4

Ive been experimenting with the upload capability of php, I have been looking at this tutorial on w3school.

http://www.w3schools.com/php/php_file_upload.asp

I installed this script on MYDOMAIN.com/New.html


<html>
<body>

<form action="upload_file.php" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file"><br>
<input type="submit" name="submit" value="Submit">
</form>

</body>
</html>

And then I put this snippet on MYDOMAIN.com/upload_file.php

<?php
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 20000)
&& in_array($extension, $allowedExts))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Error: " . $_FILES["file"]["error"] . "<br>";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br>";
    echo "Type: " . $_FILES["file"]["type"] . "<br>";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
    echo "Stored in: " . $_FILES["file"]["tmp_name"];
    }
  }
else
  {
  echo "Invalid file";
  }
?>

Now there is a very high chance that im just a really confused person but what I assume that is suppose to do is take the file I put into the New.html file and if it is a image file upload it onto my directory but instead its just outputting Invalid file Im not sure what to do any help is great hope to hear back soon thank you

Improve this question
3
  • I'm assuming you're not uploading an image file or the file size being uploaded is greater than 20000 bytes Commented Nov 20, 2012 at 9:53
  • 1
    Please, please do not use w3schools: w3fools.com Commented Nov 20, 2012 at 9:55
  • 1
    show the result of print_r($_FILES); Commented Nov 20, 2012 at 9:56

6 Answers 6

Reset to default
10

The problem of your script is that you are probably trying to upload a file higher that your limit is! You specified a really low max filesize! Print out your $_FILES var to get information about what's wrong ;)

However, in order to move the file to your folder you still need to use move_uploaded_file:

$allow = array("jpg", "jpeg", "gif", "png");

$todir = 'uploads/';

if ( !!$_FILES['file']['tmp_name'] ) // is the file uploaded yet?
{
    $info = explode('.', strtolower( $_FILES['file']['name']) ); // whats the extension of the file
    
    if ( in_array( end($info), $allow) ) // is this file allowed
    {
        if ( move_uploaded_file( $_FILES['file']['tmp_name'], $todir . basename($_FILES['file']['name'] ) ) )
        {
            // the file has been moved correctly
        }
    }
    else
    {
        // error this file ext is not allowed
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

When you exploded the file for the extension, your forgot that the result is returned in an array of which the first index in this case is the "file name" and the second index is the "file extension", so instead of "if ( in_array( $ext . $allow) )" i changed it to "if ( in_array( $ext[1] . $allow) )
Thanks @BlankEDjok for pointing that out, although you're still not completely right! You should not concatenate the parameters within in_array; it be pointless! Using the last segment of the filename is correct though and i fixed that ;)
Lol sorry i didn't see that, it was just a typo. :)
2

best way to upload images i think would be to copy an image and store inside a folder and then store the new location of image into a databse.

to move the file we can use move_uploaded_file function

$oldpath = $_FILES['image']['tmp_name'];
$newpath ="new_folder_location/".$_FILES['image']['name'];
move_uploaded_file($oldpath, $newpath);
Improve this answer

1 Comment

what is var_dump($_FILES) printing?;
1

Your validation code is checking the extension, mime type and file size.

You are probably uploading a file with uppercase characters in the extension. When you check the extension, you checking it case sensitive, .JPG is a valid image file extension, so you should make your check case insensitive:

if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 20000)
&& in_array(strtolower($extension), $allowedExts))
         // ^ added strtolower()

If that isn't the immediate problem then the file is too big or has the wrong mime type. To debug, view the files array with:

print_r($_FILES);
Improve this answer

2 Comments

+1 for strtolower(). This just shows how bad the tutorials on w3schools are.
couldnt agree more I can't understand this stuff at all and they dont help 1 bit.
1

I would say the problem is in that If, a lot of conditions there (also "invalid file" is the Else part of that if), try to simplify it to track the problem, at first glance I would say it's because of the size checking:

&& ($_FILES["file"]["size"] < 20000)

that's around 20Kb, quite small for an image if you are uploading a photo, try to put a higher value or to take out that condition and see if the script works

Improve this answer

2 Comments

Hmm at first glance this has seemed to fix it but it gives me a tmp file home/content/34/9587634/tmp/phpSrWuFu Witch is awesome but then I look in my directory and nothing is there???
you need a last step,php.net/manual/es/function.move-uploaded-file.php, when you upload a file it is always saved in a tmp directory first, then you use that function to move it to the actual directory you want. It is the standard procedure. Maybe it's the last step on the tutorial that you missed, or google another one to see that last step specified, there are tons of them.
0

This happens because the following expression evaluates to false:

(($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 20000)
&& in_array($extension, $allowedExts)

Which means that either

  • The file type is incorrect (it is not a GIF/JPEG/PNG/PNJPEG file)
  • The file is bigger than 20000 bytes
  • The file extension is incorrect (it is not any of "jpg", "jpeg", "gif", "png")

My guess would be the file size - increase it drastically. Change it to the following to allow sizes up to 10 MB:

&& ($_FILES["file"]["size"] < 10485760)

The best way to see the problem is to add this line to the beginning of your script:

var_dump($_FILES);
Improve this answer

Comments

0

I agree with answer of Ivo but I think that you may make change of next piece of code like this:

$typePicture = array('jpg','png','jpeg','gif');

// Allow certain file formats

if($typePicture[0] != "jpg" || $typePicture[1] != "png" || $typePicture[2] != "jpeg" || $typePicture[3] != "gif" ) 
{
    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
    $uploadOk = 0;
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.