|
|
|
jbullard
Jason Bullard |
 Posted:
Thu May 08, 2008 1:14 pm |
|
|
|
VP - Software
Joined: 06 Jun 2004
Posts: 3304
Location: Utah
|
|
Also, what type of extensions are allowed here?
|
|
|
|
|
|
|
|
Back to top
|
|
|
|
jbullard
Jason Bullard |
|
Posted:
Thu May 08, 2008 2:05 pm |
|
|
|
VP - Software
Joined: 06 Jun 2004
Posts: 3304
Location: Utah
|
Here you go. This will be able to handle more than one file being uploaded due to the array configuration. If no second file is specified it will print out the Error: No File uploaded on the second file. It will also have all your personal information submitted through $_POST;
| Code: |
<html>
<head>
<title>Secure PHP File Upload</title>
</head>
<body>
<?php
// Check if form was submitted
if (isset($_POST['Submit']))
{
// Loop through files
foreach ($_FILES['download']['error'] as $key => $val)
{
// Check upload status
if ($val == UPLOAD_ERR_OK)
{
// Get file name
$filename = basename($_FILES['download']['name'][$key]);
// Get extension
$ext = substr($filename, strrpos($filename, '.') + 1);
// Only allow text files to be uploaded under 350Kb
if (($ext == "txt") && ($_FILES['download']['size'][$key] < 350000))
{
// Create new path name
$newname = dirname(__FILE__).'/uploads/'.$filename;
// Check if file already exists
if (!file_exists($newname))
{
// Move uploaded file to new path
if ((move_uploaded_file($_FILES['download']['tmp_name'][$key], $newname)))
{
// File uploaded okay
echo "File uploaded successfully.<p />";
echo $_POST['firstname']."<br />";
echo $_POST['lastname']."<br />";
}
else
{
// There was an upload error
echo "Error: A problem occured during file upload.<p />";
}
}
else
{
// File already existed
echo "Error: File ".$_FILES['download']['name'][$key]." already exists.<p />";
}
}
else
{
// Only text files under 350Kb
echo "Error: Only .txt files under 350Kb are authorized for upload.".$_FILES['download']['size'][$key]."<p />";
}
}
else
{
// No file uploaded (Error)
echo "Error: No file uploaded.<p />";
}
}
}
?>
<form enctype="multipart/form-data" action="index.php" method="post">
Firstname: <input type="text" name="firstname" value="" />
<br />
Lastname: <input type="text" name="lastname" value="" />
<br />
DOB: <input type="text" name="dob" value="" />
<br />
Doctor: <input type="text" name="doctor" value="" />
<br />
Start Date: <input type="text" name="start_date" value="" />
<br />
Start Time: <input type="text" name="start_time" value="" />
<br />
Indications: <input type="text" name="indications" value="" />
<br />
<input type="hidden" name="MAX_FILE_SIZE" value="1000000" />
Download1: <input type="file" name="download[]" value="" />
<br />
Download2: <input type="file" name="download[]" value="" />
<p />
<input type="submit" name="Submit" value="Submit" />
</form>
</body>
</html>
|
|
|
|
|
|
|
|
|
Back to top
|
|
|
|
DRAGON OF DARKNESS
|
|
Posted:
Thu May 08, 2008 5:22 pm |
|
|
|
PRO SILVER
Joined: 16 Jul 2004
Posts: 4674
Location: MIA > FLA > USA
|
|
ok im not 100% sure how to use this ... I put in my mysql server info and the query but it doesnt work ...
|
|
|
|
|
|
|
|
Back to top
|
|
|
|
jbullard
Jason Bullard |
|
Posted:
Thu May 08, 2008 6:36 pm |
|
|
|
VP - Software
Joined: 06 Jun 2004
Posts: 3304
Location: Utah
|
|
Can you post the entire contents of your file that you are using? I can incorporate it into that so you can see how I did it.
|
|
|
|
|
|
|
|
Back to top
|
|
|
|
DRAGON OF DARKNESS
|
|
Posted:
Thu May 08, 2008 6:41 pm |
|
|
|
PRO SILVER
Joined: 16 Jul 2004
Posts: 4674
Location: MIA > FLA > USA
|
| Code: |
<html>
<head>
<title>Secure PHP File Upload</title>
</head>
<body>
<php> $val)
{
// Check upload status
if ($val == UPLOAD_ERR_OK)
{
// Get file name
$filename = basename($_FILES['download']['name'][$key]);
// Get extension
$ext = substr($filename, strrpos($filename, '.') + 1);
// Only allow text files to be uploaded under 350Kb
if (($ext == "txt") && ($_FILES['download']['size'][$key] <350000>
<form>
Firstname: <input>
<br>
Lastname: <input>
<br>
DOB: <input>
<br>
Doctor: <input>
<br>
Start Date: <input>
<br>
Start Time: <input>
<br>
Indications: <input>
<br>
<input>
Download1: <input>
<br>
Download2: <input>
<p>
<input>
</form>
</body>
</html>
|
I know its not right , but I need to get this done by tommorrow. Let me know, thanks.
EDIT: I dont know why but it never displays the code right ... Can we talk on an IM client or something , because that isnt the code im using, everytime I try to put it in it changes it ....
|
|
|
|
|
|
|
|
Back to top
|
|
|
|
DRAGON OF DARKNESS
|
|
Posted:
Thu May 08, 2008 7:01 pm |
|
|
|
PRO SILVER
Joined: 16 Jul 2004
Posts: 4674
Location: MIA > FLA > USA
|
|
Ok what should the action file be ? the same file ?
|
|
|
|
|
|
|
|
Back to top
|
|
|
|
DRAGON OF DARKNESS
|
|
Posted:
Thu May 08, 2008 7:10 pm |
|
|
|
PRO SILVER
Joined: 16 Jul 2004
Posts: 4674
Location: MIA > FLA > USA
|
Ah nvm i got it ! I just sent the form to itself, then added the query under the IF function . Thanks for your help jason !!!!!  , now i got to intergrate this into my usergroup system. |
|
|
|
|
|
|
|
Back to top
|
|
|
|
jbullard
Jason Bullard |
|
Posted:
Thu May 08, 2008 7:34 pm |
|
|
|
VP - Software
Joined: 06 Jun 2004
Posts: 3304
Location: Utah
|
You have to check the box that says "Disable HTML". I am at work so I don't have IM or Chat.  |
|
|
|
|
|
|
|
Back to top
|
|
|
|
jbullard
Jason Bullard |
|
Posted:
Thu May 08, 2008 8:02 pm |
|
|
|
VP - Software
Joined: 06 Jun 2004
Posts: 3304
Location: Utah
|
Not a problem man. Glad to hear you got it working.  |
|
|
|
|
|
|
|
Back to top
|
|
|
|
DRAGON OF DARKNESS
|
|
Posted:
Thu May 08, 2008 8:55 pm |
|
|
|
PRO SILVER
Joined: 16 Jul 2004
Posts: 4674
Location: MIA > FLA > USA
|
|
Ok now, I got it working but now I need to pass the file links into the database but im not sure how to do that since its in a loop. Thanks jason.
Edit: Sorry to bring this up again xD This should be the last thing I need. Ive been working on it for a month now lol
|
|
|
|
|
|
|
|
Back to top
|
|
|
|
|
Back to top |
|
|
|
|
|
