We Keep Coding

File upload and display part of the file php

I am so stuck, could someone help, please?
I've been learning PHP for a while and currently, I am creating a file upload form.
What needs to happen is this:
File is uploaded
The name of the file is displayed on the main page as a link
Once the link is clicked on, information about the file displays
(first sentence or so)
The questions I have are:
File directory. I am supposed to create a folder, let's say called "uploads" - that's where the files are going to be downloaded to and have my form+php inside that folder, correct? - noob question, I know
I managed to get the name of the file appears as a link, but I don't know how to display its contents.
Could someone help, please?
Code: https://pastebin.com/rfUgKzSu
//file upload on main page
if (isset($_POST['name'])) {
move_uploaded_file($_FILES['file']['tmp_name'],'add_article_form.php' . $_POST['name'] . '.txt');
echo 'file ' . $_POST['name'] . '.txt' . 'uploaded';
}else{
echo 'There has been a mistake';
}
echo '<br>' ;
echo '<br>' ;
//form on main page
<form action = "add_article_form.php" method = "POST">
<input id = "add" type = "submit" value="add">
</form>
<?php
//display file name
$resource = opendir('../uploads/');
while(($entry = readdir($resource))!== FALSE)
{
if($entry != '.' && $entry != '..'){
echo "$entry" . '<br>';
} else {
"$entry" . '<br>';
}
}
PAGE 2
<!--The upload form, second page -->
<form action = "../uploads/" method="POST" enctype="multipart/form-data" >
Название статьи: <br>
<input type = "text" name = "name" value = "text"><br><br>
Файл:<br>
<input type = "file" name="file"><br><br>
<input id = "add" type = "submit" value="add"><br><br>
</form>

The questions I have are: 1. File directory. I am supposed to create a
folder , let's say called "uploads" - that's where the files are going
to be downloaded to and have my form+php inside that folder, correct?
- noob question, I know
No.
You can keep your upload script and the folder, where the files will be saved, anywhere even on different servers. The only thing that you should be careful that you use the correct links and proper permissions so that they can access each other.
I managed to get the name of the file appears as a link, but I don't
know how to display its contents.
Use PHP header function.
http://php.net/manual/en/function.header.php
(Go through Example 1.)

php how to change file name when being uploaded [duplicate]

This question already has answers here:
How to rename uploaded file before saving it into a directory?
(5 answers)
string sanitizer for filename
(19 answers)
Closed 5 years ago.
I have this code
<?php // display file upload form
if (!isset($_POST['submit'])) { ?>
<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="8000000" /> Select file:
<input type="file" name="data" />
<input type="submit" name="submit" value="Upload File" /></form>
<?php
} else {
// check uploaded file size
if ($_FILES['data']['size'] == 0) {
die("ERROR: Zero byte file upload");
} // check if this is a valid upload
if (!is_uploaded_file($_FILES['data']['tmp_name'])) {
die("ERROR: Not a valid file upload"); } // set the name of the target directory
$uploadDir = "./uploads/"; // copy the uploaded file to the directory
move_uploaded_file($_FILES['data']['tmp_name'], $uploadDir . $_FILES['data']['name']) or die("Cannot copy uploaded file"); // display success message
echo '<p style="text-align: center">
Soubor byl úspěšně nahrán na server. <br>
Zpět
</p>
' ; } ?>
And I have a problem - it works, uploads the file to server but if there is a break in the file name, I cannot download it. e.g I want to upload "my salary únor.pdf", but the server keeps looking for file "my". Is there a way to modify this code to change the breaks in the file name to "_"? Also I would like the server to be in utf-8 letter (as the server changes the file name to silly names e.g. u?nor) So if there is a option for that too that would be great. (or just let php change the file name inty "my_salary_unor" Thank you all for your help ad sugestions.

Firstly, store you filename in a variable and trim it.
$filename = trim($_FILES['data']['name']);
Then use string replace function to replace the whitespace with _ (underscore).
$filename = str_replace(' ','_',$filename);
Now the filename which you get will be white space free string.
Hope this can help you.

$_FILES not getting submitted file

I am trying to have a form wherein people can submit files to be uploaded and subsequently linked into a mySQL database.
In the html/php file:
<form enctype=”multipart/form-data” action="process_file.php" method="post" >
<!-- First/Last Name input boxes -->
<p>
<label for="fileUpload" id="fileUploadLabel">Proposal File (5MB Maximum):</label>
<input type="file" name="fileUpload[]" id="fileUpload" />
</p>
<input type="submit" name="submit" id="submit" />
</form>
And the process_file.php file:
<?php
require("../../include/utility.php");
if($_SERVER["REQUEST_METHOD"]=="POST") {
print_r($_FILES);
$dbconn = connectToDB();
// Get and clean the data.
$fname = cleanInput($_POST["fname"]);
$lname = cleanInput($_POST["lname"]);
$new_filename = str_replace(' ','', basename($_FILES['fileupload']['name']));
$imageFileType = pathinfo($_FILES['fileUpload']['name'],PATHINFO_EXTENSION);
printf("File name: $new_filename <br />\n");
$target_dir = "../proposals/2016";
$target_file = $target_dir . $lname . "_" . $fname . "_proposal" . $imageFileType;
printf("File Type is: $imageFileType <br />\n");
}
/* [REDACTED] */
?>
The print_r($files) always gives me "array()". I've looked around online over the weekend and quite a bit of today to no avail.
I've checked the enctype, I've checked the spelling, the capitilization, adding/removing the "[]" and anything else I could think of.
I know it works with the server's settings since others on the same exact server have been able to get this to work.
Does anyone have an idea as to why this is not working? (I can provide more out of the [REDACTED] section, but since $_FILES is empty the code doesn't work anyways.

Going through your code:
”multipart/form-data” - Those curly quotes are choking your script.
Those should have been regular " quotes:
"multipart/form-data"
Then your file input holds this name attribute name="fileUpload[]" yet, you're using $_FILES['fileupload'] where the array is in complete lowercase.
Arrays are case-sensitive and should have read as $_FILES['fileUpload'].
I also noticed that and if 2016 is a folder, this $target_file = $target_dir . $lname will translate to 2016FILE.xxx instead of probable intended 2016/FILE.xxx.
So if that's the case, then you need to add a trailing slash to it proposals/2016/.
Make sure that all folders have proper permissions to be written to.
Add error reporting to the top of your file(s) which will help find errors.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// Then the rest of your code
Sidenote: Displaying errors should only be done in staging, and never production.

Undefined index while uploading

I have a problem that i just quite do not understand at all. I have this uploading script that always return Notice: Undefined index: uploadPDF in xxxxx
I've made sure that the form has the enctype="multipart/form-data" <form action="" method="POST" enctype="multipart/form-data">
The field also has the same name that i ask for in the code <input name="uploadPDF" size="100" type="file" title=""/>
When i try to echo $_POST['uploadPDF'] i actually get the filename in question. But when i try to var_dump the following $_FILES['uploadPDF']['name'] i get the undefined index error.
I really cant see what the problems is. I'm running on a inhouse IIS server.
Debug information:
This is the "debug" i try to do:
echo $_POST['uploadPDF']."<br />";
$filename = $_FILES['uploadPDF']['name'];
var_dump($filename);
echo "<br />";
var_dump($_FILES);
This is the output i get:
TEST PDF PORTAL V3.pdf
Notice: Undefined index: uploadPDF in C:\inetpub\myfolder\V4\admin\addRoutine.php on line 29
NULL
array(0) { }

When you upload file, you should use
$_FILES['file_name'] not $_POST['file_name'] that is because, the file information is stored in the $_FILES arrays, since you have named your input type to 'file'
So, I would suggest
Changing
echo $_POST['uploadPDF'];
to
echo $_FILES['uploadPDF'];

Your form as you wrote it has no action specified.
( <form action="" method="POST" enctype="multipart/form-data"> )
You need the asign "path_to_yourform.php" as your form action.

You better write it like this:
echo $_POST['uploadPDF']."<br />";
$filename = $_FILES['uploadPDF']['name'];
echo var_dump($filename)."<br />";

Well, this is quite embarrassing, one of the other guys working on this had left a <form action="" method="post"> in one of the included files in the project. Since this form tag was before my form tag $_FILES did not catch the index because of the missing enctype in the first form tag!

PHP File Upload Failing

For some reason my PDF upload form is failing consistently, I have this code:
<?php
if($_POST["submit"] == "Add PDF to Comm and Special Projects")
{
$addsubp = $_POST["addsubp"];
$addsubp_name = $_POST["addsubp_name"];
$commuploadedfile = $_FILES['uploadedfile']['name'];
$sqldoc = "INSERT INTO projects_links (pid, display_name, link) VALUES ('".$addsubp."','".$addsubp_name."','".$commuploadedfile."')";
mysql_query($sqldoc) or die(mysql_error());
echo "<BR>";
$target_path = "D:\\Hosting\\69903\\html\\pdfs\\comm\\";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "<br>The file ". basename( $_FILES['uploadedfile']['name']).
" has been uploaded<br>";
} else{
echo "<br>There was an error uploading the file, please try again.<br>";
}
}
?>
<form method="post">
Add PDF to Project for Committees and Special Projects <br>Choose Project<select name="addsubp"><?php
$query = "SELECT
projects.*
FROM
projects";
$showresult = mysql_query($query);
$csp_c = 1;
while($buyarray = mysql_fetch_assoc($showresult))
{
echo "<option value=".$buyarray['id'].">".$buyarray["pname"]."</option>";
}
?></select><br>
Choose Display Name for PDF <input type="text" name="addsubp_name" /> <Br>
Choose PDF: <input name="uploadedfile" type="file" /> <Br>
<input type="submit" value="Add PDF to Comm and Special Projects" name="submit" />
</form>
I have made sure that the application has write privileges to the "comm" directory. I have godaddy and used the file manager to make sure of that. I have had problems with permissions in this project before, so I know this isn't case. It keeps printing
There was an error uploading the file, please try again.
It doesn't attempt to upload any PDF at all, what am I doing wrong?
thanks!

You may have permissions issues, but for file uploads your form tag should contain the proper enctype attribute.
<form enctype="multipart/form-data" method="POST">
and defining a file size limit is also a good idea:
<input type="hidden" name="MAX_FILE_SIZE" value="1000000" />

try checking the Upload error message: http://php.net/manual/en/features.file-upload.errors.php

Your code is blindly assuming the file upload succeeded. At bare minimum you should have something like
if ($_FILES['uploadedfile']['error'] === UPLOAD_ERR_OK) {
... handle the upload
}
Your code is vulnerable to SQL injection. You do not escape any of the 3 values you're inserting into the database
You're creating the database record before making sure the file was successfully moved into the target directory. What happens if the file can't be written for any reason (as it is now with your problem)? The database will say it's there, file system will say it isn't
You're not checking for file collisions. If two seperate uploads send "file.txt", the second upload will overwrite the first one.
You're storing the files with the user-supplied name, which is under user control. If this file is web-accessible, anyone with access to your upload form can upload anything they want (e.g. a php file) and the server will happily execute it for them.