FILE UPLOADING TIME

Anon

Anyone with any ideas? please help me out with this code and multiple upload..? using arrays yuck..someone help me? I think it should work?

function check_upload($userfile) {
//$userfile : tmp file in tmp dir on webserver
//$userfile_name : physical file name (on client server)
//$userfile_type : file type
//$userfile_size : file size

$path = \"..\\\\upload\\\\\";
//NB: use $HTTP_POST_FILES for information about the uploaded file(s) 
//    as it can\'t be overwritten by user-submitted variables.
$file_name = $HTTP_POST_FILES[\'userfile\'][\'name\'];
$file_temp = $HTTP_POST_FILES[\'userfile\'][\'tmp_name\'];
$file_type = $HTTP_POST_FILES[\'userfile\'][\'type\'];
$file_size = $HTTP_POST_FILES[\'userfile\'][\'size\'];

echo \"file name: $file_name<br>\";
echo \"fine_temp: $file_temp<br>\";
echo \"file type: $file_type<br>\";
echo \"file size: $file_size<br>\";

if (!$userfile) {
$error = \"Upload failed! \n<br>\";
$error_msg[] = $error;
}

if ($file_temp == \"none\" ) {
$error = \"You did not specify a file for uploading.<br>\";
$error_msg[] = $error;
}

$image = substr($file_name, -4); // checks file.ext
echo \"Upload file type: <b>$image</b> is invalid<br>\";
if ($image != \".gif\" and $image != \".jpg\"){
$error = \"Please supply a gif or jpeg file.<br>\";
$error_msg[] = $error;
}

if ( $file_size > 2097152 ) { //2Mb limit
$error = \"Sorry, your file is too large.\";
$error_msg[] = $error;
}

//print_r($error_msg);
if ($error_msg) {
for ($i=0; $i <sizeof($error_msg);$i++){
echo \"$error_msg[$i]\";
}
echo \"Possible file upload attack: <b>$file_name.</b>\";
//move_uploaded_file($userfile, \"C:\\temp\\\".\"$userfile_name\");
}else{
if (is_uploaded_file($userfile)) {
copy($userfile, \"$path\".\"$file_name\");
echo \"The file <b>$file_name</b> uploaded successfully!\";
//to implement duplicate file (is_file) exists
}
}
}//end check_upload

<FORM method=POST ENCTYPE=\"multipart/form-data\">
File to Upload
<INPUT NAME=\"userfile\" TYPE=\"file\" size=30>
<INPUT TYPE=\"submit\">

</FORM>

<?php
global $userfile;
if ($userfile) {
echo \"$userfile\";
check_upload($userfile);
}

[deleted]

Before I dive into your script, care to tell us what the problem is?

Anon

The variable $userfile is not passing into the funtion check_upload

echo "$userfile"; ===> C;\temp\phpXX.tmp

check_upload($userfile) {

echo "$userfile"; ===> C;\temp\phpXX.tmp
echo "userfile: $userfile<br>";

$path = "..\\upload\\";
//NB: use $HTTP_POST_FILES for information about the uploaded file(s) 
//    as it can't be overwritten by user-submitted variables.
$file_name = $HTTP_POST_FILES['$userfile']['name']; //$or no $
$file_temp = $HTTP_POST_FILES['userfile']['tmp_name'];
$file_type = $HTTP_POST_FILES['userfile']['type'];
$file_size = $HTTP_POST_FILES['userfile']['size'];

echo "file name: $file_name<br>"; null
echo "fine_temp: $file_temp<br>"; null
echo "file type: $file_type<br>"; null
echo "file size: $file_size<br>"; null

I need these varaibles for my tests.

Is there another way of referencing the uploaded file?

i though of passing base($userfile) but that just points to the actual tmp file... I am lost! thought of writing a simple check funtion to test my multiple(3) uploads.

Guess i shot myself again!

Kind Regards

Andy

[deleted]

You should be referencing the HTTP_POST_FILES by the name of the field in the HTML form, not by the name of the file.

have a look at the bottom half of this article for an example of multiple file uploads:

http://www.hvt-automation.nl/yapf/index.php?cmd=viewitem&itemid=77

Anon

$file_name = $HTTP_POST_FILES['$userfile']['name']; //$or no $
$file_temp = $HTTP_POST_FILES['$userfile']['tmp_name'];
$file_type = $HTTP_POST_FILES['$userfile']['type'];
$file_size = $HTTP_POST_FILES['$userfile']['size'];

Why doesnt this work?

PLease advise!

[deleted]

$userfile shouold contain the name of the FILE TAG in the html form, not the name of the file itself, and you must never ever quote variables (especially not with single quotes)