0

I have an upload form where I want to allow users to upload images and videos but when I submit the form, it tosses the error message I have set into the else statement. What did I do wrong?

<?php

 $allowedExts = array("gif", "jpeg", "jpg", "png");
  $temp = explode(".", $_FILES["upload"]["name"]);
  $extension = end($temp);
  if ((($_FILES["file"]["type"] == "image/gif")
  || ($_FILES["file"]["type"] == "video/avi")
  || ($_FILES["file"]["type"] == "video/mp4")
  || ($_FILES["file"]["type"] == "image/jpeg")
  || ($_FILES["file"]["type"] == "image/jpg")
  || ($_FILES["file"]["type"] == "image/pjpeg")
  || ($_FILES["file"]["type"] == "image/x-png")
  || ($_FILES["file"]["type"] == "image/png"))
  && ($_FILES["file"]["size"] < 100000)
  && in_array($extension, $allowedExts))
    {
    if ($_FILES["upload"]["error"] > 0)
      {
      echo "Return Code: " . $_FILES["upload"]["error"] . "<br>";
      }
    else 
      {

        $fileName = $temp[0].".".$temp[1];
        $temp[0] = rand(0, 3000); //Set to random number
        $fileName;

      if (file_exists("content/" . $_FILES["file"]["name"]))
        {
        echo $_FILES["upload"]["name"] . " already exists. ";
        }
      else
        {
        $newfilename = rand(1,99999).end(explode(".",$_FILES["upload"]["name"]));
        move_uploaded_file($_FILES["upload"]["tmp_name"], "content/" . $newfilename);
        echo "Stored in: " . "content/" . $_FILES["file"]["name"];
        }
      }
    }
  else
    {
    echo "Invalid file or connection failure.";
    }

 ?>

"Invalid file or connection failure." is the error message I get.

Improve this question
6
  • What kind of debugging did you already do? Commented Jan 4, 2014 at 1:59
  • Your issue is with the first if statement. Can you post your <form> code ? Commented Jan 4, 2014 at 1:59
  • Your file is clearly failing one of the many conditions at the top of your script. You'll have to work out which one. Add some debug code. Commented Jan 4, 2014 at 2:03
  • change both $_FILES["file"]["name"]; to $_FILES["upload"]["name"]; mismatched. Since there are others called $_FILES["upload"]["name"]) or make the first parameters all the same. Commented Jan 4, 2014 at 2:03
  • You should also make an $allowedMimeTypes array and put all those values into it. Then in your if statement you only have to do an in_array comparison rather than that crazy long list. Commented Jan 4, 2014 at 2:05

2 Answers 2

Reset to default
1

This is what I use however I don't insert temp randoms

<?php


$fileName = $files['upload']['name'];
$fileArray = explode('.', $fileName);
$extension = count($fileArray) - 1;
$extension = $fileArray[$extension];

// Put allowed file extensions in the following array   

$allowedExt = array("gif",
                    "avi",
                    "mp4",
                    "jpeg",
                    "jpg",
                    "pjpeg",
                    "x-png",
                    "png");

if(!in_array($extension, $allowedExt)){
// print error message here
exit;
}

$fileType = $_FILES['upload']['type'];
# Put allowed file mime types here as an extra check 
$allowedTypes = array("image/gif",
                      "video/avi",
                      "video/mp4",
                      "image/jpeg",
                      "image/jpg",
                      "image/pjpeg",
                      "image/x-png",
                      "image/png"); 

if(!in_array($fileType, $allowedTypes)){
// print error message here
exit;
}

// Add the rest of your code here as required

?>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Given the filename: i1_small.jpg to upload (which is a file I used from my computer)

The code that follows, will rename it to: 74447_i1_small.jpg (using a random number from the rand() function that was already in your code)

You had mismatched parameter names.

For example:

$_FILES["upload"]["name"])
and
$_FILES["file"]["name"])

These must match.

HTML form I used: (make sure the input matches name="file" as shown below)

<form action="upload.php" method="post" enctype="multipart/form-data">
<input type="file" name="file" id="file" /> 
<input type="submit" name="submit" value="Submit" />
</form>

Try this out now:

<?php

 $allowedExts = array("gif", "jpeg", "jpg", "png");
  $temp = explode(".", $_FILES["file"]["name"]);
  $extension = end($temp);
  if ((($_FILES["file"]["type"] == "image/gif")
  || ($_FILES["file"]["type"] == "video/avi")
  || ($_FILES["file"]["type"] == "video/mp4")
  || ($_FILES["file"]["type"] == "image/jpeg")
  || ($_FILES["file"]["type"] == "image/jpg")
  || ($_FILES["file"]["type"] == "image/pjpeg")
  || ($_FILES["file"]["type"] == "image/x-png")
  || ($_FILES["file"]["type"] == "image/png"))
  && ($_FILES["file"]["size"] < 100000)
  && in_array($extension, $allowedExts))
    {
    if ($_FILES["file"]["error"] > 0)
      {
      echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
      }
    else 
      {

        // $fileName = $temp[0].".".$temp[1];


$fileName = $temp[0].".".$temp[1];


        $temp[0] = rand(0, 3000); //Set to random number
        $fileName;

      if (file_exists("content/" . $_FILES["file"]["name"]))
        {
        echo $_FILES["file"]["name"] . " already exists. ";
        }
      else
        {
        $newfilename = rand(1,99999) . "_" . ($_FILES["file"]["name"]);

        move_uploaded_file($_FILES["file"]["tmp_name"], "content/" . $newfilename);
        echo "Stored in: " . "content/" . $_FILES["file"]["name"];
        }
      }
    }
  else
    {
    echo "Invalid file or connection failure.";
    }

 ?>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.