upload form validation

general form validation

Page 1 of 1

13 Replies - 2900 Views - Last Post: 17 January 2010 - 03:29 PM Rate Topic: -----

#1 saunders1989   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 21
  • Joined: 16-January 10

upload form validation

Posted 16 January 2010 - 04:12 AM

Hi, i am trying to build a image gallery in php. ive never done php so im fairly new at this type of code. so im not 100% sure on how things come all together at the moment. so far. i have created a login page which then takes the user to the upload form. i am able to upload the image to the db but not actually storing any image on the db just the image path of where the image was uploaded to the folder. i am trying to set a max_upload_size but unable to know if my code i have written is correct let alone know where to put it into my code (below) i thought what would be the code is: but dont know if that is correct or where to slot it into my full code. i was also wondering how i would check to see if the file im uploading has the same file name as one that is already in my folder?

any ideas guys would be amazing

Thanks

if($_FILES['uploaded_file'] <= $max_size){

do the upload
}

else {
	echo "The file is too large to upload";
	 }




<?php
 // Check if a file has been uploaded
if(isset($_FILES['uploaded_file']))
{
	 // Make sure the file was sent without errors
	 if($_FILES['uploaded_file']['error'] == 0) {
		 $target_path = "images/";
		$target_path = $target_path . basename( $_FILES['uploaded_file']['name']); 

	if(move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $target_path)) {
	echo "The file ".  basename( $_FILES['uploaded_file']['name']). 
	" has been uploaded";
	
	$dbLink = new mysqli('localhost', 'root', '', 'gallery');
		 if(mysqli_connect_errno()) {
			 die("MySQL connection failed: ". mysqli_connect_error());
		 }			 
		 
		 // Gather all required data
		 $name = $dbLink->real_escape_string($_FILES['uploaded_file']['name']);
		 $mime = $dbLink->real_escape_string($_FILES['uploaded_file']['type']);
		 $size = intval($_FILES['uploaded_file']['size']);
		 $image_path = $dbLink->real_escape_string($target_path);
		 $gallery_type = $dbLink->real_escape_string($_POST['gallery_type']); 

	//query to insert the data i had gathered into the database
	$query = "INSERT INTO `images` (`name`, `size`, `created`, `image_path`, `gallery_type_id`)
			 VALUES ('{$name}', {$size}, NOW(), '{$image_path}', '{$gallery_type}')";
			 
			 //executes the query
			 	$dbLink->query($query);
	 } 
		 

 
	 }
	  else {
	 echo 'Error! A file was not sent!';
 		   }
}
  
 // Echo a link back to the main page
 echo '<p>Click <a href="member-index.php">here</a> to go back</p>';
 ?>


Is This A Good Question/Topic? 0
  • +

Replies To: upload form validation

#2 Auzzie   User is offline

  • D.I.C Addict
  • member icon

Reputation: 43
  • View blog
  • Posts: 573
  • Joined: 20-January 09

Re: upload form validation

Posted 16 January 2010 - 04:20 AM

Well i am glad to finally see a new member attempting to code before posting for help, here is a link to a tutorial on D.I.C that will walk you through how to do that :)
http://www.dreaminco...wtopic19948.htm
Was This Post Helpful? 0
  • +
  • -

#3 saunders1989   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 21
  • Joined: 16-January 10

Re: upload form validation

Posted 16 January 2010 - 04:34 AM

hi thanks for getting back to me soo quickly. i do like to attempt to work things out but i did get stuck. as ive looked around on how to do this and even on the link you show the code would be something like:

if($_FILES['uploaded_file'] ['size']<= $max_size){

do the upload
}

else {
	echo "The file is too large to upload";
	 } 


but as im new to php im really struggling to work out where '['size'] comes from. and if i was to find out where that comes from could i literally just copy and paste that first line into my code like so or have i missinterpreted where i would put it?

<?php
 // Check if a file has been uploaded
if(isset($_FILES['uploaded_file'] ['size']<= $max_size))
{
	 // Make sure the file was sent without errors
	 if($_FILES['uploaded_file']['error'] == 0) {
		 $target_path = "images/";
		$target_path = $target_path . basename( $_FILES['uploaded_file']['name']);


Was This Post Helpful? 0
  • +
  • -

#4 Auzzie   User is offline

  • D.I.C Addict
  • member icon

Reputation: 43
  • View blog
  • Posts: 573
  • Joined: 20-January 09

Re: upload form validation

Posted 16 January 2010 - 04:40 AM

right when you are uploading files, PHP stores all of the information to do with the file in an array called $_FILES. Which in it would have information like file name, size, type(as in image/gif etc), temp name (which is the name the system gives it to temp store the file) and error which is the error code that might have been made.

Take more of a look here then: http://uk3.php.net/m...post-method.php

php.net is the best place for help ;)
Was This Post Helpful? 0
  • +
  • -

#5 saunders1989   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 21
  • Joined: 16-January 10

Re: upload form validation

Posted 16 January 2010 - 04:58 AM

ahh okay i understand now where size comes from but that would mean my code would work if i just put ['size'] <= $max_size would work but i tred it and get a parse error.sorry im really bad at this i know
Was This Post Helpful? 0
  • +
  • -

#6 Auzzie   User is offline

  • D.I.C Addict
  • member icon

Reputation: 43
  • View blog
  • Posts: 573
  • Joined: 20-January 09

Re: upload form validation

Posted 16 January 2010 - 05:13 AM

It would need to be this:
<?php
$max_size = 86000;

 // Check if a file has been uploaded
if(isset($_FILES['uploaded_file']['size']<= $max_size))
{
	 // Make sure the file was sent without errors
	 if($_FILES['uploaded_file']['error'] == 0) {
		 $target_path = "images/";
		$target_path = $target_path . basename( $_FILES['uploaded_file']['name']);



Try that but what was the parse error you got?
Was This Post Helpful? 0
  • +
  • -

#7 saunders1989   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 21
  • Joined: 16-January 10

Re: upload form validation

Posted 16 January 2010 - 05:23 AM

this is the parse error:

Parse error: parse error, expecting `','' or `')'' in C:\wamp\www\Blean_Photos\add_file.php on line 15

but as far as i see on my code and on many examples you dont put a comma between [] or when you place the variable into the statement aswell.
is the 86000 in bytes or kb?

thanks
Was This Post Helpful? 0
  • +
  • -

#8 Auzzie   User is offline

  • D.I.C Addict
  • member icon

Reputation: 43
  • View blog
  • Posts: 573
  • Joined: 20-January 09

Re: upload form validation

Posted 16 January 2010 - 05:35 AM

do you want to post us all the code so we can see where this error is?
Also sorry you need to get rid of the isset (i didnt notice it *is ashamed*)

This post has been edited by Auzzie: 16 January 2010 - 05:37 AM

Was This Post Helpful? 0
  • +
  • -

#9 saunders1989   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 21
  • Joined: 16-January 10

Re: upload form validation

Posted 16 January 2010 - 05:39 AM

this is my upload form code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<?php


$dbLink = new mysqli('localhost', 'root', '', 'gallery');
		 if(mysqli_connect_errno()) {
			 die("MySQL connection failed: ". mysqli_connect_error());
		 }

$query = "SELECT gallery_type_id, gallery_type_desc FROM gallery_type ORDER BY gallery_type_id";

/* run the query */
$result = $dbLink->query($query);

/* load the query's results into an array */
$i=1;
while($row=$result->fetch_assoc()){
$galleryTypes[$i] = $row;
$i++;
}  
$num_results = $result->num_rows;
?>

</head>

<body>

 <form action="add_file.php" method="post" enctype="multipart/form-data">
		 <input type="file" name="uploaded_file" /><br />
		 <input type="submit" value="Upload file" />  
		 <label for="gallery_type">Gallery Type</label>
		 <select name="gallery_type" id="gallery_type">
			<option>Please Select a Album
			<?php
				for($i = 1; $i < $num_results+1; $i++) {
				echo "<option value=\"" . $galleryTypes[$i]['gallery_type_id'] . "\">";
				echo $galleryTypes[$i]['gallery_type_desc'];
				echo "</option>\n";
				}
			?>
			</option>
		</select>
	</form>

</body>
</html>


and this is my add_file.php code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>

 <?php
 
 $max_size=86000;
 
 // Check if a file has been uploaded
if(isset($_FILES['uploaded_file']['size']<= $max_size))
{
	 // Make sure the file was sent without errors
	 if($_FILES['uploaded_file']['error'] == 0) {
		 $target_path = "images/";
		$target_path = $target_path . basename( $_FILES['uploaded_file']['name']); 

	if(move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $target_path)) {
	echo "The file ".  basename( $_FILES['uploaded_file']['name']). 
	" has been uploaded";
	
	$dbLink = new mysqli('localhost', 'root', '', 'gallery');
		 if(mysqli_connect_errno()) {
			 die("MySQL connection failed: ". mysqli_connect_error());
		 							}			 
		 
		 // Gather all required data
		 $name = $dbLink->real_escape_string($_FILES['uploaded_file']['name']);
		 $mime = $dbLink->real_escape_string($_FILES['uploaded_file']['type']);
		 $size = intval($_FILES['uploaded_file']['size']);
		 $image_path = $dbLink->real_escape_string($target_path);
		 $gallery_type = $dbLink->real_escape_string($_POST['gallery_type']); 

	//query to insert the data i had gathered into the database
	$query = "INSERT INTO `images` (`name`, `size`, `created`, `image_path`, `gallery_type_id`)
			 VALUES ('{$name}', {$size}, NOW(), '{$image_path}', '{$gallery_type}')";
			 
			 //executes the query
			 	$dbLink->query($query);
		} 
	}
	  else {
	 		echo 'Error! A file was not sent!';
 		   }
}
  
 // Echo a link back to the main page
 echo '<p>Click <a href="member-index.php">here</a> to go back</p>';
 ?>

</body>
</html>


EDIT:

If i do get rid of isset i get these errors:

Notice: Undefined index: uploaded_file in C:\wamp\www\Blean_Photos\add_file.php on line 15

Notice: Undefined index: uploaded_file in C:\wamp\www\Blean_Photos\add_file.php on line 18

Notice: Undefined index: uploaded_file in C:\wamp\www\Blean_Photos\add_file.php on line 20

Notice: Undefined index: uploaded_file in C:\wamp\www\Blean_Photos\add_file.php on line 22

This post has been edited by saunders1989: 16 January 2010 - 05:41 AM

Was This Post Helpful? 0
  • +
  • -

#10 Auzzie   User is offline

  • D.I.C Addict
  • member icon

Reputation: 43
  • View blog
  • Posts: 573
  • Joined: 20-January 09

Re: upload form validation

Posted 16 January 2010 - 05:41 AM

change if(isset($_FILES['uploaded_file']['size']<= $max_size)) to
if(isset($_FILES['uploaded_file']) && $_FILES['uploaded_file']['size']<= $max_size)


My fault

This post has been edited by Auzzie: 16 January 2010 - 05:42 AM

Was This Post Helpful? 1
  • +
  • -

#11 saunders1989   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 21
  • Joined: 16-January 10

Re: upload form validation

Posted 16 January 2010 - 05:52 AM

ahh that worked a treat :) my only issue is if the file is larger than the file size allocated it doesnt print the error message. have i missed an error message?
Was This Post Helpful? 0
  • +
  • -

#12 Auzzie   User is offline

  • D.I.C Addict
  • member icon

Reputation: 43
  • View blog
  • Posts: 573
  • Joined: 20-January 09

Re: upload form validation

Posted 16 January 2010 - 05:56 AM

In reality you need to check if error code is either 1 or 2 as they are the upload size error codes. Also make sure that the max file size is the same in your HTML form as it is in your php file.

http://php.net/manua...load.errors.php
Was This Post Helpful? 0
  • +
  • -

#13 saunders1989   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 21
  • Joined: 16-January 10

Re: upload form validation

Posted 16 January 2010 - 06:09 AM

could i do this below the first if statement:

if($_FILES['uploaded_file']['size'] == 1) {

echo 'The file is too large';
}


if i was to do that am i right to think i would have to put a massive else {
around all the other bits of code?
}
Was This Post Helpful? 0
  • +
  • -

#14 Auzzie   User is offline

  • D.I.C Addict
  • member icon

Reputation: 43
  • View blog
  • Posts: 573
  • Joined: 20-January 09

Re: upload form validation

Posted 17 January 2010 - 03:29 PM

not really, leaving it just as an if would be fine but before the closing brace put exit; or die;

if($_FILES['uploaded_file']['size'] == 1) {

die 'The file is too large';
}

Was This Post Helpful? 0
  • +
  • -

Page 1 of 1