1

Hi i am trying to upload file and sets the limit 1 mb. when file size is greater than 1 mb file doesn't move in folder but it updates in in mysql database.

<?php
$fileName = $_FILES['myfile']['name'];
$fileNameTmp = $_FILES['myfile']['tmp_name'];
$fileSize = $_FILES["myfile"]["size"];
$fileExtension = explode('.',$fileName);
$fileExtension = strtolower(end($fileExtension));
$maxsize = 1000000;
$fileUniqueName = uniqid().'.'.$fileExtension;
$store = 'uploads/'.$fileUniqueName;

if($fileSize>$maxsize)
{
echo 'size exceed';
}
else
{

    move_uploaded_file($fileNameTmp,$store);
    $query = mysql_query("update users set image = '$fileUniqueName' where id = '$_SESSION[id]'");
}
?>

Expected result: file name should not update in database if size exceeds 1 mb.

Improve this question
3
  • 3
    Stop using the mysql_* functions. They have been deprecated since v5.5 (Jun 2013) and removed since v7.0 (Dec 2015). Instead use the mysqli_* or PDO functions with prepared statements and bound parameters. Commented Apr 17, 2017 at 13:36
  • 2
    Your code is likely vulnerable to SQL injection attacks. You should use mysqli or PDO prepared statements with bound parameters as described in this post. Commented Apr 17, 2017 at 13:36
  • 1
    var_dump($maxsize, $fileSize); and check if the values are what you expect. Commented Apr 17, 2017 at 13:36

1 Answer 1

Reset to default
1

I'm guessing the file didn't upload and you're getting $fileSize equal to 0, bypassing your if condition.
Change it to if($fileSize > $maxsize || $fileSize == 0) to capture the error.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

That's why your if condition is getting bypassed. Change it to if($fileSize > $maxsize || $fileSize == 0)
I've updated the answer to include the correction. Please mark it as correct :)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.