Thread: Upload script help
View Single Post
Old 08-06-2010, 04:43 AM   #1 (permalink)
josiec09
The Visitor
Newcomer 
 
Join Date: Aug 2010
Posts: 1
Thanks: 0
josiec09 is on a distinguished road
Default Upload script help
Ok i am building a php upload script for my image gallery and i am trying to make so if the file exists it will give an error and not upload. I know about "if (!file_exists()) {" but not sure where to add it in my code to get it working...

Any help would be great. Here is my code. Please don't change anything else in my code i will work on making it more Secure later.

Code:
<?php
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","1024"); 

//This function reads the extension of the file. It is used to determine if the file  is an image by checking the extension.
 function getExtension($str) {
         $i = strrpos($str,".");
         if (!$i) { return ""; }
         $l = strlen($str) - $i;
         $ext = substr($str,$i+1,$l);
         return $ext;
 }

//This variable is used as a flag. The value is initialized with 0 (meaning no error  found)  
//and it will be changed to 1 if an errro occures.  
//If the error occures the file will not be uploaded.
 $errors=0;
//checks if the form has been submitted
 if(isset($_POST['Submit'])) 
 {
 	//reads the name of the file the user submitted for uploading
 	$image=$_FILES['image']['name'];
 	//if it is not empty
 	if ($image) 
 	{
 	//get the original name of the file from the clients machine
 		$filename = stripslashes($_FILES['image']['name']);
 	//get the extension of the file in a lower case format
  		$extension = getExtension($filename);
 		$extension = strtolower($extension);
 	//if it is not a known extension, we will suppose it is an error and will not upload the file,  
	//otherwise we will do more tests
 if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) 
 		{
		//print error message
 			echo '<h1>Unknown extension!</h1>';
 			$errors=1;
 		}
 		else
 		{
//get the size of the image in bytes
 //$_FILES['image']['tmp_name'] is the temporary filename of the file
 //in which the uploaded file was stored on the server
 $size=filesize($_FILES['image']['tmp_name']);

//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*1024)
{
	echo '<h1>You have exceeded the size limit!</h1>';
	$errors=1;
}

//we will give an unique name, for example the time in unix time format
$image_name=time().'.'.$extension;
$avatar = $_POST['avatar'];
//the new name will be containing the full path where will be stored (images folder)
$newname="./forums/images/avatars/gallery/".$avatar."/".$image_name;
//we verify if the image has been uploaded, and print error instead
$copied = copy($_FILES['image']['tmp_name'], $newname);
if (!$copied) 
{
	echo '<center>Upload unsuccessfull!</center>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors)
 {
     echo '<center>Your avatar has been uploaded!<br /><br />

<img src=../../'.$newname.'><br>
To view the Avatar Gallery go to "<a href="/forums/profile.php?mode=editprofile">Edit Profile</a>" go to the Avatar section and click "Show Gallery"!
<a href="/avatar/upload/">Upload</a> another avatar. 
</center>';
} else
include 'form.php';
	
 ?>
josiec09 is offline   		Reply With Quote