Jump to content

File upload

ajicles

By ajicles
in PHP Coding Help

 Share

Recommended Posts

ajicles Member

ajicles

Posted
Posted

I need help with my upload script it doesn't want to do anything when button is submitted.

 

      <?php   

    if (isset($_POST['submitBtn'])){
require_once("includes/upload.php"); 
    }	



?>
      <div id="submitform">
      <h2>Upload:</h2>
        <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
          <input type="hidden" name="MAX_FILE_SIZE" value="1000000" /><br />
          Choose a file to upload:<br />
          <input name="uploaded_file" type="file" /><br />
          <input type="submit" value="Upload" /><br />
        </form>

 

upload.php

<?php

//Сheck that we have a file
if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
  //Check if the file is JPEG image and it's size is less than 350Kb
  $filename = basename($_FILES['uploaded_file']['name']);
  //$ext = substr($filename, strrpos($filename, '.') + 1);
  if (($_FILES["uploaded_file"]["size"] < 26214400)) {
    //Determine the path to which we want to save this file
      $newname = dirname(__FILE__).'/upload/'.$_SESSION['username'].''.$filename;
      //Check if the file with the same name is already exists on the server
      if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
           $ip_address = $_SERVER['REMOTE_ADDR'];
$file_hash = hash('ripemd160', '$filename');

echo 'Link to your file: <a href="http://localhost/filehosting/download.php?d='.$file_hash.'">http://localhost/filehosting/download.php?d='.$file_hash.'</a>';

$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("filehosting");

$sql="INSERT INTO data(ID, file_location, file_hash, file_ip_address) VALUES ('','$filename','$file_hash','$ip_address')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
mysql_close($con);
        } else {
           echo "Error: A problem occurred during file upload!";
        }
      } else {
         echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
      }
  } else {
     echo "Error: Only files under 25MBs are accepted for upload";
 echo 'Upgrade your account to upload bigger files.';
  }
} else {
echo "Error: No file uploaded";
}


?>

Link to comment
Share on other sites
ajicles Member

ajicles

Posted
  • Author
Posted

Is this all one script?

 

Well. When the uploade botton is pressed it loads the upload script and then executes it and puts in the variables with the data information.

 

If require_once("includes/upload.php"); wasn't inside of a if pressed command it would be like where the information and shoots errors and hopefully the error traps work lol.

Link to comment
Share on other sites
mongoose00318 Advanced Member

mongoose00318

Posted
Posted

I need help with my upload script it doesn't want to do anything when button is submitted.

 

      <?php   

    if (isset($_POST['submitBtn'])){
require_once("includes/upload.php"); 
    }	



?>
      <div id="submitform">
      <h2>Upload:</h2>
        <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
          <input type="hidden" name="MAX_FILE_SIZE" value="1000000" /><br />
          Choose a file to upload:<br />
          <input name="uploaded_file" type="file" /><br />
          <input type="submit" value="Upload" /><br />
        </form>

 

upload.php

<?php

//Сheck that we have a file
if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
  //Check if the file is JPEG image and it's size is less than 350Kb
  $filename = basename($_FILES['uploaded_file']['name']);
  //$ext = substr($filename, strrpos($filename, '.') + 1);
  if (($_FILES["uploaded_file"]["size"] < 26214400)) {
    //Determine the path to which we want to save this file
      $newname = dirname(__FILE__).'/upload/'.$_SESSION['username'].''.$filename;
      //Check if the file with the same name is already exists on the server
      if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
           $ip_address = $_SERVER['REMOTE_ADDR'];
$file_hash = hash('ripemd160', '$filename');

echo 'Link to your file: <a href="http://localhost/filehosting/download.php?d='.$file_hash.'">http://localhost/filehosting/download.php?d='.$file_hash.'</a>';

$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("filehosting");

$sql="INSERT INTO data(ID, file_location, file_hash, file_ip_address) VALUES ('','$filename','$file_hash','$ip_address')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
mysql_close($con);
        } else {
           echo "Error: A problem occurred during file upload!";
        }
      } else {
         echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
      }
  } else {
     echo "Error: Only files under 25MBs are accepted for upload";
 echo 'Upgrade your account to upload bigger files.';
  }
} else {
echo "Error: No file uploaded";
}


?>

 

Try this :

 

1) Remove the require_once()

2) Paste your upload file inplace of the require_once()

3) Instead of having if(isset($_POST['submitBtn'])) try this if(isset($_POST))

 

Let me know if that helps or not

Link to comment
Share on other sites
Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

I've had some time to look this over, and actually, since your submit button has no name attribute, try simply giving it the name="submitBtn" attribute and see if that doesn't fix it. Also, you should get rid of the action="<?php echo $_SERVER['PHP_SELF']; ?>", as it's an XSS risk. Make it simply action=""

Link to comment
Share on other sites
ajicles Member

ajicles

Posted
  • Author
Posted

Just when I get something working something else screws up lol. :wtf:

 

So, I made the necessary changes to my script.

 

	if(isset($_POST['submitBtn'])) 
{
	//Сheck that we have a file
	if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
  		//Check if the file is JPEG image and it's size is less than 350Kb
		 $filename = basename($_FILES['uploaded_file']['name']);
		 //$ext = substr($filename, strrpos($filename, '.') + 1);
		 if (($_FILES["uploaded_file"]["size"] < 26214400)) {
	   	//Determine the path to which we want to save this file
  	    $newname = dirname(__FILE__).'/upload/'.$_SESSION['username'].''.$filename;
     	//Check if the file with the same name is already exists on the server
      	if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
        $ip_address = $_SERVER['REMOTE_ADDR'];
	$file_hash = hash('ripemd160', '$filename');
	echo 'Link to your file: <a href="http://localhost/filehosting/download.php?d='.
	$file_hash.'">http://localhost/filehosting/download.php?d='.$file_hash.'</a>';
	$con = mysql_connect("localhost","root","");

	if (!$con)
  		{
  			die('Could not connect: ' . mysql_error());
  		}

	mysql_select_db("filehosting");

	$sql="INSERT INTO data(ID, file_location, file_hash, file_ip_address) VALUES ('','$filename','$file_hash','$ip_address')";

	if (!mysql_query($sql,$con))
  		{
  			die('Error: ' . mysql_error());
  		}
	mysql_close($con);

	} else {
        
		echo "Error: A problem occurred during file upload!";
    	}
    	} else {
         	echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
    	}
	} else {
     		echo "Error: Only files under 25MBs are accepted for upload";
 		echo 'Upgrade your account to upload bigger files.';
  		}
	} else {
			echo "Error: No file uploaded";
	}

	} else {
		echo "<h2>Upload:</h2>
     	   	<form enctype='multipart/form-data' action=' method='post'>
       	  	<input type='hidden' name='MAX_FILE_SIZE' value='1000000' /><br />
          	Choose a file to upload:<br />
          	<input name='uploaded_file' type='file' /><br />
          	<input type='submit' value='Upload' /><br />
        	</form>";
	}

 

And now when I press the submit button, it redirects me to: http://localhost/FileHosting/method=?MAX_FILE_SIZE=1000000&uploaded_file=text.txt

 

I tried if(isset($_POST)) and if(isset($_POST['submitBtn'])) and if ($HTTP_POST_VARS['uploaded_file'])

 

Only isset works  :-\ I though the issue with the redirect error would be if(isset($_POST)) so I changed it back to if(isset($_POST['submitBtn']))

 

Thanks for your help so far guys  :)

Link to comment
Share on other sites
ajicles Member

ajicles

Posted
  • Author
Posted

I am an idiot sometimes  >:( Also dreamweaver tells me:

The document's current encoding can not correctly save all the of the characters within the document. You may want to change to UTF-8 or an encoding that supports the special characters in this document.

 

But that's the only error >_>.

 

Thanks for the help.

Link to comment
Share on other sites
ajicles Member

ajicles

Posted
  • Author
Posted

Fix the last error and it still doesn't process any of the code after being submitted...

	if(isset($_POST)) 
{
		echo "<h2>Upload:</h2>
     	   	<form enctype='multipart/form-data' action='' method='post'>
       	  	<input type='hidden' name='MAX_FILE_SIZE' value='1000000' /><br />
          	Choose a file to upload:<br />
          	<input name='uploaded_file' type='file' /><br />
          	<input type='submit' value='Upload' /><br />
        	</form>";		
	} else {
//Сheck that we have a file
	if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
  		//Check if the file is JPEG image and it's size is less than 350Kb
		 $filename = basename($_FILES['uploaded_file']['name']);
		 //$ext = substr($filename, strrpos($filename, '.') + 1);
		 if (($_FILES["uploaded_file"]["size"] < 26214400)) {
	   	//Determine the path to which we want to save this file
  	    $newname = dirname(__FILE__).'/upload/'.$_SESSION['username'].''.$filename;
     	//Check if the file with the same name is already exists on the server
      	if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
        $ip_address = $_SERVER['REMOTE_ADDR'];
	$file_hash = hash('ripemd160', '$filename');
	echo 'Link to your file: <a href="http://localhost/filehosting/download.php?d='.
	$file_hash.'">http://localhost/filehosting/download.php?d='.$file_hash.'</a>';
	$con = mysql_connect("localhost","root","");

	if (!$con)
  		{
  			die('Could not connect: ' . mysql_error());
  		}

	mysql_select_db("filehosting");

	$sql="INSERT INTO data(ID, file_location, file_hash, file_ip_address) VALUES ('','$filename','$file_hash','$ip_address')";

	if (!mysql_query($sql,$con))
  		{
  			die('Error: ' . mysql_error());
  		}
	mysql_close($con);

	} else {
        
		echo "Error: A problem occurred during file upload!";
    	}
    	} else {
         	echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
    	}
	} else {
     		echo "Error: Only files under 25MBs are accepted for upload";
 		echo 'Upgrade your account to upload bigger files.';
  		}
	} else {
			echo "Error: No file uploaded";
	}
	}

Link to comment
Share on other sites
inversesoft123 Member

inversesoft123

Posted
Posted 
	
<?php
if(isset($_POST)) 



{









//&#1057;heck that we have a file





if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
  





//Check if the file is JPEG image and it's size is less than 350Kb






$filename = basename($_FILES['uploaded_file']['name']);






//$ext = substr($filename, strrpos($filename, '.') + 1);






if (($_FILES["uploaded_file"]["size"] < 26214400)) {




   



//Determine the path to which we want to save this file
  



    $newname = dirname(__FILE__).'/upload/'.$_SESSION['username'].''.$filename;
     



//Check if the file with the same name is already exists on the server
      



if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
        $ip_address = $_SERVER['REMOTE_ADDR'];





$file_hash = hash('ripemd160', '$filename');





echo 'Link to your file: <a href="http://localhost/filehosting/download.php?d='.





$file_hash.'">http://localhost/filehosting/download.php?d='.$file_hash.'</a>';





$con = mysql_connect("localhost","root","");





if (!$con)
  





{
  







die('Could not connect: ' . mysql_error());
  





}





mysql_select_db("filehosting");





$sql="INSERT INTO data(ID, file_location, file_hash, file_ip_address) VALUES ('','$filename','$file_hash','$ip_address')";





if (!mysql_query($sql,$con))
  





{
  







die('Error: ' . mysql_error());
  





}





mysql_close($con);








} else {
        







echo "Error: A problem occurred during file upload!";
    



}
    



} else {
         



echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
    



}





} else {
     





echo "Error: Only files under 25MBs are accepted for upload";









echo 'Upgrade your account to upload bigger files.';
  





}





} else {








echo "Error: No file uploaded";





}








} else {

echo "<h2>Upload:</h2>
     



   



<form enctype='multipart/form-data' action='' method='post'>
       



  



<input type='hidden' name='MAX_FILE_SIZE' value='1000000' /><br />
          



Choose a file to upload:<br />
          



<input name='uploaded_file' type='file' /><br />
          



<input type='submit' value='Upload' /><br />
        



</form>";






}
?>

Link to comment
Share on other sites
ajicles Member

ajicles

Posted
  • Author
Posted 

	
<?php
if(isset($_POST)) 



{









//&#1057;heck that we have a file





if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
  





//Check if the file is JPEG image and it's size is less than 350Kb






$filename = basename($_FILES['uploaded_file']['name']);






//$ext = substr($filename, strrpos($filename, '.') + 1);






if (($_FILES["uploaded_file"]["size"] < 26214400)) {




   



//Determine the path to which we want to save this file
  



    $newname = dirname(__FILE__).'/upload/'.$_SESSION['username'].''.$filename;
     



//Check if the file with the same name is already exists on the server
      



if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
        $ip_address = $_SERVER['REMOTE_ADDR'];





$file_hash = hash('ripemd160', '$filename');





echo 'Link to your file: <a href="http://localhost/filehosting/download.php?d='.





$file_hash.'">http://localhost/filehosting/download.php?d='.$file_hash.'</a>';





$con = mysql_connect("localhost","root","");





if (!$con)
  





{
  







die('Could not connect: ' . mysql_error());
  





}





mysql_select_db("filehosting");





$sql="INSERT INTO data(ID, file_location, file_hash, file_ip_address) VALUES ('','$filename','$file_hash','$ip_address')";





if (!mysql_query($sql,$con))
  





{
  







die('Error: ' . mysql_error());
  





}





mysql_close($con);








} else {
        







echo "Error: A problem occurred during file upload!";
    



}
    



} else {
         



echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
    



}





} else {
     





echo "Error: Only files under 25MBs are accepted for upload";









echo 'Upgrade your account to upload bigger files.';
  





}





} else {








echo "Error: No file uploaded";





}








} else {

echo "<h2>Upload:</h2>
     



   



<form enctype='multipart/form-data' action='' method='post'>
       



  



<input type='hidden' name='MAX_FILE_SIZE' value='1000000' /><br />
          



Choose a file to upload:<br />
          



<input name='uploaded_file' type='file' /><br />
          



<input type='submit' value='Upload' /><br />
        



</form>";






}
?>

WHY does it have to be 497 lines long! :wtf:

Link to comment
Share on other sites
inversesoft123 Member

inversesoft123

Posted
Posted 

	
<?php
if ($HTTP_POST_VARS['submit']) 
{

if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {

	}
//Check if the file is JPEG image and it's size is less than 350Kb
$filename = basename($_FILES['uploaded_file']['name']);
//$ext = substr($filename, strrpos($filename, '.') + 1);
if (($_FILES["uploaded_file"]["size"] < 26214400)) {
//Determine the path to which we want to save this file
  $newname = dirname(__FILE__).'/upload/'.$filename;
//Check if the file with the same name is already exists on the server
     if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
        $ip_address = $_SERVER['REMOTE_ADDR'];
        $file_hash = hash('ripemd160', '$filename');
echo 'Link to your file: <a href="http://localhost/filehosting/download.php?d='.

$file_hash.'">http://localhost/filehosting/download.php?d='.$file_hash.'</a>';
$con = mysql_connect("localhost","root","");

if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
mysql_select_db("filehosting");
$sql="INSERT INTO data(ID, file_location, file_hash, file_ip_address) VALUES ('','$filename','$file_hash','$ip_address')";
if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
mysql_close($con);

} else {
        
echo "Error: A problem occurred during file upload!";
    
}
    } else {
         
echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
    
}

} else {
     echo "Error: Only files under 25MBs are accepted for upload";

echo 'Upgrade your account to upload bigger files.';
  
}
} else {

echo "<h2>Upload:</h2>
     <form enctype='multipart/form-data' action='test.php' method='post'>
       <input type='hidden' name='MAX_FILE_SIZE' value='1000000' /><br />
          Choose a file to upload:<br />
          <input name='uploaded_file' type='file' /><br />
          <input type='submit' name='submit' value='Upload' /><br />
        </form>";
}
?>

 

I have updated  this code. and its working fine here.

 

just replace <form enctype='multipart/form-data' action='test.php' method='post'>

test.php here with your script name.

 

Link to comment
Share on other sites
inversesoft123 Member

inversesoft123

Posted
Posted

The problem is that your PHP version and server probably don't support the deprecated $HTTP_POST_VARS collection. as you are running on Windows.. That's probably the source of the issue.

 

Try replacing with $_POST in your code

 

<?php
if ($_POST['submit']) 
{

if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {

}
//Check if the file is JPEG image and it's size is less than 350Kb
$filename = basename($_FILES['uploaded_file']['name']);
//$ext = substr($filename, strrpos($filename, '.') + 1);
if (($_FILES["uploaded_file"]["size"] < 26214400)) {
//Determine the path to which we want to save this file
  $newname = dirname(__FILE__).'/upload/'.$filename;
//Check if the file with the same name is already exists on the server
     if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
        $ip_address = $_SERVER['REMOTE_ADDR'];
        $file_hash = hash('ripemd160', '$filename');
echo 'Link to your file: <a href="http://localhost/filehosting/download.php?d='.

$file_hash.'">http://localhost/filehosting/download.php?d='.$file_hash.'</a>';
$con = mysql_connect("localhost","root","");

if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
mysql_select_db("filehosting");
$sql="INSERT INTO data(ID, file_location, file_hash, file_ip_address) VALUES ('','$filename','$file_hash','$ip_address')";
if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
mysql_close($con);

} else {
        
echo "Error: A problem occurred during file upload!";
    
}
    } else {
         
echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
    
}



} else {
     echo "Error: Only files under 25MBs are accepted for upload";



echo 'Upgrade your account to upload bigger files.';
  
}
} else {






echo "<h2>Upload:</h2>
     <form enctype='multipart/form-data' action='upload.php' method='post'>
       <input type='hidden' name='MAX_FILE_SIZE' value='1000000' /><br />
          Choose a file to upload:<br />
          <input name='uploaded_file' type='file' /><br />
          <input type='submit' name='submit' value='Upload' /><br />
        </form>";
}
?>

Link to comment
Share on other sites
ajicles Member

ajicles

Posted
  • Author
Posted

LoL, its because of my code editor software, anyway I figured out what is the problem

 

1. $newname = dirname(__FILE__).'/upload/'.$_SESSION['username'].''.$filename;

  Check here do you have directories at this location ?

 

Yes. Also there is suppose to be a / separating the username and the filename lol.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.