A Digital Age Deserves A Digital Leader

PHP web app help

Postby jbullard » Thu May 08, 2008 5:14 pm

Also, what type of extensions are allowed here?
VP - Software
User avatar
Posts: 3653
Joined: Sun Jun 06, 2004 10:17 pm
Location: Utah
Real Name: Jason Bullard

Postby jbullard » Thu May 08, 2008 6:05 pm

Here you go. This will be able to handle more than one file being uploaded due to the array configuration. If no second file is specified it will print out the Error: No File uploaded on the second file. It will also have all your personal information submitted through $_POST;

Code: Select all
<html>
   <head>
   <title>Secure PHP File Upload</title>
   </head>
   
   <body>

<?php

// Check if form was submitted
if (isset($_POST['Submit']))
{
   // Loop through files
   foreach ($_FILES['download']['error'] as $key => $val)
   {
      // Check upload status
      if ($val == UPLOAD_ERR_OK)
      {
         // Get file name
         $filename = basename($_FILES['download']['name'][$key]);
         
         // Get extension
         $ext = substr($filename, strrpos($filename, '.') + 1);
         
         // Only allow text files to be uploaded under 350Kb
         if (($ext == "txt") && ($_FILES['download']['size'][$key] < 350000))
         {
            // Create new path name
            $newname = dirname(__FILE__).'/uploads/'.$filename;
            
            // Check if file already exists
            if (!file_exists($newname))
            {
               // Move uploaded file to new path
               if ((move_uploaded_file($_FILES['download']['tmp_name'][$key], $newname)))
               {
                  // File uploaded okay
                  echo "File uploaded successfully.<p />";
                  
                  echo $_POST['firstname']."<br />";
                  echo $_POST['lastname']."<br />";
               }
               else
               {
                  // There was an upload error
                  echo "Error:  A problem occured during file upload.<p />";
               }
            }
            else
            {
               // File already existed
               echo "Error: File ".$_FILES['download']['name'][$key]." already exists.<p />";
            }
         }
         else
         {
            // Only text files under 350Kb
            echo "Error:  Only .txt files under 350Kb are authorized for upload.".$_FILES['download']['size'][$key]."<p />";
         }
      }
      else
      {
         // No file uploaded (Error)
         echo "Error: No file uploaded.<p />";
      }
   }
}
?>
      <form enctype="multipart/form-data" action="index.php" method="post">
         Firstname: <input type="text" name="firstname" value="" />
         <br />
         Lastname: <input type="text" name="lastname" value="" />
         <br />
         DOB:  <input type="text" name="dob" value="" />
         <br />
         Doctor: <input type="text" name="doctor" value="" />
         <br />
         Start Date: <input type="text" name="start_date" value="" />
         <br />
         Start Time: <input type="text" name="start_time" value="" />
         <br />
         Indications: <input type="text" name="indications" value="" />
         <br />
         <input type="hidden" name="MAX_FILE_SIZE" value="1000000" />
         Download1: <input type="file" name="download[]" value="" />
         <br />
         Download2: <input type="file" name="download[]" value="" />
         <p />
         <input type="submit" name="Submit" value="Submit" />
      </form>
   </body>
</html>
VP - Software
User avatar
Posts: 3653
Joined: Sun Jun 06, 2004 10:17 pm
Location: Utah
Real Name: Jason Bullard

Postby DRAGON OF DARKNESS » Thu May 08, 2008 9:22 pm

ok im not 100% sure how to use this ... I put in my mysql server info and the query but it doesnt work ...
Stephen
PRO Level 16
User avatar
Posts: 1826
Joined: Fri Jul 16, 2004 11:14 pm
Location: MIA > FLA > USA

Postby jbullard » Thu May 08, 2008 10:36 pm

Can you post the entire contents of your file that you are using? I can incorporate it into that so you can see how I did it.
VP - Software
User avatar
Posts: 3653
Joined: Sun Jun 06, 2004 10:17 pm
Location: Utah
Real Name: Jason Bullard

Postby DRAGON OF DARKNESS » Thu May 08, 2008 10:41 pm

Code: Select all

<html>
   <head>
   <title>Secure PHP File Upload</title>
   </head>
   
   <body>

<php> $val)
   {
      // Check upload status
      if ($val == UPLOAD_ERR_OK)
      {
         // Get file name
         $filename = basename($_FILES['download']['name'][$key]);
         
         // Get extension
         $ext = substr($filename, strrpos($filename, '.') + 1);
         
         // Only allow text files to be uploaded under 350Kb
         if (($ext == "txt") && ($_FILES['download']['size'][$key] <350000>
      <form>
         Firstname: <input>
         <br>
         Lastname: <input>
         <br>
         DOB:  <input>
         <br>
         Doctor: <input>
         <br>
         Start Date: <input>
         <br>
         Start Time: <input>
         <br>
         Indications: <input>
         <br>
         <input>
         Download1: <input>
         <br>
         Download2: <input>
         <p>
         <input>
      </form>
   </body>
</html>



I know its not right , but I need to get this done by tommorrow. Let me know, thanks.

EDIT: I dont know why but it never displays the code right ... Can we talk on an IM client or something , because that isnt the code im using, everytime I try to put it in it changes it ....
Stephen
PRO Level 16
User avatar
Posts: 1826
Joined: Fri Jul 16, 2004 11:14 pm
Location: MIA > FLA > USA

Postby DRAGON OF DARKNESS » Thu May 08, 2008 11:01 pm

Ok what should the action file be ? the same file ?
Stephen
PRO Level 16
User avatar
Posts: 1826
Joined: Fri Jul 16, 2004 11:14 pm
Location: MIA > FLA > USA

Postby DRAGON OF DARKNESS » Thu May 08, 2008 11:10 pm

Ah nvm i got it ! I just sent the form to itself, then added the query under the IF function . Thanks for your help jason !!!!! ^*^ , now i got to intergrate this into my usergroup system.
Stephen
PRO Level 16
User avatar
Posts: 1826
Joined: Fri Jul 16, 2004 11:14 pm
Location: MIA > FLA > USA

Postby jbullard » Thu May 08, 2008 11:34 pm

You have to check the box that says "Disable HTML". I am at work so I don't have IM or Chat. :no
VP - Software
User avatar
Posts: 3653
Joined: Sun Jun 06, 2004 10:17 pm
Location: Utah
Real Name: Jason Bullard

Postby jbullard » Fri May 09, 2008 12:02 am

Not a problem man. Glad to hear you got it working. :yesnod:
VP - Software
User avatar
Posts: 3653
Joined: Sun Jun 06, 2004 10:17 pm
Location: Utah
Real Name: Jason Bullard

Postby DRAGON OF DARKNESS » Fri May 09, 2008 12:55 am

Ok now, I got it working but now I need to pass the file links into the database but im not sure how to do that since its in a loop. Thanks jason.

Edit: Sorry to bring this up again xD This should be the last thing I need. Ive been working on it for a month now lol
Stephen
PRO Level 16
User avatar
Posts: 1826
Joined: Fri Jul 16, 2004 11:14 pm
Location: MIA > FLA > USA

PreviousNext

Return to HTML, CSS, and Scripts

Who is online

Users browsing this forum: No registered users and 7 guests

cron
cron