File upload

This is a discussion on File upload within the PHP General forums, part of the PHP Programming Forums category; Hi, I know this code is not entirely php, but bare with me. Can you please tell me why this ...


Go Back   Usenet Forums > PHP Programming Forums > PHP General

Reload this Page File upload

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 11-30-2005
dan
 
Posts: n/a
Default File upload
Hi,

I know this code is not entirely php, but bare with me. Can you please
tell me why this does not work:

page: filemanager.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
/>
<title>File Manager</title>
</head>
<? include("style.php"); ?>
<body>

<?
$file_name = $_POST['file'];
?>

<form id="uploadform" name="uploadform" enctype="multipart/form-data"
method="post" action="/filemanager.php">
<p align="center">Upload your file below:</p>
<p align="center">
<input type="file" name="file" id="file" />
<input name="submit" type="submit" id="submit" value="Upload File"
/>
</p>
</form>
<hr align="center" width="70%" />
<p align="center"><strong>Image Files:</strong></p>
<p align="center">
<?

include("uploadclass.php");

$upload_class = new Upload_Files;
$upload_class->temp_file_name = trim($_FILES['file']['tmp_name']);
$upload_class->file_name = trim(strtolower($_FILES['file']['name']));
$upload_class->upload_dir = "images/";
//Change the following to your needs:
//Log file directory (there must be a coresponding directory on the
server in order to work)
$upload_class->upload_log_dir = "logs/";
//Mmaximum file size in bytes. You may increase or decrease. (there are
1024 bytes in a kb and 1024 kb in a mb)
$upload_class->max_file_size = 15360000;
//Allowable file extensions
$upload_class->ext_array =
array(".jpg",".gif",".jpeg",".png",".tif",".wmf");

//Do not change the following:
$valid_ext = $upload_class->validate_extension();
$valid_size = $upload_class->validate_size();
$max_size = $upload_class->get_max_size();
$file_size = $upload_class->get_file_size();
$upload_directory = $upload_class->get_upload_directory();
$upload_log_directory = $upload_class->get_upload_log_directory();
$file_exists = $upload_class->existing_file();

if (!$valid_ext) {
$result = "The file extension is invalid, please try again!";
}
elseif (!$valid_size) {
$result = "The file size is invalid, please try again! The
maximum file size is: $max_size and your file was: $file_size";
}
elseif ($file_exists) {
$result = "This file already exists on the server, please try
again.";
} else {
$upload_file = $upload_class->upload_file_with_validation();
if (!$upload_file) {
$result = "Your file could not be uploaded!";
} else {
$result = "Your file has been successfully uploaded to the
server.";
}
}
?>
</p>
<hr align="center" width="70%" />
</body>
</html>


page: uploadclass.php

<?
class Upload_Files {

var $temp_file_name;
var $file_name;
var $upload_dir;
var $upload_log_dir;
var $max_file_size;
var $banned_array;
var $ext_array;

function validate_extension() {
$file_name = trim($this->file_name);
$extension = strtolower(strrchr($file_name,"."));
$ext_array = $this->ext_array;
$ext_count = count($ext_array);
if (!$file_name) {
return false;
} else {
if (!$ext_array) {
return true;
} else {
foreach ($ext_array as $value) {
$first_char = substr($value,0,1);
if ($first_char <> ".") {
$extensions[] = ".".strtolower($value);
} else {
$extensions[] = strtolower($value);
}
}
foreach ($extensions as $value) {
if ($value == $extension) {
$valid_extension = "TRUE";
}
}
if ($valid_extension) {
return true;
} else {
return false;
}
}
}
}

function validate_size() {
$temp_file_name = trim($this->temp_file_name);
$max_file_size = trim($this->max_file_size);

if (!$temp_file_name) {
$size = filesize($temp_file_name);
if ($size > $max_file_size) {
return false;

} else {
return true;
}
} else {
return false;
}
}

function existing_file() {
$file_name = trim($this->file_name);
$upload_dir = $this->get_upload_directory();

if ($upload_dir == "ERROR") {
return true;
} else {
$file = $upload_dir . $file_name;
if (file_exists($file)) {
return true;
} else {
return false;
}
}
}

function get_file_size() {
$temp_file_name = trim($this->temp_file_name);
$kb = 1024;
$mb = 1024 * $kb;
$gb = 1024 * $mb;
$tb = 1024 * $gb;

if ($temp_file_name) {
$size = filesize($temp_file_name);
if ($size < $kb) {
$file_size = "$size Bytes";
}
elseif ($size < $mb) {
$final = round($size/$kb,2);
$file_size = "$final KB";
}
elseif ($size < $gb) {
$final = round($size/$mb,2);
$file_size = "$final MB";
}
elseif($size < $tb) {
$final = round($size/$gb,2);
$file_size = "$final GB";
} else {
$final = round($size/$tb,2);
$file_size = "$final TB";
}
} else {
$file_size = "ERROR: NO FILE PASSED TO get_file_size()";
}
return $file_size;
}

function get_max_size() {
$max_file_size = trim($this->max_file_size);
$kb = 1024;
$mb = 1024 * $kb;
$gb = 1024 * $mb;
$tb = 1024 * $gb;

if ($max_file_size) {
if ($max_file_size < $kb) {
$max_file_size = "max_file_size Bytes";
}
elseif ($max_file_size < $mb) {
$final = round($max_file_size/$kb,2);
$max_file_size = "$final KB";
}
elseif ($max_file_size < $gb) {
$final = round($max_file_size/$mb,2);
$max_file_size = "$final MB";
}
elseif($max_file_size < $tb) {
$final = round($max_file_size/$gb,2);
$max_file_size = "$final GB";
} else {
$final = round($max_file_size/$tb,2);
$max_file_size = "$final TB";
}
} else {
$max_file_size = "ERROR: NO SIZE PARAMETER PASSED TO
get_max_size()";
}
return $max_file_size;
}

function validate_user() {
$banned_array = $this->banned_array;
$ip = trim($_SERVER['REMOTE_ADDR']);
$cpu = gethostbyaddr($ip);
$count = count($banned_array);

if ($count < 1) {
return true;
} else {
foreach($banned_array as $key => $value) {
if ($value == $ip ."-". $cpu) {
return false;
} else {
return true;
}
}
}
}

function get_upload_directory() {
$upload_dir = trim($this->upload_dir);

if ($upload_dir) {
$ud_len = strlen($upload_dir);
$last_slash = substr($upload_dir,$ud_len-1,1);
if ($last_slash <> "/") {
$upload_dir = $upload_dir."/";
} else {
$upload_dir = $upload_dir;
}

$handle = @opendir($upload_dir);
if ($handle) {
$upload_dir = $upload_dir;
closedir($handle);
} else {
$upload_dir = "ERROR";
}
} else {
$upload_dir = "ERROR";
}
return $upload_dir;
}

function get_upload_log_directory() {
$upload_log_dir = trim($this->upload_log_dir);
if ($upload_log_dir) {
$ud_len = strlen($upload_log_dir);
$last_slash = substr($upload_log_dir,$ud_len-1,1);
if ($last_slash <> "/") {
$upload_log_dir = $upload_log_dir."/";
} else {
$upload_log_dir = $upload_log_dir;
}
$handle = @opendir($upload_log_dir);
if ($handle) {
$upload_log_dir = $upload_log_dir;
closedir($handle);
} else {
$upload_log_dir = "ERROR";
}
} else {
$upload_log_dir = "ERROR";
}
return $upload_log_dir;
}

function upload_file_no_validation() {
$temp_file_name = trim($this->temp_file_name);
$file_name = trim(strtolower($this->file_name));
$upload_dir = $this->get_upload_directory();
$upload_log_dir = $this->get_upload_log_directory();
$file_size = $this->get_file_size();
$ip = trim($_SERVER['REMOTE_ADDR']);
$cpu = gethostbyaddr($ip);
$m = date("m");
$d = date("d");
$y = date("Y");
$date = date("m/d/Y");
$time = date("h:i:s A");

if (($upload_dir == "ERROR") OR ($upload_log_dir == "ERROR")) {
return false;
} else {
if (is_uploaded_file($temp_file_name)) {
if (move_uploaded_file($temp_file_name,$upload_dir .
$file_name)) {
$log = $upload_log_dir.$y."_".$m."_".$d.".txt";
$fp = fopen($log,"a+");
fwrite($fp,"
$ip-$cpu | $file_name | $file_size | $date | $time");
fclose($fp);
return true;
} else {
return false;
}
} else {
return false;
}
}
}

function upload_file_with_validation() {
$temp_file_name = trim($this->temp_file_name);
$file_name = trim(strtolower($this->file_name));
$upload_dir = $this->get_upload_directory();
$upload_log_dir = $this->get_upload_log_directory();
$file_size = $this->get_file_size();
$ip = trim($_SERVER['REMOTE_ADDR']);
$cpu = gethostbyaddr($ip);
$m = date("m");
$d = date("d");
$y = date("Y");
$date = date("m/d/Y");
$time = date("h:i:s A");
$existing_file = $this->existing_file(); //<-Add On
$valid_user = $this->validate_user(); //<-Add On
$valid_size = $this->validate_size(); //<-Add On
$valid_ext = $this->validate_extension(); //<-Add On

if (($upload_dir == "ERROR") OR ($upload_log_dir == "ERROR")) {
return false;
}
elseif ((((!$valid_user) OR (!$valid_size) OR (!$valid_ext) OR
($existing_file)))) {
return false;
} else {
if (is_uploaded_file($temp_file_name)) {
if (move_uploaded_file($temp_file_name,$upload_dir .
$file_name)) {
$log = $upload_log_dir.$y."_".$m."_".$d.".txt";
$fp = fopen($log,"a+");
fwrite($fp,"
$ip-$cpu | $file_name | $file_size | $date | $time");
fclose($fp);
return true;
} else {
return false;
}
} else {
return false;
}
}
}

}
?>


Thanks

Daniel

Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 03:19 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0