TalkPHP

TalkPHP (http://www.talkphp.com/forums.php)
-   General (http://www.talkphp.com/general/)
-   -   Uploading File Problem (http://www.talkphp.com/general/3098-uploading-file-problem.html)

Jmz 07-10-2008 06:09 PM
Uploading File Problem
 
Can anybody see where I'm going wrong with this file upload script?

It works fine for some files but the odd one it will redirect me to "create_gallery.php?msg=e" even though it's a perfectly normal image file.

PHP Code:
<?php
    include("restrict.php");
    include("../../config/connect.php");
    include("../../config/settings.php");
    include("../../config/functions.php");
    
    $galcount mysql_query("SELECT count(*) as gal from tbl_gallery WHERE fld_userid = '$UserID'");
    $gal_q mysql_fetch_assoc($galcount);
    $galc $gal_q['gal'];
    
    $UserPack mysql_query("SELECT fld_pack FROM tbl_users WHERE fld_id = '$UserID'");
    $User_q mysql_fetch_assoc($UserPack);
    $UserPackNum $User_q['fld_pack'];
    
    $packdetails mysql_query("SELECT fld_galleries FROM tbl_packages WHERE fld_id = '$UserPackNum'");
    $pack_q mysql_fetch_assoc($packdetails);
    $PackLimit $pack_q['fld_galleries'];
    
    if ($galc $PackLimit){

/* -----------------------
Define all the variables we need
---------------------------- */
$target_path "../../uploads/".$UserID."/";
$user_prefix "thumb_";
$image_prefix rand();

//error checking / security
$mimetypes = array('image/jpeg''image/png''image/pjpeg''image/gif');
$extensions = array('jpg''gif''jpeg''png''pjpeg');

//Target Path
$target_path $target_path.$user_prefix.$image_prefix.basename$_FILES['uploadedfile']['name']); 
$_FILES['uploadedfile']['tmp_name'];  

//Check the file size
$file_size $_FILES['uploadedfile']['size'];

//Give the file a name to go in the db (keep same as target path)
$thumbname $user_prefix.$image_prefix.basename$_FILES['uploadedfile']['name']); 

//Define the mime type
//$mimetype = strtolower($_FILES['uploadedfile']['type']);
//Alternate mime type
//$aImagesize = getimagesize($FILES['uploadedfile']['tmp_name']);
//$szMimetype = $aImagesize['mime'];

$aImagesize getimagesize($FILES['uploadedfile']['tmp_name']);
$szMimetype shell_exec(escapeshellcmd ("file -bi ".$FILES['uploadedfile']['tmp_name']));

//Define the extension
$extension getExtension($thumbname);
$extension strtolower($extension);

if ($file_size >= $thumb_limit_size) {
    echo "Your file is too big";
    exit ();
}

if (in_array($extension$extensions)){

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    
    switch($extension)
    {
        case "jpeg";
            $image imagecreatefromjpeg($target_path);
        break;
        case "jpg";
            $image imagecreatefromjpeg($target_path);        
        break;
        case "gif";
            $image imagecreatefromgif($target_path);        
        break;
        case "png";
            $image imagecreatefrompng($target_path);        
        break;
        default:
            return FALSE;
    }
    if ($image === false) { die ('Unable to open image'); }
    
    $width imagesx($image);
    $height imagesy($image);
    
    $imageratio $width/$height;
    
    if ($width>$height){
    $newwidth $thumb_width;
    $newheight $height * ($newwidth/$width);
    }else{
    $newheight $thumb_width;
    $newwidth $width * ($newheight/$height);
    }
    
        $image_resized imagecreatetruecolor($newwidth$newheight);
        imagecopyresized($image_resized$image0000$newwidth$newheight$width$height);
        ImageJpeg ($image_resized,"$target_path");    
        move_uploaded_file ($image_resized"$target_path");    
    
    
    $galleryname $_POST['galleryname'];
    $gallerydescription $_POST['gallerydescription'];
    $gallerykeywords $_POST['gallerykeywords'];
    
    if (empty ($galleryname) or empty ($gallerydescription) or empty ($gallerykeywords)) {
        echo "Fill out all fields";
        exit();
    }
    
    $galleryname mysql_real_escape_string($galleryname);
    $gallerydescription mysql_real_escape_string($gallerydescription);
    $gallerykeywords mysql_real_escape_string($gallerykeywords);
    
    $create_gallery mysql_query("INSERT INTO tbl_gallery (fld_id, fld_galleryname, fld_gallerydesc, fld_keywords, fld_userid, fld_thumbname) values ('', '$galleryname', '$gallerydescription', '$gallerykeywords', '$UserID', '$thumbname')");
    
    if ($create_gallery){
        echo "<meta http-equiv=\"refresh\" content=\"0;url=../modify_gallery.php?msg=s\"/>";
    } else {
        echo "<meta http-equiv=\"refresh\" content=\"0;url=../modify_gallery.php?msg=e\"/>";
    }    
    
    } else{
        echo "<meta http-equiv=\"refresh\" content=\"0;url=../create_gallery.php?msg=e\"/>";
    }
    }else{
        echo "<meta http-equiv=\"refresh\" content=\"0;url=../create_gallery.php?msg=f\"/>";
    }
    
    }else{
        echo "<meta http-equiv=\"refresh\" content=\"0;url=../create_gallery.php?msg=n\"/>";
    }
?>

drewbee 07-10-2008 06:30 PM
You have two possibilities. ?msg=e shows up under the possible circumstances:

1) Your $create_gallery insert fails for whatever reason. check your mysql_error to see if anything is being output on the one that fails. (if it does)

What is the second else that redirects to ?msg=e part of? IE what is the original if statement.

Identation mate!!

drewbee 07-10-2008 06:35 PM
*oops double post*

drewbee 07-10-2008 06:35 PM
Ok, the 2nd one is from this statement, correct?
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {

Any reason (like load balancing) that the temp file wouldn't exist, or a problem with the target path in those particular circumstances?


Off topic to your original post, does this get the type of file? I have never seen this before, never thought about using a command to get it (and far more reliable then the PHP mime_type I assume:
$szMimetype = shell_exec(escapeshellcmd ("file -bi ".$FILES['uploadedfile']['tmp_name']));

cool!

Jmz 07-10-2008 08:40 PM
My problem is I wrote this about a month ago and couldn't get it to work properly, then I added and edited bit so much I cant remember what I ended up with *!*

I was hoping someone might be able to see something I didn't but it looks like I'll just have to rewrite the whole thing from scratch.


Does anybody have a good, working image upload script I can look at? I wont copy it exactly, I just want to see how you check mime/file types etc.

delayedinsanity 07-10-2008 09:27 PM
That's why I like as-I-go debugging. When I'm coding, depending on how into a certain section I am, I'll constantly flip from my editor to the browser to run the script and see how things are going. That way I can catch problems before I've gone so far that I have to backtrace twice as long to find a typo.

My other favourite debugging practice is to flex my muskles, load a clip into the chamber, through on some gangsta rap, and starting sprinkling die() statements throughout my code. Then I can run it till it dies, see if it works, go to the next die... I've even found some notices pop up from time to time when I do that, that I would've never seen otherwise.

I don't know if this'll help any, and it's part of a script I did a while back so I haven't optimized it any time lately, but you can check out the image upload and thumbnail functions I use in my user authentication system here:
http://pastebin.com/m253910de
-m

Jmz 07-11-2008 06:37 AM
Thanks for that :-)

The only part I think I need is the part where you check for a valid file and mime type. My script seems to work fine apart from those two things.

I'll work on this later today and post here if I get any more problems.


All times are GMT. The time now is 07:44 PM.

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0