...

View Full Version : MP3 File Upload



Cerby
10-28-2007, 09:01 AM
Can anybody tell me, what the code is to upload MP3's to the server?

iceflyin
10-28-2007, 09:32 AM
Exactly why are you uploading mp3's to a server?

Allowing users to do that creates so much legal hassle and you have to make them verify that the .mp3 isn't copyrighted, then you still might get in legal trouble... Ahhhh!!!

Edit: I noticed that in your previous posts you uploaded images. It's pretty much the same thing...
Just use "audio/mpeg3", instead of "image/jpg";

A good file upload tutorial is here:
http://www.tizag.com/phpT/fileupload.php

Mime type list is here:
http://www.webmaster-toolkit.com/mime-types.shtml

Cerby
10-28-2007, 10:24 AM
Exactly why are you uploading mp3's to a server?

Because there part of a theme I created. If you are the copyright holder, then there is no problems. - Correct? :)


Edit: I noticed that in your previous posts you uploaded images. It's pretty much the same thing...
Just use "audio/mpeg3", instead of "image/jpg";

Is my previous code secure?

iceflyin
10-28-2007, 11:18 AM
Secure? As in...

Somebody uploading a file like "hack.php" and doing you in... Yea, as long as you only allow uploads with checking the mime type. Also, make sure to prevent SQL injection in any of your form fields by verifying input, or just adding slashes for now.

There is no such thing as 100% secure... Eg: My friend doesn't store any php files in his public directory's, he includes them from server root folders.

<? include_once('../'._$SERVER['DOCUMENT_ROOT'].'.files'); ?>

Heck, even facebook messed up their php install and a couple of their php files went public a month ago, index.php, and profile.php

Of course, theres session hijacking, cross server script hacks... etc... etc... It goes on forever. If you need your sessions to be secure, google "php tokens secure sessions".

Balance security with usability! :) Note that until like a couple months ago... MySpace had every single vulnerability in existence... It was ridiculous! When websites get big, all the vulnerabilities get exploited.
http://phpsec.org/projects/guide/2.html

creativegenius
10-08-2009, 08:50 PM
Hi I am having the same problem i did what you said and it's still not working

creativegenius
10-08-2009, 08:55 PM
I got an error

Maximum request length exceeded.

_Aerospace_Eng_
10-08-2009, 09:10 PM
We can't help you if you post your code but it sounds like there is a filesize limit on your uploads.

mlseim
10-08-2009, 09:17 PM
The filesize limit within PHP config file, and/or your webhost themselves have the limit.

creativegenius
10-08-2009, 10:02 PM
I'm using asp.net vb, but it worked i inserted it into a binary field in SQL Server, using the same code i would for image upload like you said, but i tried to pull it from the SQL Server like i would an image using response.binary write and it field the page with a bunch of symbols, how do i play it from the sql server?

code below to insert

Dim intImageSize2 As Int64
Dim strImageType2 As String
Dim ImageStream2 As Stream

' Gets the Size of the Image
intImageSize2 = malbum2.PostedFile.ContentLength

' Gets the Image Type
strImageType2 = malbum2.PostedFile.ContentType

' Reads the Image
ImageStream2 = malbum2.PostedFile.InputStream

Dim ImageContent2(intImageSize2) As Byte
Dim intStatus2 As Integer
intStatus2 = ImageStream2.Read(ImageContent2, 0, intImageSize)

' Create Instance of Connection and Command Object
Dim MyConnection As New SqlClient.SqlConnection("Data Source=jrome.db.4961680.hostedresource.com; Initial Catalog=jrome; User ID=jrome; Password=Richard0583;")
Dim str As String
str = ("INSERT INTO music (title, artist, album, genre, year, song, image)" & "VALUES (@title, @artist, @album, @genre, @year, @mp2, @image)")
Dim MyCommand As New SqlClient.SqlCommand

MyCommand = New SqlClient.SqlCommand(str, MyConnection)
'Add Parameters to Query


MyCommand.Parameters.AddWithValue("@title", mtitle.Text)
MyCommand.Parameters.AddWithValue("@artist", martist.Text)
MyCommand.Parameters.AddWithValue("@album", malbum.Text)
MyCommand.Parameters.AddWithValue("@genre", mgenre.Text)
MyCommand.Parameters.AddWithValue("@year", myear.Text)
MyCommand.Parameters.AddWithValue("@mp2", msong2.FileBytes)
MyCommand.Parameters.AddWithValue("@song", malbum2.FileBytes)
MyCommand.Parameters.AddWithValue("@image", malbum2.FileBytes)
MyConnection.Open()
MyCommand.ExecuteNonQuery()
MyConnection.Close()

code below to pull from sql server

Dim myConnection As New Data.SqlClient.SqlConnection("Data Source=whsql-v22.prod.mesa1.secureserver.net; Initial Catalog=mgclient; User ID=mgclient; Password=Richard0583;")
Dim myCommand As New Data.SqlClient.SqlCommand("Select image from projects where clientusername='" & (name.Text) & "' " _
& "AND projectid='" & (imageid.Text) & "';", myConnection)


Try
myConnection.Open()
Dim myDataReader As Data.SqlClient.SqlDataReader
myDataReader = myCommand.ExecuteReader(CommandBehavior.CloseConnection)

Do While (myDataReader.Read())

Response.BinaryWrite(myDataReader.Item("image"))

Loop

myConnection.Close()


Catch SQLexc As Data.SqlClient.SqlException

End Try



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum