Page 1 of 2

$_FILES problem with uploading

Posted: Thu Feb 14, 2008 10:51 am
by danielfs1
Thanks to the code that astions was able to provide to me, we were able to get the image resizing script to work (but only by hardcoding the location of the image on my harddrive). However after making some tweaks to it, i realized that $_FILES['binFile']['name'] was only giving the name of the file and not the full path like we need.

Obviously $_POST['binFile'] won't return the full path (i know because i've tried unless I've done it wrong, which is a real possibility).

Note: We are using pear to connect to our mysql DB

Code: Select all

 
 
define('MAX_IMAGE_HEIGHT', 100);
 define('MAX_IMAGE_WIDTH', 200);
  
 function new_image_by_type($name, $extension)
 {
     switch($extension)
     {
         case ".jpg":
             return imagecreatefromjpeg($name);
             break;
         case ".jpeg":
             return imagecreatefromjpeg($name);
             break;
         case ".gif":
             return imagecreatefromgif($name);
             break;
         case ".png":
             return imagecreatefrompng($name);
             break;
         default:
             return false;
     }
 }
  
     if (!empty($_FILES['binFile']['name']))
     {
         $WHITE_LIST  = array('.jpg','.jpeg', '.gif', '.png');
      
         // validate the file extension..
         $FILE_INFO      = pathinfo($_FILES['binFile']['name']);
         $FILE_EXTENSION = '.' . strtolower($FILE_INFO["extension"]);
         
      
         if (!in_array($FILE_EXTENSION, $WHITE_LIST))
         {
            exit('The uploaded file is not a valid image type.');
         }
      
         //verify upload is actually an image
         if (false === ($IMAGE_DATA = getimagesize($_POST['binFile'])))
         {
             exit('The file uploaded is either corrupt or not a valid image file.');
         }
      
        echo "look here" . $_FILES['binFile']['name'];      
 
         $ORIGINAL_WIDTH  = $IMAGE_DATA[0];
         $ORIGINAL_HEIGHT = $IMAGE_DATA[1];
         
         echo $ORIGINAL_WIDTH;
      
         // determine if the image needs to be resized..
         if (($ORIGINAL_WIDTH < MAX_IMAGE_WIDTH) && ($ORIGINAL_HEIGHT < MAX_IMAGE_HEIGHT))
         {
             $content = file_get_contents($_FILES['binFile']['name']);
             $content = addslashes($content);           
             $fileSize = $_FILES['binFile']['size'];
             echo "NOT TO BIG";
         } else {
             // calculate the new image dimensions..
             if ($ORIGINAL_WIDTH > $ORIGINAL_HEIGHT)
             {
                 $NEW_WIDTH  = floor((MAX_IMAGE_HEIGHT / $ORIGINAL_HEIGHT) * $ORIGINAL_WIDTH);
                 $NEW_HEIGHT = MAX_IMAGE_HEIGHT;
             } else {
                 $NEW_HEIGHT = floor((MAX_IMAGE_WIDTH / $ORIGINAL_WIDTH) * $ORIGINAL_HEIGHT);
                 $NEW_WIDTH  = MAX_IMAGE_WIDTH;
             }
             echo "TO BIG";
      
             $NEW_IMAGE = imagecreatetruecolor($NEW_WIDTH, $NEW_HEIGHT);
         imagecopyresampled($NEW_IMAGE, new_image_by_type($_FILES['binFile']['name'], $FILE_EXTENSION), 0, 0, 0, 0, $NEW_WIDTH, $NEW_HEIGHT, $ORIGINAL_WIDTH, $ORIGINAL_HEIGHT);
      
             // save image as a jpg and optimize the file size..
             imagejpeg($NEW_IMAGE, $_FILES['binFile']['name'], 85);
             $content = file_get_contents($_FILES['binFile']['name']);
             $content = addslashes($content);           
             $fileSize = filesize($_FILES['binFile']['name']);
         }
      
         $fileName = $_FILES['binFile']['name'];
         $fileType = $_FILES['binFile']['type'];
 
         //echo $content;
            
         $sqlquery = $conn->query("INSERT INTO user_extra (user_ID) VALUES ('$id') ON DUPLICATE KEY UPDATE  content = '$content', name = '$fileName', size = '$fileSize', type = '$fileType'");
     }
 
 
Here is the HTML

Code: Select all

 
<INPUT TYPE="hidden" NAME="MAX_FILE_SIZE" VALUE="10000000">
<INPUT TYPE="hidden" NAME="action" VALUE="upload">
<input type="file" size="32" id= "binfile" name="binFile" />
 

Re: $_FILES problem with uploading

Posted: Thu Feb 14, 2008 11:28 am
by Christopher
I think somewhere in there you are not asking how you get the full path to uploaded files? ;) You can get it from the php.ini setting.

Re: $_FILES problem with uploading

Posted: Thu Feb 14, 2008 12:59 pm
by danielfs1
Well when I echo $_FILES['binFile']['tmp_name'] it spits out "C:\xampp\tmp\php211.tmp"

which i guess is correct according to the php.ini file:

Code: Select all

 
; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
upload_tmp_dir = "C:\xampp\tmp"
 
the only problem is when i navigate there, there isn't a php22.tmp

Re: $_FILES problem with uploading

Posted: Thu Feb 14, 2008 1:11 pm
by Christopher
Ohhhhh ... PHP deletes the temp file if it still exists at the end of the request. You need to use the move_uploaded_file() function to move the file to the directory and filename you want it to be saved as.

http://us.php.net/manual/en/function.mo ... d-file.php

There is a very nice section in the PHP manual about file uploading. ;)

Re: $_FILES problem with uploading

Posted: Thu Feb 14, 2008 1:16 pm
by danielfs1
Well the problem is that we can't really write anything to the server, we are attempting to store files directly from the user's computer into the mysql database.

Sorry about the questions, I'm a college student working for the university, so I hate reading :(

Re: $_FILES problem with uploading

Posted: Thu Feb 14, 2008 2:23 pm
by Christopher
Then write the contents of the temp file to the database.

Re: $_FILES problem with uploading

Posted: Thu Feb 14, 2008 2:29 pm
by Benjamin
You should be using the temporary name, not the name, which if memory serves does contain the full path. The name is only the name of the file that was uploaded.

Re: $_FILES problem with uploading

Posted: Fri Feb 15, 2008 11:07 am
by danielfs1
astions wrote:You should be using the temporary name, not the name, which if memory serves does contain the full path. The name is only the name of the file that was uploaded.
okay, I managed to get it to upload, however the image is showing up all black. Any suggestions?

Re: $_FILES problem with uploading

Posted: Fri Feb 15, 2008 11:52 am
by Benjamin
Make sure you have all the variable and array index names correct. (ie tmp_name instead of name). Did you change it in this variable as well?

Code: Select all

new_image_by_type($_FILES['binFile']['name'], $FILE_EXTENSION)
If that is correct you may need to seperate it like so..

Code: Select all

 
$OLD_IMAGE = new_image_by_type($_FILES['binFile']['name'], $FILE_EXTENSION);
 imagecopyresampled($NEW_IMAGE, $OLD_IMAGE, 0, 0, 0, 0, $NEW_WIDTH, $NEW_HEIGHT, $ORIGINAL_WIDTH, $ORIGINAL_HEIGHT)
 

Re: $_FILES problem with uploading

Posted: Fri Feb 15, 2008 12:22 pm
by danielfs1
astions wrote:Make sure you have all the variable and array index names correct. (ie tmp_name instead of name). Did you change it in this variable as well?

Code: Select all

new_image_by_type($_FILES['binFile']['name'], $FILE_EXTENSION)
If that is correct you may need to seperate it like so..

Code: Select all

 
$OLD_IMAGE = new_image_by_type($_FILES['binFile']['name'], $FILE_EXTENSION);
 imagecopyresampled($NEW_IMAGE, $OLD_IMAGE, 0, 0, 0, 0, $NEW_WIDTH, $NEW_HEIGHT, $ORIGINAL_WIDTH, $ORIGINAL_HEIGHT)
 

I made that change and made sure all references were changed properly.

Code: Select all

 
$OLD_IMAGE = new_image_by_type($_FILES['binFile']['tmp_name'], $FILE_EXTENSION);
$NEW_IMAGE = imagecreatetruecolor($NEW_WIDTH, $NEW_HEIGHT);
imagecopyresampled($NEW_IMAGE, $OLD_IMAGE, 0, 0, 0, 0, $NEW_WIDTH, $NEW_HEIGHT, $ORIGINAL_WIDTH, $ORIGINAL_HEIGHT);
 
note: i tried it with tmp_name and name


the image is the right size except its just all black.

Re: $_FILES problem with uploading

Posted: Fri Feb 15, 2008 12:30 pm
by Benjamin
Ok, well post the entire code and I'll have a look at it.

Re: $_FILES problem with uploading

Posted: Fri Feb 15, 2008 12:32 pm
by danielfs1

Code: Select all

define('MAX_IMAGE_HEIGHT', 200);
 define('MAX_IMAGE_WIDTH', 200);
  
 function new_image_by_type($name, $extension)
 {
     switch($extension)
     {
         case ".jpg":
             return imagecreatefromjpeg($name);
             break;
         case ".jpeg":
             return imagecreatefromjpeg($name);
             break;
         case ".gif":
             return imagecreatefromgif($name);
             break;
         case ".png":
             return imagecreatefrompng($name);
             break;
         default:
             return false;
     }
 }
  
     if (!empty($_FILES['binFile']['name']))
     {
         $WHITE_LIST  = array('.jpg','.jpeg', '.gif', '.png');
        
         $file = $_FILES['binFile']['tmp_name'];
          echo move_uploaded_file($_FILES['binFile']['name'],"C:\\xampp\\tmp");
         
         // validate the file extension..
         $FILE_INFO      = pathinfo($file);
         $FILE_EXTENSION = '.' . strtolower($FILE_INFO["extension"]);
         
         echo $_FILES['binFile']['tmp_name'];
      
//       if (!in_array($FILE_EXTENSION, $WHITE_LIST))
//       {
//          echo $_POST['binFile'];
//          exit('The uploaded file is not a valid image type.');
//       }
      
         //verify upload is actually an image
         if (false === ($IMAGE_DATA = getimagesize($file)))
         {
             exit('The file uploaded is either corrupt or not a valid image file.');
         }
      
        echo "look here" . $_FILES['binFile']['name'];      
 
         $ORIGINAL_WIDTH  = $IMAGE_DATA[0];
         $ORIGINAL_HEIGHT = $IMAGE_DATA[1];
         
         echo $ORIGINAL_WIDTH;
      
         // determine if the image needs to be resized..
         if (($ORIGINAL_WIDTH < MAX_IMAGE_WIDTH) && ($ORIGINAL_HEIGHT < MAX_IMAGE_HEIGHT))
         {
             $content = file_get_contents($file);
             $content = addslashes($content);           
             $fileSize = $_FILES['binFile']['size'];
             echo "NOT TO BIG";
         } else {
             // calculate the new image dimensions..
             if ($ORIGINAL_WIDTH > $ORIGINAL_HEIGHT)
             {
                 $NEW_WIDTH  = floor((MAX_IMAGE_HEIGHT / $ORIGINAL_HEIGHT) * $ORIGINAL_WIDTH);
                 $NEW_HEIGHT = MAX_IMAGE_HEIGHT;
             } else {
                 $NEW_HEIGHT = floor((MAX_IMAGE_WIDTH / $ORIGINAL_WIDTH) * $ORIGINAL_HEIGHT);
                 $NEW_WIDTH  = MAX_IMAGE_WIDTH;
             }
             echo "TO BIG";
            
             $OLD_IMAGE = new_image_by_type($_FILES['binFile']['tmp_name'], $FILE_EXTENSION);
             $NEW_IMAGE = imagecreatetruecolor($NEW_WIDTH, $NEW_HEIGHT);
         imagecopyresampled($NEW_IMAGE, $OLD_IMAGE, 0, 0, 0, 0, $NEW_WIDTH, $NEW_HEIGHT, $ORIGINAL_WIDTH, $ORIGINAL_HEIGHT);
      
             // save image as a jpg and optimize the file size..
             imagejpeg($NEW_IMAGE, $file, 85);
             $content = file_get_contents($file);
             $content = addslashes($content);           
             $fileSize = filesize($file);
         }
      
         $fileName = $_FILES['binFile']['name'];
         $fileType = $_FILES['binFile']['type'];
 
         //echo $content;
            
         $sql= $conn->query("INSERT INTO user_extra (user_ID) VALUES ('$id') ON DUPLICATE KEY UPDATE  content = '$content', name = '$fileName', size = '$fileSize', type = '$fileType'");
     }
html

Code: Select all

 
<INPUT TYPE="hidden" NAME="MAX_FILE_SIZE" VALUE="10000000">
<INPUT TYPE="hidden" NAME="action" VALUE="upload">
<input type="file" size="32" id= "binfile" name="binFile" />
 

Re: $_FILES problem with uploading

Posted: Fri Feb 15, 2008 1:49 pm
by jmut
I think you are overcomplicating stuff.
1. you should use is_uploaded_file() to check for hack attempts
2. you should check whole error array to see if upload is correct - http://php.net/manual/en/features.file- ... errors.php
3. you should use getimagesize() to validate it's image, and the type of it (do not rely on filename extension!!!)
4. use getimagesize to store size of image + it's mime type so you can correctly display it afterwards
5. use file_get_contents and mysql_real_escape_string to store stuff in database, + the mime, + the size

Make sure you also check for common pitfalls like http://php.net/manual/en/ini.core.php#ini.post-max-size

There is no need of any imagecreate* or whatever else to upload an image.

Re: $_FILES problem with uploading

Posted: Fri Feb 15, 2008 2:13 pm
by Benjamin

Code: Select all

 
 $content = addslashes($content);
 
That line is corrupting the image. Just use mysql_real_escape_string when you insert it into the database.

Re: $_FILES problem with uploading

Posted: Fri Feb 15, 2008 2:21 pm
by Benjamin
jmut wrote:I think you are overcomplicating stuff.
1. you should use is_uploaded_file() to check for hack attempts
2. you should check whole error array to see if upload is correct - http://php.net/manual/en/features.file- ... errors.php
3. you should use getimagesize() to validate it's image, and the type of it (do not rely on filename extension!!!)
4. use getimagesize to store size of image + it's mime type so you can correctly display it afterwards
5. use file_get_contents and mysql_real_escape_string to store stuff in database, + the mime, + the size

Make sure you also check for common pitfalls like http://php.net/manual/en/ini.core.php#ini.post-max-size

There is no need of any imagecreate* or whatever else to upload an image.
He wants the images resized to save space. Resampling the image yeilds the best quality.