Page 1 of 1
file upload
Posted: Tue Jan 28, 2003 9:08 am
by sinus
Hi
I'm trying to allowed the upload of zip files through a web interface,, I have read many of the tutorials etc out there but still can't seem to get this to work. I wish to enter the file name into a database rather than the whole file. But all that gets entered into the database is other information that is sent at the same as the file is supposed to be uploaded.
The destination directory has been chmod to 777.
Here is the code
Code: Select all
<?php
// directory path to load file to
$uploaddir="/usr/local/apache/htdocs/archangels/maps/";
// to see if there is a file
if (($the_file == "none") || ($the_file == "")) {
print ("You must specify a file to upload. ");
} else {
// check file type
if ($the_file_type != "application/x-zip") {
print ("The file must be in zip format");
$zip = "no";
} else {
$zip ="yes";
}
// check file size
if($max_file_size > 2000000) {
print ("The file is to large");
$size = "large";
} else {
$size = "small";
}
//directory to upload to
if (($zip == "yes") && ($size == "small")){
copy($the_file, $uploaddir.$the_file_name);
unlink($the_file);
print ("file upload successfull");
} else {
print ("failed upload");
}
}
?>
ok i'm not to sure about the path to the target upload directory, but if everything else is fine i'll know what the problem is.
When I run the script i keep getting the error message with the first if conditional.
Any help is gratefully appreciated
Sinus
Posted: Tue Jan 28, 2003 9:31 am
by puckeye
Hi sinus,
I don't see anywhere the insertion into the database...
Is your <FORM> enctype set to
enctype=\"multipart/form-data\"? Also I don't know if it makes a difference but I usually use the POST method when uploading files...
Also you should use either
move_uploaded_file http://www.php.net/manual/en/function.m ... d-file.php or at least
is_uploaded_file http://www.php.net/manual/en/function.i ... d-file.php just to make sure that the file was properly uploaded...
Posted: Tue Jan 28, 2003 9:46 am
by sinus
Hi puckeye
This is the form i am using
Code: Select all
<form method=post enctype="multipart/form-data" action=updatemaps.php?uname=$uname>
<td width=230 align=left class=info>id number:</td><td width=400 class=info align=left><input type=text size=10 name=id></td></tr>
<tr>
<td width=230 class=info align=left>Map name:</td><td width=400 class=info align=left><input type=text size=30 name=mapname></td></tr>
<tr>
<td width=230 class=info align=left>Game type:</td><td width=400 class=info align=left><input type=text size=30 name=gametype></td></tr>
<tr>
<td width=230 class=info align=left>file:</td><td width=400 class=info align=left>
<input type=hidden name="max_file_size" value="2000000">
<input type=file size=30 name="the_file"></td></tr>
<tr>
<td width=230 class=info align=left valign=top>Description:<td width=400 class=info align=left><textarea cols=30 name=description rows=8></textarea></td></tr>
<tr>
<td width=630 align=left height=10 colspan=2 class=info></td>
<tr>
<td width=630 align=left colspan=2 class=info>
<input type=submit name=add value="Add Map">
<input type=submit name=delete value="Delete Map">
</td></tr>
</form>
Then based on wether add or delete was used this code is implemented i'm just showing add for now
Code: Select all
if ($add) {
require("functions/addupload.php");
$query1 = "INSERT INTO maps (name, gametype, description, url) VALUES ('$mapname', '$gametype', '$description', '$the_file')";
if (!($result1 = mysql_db_query ($databasename, $query1, $connection))){
print ("Error no map added");
}else {
print ("Map added");
}
}
The require function here calls in the first piece of code i put up to execute the upload. The sql statment executes because i get map added response. By the way the page is pasting to it's self.
Thanks for the help, I'll look into move_uploaded_file & is_uploaded_file
Sinus
Posted: Tue Jan 28, 2003 9:58 am
by puckeye
In
Code: Select all
$query1 = "INSERT INTO maps (name, gametype, description, url) VALUES ('$mapname', '$gametype', '$description', '$the_file')";
You use the variable $the_file. If you didn't modify this variable before the query string it should return the file's location something like /tmp/sdagfklhagf
You should use $the_file_name like in your verification script.
Also why did you write
action=updatemaps.php?uname=$uname?
You should use a hidden field
Code: Select all
<INPUT TYPE="hidden" NAME="uname" VALUE="$uname">
it does the same thing...
Posted: Tue Jan 28, 2003 9:59 am
by DeGauss
Here's an upload class which has never failed to work for me... Since i wrote it
http://www.vanillacity.com/geek/items/suck.phps
Posted: Tue Jan 28, 2003 12:59 pm
by sinus
Ok having looked at your recommendations on using is_uploaded_file and move_uploaded_file I have tried the floowing code. Though it still does not get passed the first conditional
Code: Select all
$uploaddir="/usr/local/apache/htdocs/elysuimdesign/archangels/maps/";
$allowedfile="application/x-zip";
// check that file is seleted
if (!is_uploaded_file($the_file)) {
print ("No file selected");
}
else {
//check the file type
if ($_FILESї'the_file']ї'type'] != $allowedfile) {
print ("The file type is not allowed");
}
else {
//check the file size
if ($_FILESї'the_file']ї'size'] > $max_file_size) {
print ("The file was to large");
}
else {
// move file to selected directory
if (move_uploaded_file($_FILESї'the_file']ї'tmp_name'], $uploaddir . $_FILESї'the_file']ї'name'])) {
print "File is valid, and was successfully uploaded";
} else {
print "File not uplloaded";
}
}
}
}
Thanks for the help with writing to the database that is ok now
Sinus