1

While uploading the file in php i am not able to upload all types of file, if any space is there in between file name that is not able to download. Please can anyone correct this code

here is my upload code

<?php

$target_path = "../mt/sites/default/files/ourfiles/";

$target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['uploadedfile']['name']). 
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}



$con = mysql_connect("localhost","mt","mt");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }else{
 echo "Connected";
}

// Create table
mysql_select_db("mt", $con);

mysql_query("INSERT INTO mt_upload (FileName, FilePath)
VALUES ('".basename( $_FILES['uploadedfile']['name'])."', '".$target_path.basename( $_FILES['uploadedfile']['name'])."')");


// Execute query
mysql_query($sql,$con);

mysql_close($con);



?>
Improve this question
1
  • Rename the title to 'PHP Upload filename with spaces problem*. And put the description in the question. Commented Oct 21, 2009 at 6:50

2 Answers 2

Reset to default
1

make some check and validation on the file u upload

the script below can help u :

//  5MB maximum file size 
$MAXIMUM_FILESIZE = 5 * 1024 * 1024; 
//  Valid file extensions (images, word, excel, powerpoint) 
$rEFileTypes = 
  "/^\.(jpg|jpeg|gif|png|doc|docx|txt|rtf|pdf|xls|xlsx| 
        ppt|pptx){1}$/i"; 
$dir_base = "/your/file/location/"; 

$isFile = is_uploaded_file($_FILES['Filedata']['tmp_name']); 
if ($isFile)    //  do we have a file? 
   {//  sanatize file name 
    //     - remove extra spaces/convert to _, 
    //     - remove non 0-9a-Z._- characters, 
    //     - remove leading/trailing spaces 
    //  check if under 5MB, 
    //  check file extension for legal file types 
    $safe_filename = preg_replace( 
                     array("/\s+/", "/[^-\.\w]+/"), 
                     array("_", ""), 
                     trim($_FILES['Filedata']['name'])); 
    if ($_FILES['Filedata']['size'] <= $MAXIMUM_FILESIZE && 
        preg_match($rEFileTypes, strrchr($safe_filename, '.'))) 
      {$isMove = move_uploaded_file ( 
                 $_FILES['Filedata']['tmp_name'], 
                 $dir_base.$safe_filename);} 
      } 
   }
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Not sure if this works, but try to change line 2 to this:

$target_path = $target_path . basename( urldecode ( $_FILES['uploadedfile']['name'] ) );
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.