Page 1 of 1

Image upload problem

Posted: Sat Jun 07, 2008 1:01 pm
by anton.fraser
Got my code from some tutorial online, it was written so it confirms the file type but the file type in the tutorial was for MS Office Documents, I've adapted the code to upload images, but here is a problem it will eather upload any file, when i put a few different image types or no files at all if i put only one file type, anyway here is the code, version that will upload anything

Code: Select all

<?php
      if(isset($_POST['submit'])){
      $numfilesuploaded = $_POST['numuploads'];
      $count = 1;
 
          while ($count <= $numfilesuploaded)
          {
                  $conname = "new_file".$count;
 
                  $filetype = $_FILES[$conname]['type'];
                 
                  $filename = $_FILES[$conname]['name'];
                  if ($filename != '')
                  {
                    if ($filetype == "image/JPEG" || "image/jpeg" || "image/JPG" || "image/jpg")
                    {
                        $maxfilesize = $_POST['maxsize'];
                        $filesize = $_FILES[$conname]['size'];
                        if($filesize <= $maxfilesize )
                        {
                              $randomdigit = rand(0000,9999);
                             
                              $newfilename = $randomdigit.$filename;
                              $source = $_FILES[$conname]['tmp_name'];
                              $target = "adpics/".$newfilename;
                              move_uploaded_file($source, $target);
                              $key = $_GET['key'];
                              require_once('conf.php');   
 
$connection = mysql_connect($host, $user, $pass) or die ('Unable to connect!'); 
mysql_select_db($db) or die ('Unable to select database!');
$query = mysql_query("INSERT INTO padpics (`rkey`, `file`) VALUES ('$key', '$newfilename')"); 
 
                              header("Location: ../register1.php");
                      
                        
                        }
                        else
                        {
                            echo $count." File is too big! 10MB limit! |";
                        
                        }
                    }
                    else
                    {
                        echo " The file is not a supported type |";
                    }
                  }
          $count = $count + 1;
          }
      
      }
?>
<html>
<?php
    $numuploads = 10;
    $count = 1;
?>

Re: Image upload problem

Posted: Sat Jun 07, 2008 3:25 pm
by onion2k
Try echoing $filetype and see if it matches anything in your list of types. If you're uploading from IE you'll find it's using a slightly odd MIME type.

Re: Image upload problem

Posted: Sat Jun 07, 2008 4:17 pm
by anton.fraser
well it tells me it was pjpeg when using enternet explorer and Mozilla sais it's jpeg well thats ok, I can add pjpeg to my file types but it will still upload anything it wont even try to tell me thet the file is wrong or anything

Re: Image upload problem

Posted: Sat Jun 07, 2008 4:27 pm
by anton.fraser
Well just uploaded exe file mp3 file and video file all at once using the following script

Code: Select all

<?php include('functions.php'); ?>
<?php
      if(isset($_POST['submit'])){
      $numfilesuploaded = $_POST['numuploads'];
      $count = 1;
 
          while ($count <= $numfilesuploaded)
          {
                  $conname = "new_file".$count;
 
                  $filetype = $_FILES[$conname]['type'];
                 
                  $filename = $_FILES[$conname]['name'];
                  if ($filename != '')
                  {
                    if ($filetype == "image/JPEG" || "image/jpeg" || "image/JPG" || "image/jpg" || "image/pjpeg" || "image/pjpg")
                    {
                        $maxfilesize = $_POST['maxsize'];
                        $filesize = $_FILES[$conname]['size'];
                        if($filesize <= $maxfilesize )
                        {
                              $randomdigit = rand(0000,9999);
                             
                              $newfilename = $randomdigit.$filename;
                              $source = $_FILES[$conname]['tmp_name'];
                              $target = "adpics/".$newfilename;
                              move_uploaded_file($source, $target);
                              $key = $_GET['key'];
                              require_once('conf.php');   
 
$connection = mysql_connect($host, $user, $pass) or die ('Unable to connect!'); 
mysql_select_db($db) or die ('Unable to select database!');
$query = mysql_query("INSERT INTO padpics (`rkey`, `file`) VALUES ('$key', '$newfilename')"); 
 
                              echo $filetype;
                      
                        
                        }
                        else
                        {
                            echo $count." File is too big! 10MB limit! |";
                        
                        }
                    }
                    else
                    {
                        echo " The file is not a supported type |";
                    }
                  }
          $count = $count + 1;
          }
      
      }
?>
<html>
<?php
    $numuploads = 10;
    $count = 1;
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="Free Classified UK and Ireland, B&B Directory, Business classified, private classified, Advertise here for free">
<meta name="keywords" content="Free, Classified, Business, directory, private, cars, property, office, car parts, boats, car accesories, vans, services, it, jobs, bed and breakfast, hotels, stuff for sale, free, local businesses, local, property, activities, hobbies, pets, lost and found, skills, ride, share, office, equipment, photo, video, catering, printing, transportation, moving, electrical, furniture, cv, post, ad, advert, advertise, webdesign, networking">
<title>AdsList.co.uk Free Classified and Business directory</title>
<style type="text/css">
<!--
body {
    margin-left: 0px;
    margin-top: 0px;
    margin-right: 0px;
    margin-bottom: 0px;
}
a:link {
    text-decoration: underline;
    color: #000000;
}
a:visited {
    text-decoration: underline;
    color: #000000;
}
a:hover {
    text-decoration: none;
    color: #000000;
}
a:active {
    text-decoration: underline;
    color: #000000;
}
body,td,th {
    font-family: Arial, Helvetica, sans-serif;
}
.style3 {font-size: x-small}
.style4 {font-size: small}
.style6 {color: #FFFFFF}
.style8 {
    color: #329900;
    font-weight: bold;
}
.style9 {color: #2C55B1; font-weight: bold; }
.style13 {font-size: x-small; color: #000000; }
.style14 {
    color: #FF0000;
    font-weight: bold;
    font-size: large;
}
-->
</style>
<script src="Scripts/AC_RunActiveContent.js" type="text/javascript"></script>
</head>
 
<body onLoad="MM_preloadImages('navigbuttons/home2.gif','navigbuttons/business2.gif','navigbuttons/private2.gif','navigbuttons/advert2.gif','navigbuttons/faq2.gif','navigbuttons/contacts2.gif')">
 
<table width="100%" border="0" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td colspan="3" rowspan="2" valign="top" background="images/searchback.gif"><img src="images/logo.jpg" width="255" height="201"></td>
    <td height="57" colspan="4" align="right" valign="bottom" class="style4"><span class="style6"><a href="plogin.php"><a href="blogin.php"></a></span><a href="plogin.php"><a href="blogin.php"><a href="register1.php">Register/Advertise</a><span class="style6"><a href="plogin.php"><a href="blogin.php"> Business Login</a> <a href="#">Personal Login</a></span></td>
  </tr>
  <tr>
    <td height="144" colspan="3" align="center" valign="middle" background="images/searchback.gif"><?php include('search.php'); ?>&nbsp;</td>
    <td width="130" align="center" valign="bottom" background="images/searchback.gif"><p><span class="style4"><span class="style6"><br>
            </span><br>
          </span></p>
    <p>&nbsp;    </p></td>
  </tr>
  <tr>
    <td width="154" rowspan="3" align="center" valign="top" bgcolor="#2C55B1"><br>
      <table width="100" border="0" cellspacing="0" cellpadding="0">
        <tr>
          <td><p>
              <?php include('links.php'); ?>
          </p></td>
        </tr>
      </table>
      <p>&nbsp;</p></td>
    <td height="19" colspan="4" valign="top"><div align="center" class="style14"></div></td>
    <td colspan="2" rowspan="3" valign="top" bgcolor="#2C55B1"><!--DWLayoutEmptyCell-->&nbsp;</td>
  </tr>
  <tr>
    <td width="17" height="397" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>
    <td colspan="2" align="left" valign="top"><p>Add photos of your item to the listing?</p>
    <p><form action="<?php echo $_server['php-self'];  ?>" method="post" enctype="multipart/form-data" id="something" class="uniForm">
<?php
      while ($count <= $numuploads)
      {
 
?>
      <input name="new_file<?php echo $count; ?>" id="new_file<?php echo $count; ?>" size="30" type="file" class="fileUpload" /><br>
      <?php
            $count = $count + 1;
      }
?>
      <input type = "hidden" name="maxsize" value = "8388608">
       <input type = "hidden" name="numuploads" value = "<?php echo $numuploads; ?>">
      <br>
      <button name="submit" type="submit" class="submitButton">Upload Files</button>
 
</form>&nbsp;</p></td>
    <td width="18" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>
  </tr>
  <tr>
    <td height="19" colspan="4" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>
  </tr>
  <tr background="images/weeback.gif">
    <td height="39" colspan="7" align="center" valign="top" background="/images/weeback.gif"><span class="style3"><a href="/">Home</a> <a href="contacts.php">Contact Us</a> <a href="faq.php">FAQ</a> <a href="register1.php">Register</a> <a href="register1.php">My Ads</a></span> <a href="about.php"><span class="style3">About us </span></a><br>
    <span class="style3">&copy;2007</span></td>
  </tr>
  <tr><td height="1"><img src="spacer.gif" alt="" width="154" height="1"></td><td><img src="spacer.gif" alt="" width="17" height="1"></td>
    <td width="84"><img src="spacer.gif" alt="" width="84" height="1"></td>
    <td width="100%"></td>
    <td><img src="spacer.gif" alt="" width="18" height="1"></td>
    <td width="22"><img src="spacer.gif" alt="" width="22" height="1"></td>
  <td><img src="spacer.gif" alt="" width="130" height="1"></td></tr>
</table>
</body>
</html>
all files were uploaded and added to database, maybe i am missing something i do not know plz help

Re: Image upload problem

Posted: Sat Jun 07, 2008 4:35 pm
by onion2k
The problem is this line:

Code: Select all

$filetype == "image/JPEG" || "image/jpeg" || "image/JPG" || "image/jpg" || "image/pjpeg" || "image/pjpg"
Each part is evaluated by PHP, so rather than doing what you think it should do it's doing

Code: Select all

if ($filetype == "image/JPEG")
or if("image/jpeg")
or if("image/JPG")
or if("image/jpg")
or if("image/pjpeg")
or if("image/pjpg")
 
if("image/jpeg") will evaluate as true, hence it's adding the wrong stuff to the database. You need to put the $filetype == in every part.. eg

Code: Select all

$filetype == "image/JPEG" || $filetype == "image/jpeg" || $filetype == "image/JPG" || $filetype == "image/jpg" || $filetype == "image/pjpeg" || $filetype == "image/pjpg"
If I was writing the code though I think I'd use in_array() instead. Check the manual for how you'd use it.

Re: Image upload problem

Posted: Sat Jun 07, 2008 4:59 pm
by anton.fraser
Thanks a lot, works perfectly now! you may come see my website if you wish http://adslist.co.uk

Re: Image upload problem

Posted: Sat Jun 07, 2008 5:19 pm
by onion2k
Err..

Code: Select all

<a href="plogin.php"><a href="blogin.php"></a></span><a href="plogin.php"><a href="blogin.php"><a href="register1.php">Register/Advertise</a><span class="style6"><a href="plogin.php"><a href="blogin.php"> Business Login</a> <a href="#">Personal Login</a></span>
Small bug in the HTML there I think..

Re: Image upload problem

Posted: Sat Jun 07, 2008 7:02 pm
by anton.fraser
there are quite a lot of small bugs in HTML as I'm still working on it fixing bits and pieces