1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 12:37 pm Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Upload File via PHP

         

webfoo

5:49 pm on Jun 29, 2010 (gmt 0)

10+ Year Member



This PHP is supposed to upload an image file the user submits. It then adds a record to a database. The database part works fine, but the file isn't getting uploaded. It's not working. Anyone spot a bug? 

<?php


$securitylevel=$_COOKIE["securitylevel"];

if ($securitylevel != "admin") {

echo "You cannot access this resource, because are not logged in. Please <a href='../login.php'>log in</a> first.";

}

elseif ($securitylevel=="admin") {



if (($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg")|| ($_FILES["file"]["type"] == "image/png"))
{


if ($_FILES["file"]["error"] > 0)
 {
 echo "Error - There is a problem with the image. " . $_FILES["file"]["error"] . "<br />";
 }
else
 {
 if (file_exists($_FILES["file"]["name"]))
 {
 echo "Error - The image you are trying to upload already exists on the server(" . $_FILES["file"]["name"] . ") " . $FILES["file"]["error"] . "<br />";
 }
 else
 {
 move_uploaded_file($_FILES["file"]["tmp_name"], $_FILES["file"]["name"]);
 echo "Image sucessfully saved to server as: " . $_FILES["file"]["name"] . "<br />";
 }
 }


$con = mysql_connect("localhost","username","password");
if (!$con)
 {
 die('Could not connect to database: ' . mysql_error() . "<br />");
 }

mysql_select_db("dbname", $con);

$name=$_FILES['file']['name'];
$size=$_FILES['file']['size'];
$kb = 1024;
$newsize = round($size / $kb);


$date=date("Y-m-d H:i:s");


$sql = mysql_query("INSERT INTO `images` (name, size, date) VALUES ('$name', '$newsize', '$date')");

if(!$sql) {
echo "Error adding image to database" . mysql_error() . "<br />";
}

mysql_close($con);

echo "<br /><a href='index.php'>Return to Image Manager</a>";

 }
else
 {
 echo "Invalid file - must be a GIF, JPEG, or PNG image.";
 }

}

?>

dreamcatcher

6:29 pm on Jun 29, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Ideally you should check if the file exists [php.net] before adding the database info.

Its possibly a permissions issue. Where are you trying to save the file?

move_uploaded_file($_FILES["file"]["tmp_name"], $_FILES["file"]["name"]);

Try saving it to a directory with write permissions:

move_uploaded_file($_FILES["file"]["tmp_name"], '/home/server/files/'.$_FILES["file"]["name"]);

dc

rocknbil

1:33 am on Jun 30, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



<form method="post" action=[your url]" enctype="multipart/form-data">

Right?

Probably the most important part of D.C.'s post is you're moving the file . . . where? From the PHP temporary upload directory into a different file name, but without indicating the path, it's the same temporary directory.

Files will, by default be stored in the server's default temporary directory, unless another location has been given with the upload_tmp_dir directive in php.ini. (manual [php.net]


You could add a trap, and should have gotten an error if it couldn't move it - but some servers have php errors disabled, which is kind of a good thing:

If filename is a valid upload file, but cannot be moved for some reason, no action will occur, and move_uploaded_file() will return FALSE. Additionally, a warning will be issued. manual [php.net]


if (move_uploaded_file($_FILES["file"]["tmp_name"], "/path/to/your/directory/".$_FILES["file"]["name"])) {
echo "Image sucessfully saved to server as: " . $_FILES["file"]["name"] . "<br />";
}
else { echo "<p>Could not move the file</p>"; }
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 12:37 pm Apr 28, 2026