Forum Moderators: coopster
I am trying to upload images only to a directory on my web server with very little success, here is the code i have so far.
<?php
if ($userfile_size >3500000)
{
$msg=$msg."Your uploaded file size is more than 3500KB, it needs to be smaller!";
$file_upload="false";
}
if (!($userfile_type =="image/pjpeg" ¦¦ $userfile_type=="image/gif" ¦¦ $userfile_type=="image/png" ¦¦$userfile_type=="image/bmp"))
{
$msg=$msg."Wrong File Type";
$file_upload="false";
}
$add = "/home/www/juttuffi/gallery/images/$userfile_name";
if(move_uploaded_file ($userfile, $add))
{
echo "UPLOADED";
}
else
{
echo "Failed to upload file ";
}
?>
Basically I get the error "Failed to upload file" so i guess the problem is related to the move_uploaded_file()
can anyone drop me any hints as to how to fix this problem, Please please please!
$filename = $_FILES['imagefile']['name']; //echo"$filename";
if (!eregi(".jpg¦.png¦.jpeg¦.pjpeg]",$filename))
{
echo"<b>Unauthorized file format!<br>
<a href=\"../upload.php\"> Please try again!</a></b>";
exit();
}
else
{
// carry on
}
then I will change $add
to something like
../../gallery etc...
if ($_FILES['userfile']['type']!= 'image/gif' ¦¦ 'image/jpeg' ¦¦ 'image/bmp' ¦¦ 'image/png')the above code doesnt work, can anyone help?
it comes uo saying file not an image, is that check correct? are the OR ¦¦'s correct? can anyone help?
I can get files to upload fine when I have this
// Does the file have the right MIME type?
if ($_FILES['userfile']['type']!= 'image/gif')
The obvious solution to me is to add an OR so like,
gif OR jpeg OR bmp OR png surely that would be the way I would go about it in my head, i suppose i could do it like.
if ($_FILES['userfile']['type']!= 'image/gif')
{
//ERROR CODE
}
elseif ($_FILES['userfile']['type']!= 'image/jpeg')
{
//ERROR CODE
}
and keep going like that, can someone please please help I am so close it uploads GIF files fine i just need it to accept jpeg and png and bmp files too
are my ideas about the OR and elseif right? or am i being stupid (I am a newbie to php, but not programing)
if someone could help me get it working I would be really grateful
The problem was with the permission of the destination directory. Apparently, PHP does not use the same user as Apache. Rather than go through the rigamarole of finding the PHP user, I made the directory 0777 with an .htaccess to prevent HTTP and PHP execution. Since anyone who got to this point would be in the system hip-deep anyway, it wouldn't matter. However, for a more publicly available system, I would track down the PHP user and set chown to that.
CORRECTION: It DID show up in $_FILES. move_uploaded_file() just quietly failed.
Where am i going wrong, Shouldn't what I want to do and the way im trying with If and OR work?
just to make it clear to everyone here is the code I currently have which doesn't work however it does if the OR isnt in the MIME type section is removed and it only checks one type of file.
<?php
if ($_FILES['userfile']['error'] > 0)
{
echo 'Problem: ';
switch ($_FILES['userfile']['error'])
{
case 1: echo 'File exceeded upload_max_filesize'; break;
case 2: echo 'File exceeded max_file_size'; break;
case 3: echo 'File only partially uploaded'; break;
case 4: echo 'No file uploaded'; break;
}
exit;
}
// Does the file have the right MIME type?
if ($_FILES['userfile']['type']!= 'image/jpeg' ¦¦ 'image/gif')
{
echo 'Problem: file is not an image';
exit;
}
// put the file where we'd like it
$upfile = '/home/www/juttuffi/gallery/images/'.$_FILES['userfile']['name'];
if (is_uploaded_file($_FILES['userfile']['tmp_name']))
{
if (!move_uploaded_file($_FILES['userfile']['tmp_name'], $upfile))
{
echo 'Problem: Could not move file to destination directory';
exit;
}
}
else
{
echo 'Problem: Possible file upload attack. Filename: ';
echo $_FILES['userfile']['name'];
exit;
}
echo 'File uploaded successfully<br><br>';
?>
I have also tried the following..
<?php
if ($_FILES['userfile']['error'] > 0)
{
echo 'Problem: ';
switch ($_FILES['userfile']['error'])
{
case 1: echo 'File exceeded upload_max_filesize'; break;
case 2: echo 'File exceeded max_file_size'; break;
case 3: echo 'File only partially uploaded'; break;
case 4: echo 'No file uploaded'; break;
}
exit;
}
// Does the file have the right MIME type?
if ($_FILES['userfile']['type']!= 'image/jpeg')
{
echo 'Problem: file is not an image';
exit;
}
elseif ($_FILES['userfile']['type']!= 'image/gif')
{
echo 'Problem: file is not an image';
exit;
}
// put the file where we'd like it
$upfile = '/home/www/juttuffi/gallery/images/'.$_FILES['userfile']['name'];
if (is_uploaded_file($_FILES['userfile']['tmp_name']))
{
if (!move_uploaded_file($_FILES['userfile']['tmp_name'], $upfile))
{
echo 'Problem: Could not move file to destination directory';
exit;
}
}
else
{
echo 'Problem: Possible file upload attack. Filename: ';
echo $_FILES['userfile']['name'];
exit;
}
echo 'File uploaded successfully<br><br>';
?>
both different approaches dont work and i cant figure out why, does it have something to do with exit;
?
if ($_FILES['userfile']['type']!= 'image/jpeg' ¦¦ 'image/gif')
I didn't know PHP allowed this. I always compare like so:
if ($_FILES['userfile']['type']!= 'image/jpeg' ¦¦ $_FILES['userfile']['type']!= 'image/gif')
// Does the file have the right MIME type?
if ($_FILES['userfile']['type']!= 'image/jpeg')
{
echo 'Problem: file is not an image';
exit;
}
elseif ($_FILES['userfile']['type']!= 'image/gif')
{
echo 'Problem: file is not an image';
exit;
}
it will not work properly because if the file type is a gif it will get caught by the first if statement, as it is not a jpeg.
Just do 1 if statement to handle all file types, but flip it aswell so instead of it checking to see if it isnt a particular file type, check to see if it is.
//----------------------
if ($_FILES['userfile']['type'] == 'image/gif' ¦¦ _FILES['userfile']['type']== 'image/jpeg'){
//then do upload code here
}
else{
echo "this aint an image";
}
Ally
if ($_FILES['userfile']['type']!= 'image/jpeg' ¦¦ $_FILES['userfile']['type']!= 'image/gif')
I took allys advice and changed the check so my code now looks like this
<?php
if ($_FILES['userfile']['error'] > 0)
{
echo 'Problem: ';
switch ($_FILES['userfile']['error'])
{
case 1: echo 'File exceeded upload_max_filesize'; break;
case 2: echo 'File exceeded max_file_size'; break;
case 3: echo 'File only partially uploaded'; break;
case 4: echo 'No file uploaded'; break;
}
exit;
}
// Does the file have the right MIME type?
if ($_FILES['userfile']['type'] == 'image/gif' ¦¦ $_FILES['userfile']['type']== 'image/jpeg')
{
// put the file where we'd like it
$upfile = '/home/www/juttuffi/gallery/images/'.$_FILES['userfile']['name'];
//uploaded file
if (is_uploaded_file($_FILES['userfile']['tmp_name']))
{
if (!move_uploaded_file($_FILES['userfile']['tmp_name'], $upfile))
{
echo 'Problem: Could not move file to destination directory';
exit;
}
}
else
{
echo 'Problem: Possible file upload attack. Filename: ';
echo $_FILES['userfile']['name'];
exit;
}
}
else
{
echo 'Problem: file is not an image';
exit;
}
echo 'File uploaded successfully<br><br>';
?>
I assume this looks right to everyone? but why am I still getting an error on line 22 for an unexpected T_STRING in line 22 which is this line...
if ($_FILES['userfile']['type'] == 'image/gif' ¦¦ $_FILES['userfile']['type']== 'image/jpeg')
can anyone see the problem?
¦¦
is not the same as
¦¦
in the if statement
if ($_FILES['userfile']['type'] == 'image/gif' ¦¦ $_FILES['userfile']['type']== 'image/jpeg')
!SORRY that is completely wrong.. just my editor showing it differently..!
[edited by: Scally_Ally at 4:18 pm (utc) on Jan. 30, 2007]
you need to replace them with a true pipe character
Different browsers have different definition of mime codes for jpg images.
Let me yank out an example from my code library here...
if ($_FILES['picture']['type'] == "image/pjpeg" ¦¦
$_FILES['picture']['type'] == "image/jpg" ¦¦
$_FILES['picture']['type'] == "image/jpeg")
{
//jpg code
}
....
That should catch all images of type jpg in IE, Firefox, and Opera.
just tested it and it works fine now phew thanks alot everyone :-) i can't say it enough!
