Welcome to WebmasterWorld Guest from 50.17.79.100

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

file upload

     

phex

9:38 am on Aug 19, 2010 (gmt 0)

5+ Year Member



The following form uploads video clips into video table.
The problem is that only files that are under 980kb are uploaded and they should be atleast 5MB.
I have set "post_max_size=15MB", "upload_max_filesize=10MB" in php.ini but still files over 980kb dont get uploaded.
Can a php/mysql expert help
__________________________________________________________

The form:

<form method="post" enctype="multipart/form-data" action="uploader_2.php">
<table align="center" bordercolor="#FF6600" class="box">
<tr bordercolor="#FF6633" bgcolor="#FF6633">
<td><font color="#FF6600"><strong><font color="#FFFFFF" size="-7" face="Tahoma">Description</font></strong></font></td>
<td><font color="#FF6600"><strong><font size="-7" face="Tahoma">
<textarea name="txtDescription" cols="29" rows="4"></textarea>
</font></strong></font></td>
</tr>
<tr bordercolor="#FF6633" bgcolor="#FF6633">
<td><font color="#FF6600"><strong><font color="#FFFFFF" size="-7" face="Tahoma">Video
by</font></strong></font></td>
<td><font color="#FF6600"><strong><font size="-7" face="Tahoma">
<input name="txtTaken_by" type="text" size="38" />
</font></strong></font></td>
</tr>
<tr bordercolor="#FF6633" bgcolor="#FF6633">
<td><font color="#FF6600"><strong><font color="#FFFFFF" size="-7" face="Tahoma">Email</font></strong></font></td>
<td><font color="#FF6600"><strong><font size="-7" face="Tahoma">
<input name="txtEmail" type="text" size="38" />
</font></strong></font></td>
</tr>
<tr bordercolor="#FF6633" bgcolor="#FF6633">
<td><font color="#FFFFFF" size="-7" face="Tahoma"><strong>Video</strong></font></td>
<td><font color="#FF6600"><strong><font size="-7" face="Tahoma">
<input name="userfile" type="file" size="26" />
</font></strong></font></td>
</tr>
<tr bordercolor="#FF6633" bgcolor="#FF6633">
<td><font color="#FF6600" size="-7">&nbsp;</font> </td>
<td><font color="#FF6600"><strong><font size="-7" face="Tahoma">
<input name="upload" type="submit" value="Upload" />
</font></strong></font></td>
</tr>
</table>
</form>

__________________________________________________________

Form handler "uploader_2.php":

<?php

$link_id = mysql_connect("localhost", "username", "password");

if(!$link_id) die ("could not connect");

mysql_select_db(test,$link_id);

if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{
$fileName = $_FILES['userfile']['name'];

$tmpName = $_FILES['userfile']['tmp_name'];

$fileSize = $_FILES['userfile']['size'];

$fileType = $_FILES['userfile']['type'];


$description = $_POST['txtDescription'];
$taken_by = $_POST['txtTaken_by'];
$email = $_POST['txtEmail'];

$fp = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);

if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
}




$query = "INSERT INTO videos ( video, description, taken_by, email, name, size, type ) ".
"VALUES ( '$content', '$description', '$taken_by', '$email', '$fileName', '$fileSize', '$fileType')";


mysql_query($query) or die('Error, query failed');


echo "<br>Your video <i><b>$fileName</b></i> Is Succesfully uploaded Into Our video Database<br>";

}
?>

__________________________________________________________

DATABASE=test
table "video"structure:

id= int, primary key, not null, auto increment
video= longblob
description= text
taken_by= varchar (255)
email=varchar (255)
time= timestamp
name= varchar (255)
size= int(50)
type= varchar(10)

Thanking you in advance

morehawes

10:27 am on Aug 19, 2010 (gmt 0)

5+ Year Member



Hi, when you say "dont get uploaded" could you provide the error message you are getting?

phex

11:14 am on Aug 19, 2010 (gmt 0)

5+ Year Member



Error, query failed

Matthew1980

11:23 am on Aug 19, 2010 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



Hi there phex,

Try this intead:-

$query = "INSERT INTO `videos` ( `video`, `description`, `taken_by`, `email`, `name`, `size`, `type` ) VALUES ('".$content."', '".$description."', '".$taken_by."', '".$email."', '".$fileName."', '".$fileSize."', '".$fileType."')";


That should do the trick :) Back ticks aren't necessary, I just find it better to always include them, and depending on the content of the vars you are submitting they may not need quoting (numerical values)

And hopefully, you are sanitising the data before using it in conjunction with the sql query?

Cheers,
MRb

phex

11:53 am on Aug 19, 2010 (gmt 0)

5+ Year Member



I still get the same "Error, query failed " message, and what do you mean by "And hopefully, you are sanitising the data before using it in conjunction with the sql query?
"? I am learning php on my own.

Over!

Matthew1980

12:03 pm on Aug 19, 2010 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



Hi there Phex,

Short form answer: look in to using strip_tags() & mysql_real_escape_string().

So:[uk.php.net ] and:[uk.php.net ]

These functions are used in conjunction with data being used in a sql query to make the data safe so that any information posted by the user should not harm your information stored on your database, all that it takes is for someone with know how to add: DROP Yourdatabase; in an input box and post that, and without some sanitising, that could be actioned, then your data is gone.

Hope that makes sense.

Cheers,
MRb

rocknbil

5:28 pm on Aug 19, 2010 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member



phex, change this

mysql_query($query) or die('Error, query failed');

to this

mysql_query($query) or die('Query failed: ' . mysql_error());

to see what the error really is. Remove that change after deployment for security reasons.

The column count matches, so it won't be that - but it's LIKELY not escaping a ', are there any in your input?

I don't know if type and name conflict with internal functions, it **may** be that, which is a good case for backtics. This looks a little more complex, but give it a go.

$query = "INSERT INTO videos ( `video`, `description`, `taken_by`, `email`, `name`, `size`, `type` ) VALUES ( '" .
mysql_real_escape_string($content) . "', '" .
mysql_real_escape_string($description) . "', '" .
mysql_real_escape_string($taken_by) . "', '" .
mysql_real_escape_string($email) . "', '" .
mysql_real_escape_string($fileName) . "', '" .
mysql_real_escape_string($fileSize) . "', '" .
mysql_real_escape_string($fileType) . "')";

// revert to this when live
//mysql_query($query) or die('Query failed');

mysql_query($query) or die('Query failed: ' . mysql_error());

Matthew1980

5:43 pm on Aug 19, 2010 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



Hi all,

I just noticed something:-

>>mysql_query($query)

Make sure that you have a valid connection handle to the DB or you will get the failed to connect message after you adopt Rocknbil's approach.

Cheers,
MRb

rocknbil

2:43 am on Aug 20, 2010 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I never use mysql_query($query,$connection), if you only have one database handle in the proggie it's not needed. :-)

phex

8:04 am on Aug 20, 2010 (gmt 0)

5+ Year Member



I used rockbil's code and I now get an error message "Query failed: Got a packet bigger than 'max_allowed_packet' bytes". What can be done?

$query = "INSERT INTO videos ( `video`, `description`, `taken_by`, `email`, `name`, `size`, `type` ) VALUES ( '" .
mysql_real_escape_string($content) . "', '" .
mysql_real_escape_string($description) . "', '" .
mysql_real_escape_string($taken_by) . "', '" .
mysql_real_escape_string($email) . "', '" .
mysql_real_escape_string($fileName) . "', '" .
mysql_real_escape_string($fileSize) . "', '" .
mysql_real_escape_string($fileType) . "')";

mysql_query($query) or die('Query failed: ' . mysql_error());

rocknbil

4:08 pm on Aug 20, 2010 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Now yer' getting somewhere. :-)

max_allowed_packet [dev.mysql.com]

I should have caught this earlier, but it **looks** like you're storing the video itself right in the database, is that correct? ($content) Bad idea, this will make for a gargantuan DB. Suggest you store the video on the file system and just store the file name reference in your tables.

phex

6:28 pm on Aug 20, 2010 (gmt 0)

5+ Year Member



rocknbil:

what will the code for that be?

rocknbil

2:26 am on Aug 21, 2010 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member



look around for some file upload samples, been a long day. Basically you define a variable somewhere,

$upload_dir = '/full/path/to/upload_dir';
$upload_url = /upload_dir',

and make sure upload_dir is writable by PHP. Then you use move_uploaded_file() to move it from it's temporary upload location to your file system. Use the URL variable to pull the file into your Flash player or whatver to play it in web pages.

phex

7:42 am on Aug 22, 2010 (gmt 0)

5+ Year Member



finally i got it right.thanks alot from all of you guys especialy because i followed more of your advises.

One last thing, what is the best media player you can suggest i embed on a webpage?

phex

7:44 am on Aug 22, 2010 (gmt 0)

5+ Year Member



finally i got it right.thanks alot from all of you guys especialy 'rocknbil' because i followed more of your advises.

One last thing, what is the best media player you can suggest i embed on a webpage?

rocknbil

5:40 pm on Aug 22, 2010 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Depends on your video type.

I use ffmpeg to convert any uploaded format to .flv, then write my own players in Flash, but whatever you do if you're using < HTML5 or XHTML use .swf object to do the embed. There are a variety of Flash players out there, some of them free, some not.

If you use HTML5, you can use the video object that's now part of the spec, no Flash needed (Note, I have no direct experience with this yet, it's "on my list.") . The advantage to that is Mr. Jobs has vowed Flash will never be available on his precious iPad, so Mac users will be able to access the video as well.

You may still want to install and use ffmpeg to convert to a singular format so you can standardize your video output, as well as add watermarking to the video.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month