upload file: problem...

choubix

I am trying to upload a file. I am checking the file type, the size etcetc

the first verifiction is the file type:

$allowed_ext = "jpg, gif, png, pdf";

I get an annoying:

Notice: Use of undefined constant extension - assumed 'extension' in C:\Program Files\EasyPHP 2.0b1\www\lottery\admin\upload2.php on line 18

from this chunk of code:

$extension = $extension[extension];

$allowed_paths = explode(", ", $allowed_ext);

for($i = 0; $i < count($allowed_paths); $i++)
{
if ($allowed_paths[$i] == "$extension")
{
$ok = "1";
}
}

and line 18 I have:

$extension = $extension[extension];

so I tried correcting by: $extension = $extension["extension"];

the error moved to line 44...

so I printed the $FILES (print_r ($FILES)😉

and I got this:

Array ( [file] => Array ( [name] => spark.gif [type] => image/gif [tmp_name] ........

does anyone know why I get this error message svp?? (and how to solve it 😉 )

thanks!

halojoy

so I printed the $FILES (print_r ($FILES)
and I got this:
Array ( [file] => Array ( [name] => spark.gif [type] => image/gif [tmp_name] ........

The above is not an ERROR. It is a print out of the array.
And from what we can see of the values in $_FILES, upload is working normal.
spark.gif

choubix

hello halojoy,

I printed the $_files to make sure the file was being uploaded normally.

I must have made a mistake somewhere else,...

halojoy

okay.
If the error is, still, in line 44, only you know what that line is

choubix

I reworked the code and it works well now 🙂

I generate a random name for the file (32 characters) using a function in functions.tpl.php

here is the code:

<?php

require('../../includes/functions.tpl.php');

$uploaddir = "../../gifts/";

$allowed_ext = "jpg, gif, jpeg, png";

$max_size = "50000";
$max_height = "300";
$max_width = "300";

$upload = '';

//get the file's extension
$ext = pathinfo($_FILES['file']['name']);
$extension = $ext['extension'];

//insert the authorized extensions in an array
$allowed_paths = explode(", ", $allowed_ext);

//compare uploaded file with authorized extensions
if (in_array($extension,$allowed_paths))
{
//check the file's size in kb
if($FILES['file']['size'] > $max_size)
{
print "File size is too big!";
$upload = false;
}
//check the file's dimension WxH
if ($max_width && $max_height)
{
list($width, $height, $type, $w) = getimagesize($FILES['file']['tmp_name']);
if($width > $max_width || $height > $max_height)
{
print "<br>File height and/or width are too big!";
$upload = false;
}
//upload the file!
else
{
if(empty($upload) && is_uploaded_file($_FILES['file']['tmp_name']))
{

//create a random name for the uploaded file
$name = random_string();
$uploadname = "$name.$extension";

		move_uploaded_file($_FILES['file']['tmp_name'],$uploaddir.'/'.$uploadname);
		print "Your file has been uploaded successfully! Yay!";
		}
		else
		{
		print "<br>failed uploading the file";
		}
		}
	}

}

else
{
print "Incorrect file extension!";
}

halojoy

Good!

if you take 'allowed extensions' from a database,
it is better to keep it as a string, with commaseparated values,
which you explode into an array. Like you did.

But if you store allowed extensions in some php file,
for example 'config_upload.php' which you include in upload script,
or if you add the allowed extensions in the above file itself,
then you might as well use an array from start

<?php

$allowed_ext = array( 'jpg', 'gif', 'jpeg', 'png' ); 

?>

choubix

thanks!
so that I can shorten the code a bit! 🙂