Jump to content

Uploading Zip Files

herghost

By herghost
in PHP Coding Help

 Share

Recommended Posts

herghost Advanced Member

herghost

Posted
Posted

Hi All,

 

I am having trouble with this script that was from a example script online, basically I am getting the last error message everytime I try an up a zip file?

Unknown Error: No file uploaded

 

 

<?php
include('dbconnect.php');
session_start();
$user_id = $_SESSION['user_id'];

$query = " SELECT * FROM roms WHERE user_id = '$user_id' ORDER BY rom_date DESC LIMIT 1";
  $result = mysql_query($query);
if (!mysql_query($query))
  {
  die('Error: ' . mysql_error());
  }
  
while($row = mysql_fetch_array($result))
  {
$_SESSION['rom_version'] = $row['rom_version'];
}

if
	((!empty($_FILES["rom"])) && ($_FILES['rom']['error'] == 0)) 

		{
  				$filename = $user_id . $_SESSION['rom_version'] . '.zip';
  				$ext = substr($filename, strrpos($filename, '.') + 1);
  				if (($ext == "zip") && ($_FILES["rom"]["type"] == "application/zip") && 
    			($_FILES["rom"]["size"] < 2500000)) 

				{
   						$newname = dirname(__FILE__).'roms/'.$filename;
      					if (!file_exists($newname)) 
	{
       		if ((move_uploaded_file($_FILES['uploaded_file'][	'tmp_name'],$newname))) 
		{
           		echo "It's done! The file has been saved as: ".$newname;
        	} 
			else 
			{
           			echo "Error: A problem occurred during file upload!";
        		}
      	} 
  			
		else 
		{
         		echo "Error: File ".$_FILES["rom"]["name"]." already exists";
      		}
				} 
			else 
			{
     				echo "Error: Only .zip images under 250mb are accepted for upload";
  				}
		} 
			else 
			{
					echo "Unknown Error: No file uploaded";
			}
?>

 

Link to comment
Share on other sites
herghost Advanced Member

herghost

Posted
  • Author
Posted

Sorry, hope this is better, I use notepad++ and so I get lazy with parenthesis as it automatically connects the open and close {}

<?php
include('dbconnect.php');
session_start();
$user_id = $_SESSION['user_id'];

$query = " SELECT * FROM roms WHERE user_id = '$user_id' ORDER BY rom_date DESC LIMIT 1";
  $result = mysql_query($query);
if (!mysql_query($query))
  {
  die('Error: ' . mysql_error());
  }
  
while($row = mysql_fetch_array($result))

{
$_SESSION['rom_version'] = $row['rom_version'];
}

if
	((!empty($_FILES["rom"])) && ($_FILES['rom']['error'] == 0)) 

		{
  				$filename = $user_id . $_SESSION['rom_version'];
  				$ext = substr($filename, strrpos($filename, '.') + 1);
  				if (($ext == "zip") && ($_FILES["rom"]["type"] == "application/zip") && 
    			($_FILES["rom"]["size"] < 2500000)) 

				{
   						$newname = dirname(__FILE__).'roms/'.$filename;
      					if (!file_exists($newname)) 
						{
       							if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) 
								{
           								echo "It's done! The file has been saved as: ".$newname;
        							} 

								else 
									{
           									echo "Error: A problem occurred during file upload!";
        								}
      						} 
  			
								else 
									{
         									echo "Error: File ".$_FILES["rom"]["name"]." already exists";
      									}
				} 


			else 
				{
     					echo "Error: Only .zip images under 250mb are accepted for upload";
  					}
		} 


			else 
				{
						echo "Unknown Error: No file uploaded";
				}
?>

 

Link to comment
Share on other sites
rwwd Member

rwwd

Posted
Posted

Hi there,

 

I tried to make sense of it and found some extra non needed parenthesis:-

<?php

include('dbconnect.php');
session_start();
$user_id = $_SESSION['user_id'];

$query = " SELECT * FROM roms WHERE user_id = '".$user_id."' ORDER BY rom_date DESC LIMIT 1";
$result = mysql_query($query) or die(mysql_error());
  
while($row = mysql_fetch_array($result)){
$_SESSION['rom_version'] = $row['rom_version'];
}



if(!empty($_FILES["rom"]) && ($_FILES['rom']['error'] == 0)){
$filename = $user_id.$_SESSION['rom_version'].'.zip';
$ext = substr($filename, strrpos($filename, '.') + 1);

	if (($ext == "zip") && ($_FILES["rom"]["type"] == "application/zip") && ($_FILES["rom"]["size"] < 2500000)){
		$newname = dirname(__FILE__).'roms/'.$filename;

		if (!file_exists($newname)){

				if (move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname)){
					echo "It's done! The file has been saved as: ".$newname;
				} 
				else{
					echo "Error: A problem occurred during file upload!";
				}
		}
		else{
			echo "Error: File ".$_FILES["rom"]["name"]." already exists";	
		}

	}
	else{
		echo "Error: Only .zip images under 250mb are accepted for upload";
	}

} 
else{
echo "Unknown Error: No file uploaded";
}
?>

 

I have just tidied it up a bit and removed the extra non necessary bits, but I doubt it will make any difference. Bearing in mind too that default file size upload is 2MB and if you try anything bigger I think there is a time out limit; so your limit of 250MB is a bit too much methinks.

 

You might want to look at using an external program to unzip a file by using something like shell() an a program that can handle these files stored on your server, it will make life a lot easier than doing it like this...

 

I just noticed that your file size limit is this: 2500000 this equates to around 2.5MB:-

 

This is 2MB

2097152';//1024*1024*2 = 2MB , 1024 x 1024 = 1MB, 1024 x 1024 x 3 = 3MB

2500000//as you can see the math doesn't add up!

 

@herghost: sorry I hadn't noticed as you had also posted, much kudos to you!

 

Cheers,

Rw

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

A bit of advice when validating user supplied values. Don't lump together multiple tests and output a combined error message. You will never know which condition in the validation failed. Knowing which validation condition failed is the first step in finding the problem. Also, it is usually a good idea to display the value that was being used in the test as part of the error message so that the visitor can see what they supplied that your code used to determine if something was invalid.

 

An empty $_FILES["rom"] will be due to one specific problem/setting. $_FILES['rom']['error'] not equal to zero has about 8 different possible reasons, some of which are under your control on the server/settings and some that are due to the visitor. $ext == "zip" is a separate problem (what if the visitor thinks .gz is a valid zip file extension.) $_FILES["rom"]["type"] == "application/zip" is a separate problem (what if the browser being used sends a different but valid value?) $_FILES["rom"]["size"] < 2500000 is yet a separate problem and you would want to tell the visitor that the only problem was that the file was larger than allowed.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.