Hello guys,
I’m trying to develop upload script which i have made referenced to other tutorials available on the net. i was wondering if this is clean and secured script?
<html>
<head>
<title>PHP Upload Test</title>
</head>
<body>
<form action ="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
File: <input type="file" name="file" size="30"> <input type="submit" value="upload">
</form>
<?php
$allowedExts = array("pdf");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "application/pdf")) && ($_FILES["file"]["size"] < 5243000) && in_array($extension, $allowedExts)) {
if ($_FILES["file"]["error"] > 0) {
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "you have successfully upload your note" . "<br>";
if (file_exists("fileupload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " the file you are trying to upload is already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"], "fileupload/" . $_FILES["file"]["name"]);
echo "you have succesfully upload your note! ";
}
}
}
else
{
echo "Please upload your file in PDF only";
}
?>
</body>
</html>
hi all,
i have made and update to my script. but i’m still getting warning where the uploaded file cannot be moved to my server upload folder.
below is my folder directory:
C:\xampp\htdocs\uplodednotes\upload\aclass\dave
I have tried change the above upload path to “C:\xampp\htdocs\uplodednotes” and it works fine. But when i’m putting more sub-folder like the above directory, below is the warnings i’ve encountered
Warning: move_uploaded_file(uplodednotes/upload/aclass/dave/skippMay.pdf): failed to open stream: No such file or directory in C:\xampp\htdocs\uplodednotes\upload\upen.php on line 48
Warning: move_uploaded_file(): Unable to move ‘C:\xampp\ mp\phpAB9E.tmp’ to ‘uplodednotes/upload/aclass/dave/skippMay.pdf’ in C:\xampp\htdocs\uplodednotes\upload\upen.php on line 48
you have successfully uploaded your note!skippMay.pdf
I’m sure to have made the folder named “dave” has write permission. Any advise of what went wrong would be much appreciated…
<?php
$fileName = $_FILES['filename']['name'];//file name from the HTML form
$fileTmpLoc = $_FILES['filename']['tmp_name'];//file in the PHP tmp folder
$fileDirectory = 'uplodednotes/upload/aclass/dave/'. basename( $_FILES['filename']['name']);//location where files to be uploaded
$fileType = $_FILES['filename']['type'];//type of files to be uploaded
$allowed_ext = 'application/pdf'; // allowable file-type
$fileSize = $_FILES['filename']['size'];//file size limitation
$fileError = $_FILES['filename']['error'];//error message code
if(!$fileTmpLoc)
{
echo "ERROR: Please select a file before clicking submit button.";
exit();
}
else
if(!$fileSize > 5242880)
{
echo "Warning: Please ensure file size is less than 5 Megabytes";
unlink($fileTmpLoc);
exit();
}
else
if($allowed_ext != $allowed_ext)
{
echo "Warning: Please upload your note in PDF file type only";
unlink($fileTmpLoc);
exit();
}
else
if($fileError > 0)
{
echo "ERROR: An error occurred while processing the file. Please try again.";
unlink($fileTmpLoc);
exit();
}
else
// End PPHP file checking
{
if(file_exists('uplodednotes/upload/aclass/dave/' . $fileName))
{
echo $fileName . " already exists. ";
}
else
{
move_uploaded_file($fileTmpLoc, 'uplodednotes/upload/aclass/dave/' . $fileName);
echo "you have successfully uploaded your note!" . $fileName;
}
}
?>