[chipshot]

I have this php script to upload video files from my membership

If I refresh the page the video uploads again.

how can I prevent this?

Thank You..

		<form action="" method="post" enctype="multipart/form-data">
		  <table width="400" cellpadding="3" >
			<tr>
			  <td colspan="3">&nbsp;</td>
			</tr>
			<tr>
			  <td width="10" rowspan="2">&nbsp;</td>
			  <td width="120"><strong>Choose a file to upload:</strong></td>
			  <td width="242"><input type="file" name="uploaded_file" /></td>
			</tr>
			<tr>
			  <td>&nbsp;</td>
			  <td>&nbsp;</td>
			</tr>
			<tr>
			  <td>&nbsp;</td>
			  <td>&nbsp;</td>
			  <td><input type="submit" name="sendForm" value="Upload File" />
				<br /></td>
			</tr>
			<tr>
			  <td colspan="3">&nbsp;</td>
			</tr>
		  </table>
		</form>
		<?php

  error_reporting(E_ALL ^ E_NOTICE); // Show all major errors.

  // Check to see if the button has been pressed
  if (!empty($_REQUEST['sendForm']))
  {
	// Assign the name to a variable
	$name = $_FILES['uploaded_file']['name'];
	// Assign the tmp_name to a variable
	$tmp_name = $_FILES['uploaded_file']['tmp_name'];
	// Assign the error to a variable
	$error = $_FILES['uploaded_file']['error'];
	// Assign the size to a variable
	$size = $_FILES['uploaded_file']['size'];
	// No trailing slash
	$uploadFilesTo = 'uploads';
	// Create safe filename
	$name = ereg_replace('[^A-Za-z0-9.]', '-', $name);
	// Disallowed file extensions
	//what files you don't want upoad... leave this alone and you should be fine but you could add more
	$naughtyFileExtension = array("php", "php3", "asp", "inc", "txt", "wma","js", "exe", "jsp", "map", "obj", " ", "", "html", "mp3", "mpu", "wav", "cur", "ani");	// Returns an array that includes the extension
	$fileInfo = pathinfo($name);
	// Check extension
	if (!in_array($fileInfo['extension'], $naughtyFileExtension))
	{
	  // Get filename
	  $name = getNonExistingFilename($uploadFilesTo, $name);
	  // Upload the file
	  if (move_uploaded_file($tmp_name, $uploadFilesTo.'/'.$name))
	  {
		  // Show success message
		  echo '<center><p>Your Video File has uploaded successfully<br />'.$uploadFilesTo.'/'.$name.'</p></center>';
	  }
	  else
	  {
		  // Show failure message
		  echo '<center><p>File failed to upload to /'.$name.'</p></center>';
	  }
	}
	else
	{
		// Bad File type
		echo '<center><p>The file uses an extension we don\'t allow.</p></center>';
	}
  }
 
  // Functions do not need to be inline with the rest of the code
  function getNonExistingFilename($uploadFilesTo, $name)
  {
	  if (!file_exists($uploadFilesTo . '/' . $name))
		  return $name;
	 
	  return getNonExistingFilename($uploadFilesTo, rand(100, 200) . '_' . $name);
  }
?>

[alecoder]

Will do refresh page loading starting Again and php script Begins anew

[ap0c0lyps3]

You can use a session that holds the name of the last file uploaded if it is the same as the current file being uploaded then it shows an error.

if($name == $_SESSION['last_file_name'])
  die('File already uploaded');

[chipshot]

Thank You,

I'm not much a programmer yet, still learning php.

Question:
what about this line that I have here:

// Create safe filename
$name = ereg_replace('[^A-Za-z0-9.]', '-', $name);

would you take that out, and put in:

if($name == $_SESSION['last_file_name'])
die('File already uploaded');

and ask that the file name must be renamed?

or could they work together somehow?

[ap0c0lyps3]

To tell you the truth. I suck at regex.
As far as I can tell they do completely different things. The first one (I think) makes the file name safe for saving and the other one makes sure that the user doesn't upload the same file twice.

You put

if($name == $_SESSION['last_file_name'])
die('File already uploaded');

just after

$name = $_FILES['uploaded_file']['name'];

and at the end of the script you put

$_SESSION['last_file_name'] = $name

[developerhu]

easy boys...

lets say you have index.php to upload your video file. After you submit your form, you do the same what now, but instead of echoing out "Your video was successfully uploaded" you place the following line

header("Location: index.php?cmd=videosuccess");

after the file uploads, the browser redirects to the new page.
To handle the cmd parameter you have to add an extra if to your code

if(isset($_POST['cmd']) and $_POST['cmd'] == 'videosuccess') {
   echo 'Your video was successfully uploaded';
} else {
   display the form here, and place upload script
}

thats all. After file upload if user hits refresh it only refreshes the result, and does not upload your video again.

hope this helps
dev

[we_undertaker]

anyone can provide some code , that after uploading success, we can playback that video?

i just new in PHP , plzz help me
thank you so much

[hirensoni2005]

To solve this problem you just need to redirect your page on the same page with "header("location:yourfile.php")"

		<form action="" method="post" enctype="multipart/form-data">
		  <table width="400" cellpadding="3" >
			<tr>
			  <td colspan="3">&nbsp;</td>
			</tr>
			<tr>
			  <td width="10" rowspan="2">&nbsp;</td>
			  <td width="120"><strong>Choose a file to upload:</strong></td>
			  <td width="242"><input type="file" name="uploaded_file" /></td>
			</tr>
			<tr>
			  <td>&nbsp;</td>
			  <td>&nbsp;</td>
			</tr>
			<tr>
			  <td>&nbsp;</td>
			  <td>&nbsp;</td>
			  <td><input type="submit" name="sendForm" value="Upload File" />
				<br /></td>
			</tr>
			<tr>
			  <td colspan="3">&nbsp;</td>
			</tr>
		  </table>
		</form>
		<?php

  error_reporting(E_ALL ^ E_NOTICE); // Show all major errors.

  // Check to see if the button has been pressed
  if (!empty($_REQUEST['sendForm']))
  {
	// Assign the name to a variable
	$name = $_FILES['uploaded_file']['name'];
	// Assign the tmp_name to a variable
	$tmp_name = $_FILES['uploaded_file']['tmp_name'];
	// Assign the error to a variable
	$error = $_FILES['uploaded_file']['error'];
	// Assign the size to a variable
	$size = $_FILES['uploaded_file']['size'];
	// No trailing slash
	$uploadFilesTo = 'uploads';
	// Create safe filename
	$name = ereg_replace('[^A-Za-z0-9.]', '-', $name);
	// Disallowed file extensions
	//what files you don't want upoad... leave this alone and you should be fine but you could add more
	$naughtyFileExtension = array("php", "php3", "asp", "inc", "txt", "wma","js", "exe", "jsp", "map", "obj", " ", "", "html", "mp3", "mpu", "wav", "cur", "ani");	// Returns an array that includes the extension
	$fileInfo = pathinfo($name);
	// Check extension
	if (!in_array($fileInfo['extension'], $naughtyFileExtension))
	{
	  // Get filename
	  $name = getNonExistingFilename($uploadFilesTo, $name);
	  // Upload the file
	  if (move_uploaded_file($tmp_name, $uploadFilesTo.'/'.$name))
	  {
		  // Show success message
		  echo '<center><p>Your Video File has uploaded successfully<br />'.$uploadFilesTo.'/'.$name.'</p></center>';
	  }
	  else
	  {
		  // Show failure message
		  echo '<center><p>File failed to upload to /'.$name.'</p></center>';
	  }
	}
	else
	{
		// Bad File type
		echo '<center><p>The file uses an extension we don\'t allow.</p></center>';
	}
  header("location:yourfile.php");
  }
 
  // Functions do not need to be inline with the rest of the code
  function getNonExistingFilename($uploadFilesTo, $name)
  {
	  if (!file_exists($uploadFilesTo . '/' . $name))
		  return $name;
	 
	  return getNonExistingFilename($uploadFilesTo, rand(100, 200) . '_' . $name);
  }
?>

[/quote]

[Valek]

developerhu, on 21 January 2008 - 05:05 PM, said:

easy boys...

lets say you have index.php to upload your video file. After you submit your form, you do the same what now, but instead of echoing out "Your video was successfully uploaded" you place the following line

header("Location: index.php?cmd=videosuccess");

after the file uploads, the browser redirects to the new page.
To handle the cmd parameter you have to add an extra if to your code

if(isset($_POST['cmd']) and $_POST['cmd'] == 'videosuccess') {
   echo 'Your video was successfully uploaded';
} else {
   display the form here, and place upload script
}

thats all. After file upload if user hits refresh it only refreshes the result, and does not upload your video again.

hope this helps
dev

I think you mean $_GET['cmd']. Using $_POST['cmd'] will fail unless you add it as a hidden input on your form. You've added it to the query string.

[JackOfAllTrades]

OK, time to close the necro topic.