Thanks for your offer of help.
Can I ask you a question seen as you caught me out! What I’m trying to eventually do is find out the .ext of a file that has been entered into my form. I have tried so many things and I just cant seem to get a result. I thought that all I had to do is return the value of ‘$file_ext’ from the script below and to do this I was using something similar to the following:
Code: Select all
if (isset($file_ext)) {echo "$file_ext"; }
But no matter what I try nothing works. This is why I was trying to back track and start with the form field entry hence my original post. So, how can I return the checked value of the submission into the form field and then display this by using ‘echo’
As you can see I’m very new to this but I’m learning fast and am using this as a tutorial for myself.
Many thanks
Brian
This is the entire code I’m using
Code: Select all
//Maximum file size. You may increase or decrease.
$MAX_SIZE = 10000000;
//Allowable file Mime Types. Add more mime types if you want
//$FILE_MIMES = array('image/jpeg','image/jpg','image/gif','image/png','application/msword','application/zip','application/sit','application/rar','application/txt','application/rtf',);
//Allowable file ext. names. you may add more extension names.
$FILE_EXTS = array('.doc');
//,'.txt','.zip','.sit','.jpg','.jpeg','.png','.gif','.rtf','.rar'
//Allow file delete? no, if only allow upload only
$DELETABLE = true;
/************************************************************
* Setup variables
************************************************************/
$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
$upload_dir = "files/";
$upload_url = $url_dir."/files/";
$message ="";
$name = "";
/************************************************************
* Create Upload Directory
************************************************************/
if (!is_dir("files")) {
if (!mkdir($upload_dir))
die ("upload_files directory doesn't exist and creation failed");
if (!chmod($upload_dir,0777))
die ("change permission to 755 failed.");
}
/************************************************************
* Process User's Request
************************************************************/
if ($_REQUEST[del] && $DELETABLE) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\n");
fclose($resource);
if (strpos($_REQUEST[del],"/.")>0); //possible hacking
else if (strpos($_REQUEST[del],"files/") === false); //possible hacking
else if (substr($_REQUEST[del],0,6)=="files/") {
unlink($_REQUEST[del]);
print "<script>window.location.href='$url_this?message=File deletion successful.'</script>";
}
}
else if ($_FILES['userfile']) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]"
.$_FILES['userfile']['name']." "
.$_FILES['userfile']['type']."\n");
fclose($resource);
$file_type = $_FILES['userfile']['type'];
$file_name = $_FILES['userfile']['name'];
$file_ext = strtolower(substr($file_name,strrpos($file_name,".")));
//File Size Check
if ( $_FILES['userfile']['size'] > $MAX_SIZE)
$message = "The file size is over 2MB.";
// else if (!in_array($file_type, $FILE_MIMES) && !in_array($file_ext, $FILE_EXTS) )
//$message = "Sorry, $file_name($file_type) is not allowed to be uploaded.";
//File Type/Extension Check
else if (!in_array($file_type, $FILE_MIMES) && !in_array($file_ext, $FILE_EXTS) ) {
$message = "Sorry, \"".$file_name."(".$file_type.")\" is not allowed to be uploaded.";
}
else
$message = do_upload($upload_dir, $upload_url);
print "<script>window.location.href='$url_this?message=$message'</script>";
}
else if (!$_FILES['userfile']);
else
$message = "Invalid File Specified.";
/************************************************************
* List Files
************************************************************/
$handle=opendir($upload_dir);
$filelist = "";
while ($file = readdir($handle)) {
if(!is_dir($file) && !is_link($file)) {
$filelist .= "<a href='$upload_dir$file'>".$file."</a>";
if ($DELETABLE)
$filelist .= " - <a href='?del=$upload_dir$file' title='delete'> Delete this file?</a>";
$filelist .= "<sub><small><small><font color=black> ".date("d-m H:i", filemtime($upload_dir.$file))
."</font></small></small></sub>";
$filelist .="<br>";
}
}
// Delete on this page returns a url parm of files/signal.doc for example
// substr() will extract from the position (counting from 0) and strip files from files/signal.doc
// WHERE wordName= %s is replaced with $filename after it has been striped of files/
$relURL = $_GET['del'];
$filename = substr($relURL, 6);
if ((isset($_GET['del'])) && ($_GET['del'] != "")) {
$deleteSQL = sprintf("DELETE FROM word WHERE wordName='$filename'",
GetSQLValueString($_GET['del'], "text"));
mysql_select_db($database_johnston, $johnston);
$Result1 = mysql_query($deleteSQL, $johnston) or die(mysql_error());
}
function do_upload($upload_dir, $upload_url) {
$temp_name = $_FILES['userfile']['tmp_name'];
$file_name = $_FILES['userfile']['name'];
$file_name = str_replace("\\","",$file_name);
$file_name = str_replace("'","",$file_name);
$file_path = $upload_dir.$file_name;
$wordDetails= $_POST['wordDetails'];
//If wordDetails empty check
if ( $wordDetails =="") {
$message = "Programme Note title missing";
return $message;
}
//File Name Check
if ( $file_name =="") {
$message = "Invalid File Name Specified";
return $message;
}
$result = move_uploaded_file($temp_name, $file_path);
if (!chmod($file_path,0777))
$message = "change permission to 755 failed.";
else
$message = ($result)?"$file_name uploaded successfully." :
"Something is wrong with uploading a file.";
return $message;
}
?>