I have written a form which has 3 text inputs and one file input.
This form posts to a PHP script, which saves the file, as well as performing some other business logic. The program worked well in my localhost, and even on my server.
The program is now embedded in a Facebook application, where it still works- but the uploaded files were not saving, initally; So I changed the uploads directory permissions to 777 (a broad stroke, I know). Now the uploaded files are being saved as a string of numbers "13474022561" with no extension.
Can anyone tell me why? Or how to fix this?
snippet of source code below:
if($_FILES['resume']['type']!='')
{
$target_path = "resumes/";
$target_path = $target_path .time().basename( $_FILES['resume']['name']!="");
if($_FILES['resume']['type']=="application/vnd.openxmlformats-officedocument.wordprocessingml.document" || $_FILES['resume']['type']=="application/pdf")
{
if(move_uploaded_file($_FILES['resume']['tmp_name'], $target_path))
{
echo "success";
}
else
echo "failure";
}
else
{
echo "<center>Resume must be MS DOC or PDF <br/>";
exit;
}
}
This line of code:
$target_path = $target_path .time().basename( $_FILES['resume']['name']!="");
Should be:
$target_path = $target_path . time() . basename( $_FILES['resume']['name']);
Your current code is evaluated like this:
$target_path = 'resumes/' . time() . basename(true);
Which is probably not what you want.
Related
I am still having trouble hashing my pictures when I upload them . I have this code :
$target_dir = "images/uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
hash_file('sha256', $target_file );
// Check if image file is a actual image or fake image
if(isset($_POST["change"])) {
move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file);
$sql = "UPDATE users SET userPic = '".$_FILES['fileToUpload']['name']."' WHERE username = '" . $username . "'";
$check = $conn->query($sql);
if($check !== false) {
echo "<a href = profile.php> Profile pciture has been changed </a>" .
$check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
} else {
echo"did not change";
}
and I am getting this error :
Warning: hash_file(images/uploads/english_royal_family_tree.jpg): failed to open stream: No such file or directory
I have been trying for more than a week . No one is really helping and people just keep on voting down my question and aren't giving any help . Can someone please help me ?
Firstly, hash_file() is expecting a file to already exist and you're trying use that method before the file gets uploaded; that's why your code failed and threw you that error.
What you need to do is to see if that file exists and then hash it.
If this is really want you want to do, then you can base yourself on the following and remember to store the renamed file while retaining its original extension; there are links at the end of the answer.
Note: As I mentioned in comments, you need to hash the file and not the whole destination folder and the file. That would be impossible to retrieve.
Echo the variable for what was assigned to hash_file(). You will also get your hash name (only) shown minus its extension.
Check for errors and make sure the folder has been granted proper permissions.
<?php
// check for errors
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
$file_name = $_FILES['fileToUpload']['name'];
$sent_file = move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file);
if (file_exists("images/uploads/" . $_FILES["fileToUpload"]["name"]))
{
echo $the_file = $_FILES["fileToUpload"]["name"] . " exists.";
// its new location and hashing the filename only.
$var = hash_file('sha256', $the_file );
echo $var;
// store your renamed file here in your database
// using the assigned $var variable.
}
Also check for errors on the query with mysqli_error($conn).
However, you're going to end up with problems here to show that image, since now and for example in using "file.jpg" will produce the following hash:
cf80cd8aed482d5d1527d7dc72fceff84e6326592848447d2dc0b0e87dfc9a90
I don't know how you plan on showing the image(s), but it will no longer keep the .jpg extension.
In order to retain the image's file extension, you basically need to rename the uploaded file(s).
Here are a few good references on Stack (that I've had success with in the past) that you can look at and implement it in your code. :
How to rename uploaded file before saving it into a directory?
Rename uploaded file (php)
There is indeed no better way to learn, IMHO.
Edit:
This is an excerpt from a script I wrote recently. Base yourself on the following.
Note: You shouldn't use hashing methods such as anything from the SHA family or MD5 as the file name, since those produce the same hash and has no uniqueness to them.
Important: If people upload from a mobile device, most of them have "image.jpg" as the default name, so it needs to be renamed and given a unique method.
Using the date and time is one way. You can also add uniqid() to it by assigning a variable to it and append to the new file name, or a combination of MD5 and uniqid() is a good bet.
You will need to do a few modifications to it of course. The $year variable is something I used but you can get rid of those instances and replace them with your own.
$year = date("Y");
$pdf_file = $_FILES['fileToUpload']["name"];
$uploaded_date = date("Y-m-d_h-i-s_A"); // this could be another unique method.
$target_dir = "../upload_folder/" . $year . "/";
$ext = explode('.',$_FILES['fileToUpload']['name']);
$extension = $ext[1];
$newname = $ext[0].'_'.$uploaded_date;
$full_local_path = $target_dir.$newname.'.'.$extension;
$new_full_name = $newname.'.'.$extension;
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $full_local_path)) {
echo "The file ". $newname . " has been uploaded.";
echo "<hr>";
$file_link = "/upload_folder/$year/$new_full_name";
// other code such as saving to a database...
}
I'm converting an image to a binary file in IOS, which works just fine. This will be handled by my php script which is suppose to upload this image to my ubuntu server. The problem is i keep getting file=unsuccessful. i've tried different directory paths, but cant seem to solve this issue.
This $directory will return this: /var/www/User/core/ios/
<?
if(!empty($_POST))
{
$message = $_POST['message'];
$directory = $_SERVER['DOCUMENT_ROOT'] . '/User/core/ios/';
$file = basename($_FILES['userfle']['upload']);
$uploadfile = $directory . $file;
var_dump($_FILES);
$randomPhotoID = md5(rand() * time());
echo 'file='.$file;
echo $file;
if (move_uploaded_file($_FILES['userfle']['tmp_name'], $uploadfile)) {
echo 'successful';
}
else
{
echo 'unsuccessful';
}
}
else
{
echo('Empty post data');
}
?>
Check the error file of your php(you can make sure if you enabled the error log in php.ini),
if you don't have the permission or for some other reasons it can't move the file ,there will be a record in that file.
Some time you can try the command setenforce 0 if you confirm you(I means the user of apache) have the permission to move the file but it not work.
By the way if the file you want to move is not upload by post, there is no error log and the move function will return false.
I am making an application on my server, where the user uploads an image through some HTML combined with javascript.
The user finds an image on the computer through
<form action="uploadimage.php" method="post"
enctype="multipart/form-data">
<label for="file">Filnavn:</label>
<input type="file" name="file" id="file" value="100000" />
Then the point behind the javascript, is to validate on the users image
if(picture_headline.value == "" || picture_uploaded.value == "" || !ischecked)
{
// Don't execute, stay on same site
}
else
{
// execute php and upload image
}
the php is an upload image php script
<?php
// The file is being uploaded into the folder "upload"
$target = "/navnesutten.eu/facebook/uploads/";
// add the original filename of our target path
$target = $target . basename( $_FILES['uploaded']['name']) ;
$ok=1;
// Moves the uploaded file into correct folder
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
}
else {
echo "Sorry, there was a problem uploading your file.";
}
?>
I must say I am a bit confused here, since I have only been working with html, php and javascript for a few days now.
Am I totally off or what?
I found some "simple" examples online, which I put on my server through cuteFTP, but everytime i press upload, the website just sends me to the .php file and says the site doesn't exist.
Like Boann points out you're trying to access a non-existent file in your PHP code ("uploaded" and "uploadedfile" rather than "file" (which is what you named the field in your HTML form)).
But regarding "running PHP from JavaScript": You don't have to. The JavaScript should only return false if the form is invalid. If it's valid you don't need to do anything and the form will submit, in turn running your PHP script:
form.onsubmit = function () {
if (!formIsValid()) {
return false;
}
};
If the form is invalid it won't submit (the return false bit (you could use event.preventDefault() instead)), if it is valid nothing will happen and the form will do what it does (ie submit the data to the server).
Each array key in $_FILES corresponds with the name attribute of a file field in the form, so to match your form it should be 'file' rather than 'uploaded' or 'uploadedfile':
<?php
// The file is being uploaded into the folder "upload"
$target = "/navnesutten.eu/facebook/uploads/";
// add the original filename of our target path
$target = $target . basename( $_FILES['file']['name'] ) ;
$ok=1;
// Moves the uploaded file into correct folder
if(move_uploaded_file($_FILES['file']['tmp_name'], $target))
{
echo "The file ". basename( $_FILES['file']['name']). " has been uploaded";
}
else {
echo "Sorry, there was a problem uploading your file.";
}
I'm doing a simple file upload using the following script:
$errors = '';
$target_path = "[PATH HERE]";
$target_path = $target_path . basename($_FILES['uploadFile']['name']);
if(move_uploaded_file($_FILES['uploadFile']['tmp_name'], $target_path)) {
$errors = "The file ". basename( $_FILES['uploadFile']['name']). " has been uploaded";
} else{
$errors = "There was an error uploading the file, please try again! Type: " . $_FILES['uploadFile']['type'];
}
For some reason, I get an error uploading the file and the file type is not displayed. It seems to only grab the name of the file without the extension (i.e. "test" rather than "test.pdf"). I'm sure it's something simple, but what am I doing wrong?
If you check the error element in the files array, you'll probably find it's some value other than 0. The error should be 0 if nothing went wrong. Otherwise, compare the value stored in error against the PHP documentation to determine what went wrong.
Perhaps your entering the path wrong (ending slash), or php dont have permission to write to the directory.
<?php
error_reporting(E_ALL); // Show some errors
$target_path = "/var/www/somesite.com/uploads/"; // Would require a ending slash
$target_path = $target_path.basename($_FILES['uploadFile']['name']);
if(move_uploaded_file($_FILES['uploadFile']['tmp_name'], $target_path)) {
$errors = "The file ". basename( $_FILES['uploadFile']['name']). " has been uploaded";
} else{
$errors = "There was an error uploading the file, please try again! Type: " . $_FILES['uploadFile']['type'];
}
?>
I have an upload form where users can upload images that are currently being uploaded to a folder I made called 'temp' and their locations are saved in an array called $_SESSION['uploaded_photos']. Once the user pushes the 'Next Page' button, I want it to move the files to a new folder that is dynamically created right before that.
if(isset($_POST['next_page'])) {
if (!is_dir('../images/uploads/listers/'.$_SESSION['loggedin_lister_id'])) {
mkdir('../images/uploads/listers/'.$_SESSION['loggedin_lister_id']);
}
foreach($_SESSION['uploaded_photos'] as $key => $value) {
$target_path = '../images/uploads/listers/'.$_SESSION['loggedin_lister_id'].'/';
$target_path = $target_path . basename($value);
if(move_uploaded_file($value, $target_path)) {
echo "The file ". basename($value). " has been uploaded<br />";
} else{
echo "There was an error uploading the file, please try again!";
}
} //end foreach
} //end if isset next_page
An example for a $value that is being used is:
../images/uploads/temp/IMG_0002.jpg
And an example of a $target_path that is being used is:
../images/uploads/listers/186/IMG_0002.jpg
I can see the file sitting in the temp folder, both of those paths look good to me and I checked to make sure that the mkdir function actually created the folder which it did well.
How can I move a file to another folder using php?
As I read your scenario, it looks like you've handled the upload and moved the files to your 'temp' folder, and now you want to move the file when they perfom a new action (clicking on the Next button).
As far as PHP is concerned - the files in your 'temp' are not uploaded files anymore, so you can no longer use move_uploaded_file.
All you need to do is use rename:
if(isset($_POST['next_page'])) {
if (!is_dir('../images/uploads/listers/'.$_SESSION['loggedin_lister_id'])) {
mkdir('../images/uploads/listers/'.$_SESSION['loggedin_lister_id']);
}
foreach($_SESSION['uploaded_photos'] as $key => $value) {
$target_path = '../images/uploads/listers/'.$_SESSION['loggedin_lister_id'].'/';
$target_path = $target_path . basename($value);
if(rename($value, $target_path)) {
echo "The file ". basename($value). " has been uploaded<br />";
} else{
echo "There was an error uploading the file, please try again!";
}
} //end foreach
} //end if isset next_page