Page 1 of 1

Able to upload certain files and reload of form action

Posted: Wed Oct 01, 2008 4:59 pm
by CoolAsCarlito
What I'm wanting to do with this code is make it to where the only type of files that can ONLY be uploaded are files that have the extention .jpg. I would also like to make it to where upon submission of the form the page reloads and automattically adds it to the table below.

Code: Select all

<?php
 
/* addshowname.php */
 
/* This form after submission takes the results of the form and inserts the values into the database as a new show name is created. */
 
require ('database.php');
 
// Where the file is going to be placed
$target_path = "../defiant/images/";
 
/* Add the original filename to our target path. 
Result is "images/filename.extension" */
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
 
//This code runs if the form has been submitted
if (isset($_POST['submit'])) {
 
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ".basename( $_FILES['uploadedfile']['name'])." has been uploaded";
} else{
 echo "There was an error uploading the file, please try again!";
 
}
 
 
 
// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['showname'] = addslashes($_POST['showname']);
}
$showname = $_POST['showname'];
$check = mysql_query("SELECT showname FROM shows WHERE showname = '$showname'")
or die(mysql_error());
$check2 = mysql_num_rows($check);
 
//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the show name '.$_POST['showname'].' is already in use.');
}
 
// now we insert it into the database
$insert = "INSERT INTO shows (showname, type, showimage, showlabel) VALUES ('".$_POST['showname']."','".$_POST['type']."','$target_path','1')";
 
$add_show = mysql_query($insert) or die(mysql_error());
 
}
 
echo '<form enctype="multipart/form-data" action="addshowname.php" method="post">';
echo '<input name="MAX_FILE_SIZE" type="hidden" value="100000">';
echo '<fieldset>';
echo '<legend>Enter the following information to add a show name:</legend>';
echo '<p>Enter Show Name:<input name="showname" type="text"></p>';
echo '<p>Show Type:<select name="type"><option></option><option>Weekly Show</option><option>Pay Per View</option></select></p>';
echo '<p>Upload Show Image:<input name="uploadedfile" type="file"></p>';
echo '<div align="center"><input name="submit" type="submit"><input name="sumbitted" type="hidden" value="TRUE"></div>';
echo '</fieldset>';
echo '</form>';
 
 
 
print '<center><h2><span style="color: #CC0000">Edit/Delete A Show</span></h2></center>';
print '<center><table width="50%" border="1">';
 
if(!isset($_GET['action']) && !isset($_POST['name'])) {
//Define the query
$query = "SELECT * FROM shows";
 
if ($r = mysql_query ($query)){ // Run the query.
    if (mysql_num_rows($r) > 0)
    {
 
 // Retrieve and print every record
        while ($row = mysql_fetch_array ($r)){
  print '<tr><td>'.$row['showname'].'</td><td><a href="addshowname.php?action=edit&id='.$row['id'].'">Edit</a></td><td><a href="addshowname.php?action=delete&id='.$row['id'].'">Delete</a></td></tr>';
}
}
    else
    {
        print "No Shows\n";
    }
} else {
die ('<p>Could not retrieve the data because <b>' . mysql_error() . '</b>. The query was '."$query.".'</p>');
} //End of query IF
 
print '</table></center>';
}
 
if($_GET['action'] == 'edit') {
 $query = "SELECT * FROM shows WHERE id = '".$_GET['id']."'";
 $res = mysql_fetch_array(mysql_query($query));
 print('<form action="'.$_SERVER['PHP_SELF'].'" method="post" name="form1">');
 print('<table border=1 cellpadding=5 cellspacing=0 width=350>');
 print('<tr><td>Name of show:</td><td><input type="text" name="name" value="'.$res['showname'].'"/></td></tr>');
 print('<tr><td>Show Type Type:</td><td><select name="type">');
 $types = array('Weekly Show','Pay Per View');
 foreach($types as $type) {
  if($type == $res['type']) {
   print('<option value="'.$type.'" selected="selected">'.$type.'</option>');
  }
  else {
   print('<option value="'.$type.'">'.$type.'</option>');
  }
 }
 print('</select></td></tr>');
 print('<tr><th colspan=2><input type="hidden" name="id" value="'.$_GET['id'].'" /><input type="submit" value="Edit Show" /></th></tr></table></form></center>');
} 
if(isset($_POST['name'])) {
$query = "UPDATE shows SET showname = '".mysql_real_escape_string($_POST['name'])."', location = '".mysql_real_escape_string($_POST['loc'])."', date = '".mysql_real_escape_string($_POST['date'])."' WHERE id = '".$_POST['id']."'"; if(mysql_query($query)) {
  echo "Show updated.";
 }
 else {
  die('<p>The show could not update because <b>' . mysql_error() . '</b>. The query was '."$query.".'</p>');
 }
}
 
if($_GET['action'] == 'delete') {
 $query = "DELETE FROM shows WHERE id = '".$_GET['id']."'";
if(mysql_query($query)) {
 
echo "Deletion successful.";
}
else {
die ('<p>Could not delete post because ' . mysql_error() . '. The query was '."$query.".'</p>');
}
}
 
?>
 

Re: Able to upload certain files and reload of form action

Posted: Wed Oct 01, 2008 5:33 pm
by The_Anomaly
I assume you're asking how to validate that the user is uploading a JPEG file. If so, the easiest way by far is to just use the MIME types, with $_FILE['fieldName']['type']. However, as I learned on these forums, this MIME type can be easily changed--so your user could easily upload a .exe just as well. Same thing with using explode() to check the extension.

The best thing to do is to use an image function, perhaps something from GD, to check to see if it recognizes it as a jpg.

Re: Able to upload certain files and reload of form action

Posted: Wed Oct 01, 2008 5:44 pm
by CoolAsCarlito
What do you mean GD?
The_Anomaly wrote: The best thing to do is to use an image function, perhaps something from GD, to check to see if it recognizes it as a jpg.

Re: Able to upload certain files and reload of form action

Posted: Thu Oct 02, 2008 12:43 am
by The_Anomaly

Re: Able to upload certain files and reload of form action

Posted: Fri Oct 03, 2008 5:16 pm
by CoolAsCarlito
Here is my updated code I changed a few things around. I found this bit of code and don't know how add it to my script but I still want it to refresh the bottom table with the added show info upon submission:

Code: Select all

// Validate the type. Should be jpeg, jpg, or gif.
        $allowed = array ('image/gif', 'image/jpeg', 'image/jpg', 'image/pjpeg');  

Code: Select all

 
<?php
 
/* addshowname.php */
 
/* This form after submission takes the results of the form and inserts the values into the database as a new show name is created. */
 
require ('database.php');
require ('style.css');
 
// Where the file is going to be placed
$target_path = "../defiant/images/";
 
/* Add the original filename to our target path. 
Result is "images/filename.extension" */
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
 
//This code runs if the form has been submitted
if (isset($_POST['submit'])) {
 
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ".basename( $_FILES['uploadedfile']['name'])." has been uploaded";
} else{
 echo "There was an error uploading the file, please try again!";
 
}
 
 
 
// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['showname'] = addslashes($_POST['showname']);
}
$showname = $_POST['showname'];
$check = mysql_query("SELECT showname FROM shows WHERE showname = '$showname'")
or die(mysql_error());
$check2 = mysql_num_rows($check);
 
//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the show name '.$_POST['showname'].' is already in use.');
}
 
// now we insert it into the database
$insert = "INSERT INTO shows (showname, type, showimage, showlabel) VALUES ('".$_POST['showname']."','".$_POST['type']."','$target_path','1')";
 
$add_show = mysql_query($insert) or die(mysql_error());
 
}
 
echo '<form enctype="multipart/form-data" action="addshowname.php" method="post">';
echo '<input name="MAX_FILE_SIZE" type="hidden" value="100000">';
echo '<fieldset>';
echo '<legend>Enter the following information to add a show name:</legend>';
echo '<p>Enter Show Name:<input name="showname" type="text"></p>';
echo '<p>Show Type:<select name="type"><option></option><option>Weekly Show</option><option>Pay Per View</option></select></p>';
echo '<p>Upload Show Image:<input name="uploadedfile" type="file"></p>';
echo '<div align="center"><input name="submit" type="submit" value="Submit"><input name="sumbitted" type="hidden" value="TRUE"></div>';
echo '</fieldset>';
echo '</form>';
 
print '<center><table width="50%">';
print '<tr><td><center><u>ID</u></center></td><td><center><u>Show Type</u></center></td><td><center><u>Show Name</u></center></td><td><center><u>Show Image</u></center></td><td><center><u>Edit</u></center></td><td><center><u>Delete</u></center></td></tr>';
 
if(!isset($_GET['action']) && !isset($_POST['name'])) {
//Define the query
$query = "SELECT * FROM shows";
 
if ($r = mysql_query ($query)){ // Run the query.
    if (mysql_num_rows($r) > 0)
    {
 
 // Retrieve and print every record
        while ($row = mysql_fetch_array ($r)){
  print '<tr><td><center>'.$row['id'].'</center></td><td><center>'.$row['type'].'</center></td><td><center>'.$row['showname'].'</center></td><td><center>'.$row['showimage'].'</center></td><td><center><a href="addshowname.php?action=edit&id='.$row['id'].'">Edit</a></center></td><td><center><a href="addshowname.php?action=delete&id='.$row['id'].'">Delete</a></center></td></tr>';
}
}
    else
    {
        print "No Shows\n";
    }
} else {
die ('<p>Could not retrieve the data because <b>' . mysql_error() . '</b>. The query was '."$query.".'</p>');
} //End of query IF
 
print '</table></center>';
}
 
if($_GET['action'] == 'edit') {
 $query = "SELECT * FROM shows WHERE id = '".$_GET['id']."'";
 $res = mysql_fetch_array(mysql_query($query));
 print('<form action="'.$_SERVER['PHP_SELF'].'" method="post" name="form1">');
 print('<table border=1 cellpadding=5 cellspacing=0 width=350>');
 print('<tr><td>Name of show:</td><td><input type="text" name="name" value="'.$res['showname'].'"/></td></tr>');
 print('<tr><td>Show Type Type:</td><td><select name="type">');
 $types = array('Weekly Show','Pay Per View');
 foreach($types as $type) {
  if($type == $res['type']) {
   print('<option value="'.$type.'" selected="selected">'.$type.'</option>');
  }
  else {
   print('<option value="'.$type.'">'.$type.'</option>');
  }
 }
 print('</select></td></tr>');
 print('<tr><th colspan=2><input type="hidden" name="id" value="'.$_GET['id'].'" /><input type="submit" value="Edit Show" /></th></tr></table></form></center>');
} 
if(isset($_POST['name'])) {
$query = "UPDATE shows SET showname = '".mysql_real_escape_string($_POST['name'])."', location = '".mysql_real_escape_string($_POST['loc'])."', date = '".mysql_real_escape_string($_POST['date'])."' WHERE id = '".$_POST['id']."'"; if(mysql_query($query)) {
  echo "Show updated.";
 }
 else {
  die('<p>The show could not update because <b>' . mysql_error() . '</b>. The query was '."$query.".'</p>');
 }
}
 
if($_GET['action'] == 'delete') {
 $query = "DELETE FROM shows WHERE id = '".$_GET['id']."'";
if(mysql_query($query)) {
 
echo "Deletion successful.";
}
else {
die ('<p>Could not delete post because ' . mysql_error() . '. The query was '."$query.".'</p>');
}
}
 
?>
 
 
 

Re: Able to upload certain files and reload of form action

Posted: Fri Oct 03, 2008 5:30 pm
by The_Anomaly
If you're validating for security purposes, the "code you found," is easily circumventable. Anything that comes from the user (like the MIME types that you have in that array), are easily manipulated. They'll stop the average person from accidentally uploading a PNG for example, but any half-way decent cracker could get through it easily.

Re: Able to upload certain files and reload of form action

Posted: Mon Oct 06, 2008 11:00 am
by CoolAsCarlito
When I submit the form it isn't putting the file into the directory also it still adds a record in the database regardless if the submitted file wasn't a jpg file.

Code: Select all

<?php
 
/* addshowname.php */
 
/* This form after submission takes the results of the form and inserts the values into the database as a new show name is created. */
 
require ('database.php');
require ('style.css');
 
// Where the file is going to be placed
$target_path = "../defiant/images/";
 
/* Add the original filename to our target path. 
Result is "images/filename.extension" */
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
 
//This code runs if the form has been submitted
if (isset($_POST['submit'])) {
 
$extension = explode(".", $image);
$extension = $extension[count($extension)-1];
 
if(strtolower($extension) == "jpg"){
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ".basename( $_FILES['uploadedfile']['name'])." has been uploaded";
} else{
 echo "There was an error uploading the file, please try again!";
}
}else {
echo "The file you chose to upload wasn't a valid jpg file, please try again!";
}
 
 
// checks if the show name is in use
if (!get_magic_quotes_gpc()) {
$_POST['showname'] = addslashes($_POST['showname']);
}
$showname = $_POST['showname'];
$check = mysql_query("SELECT showname FROM shows WHERE showname = '$showname'")
or die(mysql_error());
$check2 = mysql_num_rows($check);
 
//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the show name '.$_POST['showname'].' is already in use.');
}
 
// now we insert it into the database
$insert = "INSERT INTO shows (showname, type, showimage, showlabel) VALUES ('".$_POST['showname']."','".$_POST['type']."','$target_path','1')";
 
$add_show = mysql_query($insert) or die(mysql_error());
 
}
 
 
echo '<form enctype="multipart/form-data" action="addshowname.php" method="post">';
echo '<input name="MAX_FILE_SIZE" type="hidden" value="100000">';
echo '<fieldset>';
echo '<legend>Enter the following information to add a show name:</legend>';
echo '<p>Enter Show Name:<input name="showname" type="text"></p>';
echo '<p>Show Type:<select name="type"><option></option><option>Weekly Show</option><option>Pay Per View</option></select></p>';
echo '<p>Upload Show Image:<input name="uploadedfile" type="file"></p>';
echo '<div align="center"><input name="submit" type="submit"><input name="sumbitted" type="hidden" value="TRUE"></div>';
echo '</fieldset>';
echo '</form>';
 
 
print '<center><table width="60%">';
print '<tr><td><u><center>ID</center></u></td><td><u><center>Type</center></u></td><td><u><center>Show Name</center></u></td><td><u><center>Show Image</center></u></td><td><u><center>Edit</center></u></td><td><u><center>Delete</center></u></td></tr>';
 
if(!isset($_GET['action']) && !isset($_POST['name'])) {
//Define the query
$query = "SELECT * FROM shows";
 
if ($r = mysql_query ($query)){ // Run the query.
    if (mysql_num_rows($r) > 0)
    {
 
 // Retrieve and print every record
        while ($row = mysql_fetch_array ($r)){
  print '<tr><td><center>'.$row['id'].'</center></td><td><center>'.$row['type'].'</center></td><td><center>'.$row['showname'].'</center></td><td><center>'.$row['showimage'].'</center></td><td><a href="addshowname.php?action=edit&id='.$row['id'].'"<center>Edit</center></a></td><td><a href="addshowname.php?action=delete&id='.$row['id'].'"><center>Delete</center></a></td></tr>';
}
}
    else
    {
        print "No Shows\n";
    }
} else {
die ('<p>Could not retrieve the data because <b>' . mysql_error() . '</b>. The query was '."$query.".'</p>');
} //End of query IF
 
print '</table></center>';
}
 
if($_GET['action'] == 'edit') {
 $query = "SELECT * FROM shows WHERE id = '".$_GET['id']."'";
 $res = mysql_fetch_array(mysql_query($query));
 print('<form action="'.$_SERVER['PHP_SELF'].'" method="post" name="form1">');
 print('<table border=1 cellpadding=5 cellspacing=0 width=350>');
 print('<tr><td>Name of show:</td><td><input type="text" name="name" value="'.$res['showname'].'"/></td></tr>');
 print('<tr><td>Show Type Type:</td><td><select name="type">');
 $types = array('Weekly Show','Pay Per View');
 foreach($types as $type) {
  if($type == $res['type']) {
   print('<option value="'.$type.'" selected="selected">'.$type.'</option>');
  }
  else {
   print('<option value="'.$type.'">'.$type.'</option>');
  }
 }
 print('</select></td></tr>');
 print('<tr><th colspan=2><input type="hidden" name="id" value="'.$_GET['id'].'" /><input type="submit" value="Edit Show" /></th></tr></table></form></center>');
} 
if(isset($_POST['name'])) {
$query = "UPDATE shows SET showname = '".mysql_real_escape_string($_POST['name'])."', location = '".mysql_real_escape_string($_POST['loc'])."', date = '".mysql_real_escape_string($_POST['date'])."' WHERE id = '".$_POST['id']."'"; if(mysql_query($query)) {
  echo "Show updated.";
 }
 else {
  die('<p>The show could not update because <b>' . mysql_error() . '</b>. The query was '."$query.".'</p>');
 }
}
 
if($_GET['action'] == 'delete') {
 $query = "DELETE FROM shows WHERE id = '".$_GET['id']."'";
if(mysql_query($query)) {
 
echo "Deletion successful.";
}
else {
die ('<p>Could not delete post because ' . mysql_error() . '. The query was '."$query.".'</p>');
}
}
 
?>