there is a little form on one page which has the code below,
<div class="postcomment">
<form id="comments" action="insertcomment.php" method="POST" enctype="multipart/form-data">
Comment: <input type="text" name="comment" id="commentfield">
<input type="submit" name="submit" value="Post comment" class="button">
<br>
<input type="hidden" name="MAX_FILE_SIZE" value="1048576" />
Image: <input type="file" name="image" />
<br>
</div>
once the user adds the picture by browsing for it the form then goes to the insertcomment.php code which is below
$target_path = "images/";
$file_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $file_path)) {
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}
and for some reason it is displaying the error and not showing in the images directory, the error is: Parse error: syntax error, unexpected T_IF in /homepages/21/d417005970/htdocs/rk8479/htdocs/insertcomment.php on line 18
Try this
HTML
<div class="postcomment">
<form id="comments" action="insertcomment.php" method="POST" enctype="multipart/form-data">
Comment: <input type="text" name="comment" id="commentfield">
<br>
Image: <input type="file" name="image" />
<br>
<input type="submit" name="submit" value="Post comment" class="button">
</form>
</div>
PHP CODE (you are trying to use it on same page you can check for if(isset($_POST['submit']))
if($_FILES['image']['size'] > 0){
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $_FILES["image"]["name"]));
if ((($_FILES["image"]["type"] == "image/gif")
|| ($_FILES["image"]["type"] == "image/jpeg")
|| ($_FILES["new_image"]["type"] == "image/png")
|| ($_FILES["image"]["type"] == "image/pjpeg"))
&& ($_FILES["image"]["size"] < 1048576)
&& in_array($extension, $allowedExts))
{
if ($_FILES["image"]["error"] > 0)
{
$error_message = $_FILES["image"]["error"];
}
else
{
if (file_exists("images/" . $_FILES["image"]["name"]))
{
$error_message = $_FILES["image"]["name"] . " " . $LANG['image_exist'];
}
else
{
if(move_uploaded_file($_FILES["image"]["tmp_name"],
"images/" . $_FILES["image"]["name"])) {
// success
$image_name = $_FILES["image"]["name"];
} else {
$error_message = "Upload Failed!";
}
}
}
}
else
{
$error_message = "Error: May be different ext or size";
}
}
Related
I'm trying to upload a mp4 file with php, and I succeed it, but after that, the file can't be run with VLC, even though it could be run before upload. The error message says that the file can't be opened gives me the path of the file and ends with (Bad File Descriptor).
I've made the following configurations in php.ini file:
file_uploads = On
upload_max_filesize = 25M
post_max_size = 25M
Here is my code:
if ($_FILES["video"]["name"] == "") {
$error = "No video imported.";
}
else {
if (file_exists("uploads/" . $_FILES["video"]["name"])) {
$error = "The file already exists.";
}
else if ($_FILES["video"]["type"] != "video/mp4") {
$error = "File format not supported.";
}
else if ($_FILES["video"]["size"] > 26214400) {
$error = "Only files <= 25ΜΒ.";
}
else {
move_uploaded_file($_FILES["video"]["tmp_name"], "uploads/" . $_FILES["video"]["name"]);
}
}
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post" enctype="multipart/form-data">
<fieldset>
<div class="area">
<label for="path">Select file:</label>
<input class="upload" type="file" name="video"></input>
<span><?php echo $error; ?></span><br />
</div>
</fieldset>
<input type="submit" name="insert" value="upload"></input>
</form>
You had a syntax error on line 4 & 5. It should be
} elseif (file_exists("uploads/" . $_FILES["video"]["name"])) {
Not:
} else {
if (file_exists("uploads/" . $_FILES["video"]["name"])) {
This code has been tested and is working.
<?php
if ($_FILES["video"]["name"] == "") {
$error = "No video imported.";
} elseif (file_exists("uploads/" . $_FILES["video"]["name"])) {
$error = "The file already exists.";
} elseif ($_FILES["video"]["type"] != "video/mp4") {
$error = "File format not supported.";
} elseif ($_FILES["video"]["size"] > 26214400) {
$error = "Only files <= 25??.";
} else {
move_uploaded_file($_FILES["video"]["tmp_name"], "uploads/" . $_FILES["video"]["name"]);
}
?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post" enctype="multipart/form-data">
<fieldset>
<div class="area">
<label for="path">Select file:</label>
<input class="upload" type="file" name="video"></input>
<span><?php echo $error; ?></span><br />
</div>
</fieldset>
<input type="submit" name="insert" value="upload"></input>
</form>
Here is my file-upload script, and i am getting the following error
Notice: Undefined index: fupload in C:\Users\Tuskar\Desktop\Projekt\htdocs\Project IT-Space\Profile\edit_profile_parse.php on line 8
But according there should not error, because i identified the index. It seems i don't have access to the $_FILES array, because before i got this error ive been getting other similar errors or the programm completely passes the if and goes directly to the else (file not chosen)
I know the script is primitive and includes almost no security, but i just want it to work first before i add other features like max file size or file restriction ... :(
Here is the code i am using.
Upload Picture
<form action="edit_profile_parse.php" method="get" enctype="multipart/form-data" >
<input type="hidden" name="MAX_FILE_SIZE" value="999999999"> </input>
<input type="file" name="fupload"> </input>
<input type="submit" name="submit" value="Upload"> </input>
</form>
Here is the php that handles the form
if (isset( $_GET['submit'] ))
{
if (isset($_FILES['fupload'] ))
{
echo "name: ".$_FILES['fupload']['name']." <br> ";
echo "size: ".$_FILES['fupload']['sizw']." <br> ";
echo "type: ".$_FILES['fupload']['type']." <br> ";
if ($_FILES['fupload']['type'] == "image/gif")
{
$source = $_FILES['fupload']['tmp_name'];
$target = "images/" .$_FILES['fupload']['name'];
move_uploaded_file($source, $target) or die ("Error: " .mysql_error());
$size = getImageSize($target);
$imgstr = "<img src=\" '".$target."' \">";
echo $imgstr;
}
else
{
echo "Problem uploading the file ... ";
}
}
else
{
echo "No file chosen !! ";
}
}
else
{
echo "Button not clicked ";
}
You should use form method to POST instead of get.
<form action="edit_profile_parse.php" method="post" enctype="multipart/form-data" >
Make sure your FORM tag has method="POST". GET requests do not support multipart/form-data uploads.
I hope this works:
the form:
<form action="edit_profile_parse.php" method="post" enctype="multipart/form-data" >
<input type="hidden" name="MAX_FILE_SIZE" value="999999999"> </input>
<input type="file" name="fupload"> </input>
<input type="submit" name="submit" value="Upload"> </input>
</form>
the php file:
<?php
if($_POST) {
$max_size = mysql_real_escape_string(strip_tags($_POST['MAX_FILE_SIZE']));
$file = $_FILES['fupload']['name'];
if(isset($max_size) && !empty($max_size) && !empty($file)) {
$file_type = $_FILES['fupload']['type'];
$tmp = $_FILES['fupload']['tmp_name'];
$file_size = $_FILES['fupload']['size'];
$allowed_type = array('image/png', 'image/jpg', 'image/jpeg', 'image/gif');
if(in_array($file_type, $allowed_type)) {
if($file_size < $max_size) {
$path = 'images/'.$file;
move_uploaded_file($tmp, $path);
//if you want to store the file in a db use the $path in the query
} else {
echo 'File size: '.$file_size.' is too big';
}
} else {
echo 'File type: '.$file_type.' is not allowed';
}
} else {
echo 'There are empty fields';
}
}
?>
Upload Picture
<form action="edit_profile_parse.php" method="POST" enctype="multipart/form-data" >
<input type="hidden" name="MAX_FILE_SIZE" value="999999999"> </input>
<input type="file" name="fupload"> </input>
<input type="submit" name="submit" value="Upload"> </input>
</form>
PHP file
<?php
if (isset( $_POST['submit'] ))
{
if (isset($_FILES['fupload'] ))
{
echo "name: ".$_FILES['fupload']['name']." <br> ";
echo "size: ".$_FILES['fupload']['size']." <br> ";
echo "type: ".$_FILES['fupload']['type']." <br> ";
if ($_FILES['fupload']['type'] == "image/gif")
{
$source = $_FILES['fupload']['tmp_name'];
$target = "images/" .$_FILES['fupload']['name'];
move_uploaded_file($source, $target) or die ("Error: " .mysql_error());
$size = getImageSize($target);
$imgstr = "<img src=\" '".$target."' \">";
echo $imgstr;
}
else
{
echo "Problem uploading the file ... ";
}
}
else
{
echo "No file chosen !! ";
}
}
else
{
echo "Button not clicked ";
}
?>
I have a form on a page which uploads a file. This form also has a 'ship_id' field to identify which record the file belongs to. Basically I need to pass the 'ship_id' field into 'upload_update.php' so that the link to 'update_ship.php' has two parameters, the name of the ship (which works perfectly well) AND the 'ship_id' which isn't working.... not sure how to achieve this.
Many thanks
Main form:
<form action="upload_update.php" method="post"
enctype="multipart/form-data">
<p>
<label for="file">Filename:</label>
<input type="file" name="file" id="file"><br>
<input name="ship_id" type="text" value="<?php echo $_GET['ship_id']; ?>" />
<input type="submit" name="submit" value="Submit">
</p>
</form>
upload_update.php file:
<?php
$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp);
if ((($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/png"))
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "Image succsefuly uploaded. " . "<br>" . "<br>";
?>
Click Hereto return to Add Ship page
<?php
if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"../images/ships/" . $_FILES["file"]["name"]);
}
}
}
else
{
echo "Invalid file";
}
?>
with $_GET['ship_id'] you get the field as a GET parameter.
Then you submit it in the form as a POST parameter. So in the upload_update.php you should get it with
$_POST['ship_id']
Also you might consider sending it in the form as a hidden field:
<input name="ship_id" type="hidden" value="<?php echo $_GET['ship_id']; ?>" />
I have file upload and input fields in my form..I want to hide or disable submit button for the file upload if the file is uploaded successfully...I'm really confused on how to show the error message on the same page and proceed to the 'Thank you' page if there is no error. I'm validating the file upload using php. Any Idea on how to disable submit button if the file upload succeed? or show me how to process the file upload and input fields together while showing the error message on same page for file upload...
Note I want the submit button for file upload to disappear only if the file is successfully uploaded not when the user hits submit.
<html>
<head>
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<label for="file">Choose Photo:</label>
<input type="file" name="file" onchange="file_selected = true;">
<input type="hidden" name="submited" value="true" />
<input type="submit" name="submit" value="Submit" >
</form>
<form action="Send.php" method="post">
First Name:<input type="text" name="fname" required><br>
Last Name:<input type="text" name="lname" required><br>
Choose Username:<input type="text" name="username" required><br>
Age:<input type="text" name="age" required><br>
<input type="submit" value="Submit" name="submit">
</form>
</body>
</html>
Here is the php code which processes the file upload...I have two submit buttons one for the file upload and one for the other input fields..This php code is present on the same page with html form.
<?php
ini_set( "display_errors", 0);
if(isset($_REQUEST['submited'])) {
// your save code goes here
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 2097152)
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "";
if (file_exists("images/" . $_FILES["file"]["name"]))
{
echo "<font color='red'><b>We are sorry, the file you trying to upload already exists.</b></font>";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"images/" . $_FILES["file"]["name"]);
echo "<font color='green'><b> Success! Your photo has been uploaded.</b></font>";
}
}
}
else
{
echo "<font color='red'><b>We are sorry, the file you trying to upload is not an image or it exceeds 2MB in size.</b></font><br><font color='blue'><i>Only images under size of 2MB are allowed</i></font>.";
}
}
?>
I would use a Jquery AJAX call to send the data to the PHP script. Then retrieve a boolean value from the response to determine whether the button should be visible or not.
You can do it in a simple way such as.
<html>
<head>
</head>
<body>
<?php
$sub=0;
ini_set( "display_errors", 0);
if(isset($_REQUEST['submited'])) {
// your save code goes here
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 2097152)
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "";
if (file_exists("images/" . $_FILES["file"]["name"]))
{
echo "<font color='red'><b>We are sorry, the file you trying to upload already exists.</b></font>";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"images/" . $_FILES["file"]["name"]);
$sub= 1;
echo "<font color='green'><b> Success! Your photo has been uploaded.</b></font>";
}
}
}
else
{
echo "<font color='red'><b>We are sorry, the file you trying to upload is not an image or it exceeds 2MB in size.</b></font><br><font color='blue'><i>Only images under size of 2MB are allowed</i></font>.";
}
}
?>
<form action="" method="post" enctype="multipart/form-data">
<label for="file">Choose Photo:</label>
<input type="file" name="file" onchange="file_selected = true;">
<input type="hidden" name="submited" value="true" />
<input type="submit" name="submit" value="Submit" >
</form>
<form action="Send.php" method="post">
First Name:<input type="text" name="fname" required><br>
Last Name:<input type="text" name="lname" required><br>
Choose Username:<input type="text" name="username" required><br>
Age:<input type="text" name="age" required><br>
<?php
if($sub==0)
{
?>
<input type="submit" value="Submit" name="submit">
<?php
}
?>
</form>
</body>
</html>
I assume your code is correct. I initialised a variable $sub=0 in begining. If succesfully uploaded it is set to 1.
End, If $sub is not equal to zero, the submit is not showed.
So, if file is uploaded succesfully. The button wont show.
<form action="**somepage.php**" method="post" enctype="multipart/form-data">
<label for="file">Choose Photo:</label>
<input type="file" name="file" onchange="file_selected = true;">
<input type="hidden" name="submited" value="true" />
<input type="submit" name="submit" value="Submit" >
</form>
and from there pass variables which indicates different status back to the main page and based on the variables show the error messages.
if you really need to disable the input type file save the variables in a hidden input and getting the values on page load using Jquery and disable the input type file ....
without jquery its simple just give a condiction before the input type form
if($_GET['status']=successful)
{
<input type=file readonly="readonly" />
}
else
{
<input type=file />
}
How do is store the image path in database and display it after it is uploaded?
<?php
$sub=0;
ini_set( "display_errors", 0);
if(isset($_REQUEST['submited'])) {
// your save code goes here
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 2097152)
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "";
if (file_exists("images/" . $_FILES["file"]["name"]))
{
echo "<font size='4' color='red'><b>We are sorry, the file you trying to upload already exists.</b></font>";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"images/" . $_FILES["file"]["name"]);
$sub= 1;
echo "<font size='7' color='white'><b> Success! Your photo has been uploaded.</b></font>";
}
}
}
else
{
echo "<font size='4' color='red'><b>We are sorry, the file you trying to upload is not an image or it exceeds 2MB in size.</b></font><br><font color='blue'><i>Only images under size of 2MB are allowed</i></font>.";
}
}
?>
<form action="" method="post" enctype="multipart/form-data">
<input type="hidden" name="submited" value="true" />
<?php
ini_set( "display_errors", 0);
if($sub==0)
{
?>
<label size="16" for="file">Choose Photo:</label>
<input id="shiny" type="file" name="file" onchange="file_selected = true;">
<input id="shiny" type="submit" value="Upload" name="submit">
<?php
}
?>
</form>
here is the database info...and how do I display the picture after inserting the image path in to database? I tried VALUES
('$_FILES["file"]["name"]')"; but that doesn't seem to work..
<?php
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("simple_login", $con);
$sql="INSERT INTO photo (photo)
VALUES
('$_FILES["file"]["name"]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
mysql_close($con);
?>
"INSERT INTO photo (photo) VALUES ('{$_FILES["file"]["name"]}')"
That should work. To use an associate array in a string, you have to wrap it in curly ({ }) brackets.
3 Points I would like to make that are irrelevant to the specific question:
1: You should always sanatize user input before putting into into the database. So what you should do is:
"INSERT INTO photo (photo) VALUES ('" . mysql_real_escape_string($_FILES["file"]["name"]) . "')"
or use prepared statements with mysqli or pdo.
2: If you are just storing a list of files in the database, what is the point? Why not just iterate over the directory you are storing them in?
3: mysql_* functions are depreciated, you should consider using mysqli or pdo
I just got it solved using Mysqli so I can prevent sql injection too.....thanks for your help guys...
<?php
$sub=0;
ini_set( "display_errors", 0);
if(isset($_REQUEST['submited'])) {
// your save code goes here
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 2097152)
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "";
if (file_exists("images/" . $_FILES["file"]["name"]))
{
echo "<font size='4' color='red'><b>We are sorry, the file you trying to upload already exists.</b></font>";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"images/" . $_FILES["file"]["name"]);
$sub= 1;
$mysqli = new mysqli("localhost", "root", "", "simple_login");
// TODO - Check that connection was successful.
$photo= $_FILES["file"]["name"];
$stmt = $mysqli->prepare("INSERT INTO photo (photo) VALUES (?)");
// TODO check that $stmt creation succeeded
// "s" means the database expects a string
$stmt->bind_param("s", $photo);
$stmt->execute();
$stmt->close();
$mysqli->close();
echo "<font size='7' color='white'><b> Success! Your photo has been uploaded.</b></font>";
}
}
}
else
{
echo "<font size='4' color='red'><b>We are sorry, the file you trying to upload is not an image or it exceeds 2MB in size.</b></font><br><font color='blue'><i>Only images under size of 2MB are allowed</i></font>.";
}
}
?>
<form action="" method="post" enctype="multipart/form-data">
<input type="hidden" name="submited" value="true" />
<?php
ini_set( "display_errors", 0);
if($sub==0)
{
?>
<label size="16" for="file">Choose Photo:</label>
<input id="shiny" type="file" name="file" onchange="file_selected = true;">
<input id="shiny" type="submit" value="Upload" name="submit">
<?php
}
?>
</form>
</div>