Multi Upload Validation Problem

middleman666

Hey people,

todays problem is...

I have a form, with two file fields and an upload button which when clicked the form follows the action PHP_SELF.

One of the files (userfile) goes to one directory (files/) the other (Thumbnail) to another (Thumbnails/)...

I have some simple validation in place for both fields, the validation creates messages ($Fmessage and $Tmessage) which are requested once the form is submitted. The validation is pretty much identical for the two fields, except the userfile outputs a link (which doesnt seem to be working) and the thumbnail outputs an image (which is working) but the problem is: It only seems to be working on the Thumbnails field.

could you tell me what im doing wrong?

$UserFilePath = "files/"; 
	$UserFileMax_size = 20000000; //20MB
	$UserFileDomain = $_SERVER["HTTP_HOST"];
    //THUMBNAIL STUFF---------------------------------------------------
	$ThumbnailPath = "Thumbnails/"; 
	$ThumbnailMax_size = 100000; //100KB
	$ThumbnailDomain = $_SERVER["HTTP_HOST"];
	//------------------------------------------------------------------

// Display Form Start ----------------------------------------------
echo '<form action="' . "$PHP_SELF" . '" method="post" enctype="multipart/form-data" name="upload">
	<b>: Location of File :</b><br>
	<input name="userfile" type="file" id="userfile" size="37">
	<br>
	<b>: Thumbnail Image : </b><br>
	<input name="Thumbnail" type="file" id="Thumbnail" size="37">

	<br>
	<input name="upload" type="submit" id="upload" value="Upload">
	<input name="clear" type="reset" id="clear" value="Clear">
	<br>
	</form>';
// Display Form End ------------------------------------------------

//USERFILE STUFF---------------------------------------------------
if (is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name'])) {

if ($HTTP_POST_FILES['userfile']['size']>$UserFileMax_size) {
    $Fmessage = "Userfile File is too big !"; 
	print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>";
	exit; }

if (($HTTP_POST_FILES['userfile']['type']=="application/zip")) {

    if (file_exists($UserfilePath . $HTTP_POST_FILES['userfile']['name'])) {
            $Fmessage = "There already exists a file with this name, please rename your file and try again";
			print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>";
			exit; }

    $UserFileUpload = copy($HTTP_POST_FILES['userfile']['tmp_name'], $UserFilePath .$HTTP_POST_FILES['userfile']['name']);

    if (!$UserFileUpload) { 
	$Fmessage = "Upload Didn't work, please try again"; 
	print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>";
	exit; 
	} 
	else { 
	$Fmessage = "Upload Succesful";
	print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>";
	}

$UniLoadDownloadLink = $UserFilePath.$HTTP_POST_FILES['userfile']['name'];
} 
else {}
}
//USERFILE STUFF END---------------------------------------------------

//THUMBNAIL STUFF---------------------------------------------------
if (is_uploaded_file($HTTP_POST_FILES['Thumbnail']['tmp_name'])) {

if ($HTTP_POST_FILES['Thumbnail']['size']>$ThumbnailMax_size) {
    $Tmessage = "Thumbnail File is too big !"; 
	print "<script>window.location.href='$url_this?Tmessage=$Tmessage'</script>";
	exit; }

if (($HTTP_POST_FILES['Thumbnail']['type']=="image/gif") || 
($HTTP_POST_FILES['Thumbnail']['type']=="image/pjpeg") || 
($HTTP_POST_FILES['Thumbnail']['type']=="image/jpeg") || 
($HTTP_POST_FILES['Thumbnail']['type']=="image/png")) {

    if (file_exists($ThumbnailPath . $HTTP_POST_FILES['Thumbnail']['name'])) {
            $Tmessage = "There already exists a file with this name, please rename your file and try again";
			print "<script>window.location.href='$url_this?Tmessage=$Tmessage'</script>";
			exit; }

    $ThumbnailUpload = copy($HTTP_POST_FILES['Thumbnail']['tmp_name'], $ThumbnailPath .$HTTP_POST_FILES['Thumbnail']['name']);

    if (!$ThumbnailUpload) { 
	$Tmessage = "Upload Didn't work, please try again"; 
	print "<script>window.location.href='$url_this?Tmessage=$Tmessage'</script>";
	exit; 
	} 
	else { 
	$Tmessage = "Upload Succesful";
	print "<script>window.location.href='$url_this?Tmessage=$Tmessage'</script>";
	}
$Thumbnail = "<img width=120 height=120 
			  alt=" . 'File--' . $HTTP_POST_FILES['userfile']['name'] . '--Size--' 
			                   . $HTTP_POST_FILES['userfile']['size'] . '--Bytes' .  "
			  src=\"".$ThumbnailPath.$HTTP_POST_FILES['Thumbnail']['name']."\">";
} 
else {}
}
//THUMBNAIL STUFF END---------------------------------------------------

note: this is a flat file system

thanks.

middleman666

anybody...?

Merve

What errors are you getting?

middleman666

thats the thing, im not actually getting any errors...

the thumbnail upload code works fine and displays the errors ive supplied but with the userfile, the code wont upload the file or display the errors ive supplied for it. this has confused me seen as the two codes are almost identical...

leatherback

Well,

You could start with putting something in the esle(*) statement. Then you can see whether it actually tried performing the code..

Probably you could combine the two sets into one function, where you only add some variables for paths to store info and stuff, based on image type which is submitted. But that is for later.

middleman666

Right, i changed the $messages to simple echos and got rid of the print<script... bits and added an echo in the else tags.

then tried echoing the output parts (the $Thumbnail and the userfile name...

what im finding is, the code stated for the thumbnail is working fine, errors and all and the thumbnail is being uploaded, but for the userfile, it doesnt seem to be running any of the script.... and is not uploading.

can anyone see the problem?

Merve

If that code has been copied and pasted, I'd advise you to beautify your code a bit: add some indents and spaces as required. The code is really kind of confusing. It's a good thing you commented it well 🙂. After indenting your code properly, check to see if your control structures are constructed as you thought they were.

leatherback

Where does it stop?

You ARE uploading a zip file I assume?

middleman666

sorry about the way it looks.... it does look fine in dreamweaver, its just because its all indented in the file and its not displaying correctly from a copy and paste into here... i will try and make it clearer for you though.

I found out what the problem was... It was stoping at the IF application/zip... even though the file i tried to upload was a zip file it didnt know this ( i think i may have had the wrong MIME type for a zip file).

anyway...
what i did was insted of checking for the MIME type, check for the extension, and now it runs through the rest and does as I ask.

but now Im getting other problems...

its not working correctly when checking to see if the userfile exsists, if it does exsist then it is still uploading it and overwriting the file.

here me code:

// USERFILE STUFF --------------------------------------------------
$UserFilePath = "files/"; 
$UserFileMax_size = 20000000; //20MB
$UserFileDomain = $_SERVER["HTTP_HOST"];
$FILE_EXTS  = array('.zip'); 

//THUMBNAIL STUFF --------------------------------------------------
$ThumbnailPath = "Thumbnails/"; 
$ThumbnailMax_size = 100000; //100KB
$ThumbnailDomain = $_SERVER["HTTP_HOST"];

// Display Form Start ----------------------------------------------
echo '<form action="' . "$PHP_SELF" . '" method="post" enctype="multipart/form-data" name="upload">
	<b>: Location of File :</b><br>
	<input name="userfile" type="file" id="userfile" size="37">
	<br>
	<b>: Thumbnail Image : </b><br>
	<input name="Thumbnail" type="file" id="Thumbnail" size="37">
	<br>
	<input name="upload" type="submit" id="upload" value="Upload">
	<input name="clear" type="reset" id="clear" value="Clear">
	<br>
	</form>';
// Display Form End ------------------------------------------------

//USERFILE STUFF---------------------------------------------------
if (is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name'])) {

if ($HTTP_POST_FILES['userfile']['size']>$UserFileMax_size) {
	$Fmessage = "Userfile File is too big !"; 
	print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>";
	exit; 
}

$file_name = $_FILES['userfile']['name'];
$file_ext = strtolower(substr($file_name,strrpos($file_name,".")));

// Check File Extension
if (in_array($file_ext, $FILE_EXTS) ) {

	if (file_exists($UserfilePath . $HTTP_POST_FILES['userfile']['name'])) {
		$Fmessage = "There already exists a file with this name, please rename your file and try again";
		print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>";
		exit; 
	}

	$UserFileUpload = copy($HTTP_POST_FILES['userfile']['tmp_name'], $UserFilePath .$HTTP_POST_FILES['userfile']['name']);

	if (!$UserFileUpload) { 
		$Fmessage = "Upload Didn't work, please try again"; 
		print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>";
		exit; 
	} 
	else { 
		$Fmessage = "Upload Succesful";
		print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>";
	}

		$UniLoadDownloadLink = '<a href="' . $UserFilePath.$HTTP_POST_FILES['userfile']['name'] . '">Download</a>';
} 
else { 
		$Fmessage = "Sorry, $file_name is not a zip file.";  
		print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>";
		exit;
}
}

//USERFILE STUFF END---------------------------------------------------
//THUMBNAIL STUFF---------------------------------------------------
if (is_uploaded_file($HTTP_POST_FILES['Thumbnail']['tmp_name'])) {

if ($HTTP_POST_FILES['Thumbnail']['size']>$ThumbnailMax_size) {
	$Tmessage = "Thumbnail File is too big !"; 
	print "<script>window.location.href='$url_this?Tmessage=$Tmessage'</script>";
	exit; 
}

if (($HTTP_POST_FILES['Thumbnail']['type']=="image/gif") || 
	($HTTP_POST_FILES['Thumbnail']['type']=="image/pjpeg") || 
	($HTTP_POST_FILES['Thumbnail']['type']=="image/jpeg") || 
	($HTTP_POST_FILES['Thumbnail']['type']=="image/png")) {

	if (file_exists($ThumbnailPath . $HTTP_POST_FILES['Thumbnail']['name'])) {
		$Tmessage = "There already exists a file with this name, please rename your file and try again";
		print "<script>window.location.href='$url_this?Tmessage=$Tmessage'</script>";
		exit; 
	}

		$ThumbnailUpload = copy($HTTP_POST_FILES['Thumbnail']['tmp_name'], $ThumbnailPath .$HTTP_POST_FILES['Thumbnail']['name']);

	if (!$ThumbnailUpload) { 
		$Tmessage = "Upload Didn't work, please try again"; 
		print "<script>window.location.href='$url_this?Tmessage=$Tmessage'</script>";
		exit; 
	} 
	else { 
		$Tmessage = "Upload Succesful";
		print "<script>window.location.href='$url_this?Tmessage=$Tmessage'</script>";
	}

		$Thumbnail = "<img width=120 height=120 
		  alt=" . 'File--' . $HTTP_POST_FILES['userfile']['name'] . '--Size--' 
						   . $HTTP_POST_FILES['userfile']['size'] . '--Bytes' .  "
		  src=\"".$ThumbnailPath.$HTTP_POST_FILES['Thumbnail']['name']."\">";
} 
else { 
		$Tmessage = "The Thumbnail is not of the correct MIME type"; 
		print "<script>window.location.href='$url_this?Tmessage=$Tmessage'</script>";
		exit;
}
}
//THUMBNAIL STUFF END---------------------------------------------------

anyone see the problem?

leatherback

Yes.
As would you if you would have proper indentation.

You stop the if statement BEFORE the upload statement

middleman666

sorry, quite new to php so dont do indenting too well, have tried to edit it to make it better... not sure if its right though...

just so I understand what your saying, are you saying i should do this:

        if (file_exists($UserfilePath . $HTTP_POST_FILES['userfile']['name'])) { 
            $Fmessage = "There already exists a file with this name, please rename your file and try again"; 
            print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>"; 
            exit;  


    $UserFileUpload = copy($HTTP_POST_FILES['userfile']['tmp_name'], $UserFilePath .$HTTP_POST_FILES['userfile']['name']); 

    }

looking at that, it makes no sense so its probly not what you mean...

infact... im now completely confusing myself.

I dont understand how it works with the Thumbnail and not the userfile...

i think im going blind somewhere.

middleman666

oh... lol my eyes have just opened... im an idiot lol

leatherback

Hi,

I was thinking about something like:

if (file_exists($UserfilePath . $HTTP_POST_FILES['userfile']['name'])) { 
            $Fmessage = "There already exists a file with this name, please rename your file and try again"; 
            print "<script>window.location.href='$url_this?Fmessage=$Fmessage'</script>"; 
           }
else
          {  

          $UserFileUpload = copy($HTTP_POST_FILES['userfile']['tmp_name'], $UserFilePath .$HTTP_POST_FILES['userfile']['name']); 

    }

middleman666

cheers for that but why would it work (the way i had it) for the thumbnail code and not for the userfile code?

middleman666

this is what i have now:

	<?php

// USERFILE VARIABLES ----------------------------------------------
$UserFilePath = "files/"; 
$UserFileMax_size = 20000000; //20MB
$UserFileDomain = $_SERVER["HTTP_HOST"];
$FILE_EXTS  = array('.zip','.gif','.jpg','.jpeg','.png','.mov','.avi','.mpg','.mpeg','.wmv','.wma','.mp3','.wav'); 

// THUMBNAIL VARIABLE ----------------------------------------------
$ThumbnailPath = "Thumbnails/"; 
$ThumbnailMax_size = 100000; //100KB
$ThumbnailDomain = $_SERVER["HTTP_HOST"];
$THUMBNAIL_EXTS  = array('.gif','.jpg','.jpeg','.png'); 

// Display Form Start ----------------------------------------------
echo '<form action="' . "$PHP_SELF" . '" method="post" enctype="multipart/form-data" name="upload">
	<b>: Location of File :</b><br>
	<input name="userfile" type="file" id="userfile" size="37">
	<br>
	<b>: Thumbnail Image : </b><br>
	<input name="Thumbnail" type="file" id="Thumbnail" size="37">

	<input name="upload" type="submit" id="upload" value="Upload">
	<input name="clear" type="reset" id="clear" value="Clear">
	<br>
	</form>';
// Display Form End ------------------------------------------------

// Combined Validation start ---------------------------------------
// IF file and thumbnail is_uploaded_file
if (is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name']) && is_uploaded_file($HTTP_POST_FILES['Thumbnail']['tmp_name'])) {

		// Check IF file or thumbnail size is too big
		if ($HTTP_POST_FILES['userfile']['size']>$UserFileMax_size || $HTTP_POST_FILES['Thumbnail']['size']>$ThumbnailMax_size) {
			$message = "Either your Userfile File is too big or Thumbnail File is too big !"; 
			print "<script>window.location.href='$url_this?message=$message'</script>";
			exit; 
			}
		else {}

		// Set Variables to check file extension
		$file_name = $_FILES['userfile']['name'];
		$file_ext = strtolower(substr($file_name,strrpos($file_name,".")));
		$thumbnail_name = $_FILES['Thumbnail']['name'];
		$thumbnail_ext = strtolower(substr($thumbnail_name,strrpos($thumbnail_name,".")));

		// Check IF file and thumbnail has extension
		if (in_array($file_ext, $FILE_EXTS) && in_array($thumbnail_ext, $THUMBNAIL_EXTS)) {

				// Check IF file or thumbnail already exsists
				if (file_exists($UserfilePath . $HTTP_POST_FILES['userfile']['name']) || file_exists($ThumbnailPath . $HTTP_POST_FILES['Thumbnail']['name'])) {
					$message = "Please rename either the User File or Thumbnail file as they already exist";
					print "<script>window.location.href='$url_this?message=$message'</script>";
					exit;
					}
				else {}

					// Upload Files
					$UploadFiles = copy($HTTP_POST_FILES['userfile']['tmp_name'], $UserFilePath .$HTTP_POST_FILES['userfile']['name']) &&
										copy($HTTP_POST_FILES['Thumbnail']['tmp_name'], $ThumbnailPath .$HTTP_POST_FILES['Thumbnail']['name']);

				// IF file and thumbnail didnt upload display message
				if (!$UploadFiles) { 
					$message = "Upload Didn't work, please try again"; 
					print "<script>window.location.href='$url_this?message=$message'</script>";
					exit; 
					} 
				// IF file and thumbnail did upload display message
				else { 
					$message = "Upload Succesful";
					print "<script>window.location.href='$url_this?message=$message'</script>";
					}

				// Create Download link for file
				$UniLoadDownloadLink = '<a href="' . $UserFilePath.$HTTP_POST_FILES['userfile']['name'] . '">Download</a>';

				// Create IMG tag for file
				$Thumbnail = "<img width=120 height=120 
								alt=" . 'File--' . $HTTP_POST_FILES['userfile']['name'] . '--Size--' 
								. $HTTP_POST_FILES['userfile']['size'] . '--Bytes' .  "
								src=\"".$ThumbnailPath.$HTTP_POST_FILES['Thumbnail']['name']."\">";
				}
		// IF file or thumbnail is wrong type then display message
		else { 
				$message = "Sorry, either User File or Thumbnail is not the correct type.";  
				print "<script>window.location.href='$url_this?message=$message'</script>";
				exit;
				}

		}
else {}
// Combined Validation end -----------------------------------------

it messes up at times when theres the wrong type of file it each field, it will still carry on to submit the rest of the data in the form (which isnt shown). i dont understand how this happens when i have the exit; code there.

can anyone see a blatent mistake in my coding?
many thanks.