...

View Full Version : File upload



creativeaccess
02-22-2008, 11:14 AM
Hi all,

Being a bit of a php newbie I wondered if someone could have a look at this attempt to code a script that uploads a file to the server and emails the site admin and give me some advice.

Also how would I allow for other file formats, eg. wav, mp3 etc.

The code I have so far is:




<?php
function spamcheck($field)
{
//eregi() performs a case insensitive regular expression match
if(eregi("to:",$field) || eregi("cc:",$field))
{
return TRUE;
}
else
{
return FALSE;
}
}

//if "email" is filled out, send email
if (isset($_REQUEST['email']))
{
//check if the email address is invalid
$mailcheck = spamcheck($_REQUEST['email']);
if ($mailcheck==TRUE)
{
echo "Invalid input";
}
//Сheck that we have a file
if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
//Check if the file is JPEG image and it's size is less than 350Kb
$filename = basename($_FILES['uploaded_file']['name']);
$ext = substr($filename, strrpos($filename, '.') + 1);
if (($ext == "wav") && ($_FILES["uploaded_file"]["type"] == "audio/wav") &&
($_FILES["uploaded_file"]["size"] < 200000000)) {
//Determine the path to which we want to save this file
$newname = dirname(__FILE__).'/upload/'.$filename;
//Check if the file with the same name is already exists on the server
if (!file_exists($newname)) {
//Attempt to move the uploaded file to it's new place
if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {

//send email
$email = $_REQUEST['email'] ;
$subject = $_REQUEST['subject'] ;
$message = "A file has been uploaded to the 'uploads' folder on the web server:\r\n\n";
$message .= "---------------------------------------------------------------\r\n\n";
$message .= "File Name: ".$filename; "\r\n\n";
$message .= "File Location: http://www.yourdomain.com/upload/".$filename; "\r\n\n";
$message .= "Uploader's IP address: ". $_SERVER['REMOTE_ADDR'] ."\r\n\n";
$message .= "---------------------------------------------------------------\r\n\n";
mail("youk@yourdomain.com", "Subject: $subject",
$message, "From: $email" );
echo "Thank you for using our mail form";
echo "It's done! The file has been saved as: ".$newname;

} else {
echo "Error: A problem occurred during file upload!";
}
} else {
echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
}
} else {
echo "Error: Only .mp3 files under 350Kb are accepted for upload";
}
} else {
echo "Error: No file uploaded";
}
}
else
//if "email" is not filled out, display the form
{
echo "<form enctype='multipart/form-data' method='post' action='form.php'>
Email: <input name='email' type='text' /><br />
Subject: <input name='subject' type='text' /><br />
Choose a file to upload: <input name='uploaded_file' type='file' /><br />
<input type='submit' value='Submit' />
</form>";
}
?>


Thanks in advance.

rafiki
02-22-2008, 01:32 PM
<?php
function spamcheck($field)
{
//eregi() performs a case insensitive regular expression match
if(eregi("to:",$field) || eregi("cc:",$field))
{
return TRUE;
}
else
{
return FALSE;
}
}

//if "email" is filled out, send email
if (isset($_REQUEST['email']))
{
//check if the email address is invalid
$mailcheck = spamcheck($_REQUEST['email']);
if ($mailcheck==TRUE)
{
echo "Invalid input";
}
//Сheck that we have a file
if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
//Check if the file is JPEG image and it's size is less than 350Kb
$filename = basename($_FILES['uploaded_file']['name']);
$ext = substr($filename, strrpos($filename, '.') + 1);
if (($ext == "wav") && ($_FILES["uploaded_file"]["type"] == "audio/wav") &&
($_FILES["uploaded_file"]["size"] < 200000000)) {
//Determine the path to which we want to save this file
$newname = dirname(__FILE__).'/upload/'.$filename;
//Check if the file with the same name is already exists on the server
if (!file_exists($newname)) {
//Attempt to move the uploaded file to it's new place
if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {

//send email
$email = $_REQUEST['email'] ;
$subject = $_REQUEST['subject'] ;
$message = "A file has been uploaded to the 'uploads' folder on the web server:\r\n\n";
$message .= "---------------------------------------------------------------\r\n\n";
$message .= "File Name: ".$filename; "\r\n\n";
$message .= "File Location: http://www.yourdomain.com/upload/".$filename; "\r\n\n";
$message .= "Uploader's IP address: ". $_SERVER['REMOTE_ADDR'] ."\r\n\n";
$message .= "---------------------------------------------------------------\r\n\n";
mail("youk@yourdomain.com", "Subject: $subject",
$message, "From: $email" );
echo "Thank you for using our mail form";
echo "It's done! The file has been saved as: ".$newname;

} else {
echo "Error: A problem occurred during file upload!";
}
} else {
echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
}
} else {
echo "Error: Only .mp3 files under 350Kb are accepted for upload";
}
} else {
echo "Error: No file uploaded";
}
}
else
//if "email" is not filled out, display the form
{
echo "<form enctype='multipart/form-data' method='post' action='form.php'>
Email: <input name='email' type='text' /><br />
Subject: <input name='subject' type='text' /><br />
Choose a file to upload: <input name='uploaded_file' type='file' /><br />
<input type='submit' value='Submit' />
</form>";
}
?>
READ THE RULES BEFORE POSTING.

http://www.codingforums.com/showthread.php?t=68462
http://www.codingforums.com/showthread.php?t=68462
http://www.codingforums.com/showthread.php?t=68462
http://www.codingforums.com/showthread.php?t=68462

creativeaccess
02-22-2008, 02:21 PM
Yes good point, sorry about that. Should have read...


<?php
function spamcheck($field)
{
//eregi() performs a case insensitive regular expression match
if(eregi("to:",$field) || eregi("cc:",$field))
{
return TRUE;
}
else
{
return FALSE;
}
}

//if "email" is filled out, send email
if (isset($_REQUEST['email']))
{
//check if the email address is invalid
$mailcheck = spamcheck($_REQUEST['email']);
if ($mailcheck==TRUE)
{
echo "Invalid input";
}
//Сheck that we have a file
if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
//Check if the file is JPEG image and it's size is less than 350Kb
$filename = basename($_FILES['uploaded_file']['name']);
$ext = substr($filename, strrpos($filename, '.') + 1);
if (($ext == "wav") && ($_FILES["uploaded_file"]["type"] == "audio/wav") &&
($_FILES["uploaded_file"]["size"] < 200000000)) {
//Determine the path to which we want to save this file
$newname = dirname(__FILE__).'/upload/'.$filename;
//Check if the file with the same name is already exists on the server
if (!file_exists($newname)) {
//Attempt to move the uploaded file to it's new place
if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {

//send email
$email = $_REQUEST['email'] ;
$subject = $_REQUEST['subject'] ;
$message = "A file has been uploaded to the 'uploads' folder on the web server:\r\n\n";
$message .= "---------------------------------------------------------------\r\n\n";
$message .= "File Name: ".$filename; "\r\n\n";
$message .= "File Location: http://www.yourdomain.com/upload/".$filename; "\r\n\n";
$message .= "Uploader's IP address: ". $_SERVER['REMOTE_ADDR'] ."\r\n\n";
$message .= "---------------------------------------------------------------\r\n\n";
mail("youk@yourdomain.com", "Subject: $subject",
$message, "From: $email" );
echo "Thank you for using our mail form";
echo "It's done! The file has been saved as: ".$newname;

} else {
echo "Error: A problem occurred during file upload!";
}
} else {
echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
}
} else {
echo "Error: Only .mp3 files under 350Kb are accepted for upload";
}
} else {
echo "Error: No file uploaded";
}
}
else
//if "email" is not filled out, display the form
{
echo "<form enctype='multipart/form-data' method='post' action='form.php'>
Email: <input name='email' type='text' /><br />
Subject: <input name='subject' type='text' /><br />
Choose a file to upload: <input name='uploaded_file' type='file' /><br />
<input type='submit' value='Submit' />
</form>";
}
?>

Can anyone help now its properly posted?

Cheers



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum