msw6","application/x-msword");
$xltype = array("application/vnd.ms-excel","application/msexcel","application/x-msexcel","application/x-ms-excel","application/vnd.ms-excel","application/x-excel","application/x-dos_ms_excel","application/xls");
$jpgtype = array("image/jpeg","image/jpg","image/jp_","application/jpg","application/x-jpg","image/pjpeg","image/pipeg","image/vnd.swiftview-jpeg","image/x-xbitmap");
$wpstype = array("application/vnd.ms-works","application/x-msworks-wp","zz-application/zz-winassoc-wps","text/plain");
//Combine them into one array:
$allowedFT = array_merge($doctype, $xltype, $jpgtype, $wpstype);
//Get this file's file type into var
$ft = $_FILES["file"]["type"];
//NOW DO THE BIG TEST
if (in_array($ft, $allowedFT) && in_array($extension, $allowedExts)){
I don't know about others but from my point of view, you code seems to only allow pdf uploads.
First I would add to the allowed extensions array:
$allowedExts = array("pdf","docx","doc","wps", "jpeg", "xls");
I would then change this line:
if (($_FILES["file"]["type"] == "application/pdf")
to:
$allowedMIMETypes = array(
"application/pdf", //for pdf
"application/vnd.openxmlformats-officedocument.wordprocessingml.document", //for docx
"application/msword", //for doc
"application/vnd.ms-works", //for wps, I think you should also paste the other in the link to
"image/jpeg", //for jpeg, again, there are other mime-types to add to
"application/excel", //for xls, again there are other mime-types to add from the sources
);
//then check if the type is in the array
if (in array($_FILES["file"]["type"],$allowedMIMETypes)) {
The sources for the file types:
http://hul.harvard.edu/ois/systems/wax/wax-public-help/mimetypes.htm
What is a correct mime type for docx, pptx etc?
http://lwp.interglacial.com/appc_01.htm
http://dotwhat.net/wps/32
I have a PHP form, i'm trying to send an image from it as an attachment. I already fixed few things in my code.
I'm not sure if it will send the image (because I had some problems with it)
The problem is that nothing is even shown in the page (when I the script below is ran) when I open it on the server as index.php not even the button
Here is the code:
<?php
include_once("functions.php");
// Process
$action = isset($_POST["action"]) ? $_POST["action"] : "";
if (empty($action))
{
// Send back the contact form HTML
$output = "<form action='#' style='display:none'>
<input type='file' id='image' name='image' maxlength=50>";
}
require("class.phpmailer.php");
$Email_to = "someone#gmail.com"; // the one that recieves the email
$email_from = "someone#someone.net";
$dir = "uploads/$filename";
chmod("uploads",0777);
function uploadImage($image)
{
if ((($_FILES["image"]["type"] == "image/gif")
|| ($_FILES["image"]["type"] == "image/jpeg")
|| ($_FILES["image"]["type"] == "image/pjpeg")
|| ($_FILES["image"]["type"] == "image/jpg")
|| ($_FILES["image"]["type"] == "image/png"))
&& ($_FILES["image"]["size"] < 2097152)
&& (strlen($_FILES["image"]["name"]) < 51))
{
if ($_FILES["image"]["error"] > 0)
{
echo "Return Code: " . $_FILES["image"]["error"];
}
else
{
echo "Upload: " . $_FILES["image"]["name"] . "<br />";
echo "Type: " . $_FILES["image"]["type"] . "<br />";
echo "Size: " . ($_FILES["image"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["image"]["tmp_name"] . "<br />";
if (file_exists("images/" . $_FILES["image"]["name"]))
{
echo $_FILES["image"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["image"]["tmp_name"],
"images/" . $_FILES["image"]["name"]);
}
}
}
else
{
echo "Invalid file";
}
$filename = $_FILES["image"]["type"];
$dir = "uploads/$filename";
chmod("uploads",0777);
$success = copy($_FILES[images][tmp_name], $dir);
if ($success)
{
echo " Files Uploaded Successfully<BR>";
SendIt();
}
}//end of upload func'
function SendIt() {
//
global $attachments,$Email_to,$Email_msg,$email_subject,$email_from;
$mail = new PHPMailer();
$mail->IsSMTP();// send via SMTP
$mail->Host = "localhost"; // SMTP servers
$mail->SMTPAuth = false; // turn on/off SMTP authentication
$mail->From = $email_from;
$mail->AddAddress($Email_to);
$mail->AddReplyTo($email_from);
$mail->WordWrap = 50;// set word wrap
//now Attach all files submitted
$mail->AddAttachment("uploads"."/".$_FILES["image"]["type"]);
$mail->IsHTML(false);// send as HTML
}
?>
Thank you in advance!
For problem 1:
Try to send a mail with that class without any variables put into it. So just make some procedural code sending a mail to your own address and see if it arrives.
For problem 2:
You are putting some text into $output but you are never outputting $output.
I have an application designed in a local install (PHP4/MySQL) and it works perfectly. Since I moved it to a live install (PHP5/MySQL) I have had nothing but issues! I fixed any global variable issues (lead me to learn PDOs so not a bad thing!) without turning global variables on, so the only issue I have is with file uploads. I tried an isset test for $_file and it looks like the variable was never set? Any ideas?
Here is the form data:
<form enctype="multipart/form-data" method="post" action="script_add_product.php" >
<input class="cp_forms_upload" type="file" name="full_image" />
<input class="cp_formsButton" type="submit" name="submit_button" value="Add Product" /></form>
And here is the PHP:
$full_image_url = $_FILES["full_image"]["name"];
if ((($_FILES["full_image"]["type"] == "image/gif")
|| ($_FILES["full_image"]["type"] == "image/jpeg")
|| ($_FILES["full_image"]["type"] == "image/pjpeg")
|| ($_FILES["full_image"]["type"] == "image/png"))
&& ($_FILES["full_image"]["size"] < 400000))
{
if ($_FILES["full_image"]["error"] > 0)
{
echo "Return Code: " . $_FILES["full_image"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["full_image"]["name"] . "<br />";
echo "Type: " . $_FILES["full_image"]["type"] . "<br />";
echo "Size: " . ($_FILES["full_image"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["full_image"]["tmp_name"] . "<br />";
if (file_exists("../Uploads/" . $_FILES["full_image"]["name"]))
{
echo $_FILES["full_image"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["full_image"]["tmp_name"],
"../Uploads/" . $_FILES["full_image"]["name"]);
echo "Stored in: " . "../Uploads/" . $_FILES["full_image"]["name"];
echo "<br /><br /><br />" . $full_image_url;
}
}
}
else
{
echo "Invalid file";
}
Thanks folks :)
Could you check in your php.ini for if file_uploads is set to On.
; Whether to allow HTTP file uploads.
; http://ph .net/file-uplollow HTTP file uploads.
; http://php.net/file-uploads
file_uploads = On
See php.ini config.
;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;
; Whether to allow HTTP file uploads.
; http://php.net/file-uploads
file_uploads = On
; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
; http://php.net/upload-tmp-dir
upload_tmp_dir = "...../tmp"
; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 128M
Also it might be useful memory_limit and max_execution_time config params in php.ini.
more: Handling file Uploads -> Common Pitfalls
Make sure that folder "../Uploads/" exists and has permissions to write for user under apache/nginx work (www_data or some like)
Could this be the problem? An additional '(' bracket in this section:
if (($_FILES["full_image"]["type"] == "image/gif")
|| ($_FILES["full_image"]["type"] == "image/jpeg")
|| ($_FILES["full_image"]["type"] == "image/pjpeg")
|| ($_FILES["full_image"]["type"] == "image/png"))
&& ($_FILES["full_image"]["size"] < 400000))