Can it be modified so that it resizes the images? It would be great if they were resized to thumbnails and the regular images resized if they're over a certain width.
I needed this script to upload multiple files, a jpg and a zip file. So, I changed imagesize to filesize so that I can now upload all file types. That worked. But, how do I change it so that only jpg and zip types are uploaded?
What are you going to do with the zip file? Is it going to be available to others? If so you are going to need to scan it for virii.
Any file type that is uploaded will be available to others. Users will know, though, that I do not scan for viruses, that it is their responsibility to scan before downloading. I will look into that later if you know of any legitimate software (freeware) that does this.
@getimagesize($_FILES[$fieldname]['tmp_name'])
or error('only image uploads are allowed', $uploadForm);
With this:
PHP Code:
@getimagesize($_FILES[$fieldname]['tmp_name'])
or preg_match('/.+\.zip$/i', $_FILES[$fieldname]['name'])
or error('only image uploads are allowed', $uploadForm);
That checks the file extension is .zip (or an image) but still doesn't prove conclusively the file is a zip.
I'm using your script to upload an image where the name is entered into a db with other values. That is all working great, thanks!
What I need is to make the file upload not return an error when the user decides not to upload an image. I've tried putting an if/else, but that is giving me a blank process screen with no other action. Is there an easy way to do this? Thanks so much!!
Here's the code of the "process" page. Thanks again!
PHP Code:
require("../config/mysql_connection.php");
// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);
// make a note of the directory that will recieve the uploaded file
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'uploaded_files/';
// make a note of the location of the upload form in case we need it
$uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'toa_add.php';
// make a note of the location of the success page
$uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'toa_admin.php?message=1';
// fieldname used within the file <input> of the HTML form
$fieldname = 'photo';
// Now let's deal with the upload
// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded',
2 => 'html form max file size exceeded',
3 => 'file upload was only partial',
4 => 'no file was attached');
// check for PHP's built-in uploading errors
($_FILES[$fieldname]['error'] == 0)
or error($errors[$_FILES[$fieldname]['error']], $uploadForm);
// check that the file we are working on really was the subject of an HTTP upload
@is_uploaded_file($_FILES[$fieldname]['tmp_name'])
or error('Not an HTTP upload.', $uploadForm);
// validation... since this is an image upload script we should run a check
// to make sure the uploaded file is in fact an image. Here is a simple check:
// getimagesize() returns false if the file tested is not an image.
@getimagesize($_FILES[$fieldname]['tmp_name'])
or error('Uploaded file must be an accepted image.', $uploadForm);
// make a unique filename for the uploaded file and check it is not already
// taken... if it is already taken keep trying until we find a vacant one
// sample filename: 1140732936-filename.jpg
$now = time();
while(file_exists($uploadFilename = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name']))
{
$now++;
}
//name var for image
$imagename = $now.'-'.$_FILES[$fieldname]['name'];
// now let's move the file to its final location and allocate the new filename to it
@move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename)
or error('You do not have permission to upload to the selected directory.', $uploadForm);
// The following function is an error handler which is used
// to output an HTML error page if the file upload fails
function error($error, $location, $seconds = 5)
{
header("Refresh: $seconds; URL=\"$location\"");
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n".
'"http://www.w3.org/TR/html4/strict.dtd">'."\n\n".
'<html lang="en">'."\n".
' <head>'."\n".
' <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."\n\n".
' <link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n".
' <title>Upload error</title>'."\n\n".
' </head>'."\n\n".
' <body>'."\n\n".
' <div id="Upload">'."\n\n".
' <h1>Upload failure</h1>'."\n\n".
' <p>An error has occured: '."\n\n".
' <span class="red">' . $error . '...</span>'."\n\n".
' The upload form is reloading</p>'."\n\n".
' </div>'."\n\n".
'</html>';
exit;
} // end error handler
// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to a success page.
header('Location: ' . $uploadSuccess);
require("../config/mysql_connection.php");
// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);
// make a note of the directory that will recieve the uploaded file
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'uploaded_files/';
// make a note of the location of the upload form in case we need it
$uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'toa_add.php';
// make a note of the location of the success page
$uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'toa_admin.php?message=1';
// fieldname used within the file <input> of the HTML form
$fieldname = 'photo';
// Now let's deal with the upload
// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded',
2 => 'html form max file size exceeded',
3 => 'file upload was only partial',
4 => 'no file was attached');
if($_FILES[$fieldname]['error'] == 4)
{
// no file was attached so don't process it
$imagename = ''; // for MySQL query
}
else
{
// check for PHP's built-in uploading errors
($_FILES[$fieldname]['error'] == 0)
or error($errors[$_FILES[$fieldname]['error']], $uploadForm);
// check that the file we are working on really was the subject of an HTTP upload
@is_uploaded_file($_FILES[$fieldname]['tmp_name'])
or error('Not an HTTP upload.', $uploadForm);
// validation... since this is an image upload script we should run a check
// to make sure the uploaded file is in fact an image. Here is a simple check:
// getimagesize() returns false if the file tested is not an image.
@getimagesize($_FILES[$fieldname]['tmp_name'])
or error('Uploaded file must be an accepted image.', $uploadForm);
// make a unique filename for the uploaded file and check it is not already
// taken... if it is already taken keep trying until we find a vacant one
// sample filename: 1140732936-filename.jpg
$now = time();
while(file_exists($uploadFilename = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name']))
{
$now++;
}
//name var for image
$imagename = $now.'-'.$_FILES[$fieldname]['name'];
// now let's move the file to its final location and allocate the new filename to it
@move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename)
or error('You do not have permission to upload to the selected directory.', $uploadForm);
}
// The following function is an error handler which is used
// to output an HTML error page if the file upload fails
function error($error, $location, $seconds = 5)
{
header("Refresh: $seconds; URL=\"$location\"");
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n".
'"http://www.w3.org/TR/html4/strict.dtd">'."\n\n".
'<html lang="en">'."\n".
' <head>'."\n".
' <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."\n\n".
' <link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n".
' <title>Upload error</title>'."\n\n".
' </head>'."\n\n".
' <body>'."\n\n".
' <div id="Upload">'."\n\n".
' <h1>Upload failure</h1>'."\n\n".
' <p>An error has occured: '."\n\n".
' <span class="red">' . $error . '...</span>'."\n\n".
' The upload form is reloading</p>'."\n\n".
' </div>'."\n\n".
'</html>';
exit;
} // end error handler
$year = $_POST['year'];
$make = $_POST['make'];
$model = $_POST['model'];
$description = $_POST['description'];
$price = $_POST['price'];
$price = preg_replace('/[%&\\\\"\/$?\'<>:*|^,]/', '', $price);
$condition = $_POST['condition'];
$hours = $_POST['hours'];
$serial_number = $_POST['serial_number'];
$stock_number = $_POST['stock_number'];
$capacity = $_POST['capacity'];
$mast = $_POST['mast'];
$lowered_mastheight = $_POST['lowered_mastheight'];
$raised_mastheight = $_POST['raised_mastheight'];
$power = $_POST['power'];
$tires = $_POST['tires'];
$active = $_POST['active'];
# current timestamp
$date_added = time();
# connect to db
dbconnect($db_user, $db_password, $db_name);
# inserting query
$query = "INSERT INTO `trucks` ( `id` , `year` , `make` , `model` , `description` , `price` , `photo` , `date_added` , `condition` , `hours` , `serial_number` , `stock_number` , `capacity` , `mast` , `lowered_mastheight` , `raised_mastheight` , `power` , `tires`, `active` ) VALUES ('', '$year', '$make', '$model', '$description', '$price', '$imagename', '$date_added', '$condition', '$hours', '$serial_number', '$stock_number', '$capacity', '$mast', '$lowered_mastheight', '$raised_mastheight', '$power', '$tires', '$active');";
mysql_query($query);
// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to a success page.
header('Location: ' . $uploadSuccess);
The code work great! i had no probs adding my sql to record the image and recall it. thx!!!!
But....
I would like to show the image and the unique image name on the upload.success page. i cant figure out how to pass the new name (or any variables) to the upload.success page. any ideas anyone?
Hello! Thanks for this awesome code, it works wonders!
I have uploaded your zip file and everything works, uploads pictures to the folder correctly.
I am not trying to get this location stored in my DB so I can later call on it and display the image on my site. Here is my code :
Code:
//in addition to Bokeh's script you can insert each record into a database.
$query = "INSERT INTO model_images VALUES ('', '$modelId', '$uploadFilename', '$hardwareId', '$brandID')";
if (!($result = @ mysql_query ($query,$connection))) showerror;
echo $query;
// If you got this far, everything has worked and the file has been successfully saved.
When I do this however it returns the error:
Code:
An error has occured: receiving directory insuffiecient permission... The upload form is reloading
How can I fix this? I even tried uploading the original :
Code:
If it were me and i havnt really looked at the code,
but here
PHP Code:
// now let's move the file to its final location and allocate the new filename to it
@move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename)
or error('receiving directory insuffiecient permission', $uploadForm);
// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to a success page.
header('Location: ' . $uploadSuccess);
I would add a mySQL insert script
like this
PHP Code:
// now let's move the file to its final location and allocate the new filename to it
@move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename)
or error('receiving directory insuffiecient permission', $uploadForm);
//in addition to Bokeh's script you can insert each record into a database.
$q = "INSERT INTO table_name (`filename`,`date`) VALUES ('$uploadFilename',$date(dMy))";
$s = mysql_query($q);
//if an error
echo(mysql_error());
// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to a success page.
header('Location: ' . $uploadSuccess);
And made a table called table_name, just for the sake of testing this out... and got the same error. Any help would be appreciated. Thanks everyone!
sounds like you dont have the correct permission settings on the folder you are uploading to. for sake of testing, set permissions to 777 (allow everything). once its working properly then consider scaling back the permissions to only what is necessary for your projects end users.
Reply With Quote
Originally Posted by bokeh
make upload not required...
Bookmarks