bflodesigner Posted March 30, 2010 Share Posted March 30, 2010 When I'm testing this code I keep coming up with an error - Invalid File. I have restrictions on file types and size but id doesn't matter what size or type, keeps giving the error. Any suggestions? Thanks! Here's the code I am working with: <?php if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg") || ($_FILES["file"]["type"] == "image/pdf") || ($_FILES["file"]["type"] == "image/tif")) && ($_FILES["file"]["size"] < 100000000)) { if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1000000) . " Kb<br />"; echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />"; //if (file_exists("upload/" . $_FILES["file"]["name"])) { if (file_exists("UPLOADED_FILES/" . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else { //move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]); move_uploaded_file($_FILES["file"]["tmp_name"], "UPLOADED_FILES/" . $_FILES["file"]["name"]); echo "Stored in: " . "UPLOADED_FILES/" . $_FILES["file"]["name"]; //copy-pasta some sendmail code from the contact form below this comment $toAddress = "emailaddress@gmail.com"; //sends email to this address $subject = "Files have been uploaded to FTP site"; //email subject //now send confirmation to the user $userContent = "Files have been uploaded to FTP site.\n\n" $headers = 'From: '.$toAddress."\r\n".'Reply-To: '.$toAddress; mail($toAddress, $subject, $userContent, $headers); } } } else { echo "Invalid file"; } ?> Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted March 30, 2010 Share Posted March 30, 2010 suggestions? Yes, you have got to check $_FILES["file"]["error"] to see if the upload was successful before you can check any of the other values associated with the upload. There is also an upload error condition where the $_FILES array will be empty if the size of the uploaded data exceeds the post_max_size setting. This error condition should be checked first. Then, the validation checks for the "type" and "size" should be done separately with different error messages that tell you exactly which test failed and why the check failed, including displaying the actual "type" and "size" values that failed so that you get feedback as to what was wrong with the value. Quote Link to comment Share on other sites More sharing options...
bflodesigner Posted March 30, 2010 Author Share Posted March 30, 2010 Thank you PFMaBiSmAd! I think I understand what you mean - I have to make sure the upload was successful before I can check the file type and size. I'm very new to php so could you take it a step further and tell me exactly how to do it? Is it just a matter of switching the order in which it checks the file? And when you say to check the size and type separately, do you mean with another php file or just in this one, but with different checks to return different error messages? Thanks! Any help is greatly appreciated! Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted March 30, 2010 Share Posted March 30, 2010 <?php if($_SERVER['REQUEST_METHOD'] == "POST") { // a POST form submitted to this code // check if the $_FILES array has something in it - if(empty($_FILES)) { echo "The file upload failed for one or more of the following reasons -"; echo "<ol>"; echo "<li>Uploads are not enabled on your server in php.ini</li>"; echo "<li>The form tag does not contain - enctype=\"multipart/form-data\" or something else about the form makes it invalid</li>"; echo "<li>There is no type=\"file\" field in the form</li>"; echo "<li>The total size of the data from the form exceeds the post_max_size setting</li>"; echo "</ol>"; } else { // the $_FILES array contains something // display any upload error - switch ($_FILES['file']['error']) { case 0: // echo "The file uploaded to the server OK<br />"; break; case 1: echo "The uploaded file exceeds the upload maximum size directive in php.ini<br />"; break; case 2: echo "The uploaded file exceeds {$_POST['MAX_FILE_SIZE']}, the MAX_FILE_SIZE directive in the HTML form<br />"; break; case 3: echo "The uploaded file was only partially uploaded<br />"; break; case 4: echo "No file was selected<br />"; break; case 6: echo "Missing temporary upload folder<br />"; break; case 7: echo "Failed to write file to disk<br />"; break; case 8: echo "File upload stopped by extension<br />"; break; default: echo "An unused error value was returned<br />"; } // end of switch/case if($_FILES['file']['error'] == 0){ // a file was uploaded without any error // use the uploaded file information here // put any type, size, file name/extension, or content validation here // The following will be set for the file - // $_FILES['file']['name'], $_FILES['file']['tmp_name'], $_FILES['file']['size'], and $_FILES['file']['type'] echo "Process the uploaded file here<br />"; } } } else { echo "A POST method form did not submit to this code<br />"; } ?> Checking the type and size separately means don't lump the checks together into one logical test with one common generic error message. You will be forever guessing why the upload failed. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.