$_FILES problem with uploading

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

danielfs1
Forum Newbie
Posts: 13
Joined: Thu Feb 14, 2008 10:37 am
Location: Georgia

$_FILES problem with uploading

Post by danielfs1 »

Thanks to the code that astions was able to provide to me, we were able to get the image resizing script to work (but only by hardcoding the location of the image on my harddrive). However after making some tweaks to it, i realized that $_FILES['binFile']['name'] was only giving the name of the file and not the full path like we need.

Obviously $_POST['binFile'] won't return the full path (i know because i've tried unless I've done it wrong, which is a real possibility).

Note: We are using pear to connect to our mysql DB

Code: Select all

 
 
define('MAX_IMAGE_HEIGHT', 100);
 define('MAX_IMAGE_WIDTH', 200);
  
 function new_image_by_type($name, $extension)
 {
     switch($extension)
     {
         case ".jpg":
             return imagecreatefromjpeg($name);
             break;
         case ".jpeg":
             return imagecreatefromjpeg($name);
             break;
         case ".gif":
             return imagecreatefromgif($name);
             break;
         case ".png":
             return imagecreatefrompng($name);
             break;
         default:
             return false;
     }
 }
  
     if (!empty($_FILES['binFile']['name']))
     {
         $WHITE_LIST  = array('.jpg','.jpeg', '.gif', '.png');
      
         // validate the file extension..
         $FILE_INFO      = pathinfo($_FILES['binFile']['name']);
         $FILE_EXTENSION = '.' . strtolower($FILE_INFO["extension"]);
         
      
         if (!in_array($FILE_EXTENSION, $WHITE_LIST))
         {
            exit('The uploaded file is not a valid image type.');
         }
      
         //verify upload is actually an image
         if (false === ($IMAGE_DATA = getimagesize($_POST['binFile'])))
         {
             exit('The file uploaded is either corrupt or not a valid image file.');
         }
      
        echo "look here" . $_FILES['binFile']['name'];      
 
         $ORIGINAL_WIDTH  = $IMAGE_DATA[0];
         $ORIGINAL_HEIGHT = $IMAGE_DATA[1];
         
         echo $ORIGINAL_WIDTH;
      
         // determine if the image needs to be resized..
         if (($ORIGINAL_WIDTH < MAX_IMAGE_WIDTH) && ($ORIGINAL_HEIGHT < MAX_IMAGE_HEIGHT))
         {
             $content = file_get_contents($_FILES['binFile']['name']);
             $content = addslashes($content);           
             $fileSize = $_FILES['binFile']['size'];
             echo "NOT TO BIG";
         } else {
             // calculate the new image dimensions..
             if ($ORIGINAL_WIDTH > $ORIGINAL_HEIGHT)
             {
                 $NEW_WIDTH  = floor((MAX_IMAGE_HEIGHT / $ORIGINAL_HEIGHT) * $ORIGINAL_WIDTH);
                 $NEW_HEIGHT = MAX_IMAGE_HEIGHT;
             } else {
                 $NEW_HEIGHT = floor((MAX_IMAGE_WIDTH / $ORIGINAL_WIDTH) * $ORIGINAL_HEIGHT);
                 $NEW_WIDTH  = MAX_IMAGE_WIDTH;
             }
             echo "TO BIG";
      
             $NEW_IMAGE = imagecreatetruecolor($NEW_WIDTH, $NEW_HEIGHT);
         imagecopyresampled($NEW_IMAGE, new_image_by_type($_FILES['binFile']['name'], $FILE_EXTENSION), 0, 0, 0, 0, $NEW_WIDTH, $NEW_HEIGHT, $ORIGINAL_WIDTH, $ORIGINAL_HEIGHT);
      
             // save image as a jpg and optimize the file size..
             imagejpeg($NEW_IMAGE, $_FILES['binFile']['name'], 85);
             $content = file_get_contents($_FILES['binFile']['name']);
             $content = addslashes($content);           
             $fileSize = filesize($_FILES['binFile']['name']);
         }
      
         $fileName = $_FILES['binFile']['name'];
         $fileType = $_FILES['binFile']['type'];
 
         //echo $content;
            
         $sqlquery = $conn->query("INSERT INTO user_extra (user_ID) VALUES ('$id') ON DUPLICATE KEY UPDATE  content = '$content', name = '$fileName', size = '$fileSize', type = '$fileType'");
     }
 
 
Here is the HTML

Code: Select all

 
<INPUT TYPE="hidden" NAME="MAX_FILE_SIZE" VALUE="10000000">
<INPUT TYPE="hidden" NAME="action" VALUE="upload">
<input type="file" size="32" id= "binfile" name="binFile" />
 
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: $_FILES problem with uploading

Post by Christopher »

I think somewhere in there you are not asking how you get the full path to uploaded files? ;) You can get it from the php.ini setting.
(#10850)
danielfs1
Forum Newbie
Posts: 13
Joined: Thu Feb 14, 2008 10:37 am
Location: Georgia

Re: $_FILES problem with uploading

Post by danielfs1 »

Well when I echo $_FILES['binFile']['tmp_name'] it spits out "C:\xampp\tmp\php211.tmp"

which i guess is correct according to the php.ini file:

Code: Select all

 
; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
upload_tmp_dir = "C:\xampp\tmp"
 
the only problem is when i navigate there, there isn't a php22.tmp
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: $_FILES problem with uploading

Post by Christopher »

Ohhhhh ... PHP deletes the temp file if it still exists at the end of the request. You need to use the move_uploaded_file() function to move the file to the directory and filename you want it to be saved as.

http://us.php.net/manual/en/function.mo ... d-file.php

There is a very nice section in the PHP manual about file uploading. ;)
(#10850)
danielfs1
Forum Newbie
Posts: 13
Joined: Thu Feb 14, 2008 10:37 am
Location: Georgia

Re: $_FILES problem with uploading

Post by danielfs1 »

Well the problem is that we can't really write anything to the server, we are attempting to store files directly from the user's computer into the mysql database.

Sorry about the questions, I'm a college student working for the university, so I hate reading :(
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: $_FILES problem with uploading

Post by Christopher »

Then write the contents of the temp file to the database.
(#10850)
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Re: $_FILES problem with uploading

Post by Benjamin »

You should be using the temporary name, not the name, which if memory serves does contain the full path. The name is only the name of the file that was uploaded.
danielfs1
Forum Newbie
Posts: 13
Joined: Thu Feb 14, 2008 10:37 am
Location: Georgia

Re: $_FILES problem with uploading

Post by danielfs1 »

astions wrote:You should be using the temporary name, not the name, which if memory serves does contain the full path. The name is only the name of the file that was uploaded.
okay, I managed to get it to upload, however the image is showing up all black. Any suggestions?
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Re: $_FILES problem with uploading

Post by Benjamin »

Make sure you have all the variable and array index names correct. (ie tmp_name instead of name). Did you change it in this variable as well?

Code: Select all

new_image_by_type($_FILES['binFile']['name'], $FILE_EXTENSION)
If that is correct you may need to seperate it like so..

Code: Select all

 
$OLD_IMAGE = new_image_by_type($_FILES['binFile']['name'], $FILE_EXTENSION);
 imagecopyresampled($NEW_IMAGE, $OLD_IMAGE, 0, 0, 0, 0, $NEW_WIDTH, $NEW_HEIGHT, $ORIGINAL_WIDTH, $ORIGINAL_HEIGHT)
 
danielfs1
Forum Newbie
Posts: 13
Joined: Thu Feb 14, 2008 10:37 am
Location: Georgia

Re: $_FILES problem with uploading

Post by danielfs1 »

astions wrote:Make sure you have all the variable and array index names correct. (ie tmp_name instead of name). Did you change it in this variable as well?

Code: Select all

new_image_by_type($_FILES['binFile']['name'], $FILE_EXTENSION)
If that is correct you may need to seperate it like so..

Code: Select all

 
$OLD_IMAGE = new_image_by_type($_FILES['binFile']['name'], $FILE_EXTENSION);
 imagecopyresampled($NEW_IMAGE, $OLD_IMAGE, 0, 0, 0, 0, $NEW_WIDTH, $NEW_HEIGHT, $ORIGINAL_WIDTH, $ORIGINAL_HEIGHT)
 

I made that change and made sure all references were changed properly.

Code: Select all

 
$OLD_IMAGE = new_image_by_type($_FILES['binFile']['tmp_name'], $FILE_EXTENSION);
$NEW_IMAGE = imagecreatetruecolor($NEW_WIDTH, $NEW_HEIGHT);
imagecopyresampled($NEW_IMAGE, $OLD_IMAGE, 0, 0, 0, 0, $NEW_WIDTH, $NEW_HEIGHT, $ORIGINAL_WIDTH, $ORIGINAL_HEIGHT);
 
note: i tried it with tmp_name and name


the image is the right size except its just all black.
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Re: $_FILES problem with uploading

Post by Benjamin »

Ok, well post the entire code and I'll have a look at it.
danielfs1
Forum Newbie
Posts: 13
Joined: Thu Feb 14, 2008 10:37 am
Location: Georgia

Re: $_FILES problem with uploading

Post by danielfs1 »

Code: Select all

define('MAX_IMAGE_HEIGHT', 200);
 define('MAX_IMAGE_WIDTH', 200);
  
 function new_image_by_type($name, $extension)
 {
     switch($extension)
     {
         case ".jpg":
             return imagecreatefromjpeg($name);
             break;
         case ".jpeg":
             return imagecreatefromjpeg($name);
             break;
         case ".gif":
             return imagecreatefromgif($name);
             break;
         case ".png":
             return imagecreatefrompng($name);
             break;
         default:
             return false;
     }
 }
  
     if (!empty($_FILES['binFile']['name']))
     {
         $WHITE_LIST  = array('.jpg','.jpeg', '.gif', '.png');
        
         $file = $_FILES['binFile']['tmp_name'];
          echo move_uploaded_file($_FILES['binFile']['name'],"C:\\xampp\\tmp");
         
         // validate the file extension..
         $FILE_INFO      = pathinfo($file);
         $FILE_EXTENSION = '.' . strtolower($FILE_INFO["extension"]);
         
         echo $_FILES['binFile']['tmp_name'];
      
//       if (!in_array($FILE_EXTENSION, $WHITE_LIST))
//       {
//          echo $_POST['binFile'];
//          exit('The uploaded file is not a valid image type.');
//       }
      
         //verify upload is actually an image
         if (false === ($IMAGE_DATA = getimagesize($file)))
         {
             exit('The file uploaded is either corrupt or not a valid image file.');
         }
      
        echo "look here" . $_FILES['binFile']['name'];      
 
         $ORIGINAL_WIDTH  = $IMAGE_DATA[0];
         $ORIGINAL_HEIGHT = $IMAGE_DATA[1];
         
         echo $ORIGINAL_WIDTH;
      
         // determine if the image needs to be resized..
         if (($ORIGINAL_WIDTH < MAX_IMAGE_WIDTH) && ($ORIGINAL_HEIGHT < MAX_IMAGE_HEIGHT))
         {
             $content = file_get_contents($file);
             $content = addslashes($content);           
             $fileSize = $_FILES['binFile']['size'];
             echo "NOT TO BIG";
         } else {
             // calculate the new image dimensions..
             if ($ORIGINAL_WIDTH > $ORIGINAL_HEIGHT)
             {
                 $NEW_WIDTH  = floor((MAX_IMAGE_HEIGHT / $ORIGINAL_HEIGHT) * $ORIGINAL_WIDTH);
                 $NEW_HEIGHT = MAX_IMAGE_HEIGHT;
             } else {
                 $NEW_HEIGHT = floor((MAX_IMAGE_WIDTH / $ORIGINAL_WIDTH) * $ORIGINAL_HEIGHT);
                 $NEW_WIDTH  = MAX_IMAGE_WIDTH;
             }
             echo "TO BIG";
            
             $OLD_IMAGE = new_image_by_type($_FILES['binFile']['tmp_name'], $FILE_EXTENSION);
             $NEW_IMAGE = imagecreatetruecolor($NEW_WIDTH, $NEW_HEIGHT);
         imagecopyresampled($NEW_IMAGE, $OLD_IMAGE, 0, 0, 0, 0, $NEW_WIDTH, $NEW_HEIGHT, $ORIGINAL_WIDTH, $ORIGINAL_HEIGHT);
      
             // save image as a jpg and optimize the file size..
             imagejpeg($NEW_IMAGE, $file, 85);
             $content = file_get_contents($file);
             $content = addslashes($content);           
             $fileSize = filesize($file);
         }
      
         $fileName = $_FILES['binFile']['name'];
         $fileType = $_FILES['binFile']['type'];
 
         //echo $content;
            
         $sql= $conn->query("INSERT INTO user_extra (user_ID) VALUES ('$id') ON DUPLICATE KEY UPDATE  content = '$content', name = '$fileName', size = '$fileSize', type = '$fileType'");
     }
html

Code: Select all

 
<INPUT TYPE="hidden" NAME="MAX_FILE_SIZE" VALUE="10000000">
<INPUT TYPE="hidden" NAME="action" VALUE="upload">
<input type="file" size="32" id= "binfile" name="binFile" />
 
jmut
Forum Regular
Posts: 945
Joined: Tue Jul 05, 2005 3:54 am
Location: Sofia, Bulgaria
Contact:

Re: $_FILES problem with uploading

Post by jmut »

I think you are overcomplicating stuff.
1. you should use is_uploaded_file() to check for hack attempts
2. you should check whole error array to see if upload is correct - http://php.net/manual/en/features.file- ... errors.php
3. you should use getimagesize() to validate it's image, and the type of it (do not rely on filename extension!!!)
4. use getimagesize to store size of image + it's mime type so you can correctly display it afterwards
5. use file_get_contents and mysql_real_escape_string to store stuff in database, + the mime, + the size

Make sure you also check for common pitfalls like http://php.net/manual/en/ini.core.php#ini.post-max-size

There is no need of any imagecreate* or whatever else to upload an image.
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Re: $_FILES problem with uploading

Post by Benjamin »

Code: Select all

 
 $content = addslashes($content);
 
That line is corrupting the image. Just use mysql_real_escape_string when you insert it into the database.
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Re: $_FILES problem with uploading

Post by Benjamin »

jmut wrote:I think you are overcomplicating stuff.
1. you should use is_uploaded_file() to check for hack attempts
2. you should check whole error array to see if upload is correct - http://php.net/manual/en/features.file- ... errors.php
3. you should use getimagesize() to validate it's image, and the type of it (do not rely on filename extension!!!)
4. use getimagesize to store size of image + it's mime type so you can correctly display it afterwards
5. use file_get_contents and mysql_real_escape_string to store stuff in database, + the mime, + the size

Make sure you also check for common pitfalls like http://php.net/manual/en/ini.core.php#ini.post-max-size

There is no need of any imagecreate* or whatever else to upload an image.
He wants the images resized to save space. Resampling the image yeilds the best quality.
Post Reply